SYMANTEC CONSIDERATIONS ON MIDDLEBOXES
|
|
- Ross Barker
- 5 years ago
- Views:
Transcription
1 SYMANTEC CONSIDERATIONS ON MIDDLEBOXES 12 th OF JUNE SECURITY WEEK 2018
2 SYMANTEC AGENDA TODAY 1 2 WHICH MODEL FOR SECURITY AND PRIVACY? IS A CONSENSUS REACHABLE? LET s BE PATIENT ANNEX PRACTICAL CONSIDERATIONS FOR THE ICT?
3 WHICH MODEL FOR SECURITY AND PRIVACY?
4 SECURITY AND PRIVACY IMPLICIT OR EXPLICIT DIGITAL PERSONA EXPERIENCE / APP / CAPABILITY USER EXPERIENCE «SESSIONS» SERVICE DATA LAKES USER DEVICE OR THING «NETWORK INFRASTRUCTURE» «CLOUD» / «INTERNET» 4
5 THE INTERCEPTION LANDSCAPE END POINT AND INFORMATION PROTECTION DIGITAL PERSONA PROTECTION BUSINESS INTERCEPTION OTHER MIDDLEBOXES FUNCTIONS REGULATORY FRAMEWORK (e.g. GDPR) CLOUD SECURITY IMPLICIT OR EXPLICIT DIGITAL PERSONA EXPERIENCE / APP / CAPABILITY USER EXPERIENCE «SESSIONS» SERVICE DATA LAKES USER DEVICE OR THING «NETWORK INFRASTRUCTURE» «CLOUD» / «INTERNET» SOCIAL ENGINEERING ATTACKS VAST MISMATCH BETWEEN USER CONSENT UNDERSTANDING vs DIGITAL PERSONA CONSENT REALITY SECURITY ATTACKS (DEVICE / IDENTITY / BROWSER / APP / NETWORK / INFORMATION etc.) MAN IN THE MIDDLE INTERCEPTION ATTACK BACKDOORS LAWFUL INTERCEPTION MASS SURVEILLANCE / CENSORSHIP DATA BREACHES SECURITY BREACHES BACKDOORS 5
6 «PROTOCOLS» WE MISS A REAL PROTOCOL FOR PRIVACY N-WAY RESPECTFUL INTERCEPTION PROTOCOL IMPLICIT OR EXPLICIT DIGITAL PERSONA EXPERIENCE / APP / CAPABILITY MIDDLEBOX COLLABORATION PROTOCOL USER EXPERIENCE «SESSIONS» SERVICE DATA LAKES USER A REAL DIGITAL HUMANITIES «PROTOCOL» DEVICE OR THING «NETWORK INFRASTRUCTURE» «CLOUD» / «INTERNET» OFF BOUND UNIFIED SECURITY HUB PROTOCOL 6
7 CONCLUSION 1 LET s BE REAL WE MISS A LOT IN THE LONG TERM WAY BEYOND «JUST» AN N-WAY PROTOCOL 7
8 HOW TO REACH A CONSENSUS? LET s BE PATIENT
9 Half of All Web Connections Are Now Encrypted ( 2017 )
10 Half of All Web... Attacks... Are Now Encrypted ( 2017 )
11 CLASSIC SECURITY & PRIVACY MODEL Eve Alice Bob
12 EQUALLY COMMON BOB IS IN THE CLOUD CAN I TRUST THIS SITE IT MIGHT BE COMPROMISED STILL I WANT OR NEED TO WORK WITH IT THE REMOTE SITE MIGHT HELP ME HACK ME PROFILE AND TRACK ME AND MY ENDPOINT MY NOT HAVE ENOUGH PROTECTION
13 How? The Security Impact of HTTPS Interception, Durumeric, Ma, Springall, Barnes, Sullivan, Bursztein, Bailey, Halderman, Paxson, in Network and Distributed System Security Symposium (NDSS 2017) Classic Approach Protection Most Middleboxes negotiate weaker least Common Denominator Crypto. Endpoint doesn t know. Al or Alice Middlebox terminates & initiates independent TLS sessions. M.B.G.
14 How? Protection Naylor, Li, Gkantsidis, Karagiannis, & Steenkiste propose to leverage SGX to help make this safer. Alternative Approach Al or Alice References in speaker notes Al or Alice delegate protection (most commonly to more powerful devices) by sending ephemeral or symmetric keys M.B.G.
15 What Could Possibly Go Wrong? What? MITM?? Isn t that dangerous?!?! Classic Middleboxes (MB) often negotiate weaker crypto No end2end integrity protection MB could get hacked Risk decryption to block attacks + No cryptographic attestation of MB identity, policies, etc. Endpoint completely lacks visibility into upstream MB Current Alternative Still lacks end2end integrity MB could still get hacked What goes wrong today? Risk decryption to block attacks + No cryptographic attestation of MB identity, policies, etc. + Of course, such decryption is crucial not only for blocking attacks in real-time, but also for post-facto forensic investigation and remediation of successful attacks, along with regulatory compliance verification, and much more.
16 What Could Possibly Go Wrong?! Middleboxes (MB) often negotiate A good protocol could address these Classic weaker crypto No end2end integrity protection MB could get hacked Risk decryption to block attacks No cryptographic attestation of MB identity, policies, etc. Endpoint completely lacks visibility into upstream MB Current Alternative Still lacks end2end integrity MB could still get hacked Risk decryption to block attacks No cryptographic attestation of MB identity, policies, etc. + Of course, such decryption is crucial not only for blocking attacks in real-time, but also for post-facto forensic investigation and remediation of successful attacks, along with regulatory compliance verification, and much more.
17 CONCLUSION 2 THE PATH FOR A CONSENSUS IS VERY NARROW BUT NOT NULL PATIENT = PROTECTION AGAINST ATTACKS TUNNELING IN ENCRYPTED TRAFFIC STATUS = SYMANTEC WORKING ON AN AWARENESS CAMPAIGN FIRST PREPARING COMING BACK TO IETF 17
18 Thank You!
19 PRACTICAL ARCHITECTURAL CONSIDERATIONS FOR THE ICT
20 DIGITAL SERVICE PROVIDERS ATT, Verizon, DT, BT, Orange, NTT, Airtel, MVNOs, Tier1, Tier2, Tier3 NOT TELCOs AS DEFINED 20 YEARS AGO! STRONG NEED FOR NEW DEFINITIONS HSBC, Credit Suisse, GM, Toyota, etc. ENT SP Enterprise Service Providers CSP Communication Service Providers NEP Network Equipment Providers Huawei, Ericsson, ZTE, Nokia, Converse, etc. BEING DISCUSSED WITH ITU SG2 AppDirect, Netcracker (NEC), Infonova, etc. CSB Cloud Service Brokers MASSIVE CO- COMPETITION GSI Global System Integrators HP, IBM, Fujitsu, Accenture, PwC, etc MSP in Germany, in France, etc.. MSP Managed Service Providers ISP Infrastructure Service Providers OTT Over The Top ASP Application Service Providers Google, Facebook, Apple, Microsoft, SFDC, etc. Amazon, Microsoft, Cyxtera, etc. IOT IS EVERYWHERE 20
21 DIGITAL TRANSFORMATION FOR CSPs AND THIS IS THE EASY PART DIGITALISATION IoT M2M, BUS LOW ENERGY NETWORKS SP* ENT SMB RES END CUSTOMER PREMISE ENT SMB RES CPE (MPLS) CPE (UTM) CPE (BOX) RADIO WIFI 5G CPE (MPLS) CPE (UTM) CPE (BOX) RADIO ACCESS ACCESS NETWORK MANAGEMENT CLOUD INFRASTRUCTURE TRANSPORT DC1 APPLICATIONS COMMUNICATION SERVICE PROVIDER AND NEW SERVICE PROVIDERS SDN NFV CORE NETWORK DC2 INTERNET CLOUDS INTERNET CLOUDS END CUSTOMER PREMISE WIFI DC3 DCN Copyright 2016 Symantec Corporation COMMUNICATION SERVICE PROVIDER AND NEW SERVICE PROVIDERS 21
22 HOW TO MODEL DSPs? LET S TAKE AN EXAMPLE WITH CSPs 22
23 HOW TO MAP SECURITY IN THE NEAR FUTURE SHOULD EVERY CAPABILITY BE A VF OR A VNF? How could we safely do network based protection against attacks tunneling in encrypted network traffic, without constraining end-to-end routing? If each MB had a hardware-backed Trusted Execution Environment (TEE), then perhaps endpoints could choose to Trust MB services dynamically migrating from TEE to TEE as orchestrated by Software Defined Networking (SDN), or Network Function Virtualization (NFV). S IOT S = END CUSTOMERS S CRITICAL INFRASTRUCTURES LARGE ENTERPRISES S MEDIUM BUSINESS S SMALL BUSINESS CONSUMERS "S" for security on premise whatever it is, not restricted to endpoint security S S CUSTOMER PREMISE EQUIPMENT SECURE vcpe DSP MANAGEMENT CARRIER GRADE LAYER (OSS/BSS) AND CARRIER POLICY GRADE MANAGER ENABLERS (AAA, etc.) SDWAN ACCESS NETWORK DIGITAL SERVICE PROVIDERS ECOSYSTEM CORE NETWORK CARRIER GRADE SECURITY AND PRIVACY MIDDLEBOXES MANAGED SERVICES SECURITY AND PRIVACY MIDDLEBOX IT DATA CENTERS A LOCAL WORLD UNIFIED OF LOCAL SECURITY DATA LAKES HUB LEGACY INFRASTRUCTURE SECURITY VF and MOVING VNFs TO SDN/NFV INTER- CONNECT SS7 AND MIDDLE- BACKHAULS BOX PEER INTER- CONNECT AND BACKHAULS Moving down the segment is not "a straight line" CLOUD / "INTERNET" CLOUD BASED SECURITY "CLOUDs" GLOBAL UNIFIED SECURITY The Mass Market "barrier" 23
24 BIG MISS POTENTIAL FUTURE MB CAPABILITIES
25 CONCLUSION 3 A LOT IS AT STAKE TO TRULY MAKE THIS WORLD SAFER AND MORE PRIVATE AND NOT MAKE THIS WORLD MORE PRIVATE AND LESS SAFE DSPs ARE THE PLATFORM TO REACH TO ALL SEGMENTS DSPs SHOULD ENGAGE MUCH MORE PROACTIVELY IN THE DEBATE BUT DO THEY RECOGNIZE THE PROBLEM AND THEIR OWN ROLE? 25
The Security Impact of HTTPS Interception
The Security Impact of HTTPS Interception Zakir Durumeric, Zane Ma, Drew Springall, Richard Barnes, Nick Sullivan, Elie Bursztein, Michael Bailey, J. Alex Halderman, Vern Paxson University of Michigan,
More informationThe Security Impact of HTTPS Interception
The Security Impact of HTTPS Interception NDSS 17 Z. Durumeric, Z. Ma, D. Springall, R. Barnes, N. Sullivan, E. Bursztein, M. Bailey, J. Alex Halderman, V. Paxson! G R Presented by: Sanjeev Reddy go NS
More informationSD-WAN Tutorial: Service Components, Functionality, MEF Reference Architecture and Use Cases
Tutorial: Service Components, Functionality, MEF Reference Architecture and Use Cases Ralph Santitoro, Distinguished Fellow and Director, MEF Head of SDN/NFV Solutions Practice, Fujitsu Contents Concept:
More informationThe Economics of NFV. Martin Creaner. Background: President & CEO of TM Forum ( Motorola British Telecom
Background: President & CEO of TM Forum (www.tmforum.org) Motorola British Telecom Current: Author Partner SEB Consulting Board advisor The Economics of NFV Martin Creaner Chapter 1 Breaking through the
More informationAnd Then There Were More:
David Naylor Carnegie Mellon And Then There Were More: Secure Communication for More Than Two Parties Richard Li University of Utah Christos Gkantsidis Microsoft Research Thomas Karagiannis Microsoft Research
More informationPeering as a Cloud enabler for Enterprises
Peering as a Cloud enabler for Enterprises Lionel MARIE Network architect Schneider Electric Advisor Self employed Former Board Member France-IX (2013-2015) Schneider Electric at a Glance We are the global
More informationStrategies for a Successful Security and Digital Transformation
#RSAC SESSION ID: GPS-F02A Strategies for a Successful Security and Digital Transformation Jonathan Nguyen-Duy Vice President, Strategic Programs jnguyenduy@fortinet.com AGENDA 2017 Digital transformation
More informationEvolution of connectivity in the era of cloud
Evolution of connectivity in the era of cloud Phil Harris SVP and GM SP Market Vertical Riverbed Technology 1 2017 Riverbed Technology. All rights reserved. Transformational Services Span The Business
More informationSecuring Digital Transformation
September 4, 2017 Securing Digital Transformation DXC Security Andreas Wuchner, CTO Security Innovation Risk surface is evolving and increasingly complex The adversary is highly innovative and sophisticated
More informationITU Workshop on 5G Security
All Sessions Outcome ITU Workshop on 5G Security Geneva, Switzerland, 19 March 2018 Session 1: Understanding threats and security requirements of 5G 1. Identified 5G security topics, such as threats, requirements,
More informationBest Practices for Extending the WAN into AWS (IaaS) with SD-WAN
Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN Ariful Huq Product Management @arifulhuq & Rob McBride Marketing @digitalmcb Industry trends impacting networking Cloud Mobile Social 2
More informationWhere is the Network Edge? MEC Deployment Options, Business Case & SDN Considerations
Where is the Network Edge? MEC Deployment Options, Business Case & SDN Considerations Ian Goetz, Chief Architect, Vodafone Global Account, Juniper Networks August, 2016 Market Trends & The Network Environment
More informationHow to return control over user data back to the user The rethink framework
How to return control over user data back to the user The rethink framework Anastasius Gavras Eurescom GmbH Online Webinar 21. June 2017 This project has received funding from the European Union s Horizon
More informationSD-WAN / Hybrid WAN : Leveraging SDN-NFV for Networks Agility
SD-WAN / Hybrid WAN : Leveraging SDN-NFV for Networks Agility Laurent Perrin, Director International Product Management, Orange Business Services Sylvain Quartier, SVP Enterprise Products Strategy & Alliances
More informationReconstruct to re-energize
Reconstruct to re-energize Unleashing the power of networks Network transformation into a cloud-based business model lets operators provide more than just connectivity as simple network infrastructure
More informationPUBLIC AND HYBRID CLOUD: BREAKING DOWN BARRIERS
PUBLIC AND HYBRID CLOUD: BREAKING DOWN BARRIERS Jane R. Circle Manager, Red Hat Global Cloud Provider Program and Cloud Access Program June 28, 2016 WHAT WE'LL DISCUSS TODAY Hybrid clouds and multi-cloud
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationRevolutionising mobile networks with SDN and NFV
Revolutionising mobile networks with SDN and NFV Cambridge Wireless Virtual Networks SIG 8 th May 2014 Philip Bridge, Senior Network Architect at EE May 2014 Networks are getting messy Vertically integrated
More informationIntroduction to Device Trust Architecture
Introduction to Device Trust Architecture July 2018 www.globalplatform.org 2018 GlobalPlatform, Inc. THE TECHNOLOGY The Device Trust Architecture is a security framework which shows how GlobalPlatform
More informationTransition to IP & IPX Working Group IP/IPX a key pre-requisite to further transformation
Transition to IP & IPX Working Group IP/IPX a key pre-requisite to further transformation Survey in 2016 : migration to IP & IPX is slow IPX is still perceived as a gray area Major obstacles impacting
More informationETSI FUTURE Network SDN and NFV for Carriers MP Odini HP CMS CT Office April 2013
ETSI FUTURE Network SDN and NFV for Carriers MP Odini HP CMS CT Office April 2013 Challenges and Opportunities Reduce Capex/Opex Challenges Innovation at devices and OTT side Number of devices explode
More informationSD-WAN Managed Service Use Cases, Challenges and MEF standardization work
Sponsored by: Managed Service Use Cases, Challenges and MEF standardization work Emerson Moura CALA Marketing Co-Chair, MEF Distinguished Systems Engineer, Cisco Contents Drivers and Business Challenges
More informationICN & 5G. Dr.-Ing. Dirk Kutscher Chief Researcher Networking. NEC Laboratories Europe
ICN & 5G Dr.-Ing. Dirk Kutscher Chief Researcher Networking NEC Laboratories Europe Performance and Security Today User Equipment Access Network Core/Service Network Application Servers 2 NEC Corporation
More informationOn the Internet, nobody knows you re a dog.
On the Internet, nobody knows you re a dog. THREATS TO DISTRIBUTED APPLICATIONS 1 Jane Q. Public Big Bank client s How do I know I am connecting to my bank? server s Maybe an attacker...... sends you phishing
More informationOpen Source Networking Software Case studies and Roundtable. Arpit Joshipura GM, Networking
Open Source Networking Software Case studies and Roundtable Arpit Joshipura GM, Networking Industry Progress towards Harmonization 1. Recap of Software Stack 2. Technical Collaboration 3. Bringing Global
More informationSOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN
S O L U T I O N O V E R V I E W SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN Today s branch office users are consuming more wide area network (WAN) bandwidth
More informationDevelopment of IPX: Myth or Reality?
Development of IPX: Myth or Reality? Patrick MeLampy -CTO/Founder Acme Packet Acme Packet 1 Agenda IPX Acme Packet Perspective IPX and LTE/VoLTE Acme Packet Acme Packet Page 2 IPX A Vendor Perspective
More informationSecurity Everywhere Within Juniper Networks Mobile Cloud Architecture. Mobile World Congress 2017
Security Everywhere Within Juniper Networks Mobile Cloud Architecture Mobile World Congress 2017 Agenda Challenges and Trends Use Cases and Solutions Products and Services Proof Points Juniper s Mobile
More informationProtecting your Data in the Cloud. Cyber Security Awareness Month Seminar Series
Protecting your Data in the Cloud Cyber Security Awareness Month Seminar Series October 24, 2012 Agenda Introduction What is the Cloud Types of Clouds Anatomy of a cloud Why we love the cloud Consumer
More information2013 ONS Tutorial 2: SDN Market Opportunities. Sizing the SDN Market Opportunities Lee Doyle, Doyle Research
2013 ONS Tutorial 2: SDN Market Opportunities Sizing the SDN Market Opportunities Lee Doyle, Doyle Research ldoyle@doyle-research.com April 15, 2013 1 1 SDN Market Overview SDN Opportunity is Unlimited
More informationBringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016
Bringing cyber to the Board of Directors & C-level and keeping it there Dirk Lybaert, Proximus September 9 th 2016 Dirk Lybaert Chief Group Corporate Affairs We constantly keep people connected to the
More informationService Provider Security Architecture
Service Provider Security Architecture Andrew Turner Technical Marketing, Security Business Group April 12 th 2017 Digitization is disrupting the SP business The world has gone mobile Traffic growth, driven
More informationArtificial Intelligence Drives the next Generation of Internet Security
Artificial Intelligence Drives the next Generation of Internet Security Sam Lee Regional Director sam.lee@cujo.com Copyright 2017 CUJO LLC, All rights reserved. Artificial Intelligence Leads the Way Copyright
More informationAchieving End-to-End Security in the Internet of Things (IoT)
Achieving End-to-End Security in the Internet of Things (IoT) Optimize Your IoT Services with Carrier-Grade Cellular IoT June 2016 Achieving End-to-End Security in the Internet of Things (IoT) Table of
More informationBuild VoLTE Services using NFV & Cloud Reduce complexity and increase RoI
Build VoLTE Services using NFV & Cloud Reduce complexity and increase RoI Vivek Bhargava Director, Product Marketing Oracle Communications Oracle In Communications R&D, product strategy, sales and services
More informationSimplified service creation and delivery. Branch. SOHO Data Center. Control Center / NOC Packet Muse Service & Network Applications
ElastiNET FOR SERVICE PROVIDERS DEAL CONFIDENTLY WITH A CHANGING WORLD In today s world change is the only constant. Enabling technologies are changing, as is competition and customer expectations. Service
More informationTrusted Identities. Foundational to Cloud Services LILA KEE CHIEF PRODUCT OFFICER GLOBALSIGN
Trusted Identities Foundational to Cloud Services LILA KEE CHIEF PRODUCT OFFICER GLOBALSIGN WHAT YOU WILL LEARN TODAY Strong identity verification as a security measure and business enabler Authentication
More informationGDPR Update and ENISA guidelines
GDPR Update and ENISA guidelines 2016 [Type text] There are two topics that should be uppermost in every CISO's mind, how to address the growing demand for Unified Communications (UC) and how to ensure
More informationSecurity Enhancements
https://www.shield-h2020.eu/ Security Enhancements By means of NFV and Cognitive Security Managed Security Services (MSS) and NFV NFV becomes a key enabler for security services Security VNFs are emerging
More informationExploiting Cloud Technologies in Networks: NFV and SDN. Andy Reid and Peter Willis BT Research and Innovation
Exploiting Cloud Technologies in Networks: NFV and SDN Andy Reid and Peter Willis BT Research and Innovation Clarifying what we mean by: SDN Separation of control plane logic/processing data plane header
More informationSOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE
SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE March 2018 Table of Contents Introduction...1 Design...2 Use Cases...2 Underlay...3 Overlay...3 Dynamic Segmentation...3 Non-Stop Networking...4 Summary...5
More informationSD-WANs and Lifecycle Service Orchestration (LSO) October Daniel Bar-Lev Director, Office of the CTO
s and Lifecycle Service Orchestration () October 2017 Daniel Bar-Lev Director, Office of the CTO About MEF MEF created the $80B* Carrier Ethernet Market. MEF s goal is to leverage the global Carrier Ethernet
More informationvtelcos : How Cloud Computing is Changing Service Provider Networks Roy Rubenstein, Consultant LightCounting Market Research
vtelcos : How Cloud Computing is Changing Service Provider Networks Roy Rubenstein, Consultant LightCounting Market Research 2017 1 Summary Communications Service Providers (CSPs) are undertaking a fundamental
More informationHow Secured2 Uses Beyond Encryption Security to Protect Your Data
Secured2 Beyond Encryption How Secured2 Uses Beyond Encryption Security to Protect Your Data Secured2 Beyond Encryption Whitepaper Document Date: 06.21.2017 Document Classification: Website Location: Document
More informationThe Nasuni Security Model
White Paper Nasuni enterprise file services ensures unstructured data security and privacy, enabling IT organizations to safely leverage cloud storage while meeting stringent governance and compliance
More informationWHITEPAPER. How to secure your Post-perimeter world
How to secure your Post-perimeter world WHAT IS THE POST-PERIMETER WORLD? In an increasingly cloud and mobile focused world, there are three key realities enterprises must consider in order to move forward
More informationVirtualizing Managed Business Services for SoHo/SME Leveraging SDN/NFV and vcpe
Virtualizing Managed Business Services for SoHo/SME Leveraging SDN/NFV and vcpe A Technical Paper prepared for SCTE/ISBE by Ajay Manuga VP Engineering Benu Networks amanuja@benunets.com 2017 SCTE-ISBE
More informationNetwork Functions Virtualization (NFV): Promises and Progress CELTIC Event Monaco, April 23 rd, 2014
Functions Virtualization (NFV): Promises and Progress CELTIC Event Monaco, April 23 rd, 2014 Presented by: Yuri Gittik Head of Strategic Developments and Innovation NFV Promises and Progress 22.04.14 Slide1
More informationCato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief
Cato Cloud Software-defined and cloud-based secure enterprise network Solution Brief Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise Cato Networks: Software-defined and Cloud-based
More informationA developer-friendly telco edge
A developer-friendly telco edge Dr Simone Mangiante 19 September 2018 C1 - Public Why edge computing not just because of lower latency Evidence: Companies embracing edge computing: Vodafone Netflix Google
More informationNETWORKING 3.0. Network Only Provably Cryptographically Identifiable Devices INSTANT OVERLAY NETWORKING. Remarkably Simple
NETWORKING 3.0 Network Only Provably Cryptographically Identifiable Devices INSTANT OVERLAY NETWORKING Highly Available Remarkably Simple Radically Secure IP complexity is holding your business back As
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationWhat you need to know about disaster recovery in the
What you need to know about disaster recovery in the cloud @NigelTozer What you will learn today about leveraging the Cloud for DR Why cloud DR makes sense Workloads considerations Cloud DR in practice
More informationVirtual Dispersive Networking Spread Spectrum IP
Virtual Dispersive Networking Spread Spectrum IP DSI Proprietary 1 DSI Proprietary 2 Problem Lies Outside of Existing Security: On the Internet Internet Routers Virus Software Phishing Software etc POLICY
More informationWho s Protecting Your Keys? August 2018
Who s Protecting Your Keys? August 2018 Protecting the most vital data from the core to the cloud to the field Trusted, U.S. based source for cyber security solutions We develop, manufacture, sell and
More informationFuture Glimpses: Two Next Generation Applications of SDN and NFV. Alan Carlton. VP, InterDigital Europe. June G World, London
Future Glimpses: Two Next Generation Applications of SDN and NFV Alan Carlton VP, InterDigital Europe June 29-30 5G World, London 2015 InterDigital, Inc. All Rights Reserved. 1 InterDigital Europe Open
More informationBusiness Strategy Theatre
Business Strategy Theatre Security posture in the age of mobile, social and new threats Steve Pao, GM Security Business 01 May 2014 In the midst of chaos, there is also opportunity. - Sun-Tzu Security:
More informationMulti-access Edge Computing & Openshift
Multi-access Edge Computing & Openshift OpenShift Commons Briefing 2017.09.20 Red Hat Hyde SUGIYAMA Senior Principal Technologist NFV SDN ICT Vertical Red Hat APAC Office of Technology WHO AM I? Hyde SUGIYAMA
More informationCloud Connect. Gain highly secure, performance-optimized access to third-party public and private cloud providers
Cloud Connect Gain highly secure, performance-optimized access to third-party public and private cloud providers of the workload to run in the cloud by 2018 1 60 % Today s enterprise WAN environments demand
More informationSECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011
SECURING THE NEXT GENERATION DATA CENTER Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011 JUNIPER SECURITY LEADERSHIP Market Leadership Data Center with High-End
More informationCHARTING THE FUTURE OF SOFTWARE DEFINED NETWORKING
www.hcltech.com CHARTING THE FUTURE OF SOFTWARE DEFINED NETWORKING Why Next-Gen Networks? The rapid and large scale adoption of new age disruptive digital technologies has resulted in astronomical growth
More informationHybrid WAN Operations: Extend Network Monitoring Across SD-WAN and Legacy WAN Infrastructure
Hybrid WAN Operations: Extend Network Monitoring Across SD-WAN and Legacy WAN Infrastructure An ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) White Paper Prepared for SevOne May 2017 IT & DATA MANAGEMENT RESEARCH,
More informationWIND RIVER TITANIUM CLOUD FOR TELECOMMUNICATIONS
WIND RIVER TITANIUM CLOUD FOR TELECOMMUNICATIONS Carrier networks are undergoing their biggest transformation since the beginning of the Internet. The ability to get to market quickly and to respond to
More informationONAP CCVPN Blueprint Overview. ONAP CCVPN Blueprint Improves Agility and Provides Cross-Domain Connectivity. ONAP CCVPN Blueprint Overview 1
ONAP CCVPN Blueprint Overview ONAP CCVPN Blueprint Improves Agility and Provides Cross-Domain Connectivity ONAP CCVPN Blueprint Overview 1 OVERVIEW: Build high-bandwidth, flat OTN (Optical Transport Networks)
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationClinical Segmentation done right with Avaya SDN Fx for Healthcare
Clinical Segmentation done right with Avaya SDN Fx for Healthcare The stark reality is that patients are at grave risk as malicious attacks on exposed medical equipment increase. Table of Contents Highlights...
More informationOpen Digital: The Digital Services Opportunity Explored
inform innovate accelerate optimize Open Digital: The Digital Services Opportunity Explored Nik Willetts, Chief Strategy Officer APNOMS 2013 Hiroshima, September 26, 2013 2013 TM Forum 1 Who we are TM
More informationSD-WAN AND BEYOND: DELIVERING VIRTUAL NETWORK SERVICES
SD-WAN AND BEYOND: DELIVERING VIRTUAL NETWORK SERVICES A Technical Paper prepared for SCTE/ISBE by Ralph Santitoro Head of SDN/NFV/SD-WAN Solutions Fujitsu Network Communications (805) 791-0711 ralph.santitoro@us.fujitsu.com
More informationThe New Open Edge. IOT+Telecom+Cloud+Enterprise
The New Open Edge IOT+Telecom+Cloud+Enterprise Topics 1. LF Edge formation announcement 2. Why Edge, killer apps & defining the Edge 3. LF Edge Summary 2 LF Edge Open Source harmonized for Edge & IOT New
More informationAT&T SD-WAN Network Based service quick start guide
AT&T SD-WAN Network Based service quick start guide After you order your AT&T SD-WAN Network Based service, you can: Create administrator accounts Log in to the SD-WAN orchestrator Configure business policy
More information1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7
1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7 ORACLE PRODUCT LOGO 20. oktober 2011 Hotel Europa Sarajevo Platform
More informationCloudSOC and Security.cloud for Microsoft Office 365
Solution Brief CloudSOC and Email Security.cloud for Microsoft Office 365 DID YOU KNOW? Email is the #1 delivery mechanism for malware. 1 Over 40% of compliance related data in Office 365 is overexposed
More informationThe Tor Network. Cryptography 2, Part 2, Lecture 6. Ruben Niederhagen. June 16th, / department of mathematics and computer science
The Tor Network Cryptography 2, Part 2, Lecture 6 Ruben Niederhagen June 16th, 2014 Tor Network Introduction 2/33 Classic goals of cryptography: confidentiality, data integrity, authentication, and non-repudiation.
More informationWHAT CIOs NEED TO KNOW TO CAPITALIZE ON HYBRID CLOUD
WHAT CIOs NEED TO KNOW TO CAPITALIZE ON HYBRID CLOUD 2 A CONVERSATION WITH DAVID GOULDEN Hybrid clouds are rapidly coming of age as the platforms for managing the extended computing environments of innovative
More informationTransaction Security Challenges & Solutions
Transaction Security Challenges & Solutions A REPORT FROM NEWNET COMMUNICATION TECHNOLOGIES, LLC Copyright NewNet Communication Technologies, LLC. 700 East Butterfield Road, Suite 350, Lombard, IL 60148
More informationCato Networks. Network Security as a Service
Cato s Security as a Service SHLOMO KRAMER, CEO Founder: Check Point (CHKP), Imperva (IMPV) Investor: Palo Alto s (PANW), Trusteer, GUR SHATZ, CTO VP R&D, PM: Imperva (IMPV) Founder: Incapsula (Imperva
More informationWHY MPLS/VPN SERVICES WILL BECOME REDUNDANT AND WILL BE REPLACED BY SD-WAN WITH INTERNET TRANSPORT. By Roumen Doukov
WHY MPLS/VPN SERVICES WILL BECOME REDUNDANT AND WILL BE REPLACED BY SD-WAN WITH INTERNET TRANSPORT By Roumen Doukov rdoukov@teneo.net Copyright 2018 Teneo. All rights reserved. 2 CONTENTS 1.0 INTRODUCTION...
More informationAccelerating SDN and NFV Deployments. Malathi Malla Spirent Communications
Accelerating SDN and NFV Deployments Malathi Malla Spirent Communications 2 Traditional Networks Vertically integrated Closed, proprietary Slow innovation 3 Infinite Complexity of Testing Across virtual
More informationSDN Commercial Deployments: Emerging Business Cases
SDN Commercial Deployments: Emerging Business Cases An IHS Markit Technology Webinar 2016 IHS Markit. All Rights Reserved. #SDN 2 Today s Speakers SDN Commercial Deployments: Emerging Business Cases #SDN
More informationTHALES DATA THREAT REPORT
2018 THALES DATA THREAT REPORT Trends in Encryption and Data Security U.S. FEDERAL EDITION EXECUTIVE SUMMARY #2018DataThreat THE TOPLINE Federal agency data is under siege. Over half of all agency IT security
More informationK8s(Kubernetes) and SDN for Multi-access Edge Computing deployment
K8s(Kubernetes) and SDN for Multi-access Edge Computing deployment Open Source Summit Japan 2017.06.02 Red Hat Hyde SUGIYAMA Senior Principal Technologist NFV SDN ICT Red Hat APAC Office of Technology
More informationFive things you need to know when building your digital future. William Morrish GM Product Sales
Five things you need to know when building your digital future William Morrish GM Product Sales INTEROUTE BUILT Built TO BE THE to CORE be the OF EUROPE core of Europe Founded in 2002 2Bn Pan European
More informationNetwork Security Monitoring: An Open Community Approach
Network Security Monitoring: An Open Community Approach IUP- Information Assurance Day, 2011 Greg Porter 11/10/11 Agenda Introduction Current State NSM & Open Community Options Conclusion 2 Introduction
More informationSimple and Secure Micro-Segmentation for Internet of Things (IoT)
Solution Brief Simple and Secure Micro-Segmentation for Internet of Things (IoT) A hardened network architecture for securely connecting any device, anywhere in the world Tempered Networks believes you
More informationAgenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 2
GRC3386BUS GDPR Readiness with IBM Cloud Secure Virtualization Raghu Yeluri, Intel Corporation Shantu Roy, IBM Bill Hackenberger, Hytrust #VMworld #GRC3386BUS Agenda GDPR Overview & Requirements IBM Secure
More informationWHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS
July 2018 WHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS JUST WHAT THE DOCTOR ORDERED... PROTECT PATIENT DATA, CLINICAL RESEARCH AND CRITICAL INFRASTRUCTURE HEALTHCARE S KEY TO DEFEATING IOT CYBERATTACKS
More informationOpenADN: Service Chaining of Globally Distributed VNFs
OpenADN: Service Chaining of Globally Distributed VNFs Project Leader: Subharthi Paul Washington University in Saint Louis Saint Louis, MO 63130 Jain@cse.wustl.edu Software Telco Congress, Santa Clara,
More informationDefining Security for an AWS EKS deployment
Defining Security for an AWS EKS deployment Cloud-Native Security www.aporeto.com Defining Security for a Kubernetes Deployment Kubernetes is an open-source orchestrator for automating deployment, scaling,
More informationCisco SD-WAN. Intent-based networking for the branch and WAN. Carlos Infante PSS EN Spain March 2018
Cisco SD-WAN Intent-based networking for the branch and WAN Carlos Infante PSS EN Spain March 2018 Aug-12 Oct-12 Dec-12 Feb-13 Apr-13 Jun-13 Aug-13 Oct-13 Dec-13 Feb-14 Apr-14 Jun-14 Aug-14 Oct-14 Dec-14
More informationSecurity Models for Cloud
Security Models for Cloud Kurtis E. Minder, CISSP December 03, 2011 Introduction Kurtis E. Minder, Technical Sales Professional Companies: Roles: Security Design Engineer Systems Engineer Sales Engineer
More informationSHA-1 to SHA-2. Migration Guide
SHA-1 to SHA-2 Migration Guide Web-application attacks represented 40 percent of breaches in 2015. Cryptographic and server-side vulnerabilities provide opportunities for cyber criminals to carry out ransomware
More informationCan the Network be the New Cloud.
PEOPLE. PLATFORMS. PARTNERS. PEERING. Can the Network be the New Cloud. MARK DALEY DIRECTOR, DIGITAL STRATEGY EPSILON 1 According to Aryaka's 2017 State of the WAN report, 50% of WAN traffic is now in
More informationWe are innovating in security
We are innovating in security Security Network Network Innovation Day Day 2018 2018 We are We in are in threat and defense Complex mix of multiple vendors without effective orchestration IoT connected
More informationAltitude Software. Data Protection Heading 2018
Altitude Software Data Protection Heading 2018 How to prevent our Contact Centers from Data Leaks? Why is this a priority for Altitude? How does it affect the Contact Center environment? How does this
More informationRaj Jain (Washington University in Saint Louis) Mohammed Samaka (Qatar University)
APPLICATION DEPLOYMENT IN FUTURE GLOBAL MULTI-CLOUD ENVIRONMENT Raj Jain (Washington University in Saint Louis) Mohammed Samaka (Qatar University) GITMA 2015 Conference, St. Louis, June 23, 2015 These
More informationDHG presenter. August 17, Addressing the Evolving Cybersecurity Landscape. DHG Birmingham CPE Seminar 1
Addressing the Evolving Cybersecurity Tom Tollerton, CISSP, CISA, PCI QSA Manager Cybersecurity Advisory Services DHG presenter Tom Tollerton, Manager DHG IT Advisory 704.367.7061 tom.tollerton@dhgllp.com
More informationSD-WAN. The CIO s guide to. Why it s time for a new kind of network
The CIO s guide to SD-WAN Why it s time for a new kind of network More applications, more complexity, more problems, more opportunities. We re doing business in a bold new world. Technology, data and digitalization
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationManage the Performance of SaaS and Cloud Hosted Applications
Manage the Performance of SaaS and Cloud Hosted Applications Corporate Identity Who are we? Where are we heading? 2 Who we are A WireData Analytics Provider (for NPM and APM) 13 years of cumulated experience
More informationWindows IoT Security. Jackie Chang Sr. Program Manager
Windows IoT Security Jackie Chang Sr. Program Manager Rest Physical access to a device will not give access to data Data & Control Execution Data owner has full control over data processing Motion Transport
More information