IBM Security Network Protection Open Mic - Thursday, 31 March 2016
|
|
- Frederica Daniel
- 5 years ago
- Views:
Transcription
1 IBM Security Network Protection Open Mic - Thursday, 31 March 2016 Application Control and IP Reputation on the XGS Demystified Panelists Tanmay Shah, Presenter IPS/Network Protection Product Lead Bill Klauke - IPS/Network Protection Product Lead Jeffrey DiCostanzo AVP Leader Moazzam Khan L3 Engineer Satishchandra Bhandurge L2 and AVP Edward Leisure L2 Knowledge Leader Thomas Gray, Moderator Level 2 Support Manager Reminder: You must dial-in to the phone conference to listen to the panelists. The webcast does not include audio. USA toll-free: USA toll: Participant passcode: Slides and additional dial in numbers: NOTICE: By participating in this call, you give your irrevocable consent to IBM to record any statements that you may make during the call, as well as to IBM's use of such recording in any and all media, including for video postings on YouTube. If you object, please do not connect to this call.
2 Agenda Application Control Overview and Configuration Use Cases Things to remember IP Reputation Overview and Configuration Use Cases Things to remember IBM X-Force Exchange/AppLoupe 2
3 Application Control Overview and Configuration
4 Application Control Overview and Configuration Application control feature allows security administrators to achieve visibility into web applications and non-web applications being used in their environments. Using network access policy, an administrator can have a granular control of identified applications for specific groups, individuals or network segments. Application control also includes ability to filter/whitelist http/https URLs. This is a licensed feature. A valid license allows the appliance to update the application and URL category database. The following types of application objects, when used in network access policy, allow controlling the applications and websites being accessed in a network: Web Applications: various web-based applications grouped in different categories Non-Web Applications: desktop applications / specific ports-protocols URL Categories: http websites grouped in different categories URL Lists: custom http URL list Domain Certificate Categories: https websites grouped in different categories Domain Certificate Lists: custom https URL list IP Reputation: public IP address reputation classification 4
5 Application Control Overview and Configuration continued Configuration for Application Database (as well as IP reputation database) is controlled through Manage Application Database policy on SiteProtector and Application Database Settings under Manage -> Updates and Licensing on LMI 5
6 Application Control Overview and Configuration continued The update server for application database updates is NOT configurable. The configuration only allows to enable Auto Update, Feedback and proxy configuration. XGS s management interface will need internet access, direct or via proxy, to download application and/or IP reputation databases. The following tables lists the domain name and port combinations that should be allowed through the firewall/proxy XGS will submit statistical data from the device to IBM to make IP reputation classification more accurate. If enabled, IP reputation information will be included in IPS events ONLY. Ref Technote:
7 Application Control Overview and Configuration continued Application object creation, modification or deletion is done through Network Access policy. License status and update version/date information can be verified from Manage -> Updates and Licensing -> Overview 7
8 Application Control Use cases
9 Application Control: Use Case-1 Requirement: Allow access to social networking website (http and https) to only Marketing users and blocked for all the other users. Note: These configuration steps assume that a remote active directory server is already integrated with XGS for identity information. 1- Create URL category, Domain Category & Identity objects in the Network Access Policy 9
10 Application Control: Use Case-1 continued Requirement: Allow access to social networking website (http and https) to only Marketing users and blocked for all the other users. Note: These configuration steps assume that a remote active directory server is already integrated with XGS for identity information. 2 - Create outbound ssl inspection rule for domain category object in the Outbound SSL Inspection policy 3 - Create access rules to allow/block access using the objects in the Network Access Policy 10
11 Application Control: Use Case-2 Requirement: Identify and block users and IP addresses using in-secure file transfer protocols like ftp/tftp. Report it as an exception and send to the security admin to take follow up action. 1 - Create a non-web application object for ftp/tftp traffic through the Network Access Policy 2 - Create an alert object through the Network Access Policy 3 - Create an access rule in the Network Access Policy to drop the traffic 11
12 Application Control: Use Case-3 Requirement: Create a whitelist for specific URLs, for specific group of users (C-level), to ensure that those users are able to access certain websites all the time without any IPS inspection for those websites. Note: These configuration steps assume that a remote active directory server is already integrated with XGS for identity information. 1- Create URL List, Domain List & Identity objects in the Network Access Policy 12
13 Application Control: Use Case-3 continued Requirement: Create a whitelist for specific URLs, for specific group of users (C-level), to ensure that those users are able to access certain websites all the time without any IPS inspection for those websites. 2 - Create an outbound ssl inspection rule for the https websites added in the domain list object 3 Create an access rule in Network Access Policy to whitelist the websites 13
14 Application Control Things to remember
15 Application Control: Things to remember XGS will only identify applications if the network access policy has at least one rule based on application object(s). The update server configuration in Manage -> Updates and Licensing -> Update servers is irrelevant to application database updates. That also means that application database can not be updated through SiteProtector XUS. The use of large URL Lists can cause latency. To minimize the latency, limit the URL Lists to 10,000 characters or less AND use no more than one of these large URL Lists in a single NAP rule. Ref Technote# Identifying the application that is in use requires that the sensor allow some packets to pass so that a successful connection can be established. After the connection is established, the XGS can begin analyzing Application Layer traffic. So, for application objects based drop/reject rules, the adjacent devices like firewall may see those initial connection packets. Ref Technote# If the appliance is not able to submit the unknown URLs to IBM, when Enable Feedback option for Application Database is enabled, it may result in higher disk utilization. This, in turn, could have an impact on the appliance memory utilization. This happens because the feedback information is stored in many small files on the appliance. Though we recommend to not enable this option, if you still want to keep it enabled, ensure to monitor disk utilization. If you observe an abnormal increase, please disable the option immediately and get in touch with IBM support to receive and install a patch, which will clear those temporary files and make the disk space available. 15
16 IP Reputation Overview and Configuration
17 IP Reputation Overview and Configuration Depending upon the activity a malicious public IP address inflicts, IBM X-Force team classifies them as Spam, Anonymous Proxies, Dynamic IPs and/or Malware (described below) and assigns a score in the range of 1 to 100, where the higher value represents bad reputation. The geographical location (country) of the IP address is also identified and recorded. Anonymous Proxies - This category contains IP addresses of Web proxies (websites that allow the user to anonymously view websites). Furthermore, IP addresses are listed that can be used directly to surf anonymously (e.g. by adding them to the browser configuration). Botnet Command and Control Server - This category contains IP addresses that host a botnet command and control server. Dynamic IPs This category contains IP addresses of dialup hosts and DSL lines. Malware This category lists IP addresses of malicious websites or malware-hosting websites. Scanning IPs These IP addresses that have been identified as illegally scanning networks for vulnerabilities. Spam This category lists IP addresses that have been observed sending out spam. 17
18 IP Reputation Overview and Configuration continued It allows configuring threshold for these categories to control policy enforcement for the related traffic. It is a licensed feature. XGS appliance maintains a database of such malicious IP addresses, their location, the classification and the score. This database must be updated continuously, to ensure that the device has the latest and most accurate information. IP reputation feature on the XGS appliance is controlled by Application Database Settings policy on the LMI under Manage System Settings -> Updates and Licensing OR Manage Application Databases policy through SiteProtector (already discussed in previous section). 18
19 IP Reputation Overview and Configuration continued IP Reputation/Geo location object creation, modification or deletion is done through Network Access policy. License status and update version/date information can be verified from Manage -> Updates and Licensing -> Overview 19
20 IP Reputation Use cases
21 IP Reputation/Geo location: Use Case-1 Requirement: After enabling IP reputation, based on monthly reporting it was identified that there has been a significant increase in number of attacks from Sudan. We have some resellers there so we cannot block the traffic completely but we would like to have a stricter IPS policy configuration for all the traffic originating from Sudan. 1 Create a new Inspection object with protection level paranoid through IPS policy or Network Access Policy 2 Create a geolocation object through Network Access Policy 3 Create a NAP rule to apply the IPS policy to traffic originating from Sudan 21
22 IP Reputation/Geo location: Use Case-2 Requirement: Internal network users in the network should not be able to access any known anonymous proxies or IP addresses which are known/unknown anonymizers. 1 Open Network Access Policy 2 Create an IP Reputation object 3 Create a NAP rule to drop all the traffic destined to IP addresses having score of 95 or above for Anonymous Services 22
23 IP Reputation/Geo location: Use Case-3 Requirement: Ensure that no known malware IP addresses are able to target our network by exploiting any known or unknown vulnerabilities. 1 Create a new Inspection object with protection level paranoid through IPS policy or Network Access Policy 2 Create an IP Reputation object through Network Access Policy 3 Create a NAP rule to apply paranoid policy to or from known malware IP addresses in Network Access Policy 23
24 IP Reputation Things to Remember
25 IP Reputation: Things to remember IP Reputation information is only populated for IPS events. If an IP address has reputation information populated in SiteProtector database through IPS events, network access events, in that case, will have that information available as well. Ref Technote# If a lower score threshold is configured in an IP reputation object, as a best practice, always start with detection rule (with action accept and response event log). Monitor events after the rule is created. After verifying the events, either fine tune the rule to increase the score OR change the action to drop/reject. Identifying the application that is in use requires that the sensor allow some packets to pass so that a successful connection can be established. After the connection is established, the XGS can begin analyzing Application Layer traffic. So, for application objects based drop/reject rules, the adjacent devices like firewall may see those initial connection packets. Ref Technote#
26 IBM X-Force Exchange/AppLoupe
27 IBM X-Force Exchange/AppLoupe IBM X-Force Exchange is a cloud-based threat intelligence sharing platform enabling users to rapidly research the latest global security threats, aggregate actionable intelligence and collaborate with peers. It allows administrators to verify the current and historical IP classification reputation score for public IP addresses. You can also verify the latest URL classification for a URL. To report a false positive or false negative applications, URLs or IP addresses, visit and click Feedback then Give Feedback on AppLoupe 27
28 Questions for the panel? Now is your opportunity to ask questions of our panelists. To ask a question now: Press *1 to ask a question over the phone or Type your question into the IBM Connections Cloud Meeting chat To ask a question after this presentation: You are encouraged to participate in our Forum topic about this: 28
29 Where do you get more information? Questions on this or other topics can be directed to the product forum: More articles you can review: IBM developerworks article on XGS IP Reputation Use Cases: IBM Knowledge Center: Useful link: How to Contact IBM Software Support for IBM Security IBM Support Portal Sign up for My Notifications Follow us: 29
30 Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed, misappropriated or misused or can result in damage to or misuse of your systems, including for use in attacks on others. No IT system or product should be considered completely secure and no single product, service or security measure can be completely effective in preventing improper use or access. IBM systems, products and services are designed to be part of a lawful, comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT ANY SYSTEMS, PRODUCTS OR SERVICES ARE IMMUNE FROM, OR WILL MAKE YOUR ENTERPRISE IMMUNE FROM, THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. THANK YOU Copyright IBM Corporation All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and / or capabilities referenced in these materials may change at any time at IBM s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others.
XGS Administration - Post Deployment Tasks
IBM Security Network Protection Support Open Mic - 18 November 2015 XGS Administration - Post Deployment Tasks Panelists Tanmay Shah XGS Product Lead, L2 Support (Presenter) Thomas Gray L2 Support Manager
More informationXGS: Making use of Logs and Captures
IBM Security Network Protection XGS Open Mic webcast #6 June 24, 2015 XGS: Making use of Logs and Captures Panelists Bill Klauke (Presenter) Product Lead L2 Support Maxime Turlot Product Lead L2 Support
More informationSecurity Support Open Mic: ISNP High Availability and Bypass
Panelists Ed Leisure Knowledge Engineer, Presenter Andrew Sallaway SWAT Consultant Kenji Hamahata L2 Engineer (Japan) Maxime Turlot Product Lead Arthur Testa Product Lead Jeff Dicostanzo Advanced Value
More informationIBM Threat Protection System: XGS - QRadar Integration
IBM Security Network Protection Support Open Mic - Wednesday, 25 May 2016 IBM Threat Protection System: XGS - QRadar Integration Panelists Tanmay Shah - Presenter Level 2 Support Product Lead Danitza Villaran-Rokovich,
More informationIBM SECURITY NETWORK PROTECTION (XGS)
IBM SECURITY NETWORK PROTECTION (XGS) IP Reputation Use cases and more Tanmay Shah Product Lead IBM Security Network Protection Tanmay.Shah@au1.ibm.com Contents Introduction... 2 Audience... 2 IP Reputation
More informationXGS & QRadar Integration
IBM Security Support Open Mic - January 28, 2015 XGS & QRadar Integration Advanced Threat Protection Integration Options Panelists Wes Davis Advanced Threat Support Group Engineer (Presenter) Thomas Gray
More informationGX vs XGS: An administrator s comparison of the two products
: An administrator s comparison of the two products Panelists Bill Klauke IPS Product Lead, Level 2 Support Matthew Elsner XGS Development Yuceer (Banu) Ilgen XGS Development Jeff Dicostanzo AVP Support
More informationDisk Space Management of ISAM Appliance
IBM Security Access Manager Tuesday, 5/3/16 Disk Space Management of ISAM Appliance Panelists David Shen Level 2 Support Engineer Steve Hughes Level 2 Support Engineer Nicholas Hasten Level 2 Support Engineer
More informationIBM Security Network Protection
IBM Security Network Protection XGS 5.3.3 firmware release Features and Enhancements IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web
More informationSecurity Support Open Mic Build Your Own POC Setup
IBM Security Access Manager 08/25/2015 Security Support Open Mic Build Your Own POC Setup Panelists Reagan Knowles Level II Engineer Nick Lloyd Level II Support Engineer Kathy Hansen Level II Support Manager
More informationMSS VSOC Portal Single Sign-On Using IBM id IBM Corporation
MSS VSOC Portal Single Sign-On Using IBM id Changes to VSOC Portal Sign In Page Users can continue to use the existing Client Sign In on the left and enter their existing Portal username and password.
More informationIBM Security Access Manager v8.x Kerberos Part 1 Desktop Single Sign-on Solutions
IBM Security Access Manager open mic webcast July 14, 2015 IBM Security Access Manager v8.x Kerberos Part 1 Desktop Single Sign-on Solutions Panelists Gianluca Gargaro L2 Support Engineer Darren Pond L2
More informationHow to properly deploy, configure and upgrade the NAB
Panelists Jeff DiCostanzo, Presenter AVP Team Lead Bill Klauke - Level 2 Product Lead Maxime Turlot - Level 2 Product Lead Ryan Andersen - Level 2 Senior Engineer Edward A Romero - Level 3 Network Security
More informationUnderstanding scan coverage in AppScan Standard
IBM Security AppScan Standard Open Mic Webcast January 27, 2015 Understanding scan coverage in AppScan Standard Panelists Shahar Sperling Software Architect at Application Security AppScan Tal Rabinovitch
More informationSecurity Support Open Mic Client Certificate Authentication
IBM Security Access Manager, Tuesday, December 8, 2015 Security Support Open Mic Client Certificate Authentication Panelists Jack Yarborough ISAM Level II Nick Lloyd ISAM Level II Scott Stough ISAM Level
More informationIBM Security Access Manager v8.x Kerberos Part 2
IBM Security Access Manager open mic webcast - Oct 27, 2015 IBM Security Access Manager v8.x Kerberos Part 2 Kerberos Single Sign On using Constrained Delegation Panelists Gianluca Gargaro L2 Support Engineer
More informationIntroduction to IBM Security Network Protection Manager
Introduction to IBM Security Network Protection Manager IBM SECURITY SUPPORT OPEN MIC Slides are at: https://ibm.biz/bdscvz NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM
More informationIBM Security Network Protection Solutions
Systems IBM Security IBM Security Network Protection Solutions Pre-emptive protection to keep you Ahead of the Threat Tanmay Shah Product Lead Network Protection Appliances IBM Security Systems 1 IBM Security
More informationJunction SSL Debugging With Wireshark
Junction SSL Debugging With Wireshark IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection menu option.
More informationISAM Advanced Access Control
ISAM Advanced Access Control CONFIGURING TIME-BASED ONE TIME PASSWORD Nicholas J. Hasten ISAM L2 Support Tuesday, November 1, 2016 One Time Password OTP is a password that is valid for only one login session
More informationIBM MaaS360 Kiosk Mode Settings
IBM MaaS360 Kiosk Mode Settings Configuration Settings for Kiosk Mode Operation IBM Security September 2017 Android Kiosk Mode IBM MaaS360 provides a range of Android device management including Samsung
More informationISAM Federation STANDARDS AND MAPPINGS. Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support.
ISAM Federation STANDARDS AND MAPPINGS Gabriel Bell IBM Security L2 Support Jack Yarborough IBM Security L2 Support July 19, 2017 Agenda ISAM Federation Introduction Standards and Protocols Attribute Sources
More informationIBM Security Directory Server: Utilizing the Audit.log
IBM Security Directory Server Open Mic Webcast #1 November 4, 2014 IBM Security Directory Server: Utilizing the Audit.log Panelists Roy Spencer L2LDAP Technical Lead Ram Reddy L2LDAP Senior Engineer Benjamin
More informationWhat's new in AppScan Standard/Enterprise/Source version
What's new in AppScan Standard/Enterprise/Source version 9.0.3.4 support Open Mic Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA
More informationDeploying BigFix Patches for Red Hat
Deploying BigFix Patches for Red Hat IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free: 866-803-2141
More informationIBM BigFix Relays Part 2
IBM BigFix Relays Part 2 IBM SECURITY SUPPORT OPEN MIC December 17, 2015 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM TO RECORD ANY STATEMENTS THAT YOU MAY MAKE DURING
More informationHow AppScan explores applications with ABE and RBE
How AppScan explores applications with ABE and RBE IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationLet s Talk About Threat Intelligence
Let s Talk About Threat Intelligence IBM SECURITY SUPPORT OPEN MIC #20 Slides and additional dial in numbers: http://ibm.biz/openmic20 January 26, 2017 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR
More informationIBM Security. Endpoint Manager- BigFix. Daniel Joksch Security Sales IBM Corporation
IBM Security Endpoint Manager- BigFix Daniel Joksch Security Sales Establish security as an immune system Malware protection Incident and threat management Identity management Device management Data monitoring
More informationHow to Secure Your Cloud with...a Cloud?
A New Era of Thinking How to Secure Your Cloud with...a Cloud? Eitan Worcel Offering Manager - Application Security on Cloud IBM Security 1 2016 IBM Corporation 1 A New Era of Thinking Agenda IBM Cloud
More informationWhat's new in AppScan Standard version
What's new in AppScan Standard version 9.0.3.5 IBM Audio Security Connection support dialog by Open access Mic the Slides and more information: http://www.ibm.com/support/docview.wss?uid=swg27049311 February
More informationRemote Syslog Shipping IBM Security Guardium
Remote Syslog Shipping IBM Security Guardium IBM Security support Open Mic To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection menu
More informationAnalyzing Hardware Inventory report and hardware scan files
Analyzing Hardware Inventory report and hardware scan files IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by
More informationConfiguring zsecure To Send Data to QRadar
Configuring zsecure To Send Data to QRadar CONFIGURATION, SETUP, AND EXAMPLES Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free:
More informationPredators are lurking in the Dark Web - is your network vulnerable?
Predators are lurking in the Dark Web - is your network vulnerable? Venkatesh Sadayappan (Venky) Security Portfolio Marketing Leader IBM Security - Central & Eastern Europe Venky.iss@cz.ibm.com @IBMSecurityCEE
More informationConfiguring your policy to prevent appliance problems
Configuring your policy to prevent appliance problems IBM Security Guardium IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationMore on relevance checks in ILMT and BFI
More on relevance checks in ILMT and BFI IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by accessing the Communicate
More informationQRadar Feature Discussion IBM SECURITY SUPPORT OPEN MIC
QRadar 7.2.7 Feature Discussion IBM SECURITY SUPPORT OPEN MIC Reminder: You must dial-in to the phone conference to listen to the panelists. The web cast does not include audio. USA toll-free: 866-803-2141
More informationIBM Security Network Protection v Enhancements
IBM Security Network Protection v5.3.3.1 Enhancements IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationHTTP Transformation Rules with IBM Security Access Manager
HTTP Transformation Rules with IBM Security Access Manager IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationUsing Buffer Usage Monitor Report & Sniffer must_gather for troubleshooting
Using Buffer Usage Monitor Report & Sniffer must_gather for troubleshooting IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationIBM Next Generation Intrusion Prevention System
IBM Next Generation Intrusion Prevention System Fadly Yahaya SWAT Optimizing the World s Infrastructure Oct 2012 Moscow 2012 IBM Corporation Please note: IBM s statements regarding its plans, directions,
More informationBigFix Query Unleashed!
BigFix Query Unleashed! Lee Wei IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by accessing the Communicate > Audio Connection menu option. To
More informationOptimizing IBM QRadar Advisor with Watson
Optimizing IBM QRadar Advisor with Watson IBM SECURITY SUPPORT OPEN MIC #25 Slides and additional dial in numbers: http://ibm.biz/openmic25 June 8, 2017 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE
More informationIBM Security Support Open Mic
IBM Security Support Open Mic LET S TALK ABOUT QRADAR 7.2.8 FEATURES Connect to WebEx Audio by selecting an option in the Audio Connection dialog or by accessing the Communicate > Audio Connection menu
More informationMay the (IBM) X-Force Be With You
Ann Arbor, Michigan July 23-25 May the (IBM) X-Force Be With You A QUICK PEEK INTO ONE OF THE MOST RENOWNED SECURITY TEAMS IN THE WORLD Marlon Machado Worldwide Standardization Leader, Application Security
More informationLe sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza
Le sfide di oggi, l evoluzione e le nuove opportunità: il punto di vista e la strategia IBM per la Sicurezza Giulia Caliari IT Architect, IBM Security #IBMSecurity Attackers break through conventional
More informationIBM Security Identity Manager New Features in 6.0 and 7.0
IBM Security Identity Manager New Features in 6.0 and 7.0 IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationQRadar Open Mic: Custom Properties
November 29, 2017 QRadar Open Mic: Custom Properties IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationIBM Security Guardium: : Sniffer restart & High CPU correlation alerts
IBM Security Guardium: : Sniffer restart & High CPU correlation alerts IBM SECURITY SUPPORT OPEN MIC, presented by Lisette Contreras, Guardium Support To hear the WebEx audio, select an option in the Audio
More informationSecurity Update PCI Compliance
Security Update PCI Compliance (Payment Card Industry) Jeff Uehling IBM i Security Development uehling@us.ibm.com 2012 IBM Corporation PCI Requirements An Information only Presentation NOTE: These Slides
More informationIBM BigFix Relays Part 1
IBM BigFix Relays Part 1 IBM SECURITY SUPPORT OPEN MIC November 19, 2015 Revised March 2, 2018 NOTICE: BY PARTICIPATING IN THIS CALL, YOU GIVE YOUR IRREVOCABLE CONSENT TO IBM TO RECORD ANY STATEMENTS THAT
More informationInterpreting relevance conditions in commonly used ILMT/BFI fixlets
Interpreting relevance conditions in commonly used ILMT/BFI fixlets IBM LICENSE METRIC TOOL AND BIGFIX INVENTORY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog
More informationIBM Security Guardium: Troubleshooting No Traffic Issues
IBM Security Guardium: Troubleshooting No Traffic Issues IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationLet s talk about QRadar 7.2.5
QRadar Open Mic Webcast #9 June 10, 2015 Let s talk about QRadar 7.2.5 Panelists Dwight Spencer Principal Solutions Architect & Co-founder of Q1 Labs Adam Frank Principal Solutions Architect Jeremy Mathews
More informationIntegrated, Intelligence driven Cyber Threat Hunting
Integrated, Intelligence driven Cyber Threat Hunting THREAT INVESTIGATION AND RESPONSE PLATFORM Zsolt Kocsis IBM Security Technical Executive, CEE zsolt.kocsis@hu.ibm.com 6th Nov 2018 Build an integrated
More informationPonemon Institute s 2018 Cost of a Data Breach Study
Ponemon Institute s 2018 Cost of a Data Breach Study September 18, 2018 1 IBM Security Speakers Deborah Snyder CISO State of New York Dr. Larry Ponemon Chairman and Founder Ponemon Institute Megan Powell
More informationIBM Lotus Notes in XenApp Environments
IBM Lotus Notes in XenApp Environments Open Mic Webcast September 28, 2011 11:00 AM EDT 2011 IBM Corporation Open Mic Webcast: IBM Lotus Notes in XenApp environments September 28 th @ 11:00 AM EDT (15:00
More informationApp-ID. PALO ALTO NETWORKS: App-ID Technology Brief
App-ID Application Protocol Detection / Decryption Application Protocol Decoding Application Signature Heuristics App-ID is a patent-pending traffic classification technology that identifies more than
More informationInfoSphere Guardium 9.1 TechTalk Reporting 101
InfoSphere Guardium 9.1 TechTalk Reporting 101 Click to add text Dario Kramer, Senior System Architect dariokramer@us.ibm.com 2013 IBM Corporation Acknowledgements and Disclaimers Availability. References
More informationWe will see how this Android SDK class. public class OpenSSLX509Certificate extends X509Certificate {
We will see how this Android SDK class public class OpenSSLX509Certificate extends X509Certificate { } private MISSING MODIFIER BEFORE OUR DISCLOSURE! (NOW PATCHED) final long mcontext; 2 Led to this REPLACEMENT
More informationIBM BigFix Client Reporting: Process, Configuration, and Troubleshooting
IBM BigFix Client Reporting: Process, Configuration, and Troubleshooting IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate
More informationIBM Security Access Manager Single Sign-on with Federation
IBM Security Access Manager Single Sign-on with Federation IBM SECURITY SUPPORT OPEN MIC To hear the WebEx audio, select an option in the Audio Connection dialog or by access the Communicate > Audio Connection
More informationIntroducing IBM Lotus Sametime 7.5 software.
Real-time collaboration solutions March 2006 Introducing IBM Lotus Sametime 7.5 software. Adam Gartenberg Offering Manager, Real-time and Team Collaboration Page 2 Contents 2 Introduction 3 Enhanced instant
More informationWe will see how this Android SDK class. public class OpenSSLX509Certificate extends X509Certificate {
We will see how this Android SDK class public class OpenSSLX509Certificate extends X509Certificate { } private MISSING MODIFIER BEFORE OUR DISCLOSURE! (NOW PATCHED) final long mcontext; One Class to Rule
More informationSymantec & Blue Coat Technical Update Webinar 29. Juni 2017
Avantec Blue Coat/Symantec Webinar Jean Marc Edder Senior Systems Engineer The Global Leader in Cyber Network + + Cloud Global market leader in Endpoint, Email, Data Loss Prevention and Website, User Authentication
More information1110 Cool Things Your Firewall Should Do. Extend beyond blocking network threats to protect, manage and control application traffic
1110 Cool Things Your Firewall Should Do Extend beyond blocking network threats to protect, manage and control application traffic Table of Contents The Firewall Grows Up 1 What does SonicWALL Application
More informationFabrizio Patriarca. Come creare valore dalla GDPR
Fabrizio Patriarca Come creare valore dalla GDPR Disclaimer Notice: Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data
More informationIBM Security Access Manager
IBM Access Manager Take back control of access management with an integrated platform for web, mobile and cloud Highlights Protect critical assets with risk-based and multi-factor authentication Secure
More informationThe New Era of Cognitive Security
The New Era of Cognitive Security IBM WATSON SUMMIT KANOKSAK RATCHAPAT Senior Technical Sales 1 Today s security challenges ACTORS TARGETS VECTORS REALITY Organized Crime Healthcare Ransomware Cloud, mobile,
More informationThe McGill University Health Centre (MUHC)
The McGill University Health Centre (MUHC) Strengthening its security posture with in- depth global intelligence Overview The need MUHC security staff wanted to more quickly identify and assess potential
More informationSOLUTION MANAGEMENT GROUP
InterScan Messaging Security Virtual Appliance 8.0 Reviewer s Guide February 2011 Trend Micro, Inc. 10101 N. De Anza Blvd. Cupertino, CA 95014 T 800.228.5651 / 408.257.1500 F 408.257.2003 www.trendmicro.com
More informationCisco s Appliance-based Content Security: IronPort and Web Security
Cisco s Appliance-based Content Security: IronPort E-mail and Web Security Hrvoje Dogan Consulting Systems Engineer, Security, Emerging Markets East 2010 Cisco and/or its affiliates. All rights reserved.
More informationSymantec Endpoint Protection Family Feature Comparison
Symantec Endpoint Protection Family Feature Comparison SEP SBE SEP Cloud SEP Cloud SEP 14.2 Device Protection Laptop, Laptop Laptop, Tablet Laptop Tablet & & Smartphone Smartphone Meter Per Device Per
More informationDeploying Lookout with IBM MaaS360
Lookout Mobile Endpoint Security Deploying Lookout with IBM MaaS360 February 2018 2 Copyright and disclaimer Copyright 2018, Lookout, Inc. and/or its affiliates. All rights reserved. Lookout, Inc., Lookout,
More informationValue of managing and running automated functional tests with Rational Quality Manager
Value of managing and running automated functional tests with Rational Quality Manager Shinoj Zacharias (Shinoj.zacharias@in.ibm.com) Senior Software Engineer, Technical Lead IBM Software Fariz Saracevic
More informationProduct Guide. McAfee Web Gateway Cloud Service
Product Guide McAfee Web Gateway Cloud Service COPYRIGHT Copyright 2017 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator, McAfee epo, McAfee
More informationHardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012
Hardening the Education IT Environment with NGFW Narongveth Yutithammanurak Business Development Manager 23 Feb 2012 Technology Trends Security Performance Bandwidth Efficiency Manageability Page 2 What
More informationBigFix 101- Server Pricing
BigFix 101- Server Pricing Licensing in a Nutshell BigFix is included with AIX Enterprise Edition (AIX EE). If you have AIX EE on a system, all the cores on that system are covered and any LPAR running
More informationOpen Mic Webcast: Troubleshooting freetime (busytime) issues in Lotus Notes
Open Mic Webcast: Troubleshooting freetime (busytime) issues in Lotus Notes February 28 th @ 11:00 AM EST (16:00 UTC, or GMT -5) Presenters & Panelists: Andrea Mitchell Terry Talton Bruce Kahn Open Mic
More informationCybersecurity. You have been breached; What Happens Next THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY
Cybersecurity THE CHALLENGE FOR THE FINANCIAL SERVICES INDUSTRY Gary Meshell World Wide Leader Financial Services Industry IBM Security March 21 2019 You have been breached; What Happens Next 2 IBM Security
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationForeScout Extended Module for Carbon Black
ForeScout Extended Module for Carbon Black Version 1.0 Table of Contents About the Carbon Black Integration... 4 Advanced Threat Detection with the IOC Scanner Plugin... 4 Use Cases... 5 Carbon Black Agent
More informationMcAfee Network Security Platform 9.1
9.1.7.15-9.1.5.9 Manager-NS-series Release Notes McAfee Network Security Platform 9.1 Revision A Contents About this release New features Enhancements Resolved issues Installation instructions Known issues
More informationIBM Security Identity Governance and Intelligence Clustering and High Availability
IBM Security Identity Governance and Intelligence Clustering and High Availability IBM SECURITY SUPPORT Luigi Lombardi: luigi.lombardi@it.ibm.com Gianluca Gargaro: g.gargaro@it.ibm.com Raffaele Sperandeo:
More informationThreat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES
Threat Intelligence to enhance Cyber Resiliency KEVIN ALBANO GLOBAL THREAT INTELLIGENCE LEAD IBM X-FORCE INCIDENT RESPONSE AND INTELLIGENCE SERVICES Agenda Welcome Threat Intelligence EcoSystem Cyber Resiliency
More informationHow to Configure ATP in the HTTP Proxy
Configure when and which types of files are uploaded to the Barracuda ATP Cloud for traffic passing through the HTTP proxy service. Users will receive downloaded files immediately. When files with a risk
More informationMobile Admin GETTING STARTED GUIDE. Version 8.2. Last Updated: Thursday, May 25, 2017
GETTING STARTED GUIDE Mobile Admin Version 8.2 Last Updated: Thursday, May 25, 2017 Retrieve the latest version from: https://support.solarwinds.com/success_center/mobile_admin/mobile_admin_documentation
More informationSecuring global enterprise with innovation
IBM Cybersecurity Securing global enterprise with innovation Shamla Naidoo VP, IBM Global CISO August 2018 Topics 01 02 03 Securing Large Complex Enterprise Accelerating With Artificial Intelligence And
More information20 years of Lotus Notes and a look into the next 20 years Lotusphere Comes To You
20 years of Lotus Notes and a look into the next 20 years Lotusphere Comes To You Kevin Cavanaugh, Vice President, Messaging and Collaboration Lotus Software and WebSphere Portal email@us.ibm.com Organizations
More informationTransparency report. Examining the AV-TEST January-February 2018 Results. Prepared by. Windows Defender Research team
Transparency report Examining the AV-TEST January-February 2018 Results Prepared by Windows Defender Research team 2018 Microsoft Corporation. All rights reserved. This document is provided "as-is." Information
More informationProduct Guide. McAfee Web Gateway Cloud Service
Product Guide McAfee Web Gateway Cloud Service COPYRIGHT Copyright 2017 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection, epolicy Orchestrator, McAfee epo, McAfee
More informationIBM Security Network Protection Solutions
Systems IBM Security Network Protection Solutions Pre-emptive protection to keep you Ahead of the Threat January 2015 Christian Schmidt Draware A/S www.draware.dk Tel: +45 45 76 2021 1 IBM Security Systems
More informationIBM MaaS360 with Watson Evaluator s Guide. Version 2.2
IBM MaaS360 with Watson Evaluator s Guide Version 2.2 Introduction Welcome to the IBM MaaS360 with Watson Evaluator s Guide. This document provides you with a self-guided, hands-on review of our leading
More informationIBM Social Rendering Templates for Digital Data Connector
IBM Social Rendering Templates for Digital Data Dr. Dieter Buehler Software Architect WebSphere Portal / IBM Web Content Manager Social Rendering Templates for DDC- Overview This package demonstrates how
More informationIBM Security QRadar Version Architecture and Deployment Guide IBM
IBM Security QRadar Version 7.3.1 Architecture and Deployment Guide IBM Note Before you use this information and the product that it supports, read the information in Notices on page 41. Product information
More informationHow to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis
White paper How to Identify Advanced Persistent, Targeted Malware Threats with Multidimensional Analysis AhnLab, Inc. Table of Contents Introduction... 1 Multidimensional Analysis... 1 Cloud-based Analysis...
More informationService Description. IBM Aspera Files. 1. Cloud Service. 1.1 IBM Aspera Files Personal Edition. 1.2 IBM Aspera Files Business Edition
Service Description IBM Aspera Files This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients of the Cloud Service.
More informationGETTING STARTED GUIDE. Mobile Admin. Version 8.2
GETTING STARTED GUIDE Mobile Admin Version 8.2 Last Updated: April 24, 2018 GETTING STARTED GUIDE: MOBILE ADMIN 2018 SolarWinds Worldwide, LLC. All rights reserved. This document may not be reproduced
More informationUTM Firewall Registration & Activation Manual DFL-260/ 860. Ver 1.00 Network Security Solution
UTM Firewall Registration & Activation Manual DFL-260/ 860 Ver 1.00 curitycu Network Security Solution http://security.dlink.com.tw 1.Introduction...02 2.Apply for a D-Link Membership...03 3.D-Link NetDefend
More information