Mark Webb-Johnson CTO, Network Box Corporation Ltd. January

Similar documents
On page 4, we highlight the features and fixes to be released in this month s patch Tuesday for Network Box 5.

On page 4, we highlight the features and fixes to be released in this month s patch Tuesday for Network Box 5.

Mark Webb-Johnson CTO, Network Box Corporation Ltd. November

App Gateway Deployment Guide

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

OUR SECURITY DELIVERED YOUR WAY

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

BULLETPROOF365 SECURING YOUR IT. Bulletproof365.com

Cato Networks. Network Security as a Service

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Security: Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration

Reaping the Full Benefits of a Hybrid Network

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

Integrated DHCP, DNS & IP Address Management

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

Network. Arcstar Universal One

Global IP Network (GIN) Connects You to the World

Cato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.

Popular SIEM vs aisiem

Five Tips to Mastering Enterprise Mobility

Seceon s Open Threat Management software

Microsoft Azure Course Content

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Asset Bank - Shared Hosting. Service Description

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

SOLUTION BRIEF Enterprise WAN Agility, Simplicity and Performance with Software-Defined WAN

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

SANS Top 20 CIS. Critical Security Control Solution Brief Version 6. SANS Top 20 CIS. EventTracker 8815 Centre Park Drive, Columbia MD 21045

NETWORK AND SD-VPN. Meshing legacy and Cloud Service Providers

Automated Threat Management - in Real Time. Vectra Networks

Rethinking Security: The Need For A Security Delivery Platform

IZO MANAGED CLOUD FOR AZURE

Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002

10 FOCUS AREAS FOR BREACH PREVENTION

Docker Universal Control Plane Deploy and Manage On-Premises, Your Dockerized Distributed Applications

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

VMworld disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no

NEXT GENERATION SECURITY OPERATIONS CENTER

Security

1 The intersection of IAM and the cloud

VMWARE HORIZON CLOUD WITH VMWARE IDENTITY MANAGER QUICK START GUIDE WHITE PAPER MARCH 2018

[MS10992]: Integrating On-Premises Core Infrastructure with Microsoft Azure

Exam C Foundations of IBM Cloud Reference Architecture V5

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

TECHNOLOGY Introduction The Difference Protection at the End Points Security made Simple

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

National Cyber Security Operations Center (N-CSOC) Stakeholders' Conference

One Hospital s Cybersecurity Journey

Qualys Cloud Platform

Designing Windows Server 2008 Network and Applications Infrastructure

Risk Intelligence. Quick Start Guide - Data Breach Risk

Cisco Firepower NGFW. Anticipate, block, and respond to threats

ARCHITECTURAL OVERVIEW REVISED 6 NOVEMBER 2018

Simplify Your Network Security with All-In-One Unified Threat Management

NTT Com Press Conference March 1, 2016 #enterprisecloud

CLOUD-BASED DDOS PROTECTION FOR HOSTING PROVIDERS

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

ENTERPRISE SECURITY MANAGEMENT. Frederick Verduyckt 20 September 2012

SECURITY REDEFINED. Managing risk and securing the business in the age of the third platform. Copyright 2014 EMC Corporation. All rights reserved.

All-in one security for large and medium-sized businesses.

AKAMAI CLOUD SECURITY SOLUTIONS

Total Threat Protection. Whitepaper

Implementing Microsoft Azure Infrastructure Solutions

Building Resilience in a Digital Enterprise

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Exam : Implementing Microsoft Azure Infrastructure Solutions

Security Information & Event Management (SIEM)

Compare Security Analytics Solutions

Defense in Depth Security in the Enterprise

Administering Your ArcGIS Enterprise Portal Bill Major Craig Cleveland

WHITEPAPER The Firewall Market

Industrial Cyber Security. ICS SHIELD Top-down security for multi-vendor OT assets

Introducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

Intervate takes home double honours at Microsoft Partner Network Awards 2015

HySecure Quick Start Guide. HySecure 5.0

20533B: Implementing Microsoft Azure Infrastructure Solutions

NETWORK DDOS PROTECTION STANDBY OR PERMANENT INFRASTRUCTURE PROTECTION VIA BGP ROUTING

Cloud Access Manager Overview

SONICWALL SECURITY HEALTH CHECK PSO 2017

Services solutions for Managed Service Providers (MSPs)

How NSFOCUS Protected the G20 Summit. Guy Rosefelt on the Strategy, Staff and Tools Needed to Ensure Cybersecurity

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. Ralf Kaltenbach, Regional Director RSA Germany

Cloud Operations for Oracle Cloud Machine ORACLE WHITE PAPER MARCH 2017

VMWARE HORIZON CLOUD SERVICE HOSTED INFRASTRUCTURE ONBOARDING SERVICE SILVER

Making Enterprise Branches Agile and Efficient with Software-defined WAN (SD-WAN)

Kaspersky Managed Service Providers Program

SONICWALL SECURITY HEALTH CHECK SERVICE

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Welcome to the. Migrating SQL Server Databases to Azure

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions

MyCloud Computing Business computing in the cloud, ready to go in minutes

Cyber Security Technologies

Transcription:

In the Boxing Ring JAN 2019 Technical News from Mark Webb-Johnson Chief Technology Officer, Welcome to the January 2019 edition of In the Boxing Ring This month, on pages 2 to 3, we look at Managed Security Services in 2019 and Beyond. We are moving to an architecture where it does not matter where the device is located, whether it is physical or virtual, whether it is an individual device or a multi-tenanted cloud service, or even the manufacture of the device. Our aim is to seamlessly correlate event logs and security intelligence on a global basis; moving from single device events, to focus on incidents with global search capability. On page 4, we highlight the features and fixes to be released in this month s patch Tuesday for 5. Stay Connected You can contact us here at HQ by email: nbhq@network-box.com, or drop by our office next time you are in town. You can also keep in touch with us by several social networks: In other news, is proud to announce that the company won the Gold Award, at the Best Enterprise Risk Management (ERM) Awards 2018. In addition, Network Box Germany participated in IT-Sicherheitstag NRW, organized by the Chambers of Commerce and Industry of North Rhine-Westphalia. Furthermore, was interviewed by the SCMP regarding current cyber threat issues. And finally, the 2018 edition of Year in Focus is now available for download. Mark Webb-Johnson CTO, Corporation Ltd. January 2019 https://twitter.com/networkbox https://www.facebook.com/networkbox https://www.facebook.com/networkboxresponse https://www.linkedin.com/company/ network-box-corporation-limited/ https://plus.google.com/u/0/ 107446804085109324633 In this month s issue: Page 2 to 3 Managed Security Services in 2019 and Beyond We are moving to an architecture where it does not matter where the device is located, whether it is physical or virtual, whether it is an individual device or a multi-tenanted cloud service, or even the manufacture of the device. Our aim is to seamlessly correlate event logs and security intelligence on a global basis; moving from single device events, to focus on incidents with global search capability. Page 4 5 Features The features and fixes to be released in this month s patch Tuesday for 5. Page 5 Highlights: Best Enterprise Risk Management (ERM) Awards 2018 Gold Award Germany IT-Sicherheitstag NRW Media Coverage South China Morning Post Year in Focus 2018 LINK: https://bit.ly/2f24mua In the Boxing Ring January 2019 In this month s issue of In the Boxing Ring 01

Security Services in 2019 and Beyond As we start the new year, it seems an appropriate time to look at the architecture for security services in 2019 and beyond. We ll be looking at two areas: customer premises (either physical or virtual), and the Services cloud. Customer Premises Customer premises can be either physical locations (offices, data centres, homes, etc), or virtual environments (such as local vmware clouds, or public clouds like Amazon, or Azure). Inside these premises are the protected assets - the devices and computers holding the data to be protected. Mobile devices introduce another layer of complexity to data protection. In general, recommends that mobile devices outside the customer premises be always protected, using VPN and proxy technology coupled with strong policy control. Unprotected mobile devices should be treated in the same way as visitors to your network - with extreme caution and care. A device can only protect traffic that passes through it, and that has traditionally meant protection was placed at the gateway to the Internet (where visibility of the malicious traffic, and threat, was the greatest). However, with the proliferation of network links (such as VOIP, MPLS, VPNs, etc), we are seeing increasing demand for devices to be placed inside the customer network to fulfill IDS or IPS roles. We are also deploying systems internally as firewall and IPS devices; performing a network segmentation role. Whether the device is a physical or virtual appliance, deployed at the perimeter or inside the network, is irrelevant to us; it is merely the Service Delivery Platform - the means by which we deliver our protection services. Then we have the customer devices producing event information; routers, switches, servers, high value workstations, and other (not ) security appliances. Starting in 2019, our SIEM+ product can take event logs from these devices, and securely upload them to the cloud for event correlation, searching, and archiving. In the Boxing Ring January 2019 Security Services in 2019 and Beyond 02

Global Security Intel CLOUD SERVICES Big Data Store Machine Learning SOCs On-premises Gateway PERIMETER PROTECTION INTERNAL PROTECTION Signatures Configs Secured Tunnel Logs & Events SIEM+ Customer Devices (not ) Switches Routers Servers High-value Workstations Mail DNS Reputation etc Signatures Cloud Customer Premises Virtual Gateway IN-CLOUD PROTECTION PROTECTED ASSETS Services Cloud Since its launch, has provided security services based on regional SOCs managing appliances installed in customer premises. We have provided remote configuration synchronization, patented signature PUSH, global monitoring, and support services. Still today, the vast majority of our customers protected data is in customer premises (either physical or virtual), and appliances placed within those premises provides the best possible protection. However, we recognize that an increasing amount of data is being moved into public clouds. In recent years, we have extended our support to provide a number of cloud services (such as cloud mail backup, cloud DNS backup, and cloud reputation). We will continue to extend the cloud services we offer, as well as provide tight integration with other cloud service provider partners. Our role is to protect the data, no matter where it is stored or what networks it transits through; and the services we provide will continue to be designed to meet the demands of that role. Over the past years, has invested heavily in the development of a multi-tenanted cloud framework to serve as the backbone for our future. Existing cloud services are being migrated into this new framework, and new services developed. This new framework is based on cloud level big data storage, horizontally scalable to billions of correlated indexed event records. Only by leveraging such cloud storage technology can we address the issues of correlating not just one customer s individual events, but across all es and all other security devices that each customer has. We can also scale up to further correlate events across customer industries, and even globally. In the Boxing Ring January 2019 The potential of such technology to solve today s security issues is impressive. Given a particular threat indicator, we can instantly know not just the history on one particular device, but can now correlate that threat across all devices belonging to that customer, comparing against other customers in the same industry, as well as globally. Using both machine learning and human security engineers in our Security Operation Centres, we are tackling the task of identifying the needle of security incidents inside the haystack that is millions of security events every second. As Box Office migrates to become a component of NBSIEM+, fulfilling the asset tracking and support ticketing functions, we are directly connecting managed 5 devices to this system to allow for: 1. Synchronization of configuration sections across clusters of es 2. Updating of configurations 3. Consolidated reporting A single authorized change made to a configuration in NBSIEM+ can instantly be replicated across a global cluster of devices. By consolidating our SOC support systems and tightly integrating the remote devices themselves to our cloud based systems, we are moving to an architecture where it does not matter where the device is located, whether it is physical or virtual, whether it is an individual device or a multi-tenanted cloud service, or even the manufacture of the device. Using NBSIEM+, our regional data centres, and our cloud infrastructure, we aim to seamlessly correlate event logs and security intelligence on a global basis; moving from single device events, to focus on incidents with global search capability. Security Services in 2019 and Beyond 03

On Tuesday, 8th January 2019, will release our patch Tuesday set of enhancements and fixes. The regional SOCs will be conducting the rollouts of the new functionality in a phased manner over the next 14 days. 5 Features January 2019 This month, for 5, these include: Enhancements to license status control Improvements to remote user authentication mechanisms for ldap, ntlm, and radius Improvements to local entity-based admin and user authentication Extended support for large report histories in admin portal Additional support for NBSIEM+ logging Enhanced support for NOC systems In most cases, the above changes should not impact running services or require a device restart. However, in some cases (depending on configuration), a device restart may be required. Your local SOC will contact you to arrange this if necessary. Should you need any further information on any of the above, please contact your local SOC. They will be arranging deployment and liaison. In the Boxing Ring January 2019 5 Features 04

wins Best Enterprise Risk Management Awards 2018 Germany IT-Sicherheitstag NRW is extremely proud to announce that the company won the Gold Award, at the Best Enterprise Risk Management (ERM) Awards 2018. This highly prestigious award is given by the Academy of Professional Certification (APC), to honour companies, NGOs, and organizations, in any industry, that demonstrate excellence and achievement in Enterprise Risk Management, leading to ISO, and best practice world class standards. Germany participated at the IT-Security Day NRW, organized by the Chambers of Commerce and Industry of North Rhine-Westphalia, which took place in the Wuppertal Historical Town Hall. Media Coverage Newsletter Staff Subscription Mark Webb-Johnson Corporation Editor nbhq@network-box.com or via mail at: Michael Gazeley Kevin Hla Production Support HQ USA Contributors Corporation 16th Floor, Metro Loft, 38 Kwai Hei Street, Kwai Chung, Hong Kong Tel: +852 2736-2083 Fax: +852 2736-2778 www.network-box.com Hong Kong police probe bomb-threat emails demanding US$20,000 in bitcoin LINK: https://bit.ly/2r2amcj LINK: https://bit.ly/2f2zqu4 Year in Focus 2018 2018 was another great year for. In addition to the many awards that the company won, was featured in numerous media outlets, and participated in various security events. For more details, please refer to the 2018 edition of the Year in Focus. LINK: https://bit.ly/2f24mua Copyright 2019 Corporation Ltd. In the Boxing Ring January 2019 HSBC tightens e-wallet app security after PayMe breach allowed access to 20 accounts holding HK$100,000 Highlights 05

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback