Next Generation Management

Similar documents
IP Address Pool in StoneGate SSL VPN

CA Security Management

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

INTELLIGENCE DRIVEN GRC FOR SECURITY

INSIDE. Integrated Security: Creating the Secure Enterprise. Symantec Enterprise Security

Next-Generation Availability and Scalability

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Mapping Your Requirements to the NIST Cybersecurity Framework. Industry Perspective

Reducing the Cost of Incident Response

SIEM: Five Requirements that Solve the Bigger Business Issues

NERC CIP VERSION 6 BACKGROUND COMPLIANCE HIGHLIGHTS

SIEM Solutions from McAfee

Xceedium Xio Framework: Securing Remote Out-of-band Access

AKAMAI CLOUD SECURITY SOLUTIONS

Cisco ISR G2 Management Overview

Security Platform. Security. Availability. Manageability. Scalability.

RSA Solution Brief. The RSA Solution for Cloud Security and Compliance

Snort: The World s Most Widely Deployed IPS Technology

THE SIX ESSENTIAL CAPABILITIES OF AN ANALYTICS-DRIVEN SIEM

Mitigating Branch Office Risks with SD-WAN

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

MODERNIZE INFRASTRUCTURE

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Data Retrieval Firm Boosts Productivity while Protecting Customer Data

in collaboration with

HP Fortify Software Security Center

Sustainable Security Operations

ALIENVAULT USM FOR AWS SOLUTION GUIDE

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Using Threat Analytics to Protect Privileged Access and Prevent Breaches

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

Comodo Certificate Manager

Resolving Security s Biggest Productivity Killer

TechValidate Survey Report: SaaS Application Trends and Challenges

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

Cisco Start. IT solutions designed to propel your business

FIREWALL CLEANUP RECOMMENDATIONS

One Release. One Architecture. One OS. High-Performance Networking for the Enterprise with JUNOS Software

CA Host-Based Intrusion Prevention System r8

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER

Benefits of SD-WAN to the Distributed Enterprise

A Practical Guide to Efficient Security Response

Crash course in Azure Active Directory

Privileged Account Security: A Balanced Approach to Securing Unix Environments

Cisco Wide Area Application Services and Cisco Nexus Family Switches: Enable the Intelligent Data Center

PALANTIR CYBERMESH INTRODUCTION

Clearing the Path to PCI DSS Version 2.0 Compliance

Symantec Security Monitoring Services

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

NEXT GENERATION SECURITY OPERATIONS CENTER

Demystifying GRC. Abstract

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Cisco Stealthwatch Endpoint License

How can we gain the insights and control we need to optimize the performance of applications running on our network?

Juniper Networks Adaptive Threat Management Solutions

eguide: Designing a Continuous Response Architecture 5 Steps to Reduce the Complexity of PCI Security Assessments

IBM Internet Security Systems Proventia Management SiteProtector

DDoS: STRATEGIES FOR DEALING WITH A GROWING THREAT

securing your network perimeter with SIEM

TRUE SECURITY-AS-A-SERVICE

The Top Five Reasons to Deploy Software-Defined Networks and Network Functions Virtualization

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

Reducing Operational Costs and Combating Ransomware with McAfee SIEM and Integrated Security

WHY SIEMS WITH ADVANCED NETWORK- TRAFFIC ANALYTICS IS A POWERFUL COMBINATION. A Novetta Cyber Analytics Brief

The 2017 State of Endpoint Security Risk

Managed Endpoint Defense

TRIPWIRE VIA PLATFORM PROTECTING YOUR DATA WITH INTEGRATED SECURITY CONTROLS

Admin Plus Pack Option. ExecView Web Console. Backup Exec Admin Console

McAfee epolicy Orchestrator

CYBERBIT P r o t e c t i n g a n e w D i m e n s i o n

RSA Solution Brief. Managing Risk Within Advanced Security Operations. RSA Solution Brief

Combatting advanced threats with endpoint security intelligence

Eight important criteria for selecting a managed security services provider

HOW TO HANDLE A RANSOM- DRIVEN DDOS ATTACK

Wireless and Network Security Integration Solution Overview

Table of Contents Table of Contents...2 Introduction...3 Mission of IT...3 Primary Service Delivery Objectives...3 Availability of Systems...

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

ITSM SERVICES. Delivering Technology Solutions With Passion

Vendor: Cisco. Exam Code: Exam Name: Cisco Sales Expert. Version: Demo

KEY FINDINGS INTERACTIVE GUIDE. Uncovering Hidden Threats within Encrypted Traffic

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

2013 InterWorks, Page 1

White paper: Agentless Backup is Not a Myth. Agentless Backup is Not a Myth

Cloud for Government: A Transformative Digital Tool to Better Serve Communities

Office 365 Buyers Guide: Best Practices for Securing Office 365

Five Essential Capabilities for Airtight Cloud Security

Cisco Security Manager 4.1: Integrated Security Management for Cisco Firewalls, IPS, and VPN Solutions

Security. Made Smarter.

RHM Presentation. Maas 360 Mobile device management

IBM Cloud Internet Services: Optimizing security to protect your web applications

Imperva Incapsula Survey: What DDoS Attacks Really Cost Businesses

SDN HAS ARRIVED, BUT NEEDS COMPLEMENTARY MANAGEMENT TOOLS

Controlling Costs and Driving Agility in the Datacenter

Tips for Effective Patch Management. A Wanstor Guide

Spotlight Report. Information Security. Presented by. Group Partner

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

THE STATE OF CLOUD & DATA PROTECTION 2018

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

Transcription:

Whitepaper Next Generation Management Managing Complexity Your Biggest Security Threat Whitepaper Next Generation Management 1

Table of Contents Executive Summary... 3-4 Making the Case for Next Generation Management... 5-6 Conclusion...7 StoneGate Next Generation Management: An Introduction... 8-11 Whitepaper Next Generation Management 2

Executive Summary The IT landscape within the enterprise is quickly changing. In just the last three years, many fundamental shifts have propelled enterprises into a new chapter of technology. The widespread adoption of virtualization has become a reality, and cloud computing is close behind. The new breed of mobile devices, like the iphone, are not just a means of communication in many cases, they are replacing PCs as the epicenter of business activity. While the changes and advancements are too numerous to list, the impact they have had on network security has been alarming. In short, the enterprise network has never been more challenging to secure than it is today. Nor has it been more complex. The sheer number of virus, worms, malware, ransomware and other external network threats is astounding. But, even more alarming are the number of internal threats many of which are generated not by disgruntled or malicious employees but by the complexity of the network security infrastructure that aims to prevent these attacks. The most obvious culprit of this issue is network device management. Today s network devices are cumbersome to administer, requiring administrators to use multiple management consoles or even to manually configure each device. In 2009, Gartner released a surprising statistic that addresses the challenges of growing network infrastructures and distributed networks. Approximately 99 percent of security breaches are caused by misconfigured devices.* As a result, its becoming increasingly important to improve network security management or risk costly consequences. The issue of network complexity boils down to the following challenges that exist in current network device management today: Human error Today s network devices must be manually configured through a variety of device management consoles. With dozens of network devices in the average enterprise network, this process has become polluted with human error and inefficiency, contributing to an increase in network security breaches. Lack of correlation Currently, it is difficult for network administrators to correlate a specific security incident to a specific device. While they may get an alert that an incident has occurred, they have to search and locate the device at which the incident resides wasting valuable time and resources. Whitepaper Next Generation Management 3 *Young, Pescatore, Greg, John (2008, August 12). Q&A: Is It More Secure to Use Firewalls from Two Different Vendors, G00146091, Inclusive -- 3. Retrieved August 12, 2008, from Gartner.

Increased time to remediation Because of the lack of event correlation and the ever-expanding number of devices on the network, the time it takes to resolve a security incident is growing. This is of major concern as threats can quickly proliferate throughout the network, not to mention the negative impact of having a down or disrupted network to a company s overall operations. Reactive versus proactive management The network security industry has long preached a proactive, process-focused approach. However, complexity within the network impairs an enterprise s ability to implement and smoothly execute critical security processes, such as routine policy updates. Inefficient, ineffective reporting and compliance Creating network-wide reports through multiple device reporting tools is both time-consuming and ineffective. For many enterprises, there is no easy way to get a detailed and comprehensive view of network performance. Furthermore, as network security has become a crucial part of many regulatory and industry standards, the inability to easily produce accurate reports stands to threaten compliance. Difficult to manage remote devices Today s enterprises are challenged to manage network devices in a single location; managing and configuring devices housed in remote locations (e.g. regional offices, partner locations) is nearly impossible without onsite support. Whitepaper Next Generation Management 4

Making the Case for Next Generation Management The thought of a widespread virus attack on the network is enough to scare even the sturdiest IT department. However, more and more enterprises are acknowledging what has been stated clearly above. An enterprise s biggest IT threat is network security management, with the sheer number and type of network devices that have to be managed posing a formidable challenge. The average enterprise network contains dozens of firewalls, intrusion prevention systems (IPS) and SSL VPNs. In most cases, this mix represents devices from multiple vendors. Now, let s factor in the increase in virtualization, and now cloud computing, at the enterprise level. Since these environments can t be adequately secured with traditional physical devices, virtual security devices must be implemented and maintained. Therefore, an enterprise can easily have 100+ physical and virtual devices from three or more vendors. And, herein lies the root of the problem. Traditionally, each device on the network has had to be configured and updated individually. This leaves ample room for human error, which blasts the door wide open to a multitude of network attacks. Security is obviously the main concern in this scenario, but the costs associated with this traditional or first generation management approach are not to be underestimated. In the 100-device scenario above, multiple full-time network administrators would be required to simply keep the devices up and running. Moreover, given the likelihood of a security breach due to device misconfiguration, this enterprise would likely experience network downtime, even data theft, that could cost hundreds of thousands (or millions) of dollars. Another byproduct of first generation network management is the inability to resolve network security incidents expediently. Without a centralized and detailed view of network device activity, it is hard to determine the origins of threats and resolve the incident quickly. What enterprises need is a single, centralized way to manage every network device, physical or virtual regardless of vendor. This approach is a radical departure from the status quo and presents tremendous improvements in security, as well as significant reductions in network costs and resources. Whitepaper Next Generation Management 5

For too long, traditional device management has been one of the root causes of network complexity. As the average network has multiple devices from multiple vendors, each device has to be configured and monitored with disparate consoles, which has an exponentially negative impact on the network. As described above, the use of separate device consoles promotes a labor-intensive manual approach to network management that is prone to widespread human error and slow threat mitigation. It is also important to note that this first generation approach to device management has caused the total cost of ownership (TCO) for network infrastructure to skyrocket over the years. Even when every device is up and running and properly configured, which is rarely the case in today s expansive enterprise networks, infrastructures are still vastly more expensive to run than ever before. This is because many vendors employ a bolt-on product marketing strategy, which requires enterprises to make separate solution or module purchases for log management, reporting, load balancing and other functionality. Each additional solution has to be managed, maintained and configured separately, which requires substantial time and effort from today s already overburdened IT departments. The solution is a centralized, built-in approach to network device management. With this approach, and the technology to support it, enterprises can manage and monitor all devices from a single management console including third-party and virtual devices. For instance, using centralized management, an enterprise can address configuration using a create once, deploy everywhere functionality within the console. In other words, the network or IT administrator can create a rule or configuration once, then roll it out to every device on the network. Additionally, the console can facilitate automatic blacklisting of suspicious or malicious IP addresses so that every device on the network is guarded against potential threats originating from that sender or location. Most importantly, enterprises can finally respond to threats in real time, as the management console enables administrators to immediately see a threat as it emerges on the network, identify its location and the affected device, and configure the device accordingly. Whitepaper Next Generation Management 6

Conclusion The complexity of network security infrastructure has long been ignored as the primary issue threatening enterprise networks. As the IT landscape continues to evolve and the number of network devices continues to grow, enterprises must preempt this threat by changing the way they manage their networks. A device agnostic, centralized approach to network security management is the critical first step in eliminating network complexity. The StoneGate Management Center makes this step simple for today s enterprises by giving them the ability to quickly and easily identify and resolve threats regardless of the kind of device. About Stonesoft Stonesoft Corporation (NASDAQ OMX: SFT1V) delivers proven, innovative solutions that simplify network security management for even the most complex network environments. The StoneGate Platform unifies management of entire networks including StoneGate and third-party devices blending integrated threat management, end-to-end high availability and network optimization into a centrally controlled system. As a result, Stonesoft provides the highest levels of proactive control, always-on connectivity and compliance at the lowest total cost of ownership (TCO) on the market today. Founded in 1990, the company is an established leader in network security innovation with corporate headquarters in Helsinki, Finland and Americas headquarters in Atlanta, Georgia. For more information, visit www.stonesoft.com and http://stoneblog.stonesoft.com. Whitepaper Next Generation Management 7

StoneGate Next Generation Management: An Introduction Stonesoft has long advocated a centralized approach to network management through its StoneGate Management Center which manages the entire StoneGate Platform including the StoneGate NextGen Firewall, IPS and SSL VPN devices. In 2009, Stonesoft became the first network security vendor to offer third-party event management capabilities, which effectively ushered in a next generation of network security management. Unlike other network security solutions, the StoneGate Management Center enables real-time monitoring, alerting, troubleshooting, managing and reporting from a single management console and central repository. This gives administrators proactive control of their entire network physical, virtual and now third-party devices. As a result, fewer resources are needed to manage network devices, incident resolution times are faster and fewer security breaches occur. With this trifecta of network savings, Stonesoft is delivering the lowest TCO on the market today. Figure 1: The StoneGate Management Center enables real-time monitoring, alerting, troubleshooting, managing and reporting from a single management console and central repository. Whitepaper Next Generation Management 8

Key features of the StoneGate Management Center include: One-step Management: The StoneGate Management Center allows enterprises to proactively manage hundreds of devices as easily as one from a single console from simple device updates to immediately responding to security threats. Security policies and rules can be defined once and automatically updated to all devices, thereby eliminating costly misconfiguration errors and significantly decreasing threat response times. Central Repository: Built upon a common element database, the StoneGate Management Center enables create once, deploy everywhere configurations since all components are shared within a central repository. Rules can be created once in the StoneGate Management Center, then deployed across all devices on the network. Figure 2 : The StoneGate Management Center has a built-in central repository. Common elements such as server, application and network groups created for use in firewall policy can be re-used in all other configurations, such as IPS, alert policies, filters and reports. This results in easy component reuse, less administration and fewer human errors. The central repository stores all configuration information for fast recovery, provides customizable role-based access for multiple administrators, and enables the creation of end-customer domains for managing different customer environments with a single management server. Whitepaper Next Generation Management 9

Third-party Event Management: As mentioned above, the StoneGate Management Center provides the first platform for proactive network security management of entire networks, including physical and virtual environments, as well as third-party devices. This gives enterprises access to real-time device monitoring, logging and reporting of the switches, routers and security appliances from different vendors across their networks. As a result, administrators can significantly streamline troubleshooting and incident management time. Figure 3 : The StoneGate Management Center provides the first platform for proactive network security management of entire networks, including physical and virtual environments, as well as third-party devices. For instance, from the global monitoring view you can drill down to a more detailed view of one of the sites and the third-party devices at that site. Accelerated Incident Management: The StoneGate Management Center delivers a common, correlated view of physical and virtual networks, as well as third-party events. In addition to being able to quickly spot threats, events and incidents across the network, the StoneGate Management Center features a powerful data mining engine that significantly reduces the time for troubleshooting, incident investigation and resolution. In addition, administrators can capture historical incident records to manage network security more proactively. Whitepaper Next Generation Management 10

Real-time Monitoring & Alerting: Where other systems offer only a crude snapshot of events, the StoneGate Management Center provides the most comprehensive real-time dashboards of network activity available on the market today. Using easyto-interpret graphical views, geographic pinpointing of IP addresses, customized alert policies and drill-down and filtering capabilities, network administrators can quickly address anomalies and attacks. In addition, a Web portal gives administrators and MSSPs end customers the ability to monitor network security anytime, anywhere and with any device. Interactive Reporting & Compliance: The StoneGate Management Center features easy-to-use, customizable graphical report templates, automated report generation and distribution, comparative analysis of security policies, as well as system auditing and audit trails to significantly streamline the entire process of ensuring regulatory compliance. Rule-base Optimization: The StoneGate Management Center features built-in rule optimization and validation tools that make it easier to manage and administer rules than ever before. Network administrators can organize security policies with templates, sub-rule bases and aliases, thereby minimizing human errors and eliminating unused and/or redundant rules. They can also create rules directly from logs for faster incident management. Whitepaper Next Generation Management 11

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback