HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

Similar documents
Software-Defined Secure Networks. Sergei Gotchev April 2016

Beyond Firewalls: The Future Of Network Security

Juniper Sky Advanced Threat Prevention

Cyber Defense Maturity Scorecard DEFINING CYBERSECURITY MATURITY ACROSS KEY DOMAINS

Build a Software-Defined Network to Defend your Business

Securing Digital Transformation

The threat landscape is constantly

AT&T Endpoint Security

ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

align security instill confidence

CROWDSTRIKE FALCON FOR THE PUBLIC SECTOR

Future Challenges and Changes in Industrial Cybersecurity. Sid Snitkin VP Cybersecurity Services ARC Advisory Group

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

AKAMAI CLOUD SECURITY SOLUTIONS

Cisco Start. IT solutions designed to propel your business

RiskSense Attack Surface Validation for IoT Systems

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

IBM Security Systems. IBM X-Force 2012 & CISO Survey. Cyber Security Threat Landscape IBM Corporation IBM Corporation

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

NEXT GENERATION SECURITY OPERATIONS CENTER

Rethinking Security: The Need For A Security Delivery Platform

Defending Against Unkown Automation is the Key. Rajesh Kumar Juniper Networks

Cisco Connected Factory Accelerator Bundles

Transforming Security from Defense in Depth to Comprehensive Security Assurance

Cyber Threat Intelligence: Integrating the Intelligence Cycle. Elias Fox and Michael Norkus, Cyber Threat Intelligence Analysts January 2017

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Preparing your network for the next wave of innovation

A Unified Threat Defense: The Need for Security Convergence

Traditional Security Solutions Have Reached Their Limit

OUTSMART ADVANCED CYBER ATTACKS WITH AN INTELLIGENCE-DRIVEN SECURITY OPERATIONS CENTER

RSA INCIDENT RESPONSE SERVICES

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

Security by Default: Enabling Transformation Through Cyber Resilience

Evolving the Security Strategy for Growth. Eric Schlesinger Global Director and CISO Polaris Alpha

RSA NetWitness Suite Respond in Minutes, Not Months

Software-Defined Secure Networks in Action

PALANTIR CYBERMESH INTRODUCTION

Reducing the Cost of Incident Response

WHITE PAPER. Operationalizing Threat Intelligence Data: The Problems of Relevance and Scale

Managed Enterprise Phishing Protection. Comprehensive protection delivered 24/7 by anti-phishing experts

CYBER RESILIENCE & INCIDENT RESPONSE

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

CYBER SOLUTIONS & THREAT INTELLIGENCE

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Managed Endpoint Defense

THE ACCENTURE CYBER DEFENSE SOLUTION

Borderless security engineered for your elastic hybrid cloud. Kaspersky Hybrid Cloud Security. #truecybersecurity

CYBER ATTACKS DON T DISCRIMINATE. Michael Purcell, Systems Engineer Manager

SOLUTION BRIEF ASSESSING DECEPTION TECHNOLOGY FOR A PROACTIVE DEFENSE

DDoS MITIGATION BEST PRACTICES

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

RSA INCIDENT RESPONSE SERVICES

CSP 2017 Network Virtualisation and Security Scott McKinnon

Software-Define Secure Networks The Future of Network Security for Digital Learning

ARC VIEW. Critical Industries Need Continuous ICS Security Monitoring. Keywords. Summary. By Sid Snitkin

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Designing an Adaptive Defense Security Architecture. George Chiorescu FireEye

with Advanced Protection

Mitigating Branch Office Risks with SD-WAN

Next Generation Privilege Identity Management

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

The Oracle Trust Fabric Securing the Cloud Journey

Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS

WHITEPAPER ATTIVO NETWORKS DECEPTION TECHNOLOGY FOR MERGERS AND ACQUISITIONS

Cyber Threat Intelligence Debbie Janeczek May 24, 2017

BUILDING AND MAINTAINING SOC

8 Must Have. Features for Risk-Based Vulnerability Management and More

Securing Your Microsoft Azure Virtual Networks

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Building a Software-Defined Secure Network for Healthcare

An Investment Checklist

Microsoft 365 Security & Compliance For Small- and Mid-Sized Businesses

Automated Threat Management - in Real Time. Vectra Networks

BUILDING A NEXT-GENERATION FIREWALL

Security inside out. The top seven reasons to optimize your network security model with a security delivery platform. See what matters.

Securing Your Amazon Web Services Virtual Networks

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

How Vectra Cognito enables the implementation of an adaptive security architecture

Rethinking Security CLOUDSEC2016. Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

MITIGATE CYBER ATTACK RISK

SECURE SYSTEMS, NETWORKS AND DEVICES SAFEGUARDING CRITICAL INFRASTRUCTURE OPERATIONS

Comprehensive datacenter protection

SOLUTION BRIEF RSA ARCHER IT & SECURITY RISK MANAGEMENT

Converged security. Gerben Verstraete, CTO, HP Software Services Colin Henderson, Managing Principal, Enterprise Security Products

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

Course Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture

Presented by Ingrid Fredeen and Pamela Passman. Copyright 2017NAVEXGlobal,Inc. AllRightsReserved. Page 0

Strategies for a Successful Security and Digital Transformation

RSA RISK FRAMEWORKS MAKING DIGITAL RISK MANAGEABLE

Advanced Endpoint Protection

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Security Everywhere Within Juniper Networks Mobile Cloud Architecture. Mobile World Congress 2017

Security in India: Enabling a New Connected Era

White Paper. View cyber and mission-critical data in one dashboard

Why Most IoT Projects Fail And how to ensure success with OSIsoft and Cisco Kinetic

Transcription:

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS Danielle M. Zeedick, Ed.D., CISM, CBCP Juniper Networks August 2016

Today s Objectives Goal Objectives To understand how holistic network protection works via foundational concepts and examples. Attendees will learn how holistic network protection 1. Leverages the entire network to deliver security and is comprised using a bottom-up and top-down approach. 2. Utilizes the entire network infrastructure including all network elements to assist in threat intelligence and detection. 3. Employs cloud-based threat defenses, which includes intelligence feeds from all sources and also includes cloud-based, scalable malware detection. 4. Contains elements of a centralized, dynamic policy engine and controller that addresses all network components.

THREAT TREND LANDSCAPE

Threats from Everywhere: Our Adversaries and Techniques Stopping outside and inside threats needs a new norm: A zero-trust security posture. Increasing sophistication with low cost equipment Increasing variability mobile devices, simple code Insider threat: planted or human Capturing data in transit: exfiltration of data-in-motion not just data-at-rest

What Leaders Need to Know Some ideas... Security breaches are when not if events Cloud economics can decrease costs Cloud and cybersecurity must use a riskmanagement focused cybersecurity framework and maturity model Perimeter hardening is no longer enough Data-at-rest and data-in-motion need in-line and end-to-end encryption Practice resilience scenarios (red/blue team exercises)

What Leaders Need to Know More ideas... How do we ensure personnel training on security awareness from password strength to physical security to data movement? How are anomalous signatures detected and stopped? The Defender s Dilemma (RAND research report) Survey of CISOs Efficacy of Security Systems (countermeasures, attackers, defenders) Improving software Heuristic Cybersecurity model Lesson for Organizations and Public Policy http://www.rand.org/pubs/research_reports/rr1024.html

TODAY S APPROACH TO CND

Security Trends Today Computer Network Defense (CND) landscape has changed. Multiple types of nodes within the architecture = highly fluid, dynamic, and unpredictable threats from multiple sources Risk management framework (RMF) including mitigation/isolation could help Metrics of success: total number of attacks stopped vs reduction of risk using a risk framework Attackers are always gaining, attempting to stay ahead, becoming more sophisticated,

Most network security strategies focus on security at the perimeter only outside in. Is securing the perimeter really enough? Inline Intrusion Prevention Inline Anti-Malware Unified Threat Management Application Security Current look at the enterprise perimeter security model Security layered on top of network (hard shell) Trust model: trust what s inside the network; trust that it is secure; Visibility to the outside relies mostly on perimeter firewalls Constant threats require adaptability (reactive defense); unknown signatures could go undetected Data Loss Prevention

Emerging Challenge: The Internet of Things (IoT) Multiple kinds of nodes besides our standard switches, firewalls, routers, servers, clients, etc. AFCEA IoT Summit: Battlefield IoT now focuses on enterprise versus tactical with many nodes Battlefield network includes logistics, sensor nets, vehicles, networked munitions, robots/drones Metrics of success: total number of attacks stopped vs reduction of risk using a risk framework Attackers are always gaining, attempting to stay ahead, becoming more sophisticated, More bandwidth needed as adversarial environment is cyber, kinetic, and jamming RF and humans are vulnerable to deception

A Change in Mindset Start talking about Secure Networks, not Network Security Realize threats are everywhere: inside the network, outside, and evolving from worldwide threats Recognize perimeter security isn t enough: use risk management frameworks and risk mitigation policy Engage in proactive and not reactive detection and enforcement should be enabled anywhere and be dynamic Acknowledge security is everyone s problem horizontal and vertical personnel security awareness is paramount

COMPONENTS

Characteristics of Holistic Network Protection Availability Agile, flexible, dynamic, adaptable policy Integrity Separation from the current landscape All components protected Security Layered protection Heuristic security

Holistic Network Protection People Awareness (training key to entire workforce) Sufficient expertise Transmission Storage Transfer Data Applications Customized, mission-specific COTS, GOTS Infrastructure Virtual clients, all components, not just perimeter Operating Systems

Holistic Network Protection Includes Software Defined Network (SDN) Concepts SDN has been an emerging technology in the last five years The basis of SDN is virtualization: software running separately from underlying hardware Umbrella term encompassing several kinds of network technology aimed at making the network as agile and flexible in hybrid virtualized and nonvirtualized environments As the cloud becomes more prevalent for threat intelligence, network adaptability is key to detect, prevent, and counter potential threats

HIGH-LEVEL ARCHITECTURE EXAMPLES

Industry Examples Rings-Around-Things Software Defined Secure Networks (SDSN) Security Frameworks and Blueprints

AT&T s Concept Perimeter security gives way to Rings Around Things (RAT) Response to the Internet of Things (IoT) and Bring Your Own Device (BYOD) One size does not fit all Segment and isolate intrusion and avoid total network infiltration Short film and full 31-minute presentation available at https://www.youtube.com/watch?v=bmvvjzxw7ge and https://www.youtube.com/watch?annotation_id=annotation_1152569841&feature=iv&src_vid=bmvvjzxw7ge&v=gxfbpqh6nro

Software Defined Secure Network Operating the network as single enforcement domain, every element becomes a policy enforcement point Policy Create and centrally manage intent-based policy directly aligned to business objectives Detection Gather & distribute threat intelligence, from multiple sources know who the bad guys are faster Leverage cloud economics for real time analysis find the bad guys faster Enforcement Enforce policy to the threat feed information, real time across the network adapt the network real-time

Software Defined Secure Network Policy, Detection and Enforcement Cloud-based Threat Defense Detection Enforcement Threat Intelligence Your Enterprise Network Detection Enforcement Dynamic and Adaptive Policy Engine Policy Adjusting the Bottom-Up and Top-Down Approaches Leverage entire network and ecosystem for threat intelligence, identification, and detection Utilize any point of the network as a point of enforcement (inside or perimeter) Dynamically execute policy across all network elements

Where to Start Modernize the Perimeter Cloud Security Upgrade the network perimeter for adaptability Threat Intelligence Engine/Detection Physical Firewall Advanced Threat Prevention Virtual Firewall Next Generation Firewall is Current Generation Firewall simplify and remove niche security appliances Utilize Cloud Economics for Instant Intelligence that Leads to More Effective Detection Your Enterprise Network

The Right Policy for the Right Job Software Defined Secure Network (SDSN) Policy Engine + Controller Entry point: networked light bulb Kill illegitimate tunnel Different threat levels need different policies Breached lightbulb: quarantine and create new policy for correct behavior Compromised core switch? The right policy for the right level of threat Or Example 1 Example 2

Converse With Your Network Cloud Security Secure Threat Intelligence Advanced Threat Prevention Security Policy Dissemination Mgmt/UI: Policy, App Visibility, Threat Map, Events Network Elements Security Policy Controller Your Enterprise Network Deploy a policy engine that communicates with the network Analytics Capability Based on Network Data Customizable UI Provides Data Correlation Utilize All Network Elements as Detection & Enforcement Points Future: Intent Based Policy Engine to Communicate Across Any Network Element

Everything on Your Network can be a Potential Threat Entry-point Normal and Abnormal Behavior Normal operation: call home beacons, energy utilization Abnormal behavior recognition: bursting traffic, abnormal high data download rate, slow data exfiltration, entry through different access points Is this normal? How to mitigate threat traversing the enterprise?

IBM s Approach: Framework & Blueprint toward Security Maturity Using the IBM Security Framework / IBM Security Blueprint to Realize Business-Driven Security

IBM Security Blueprint Expands on the business-oriented view of the IBM Security Framework and maps the domains to a core set of security components

How are these holistic examples? Rings-Around-Things Looking beyond the perimeter to stop threats from infiltrating other network segments and data stores Software Defined Secure Networks (SD-SN) Disaggregates software from hardware, enabling better agility for both security deployment and enforcement Security Frameworks and Blueprints Combining a business-risk-focused framework with a technical security blueprint to achieve security maturity

CONCLUDING THOUGHTS

Closing in on a Security Vision From Network Security to Secure Networks Building blocks for tomorrow s Software Defined Secure Networks Simplified Policy and Management across all network elements Adaptable Security Solution based on real time threat intelligence information Detection and Enforcement utilizing the entire network to protect you 360-approach for holistic network protection engaging strategies at the personnel, data, devices, applications, and infrastructure levels.

Thank You dzeedick @ juniper.net

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback