Moshe Elias, Product Marketing, Allot Network Intelligence to See, Control & Secure IT
The Digital World is Evolving Internet has become a way of life Commoditization of IT Connected everything Services available anytime, anywhere IT consumption models are changing Cloud-based services Mobility BYOD & Shadow IT The impact Increased complexity IT lack of visibility and control Security is a growing concern 2
Enterprise IT Challenges CLOUD BASED ENTERPRISE APPLICATIONS ON THE RISE SHADOW IT & BYOD Productivity & Business apps: Office 365, Lync Salesforce etc. Challenges: Ensuring QoE, cost, troubleshooting hybrid environment Non-governed devices; Unsanctioned applications Challenges: corporate data leakage, backdoors, recreational traffic NETWORK COMPLEXITY GROWTH ENTERPRISE SECURITY THREATS ON THE RISE Branches, hybrid networks, many-to-many application interactions, unmanaged user apps, IoT Challenges: Cost, network efficiency, productivity, troubleshooting Web threats: phishing, malware ransomware, DDOS threats Challenges: financial loss, reputation damage 3
The approach See. Control. Secure. Application, User & Network Analytics Application & User Performance Optimization Network & User Security QoE scoring, trend analysis, real time & historical reporting Simple Even for Complex Environments Web Security, Anti-Bot, Anti-Malware and DDoS protection 4
Risky Applications Threats and Challenges Platform for illegal activities Exploited for Cyber Security Attacks Bypass Corporate Policy Obfuscated and Encrypted - detection not trivial Examples of Risky Applications Anonymizers Definition - Proxy and Encryption servers that permit a user to surf the Internet anonymously. Peer-to-Peer Definition - Virtual computer networks in which each computer can act as a server for the others, allowing shared access to files and peripherals 5
6 video
About Worldwide Flight Services A leading providers of ground handling services for airlines and airports Serve more than 300 airlines and 195 airports on five continents. Assisting airlines and airports in growing their business based on the quality and reliability of WFS services 7
World Flight Services - Challenges Find out why the network is congested and fix it Improve overall QoE without adding more bandwidth capacity: Remote sites Business-critical applications Improve their security posture 8
World Flight Services What they saw Not a business app Business apps 9
WFS Quality of Experience Dashboard 10
WFS What they saw, testimonial WHEN WE LOOKED AT OUR NETWORK TRAFFIC THROUGH ALLOT S VISIBILITY DASHBOARDS, IT WAS EYE-OPENING, Said Toufik Ouanaïm, IT France manager and David le Clei, network architecture at WFS. FOR THE FIRST TIME EVER, WE GOT A TRULY ACCURATE VIEW OF APPLICATION AND USER BEHAVIOR ON OUR LAN, WAN AND INTERNET LINKS, 11
WFS Aligning network performance to business priorities Traffic Management & Acceptable Use Policy WAN Access (Priority 1) Internet Access (Priority 2) CDG (5Mbps, MIN) ORLY (10Mbps, MIN) TLS (2Mbps, MIN) Streaming (Blocked) Browsing Web, Email CARGOSPOT Web (Priority 4) Email CARGOSPOT Web, Email VoIP Adult (Redirect) Facebook (Block) 12
World Flight Services - Benefits At Lower TCO Opex Savings Capex Savings Business App QoE Assurance DDOS Protection Web Filtering Anti-Bot & Anti-Malware Network Analytics Secure Service Gateway Allot Application Control Alternative 13
Extend Infrastructure Capacity with Congestion Management CHALLENGE VOO Belgium CABLE OPERATOR VOO is the leading provider of broadband cable services in Belgium. The company has been one of the fastest growing service providers in Europe, currently serving 0.4 million subscribers. Discover the source of persistent network congestion and reduce it without frequent investment in additional infrastructure. SOLUTION Deploy Allot Service Gateway Tera with CMTS-aware traffic visibility to identify and automatically alleviate access congestion; and with DDoS Mitigation to detect and surgically block flooding attacks. By BENEFITS keeping DDoS traffic off the network and managing Reduce CMTS infrastructure congestion capex/opex precisely where it occurs, we have been Assure able to service delay uptime infrastructure expansion by 2 Consistent years and to QoE save millions. Enhance customer satisfaction Name of person Title of person By keeping DDoS traffic off the network and managing CMTS congestion precisely where it occurs, we have been able to delay infrastructure expansion by 2 years and to save millions. Tamara Leemans, VOO CTO 14
Service Availability During a DDoS Attack Combining Traffic Management with behavioral DDoS protection to ensure Service Availability Network Hardening Service Availability DDOS Detection & Mitigation Traffic shaping & rate limiting hardens the network at all times Application traffic control maintains enterprise operations immediately Precise and rapid detection & mitigation ensure swift return to normal operations 15
See, control, secure IoT 1 A new device connects Device Identified Device to IP mapping Traffic monitored 2 Behavior Assurance Network Control Policy Access control QoS and SLA enforcement 3 Device behavior profiling Behavioral analysis Behavior Baseline (Unit & Group) Anomaly detection LAN/WAN Allot SSG 5 4 IoT Security functions Smart Quarantine Anti-Malware DDoS protection Anti-Bot IoT Analytics Security reporting IoT Usage patterns Thresholds & insights SLA / KPI reporting Fraud detection 16 Allot Proprietary & Confidential 2017
Full visibility on network utilization, application and user behavior Align network performance to business priorities Protect the business and users against security threats 17
melias@allot.com 18