Business Strategy Theatre

Similar documents
Total Threat Protection. Whitepaper

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Future-ready security for small and mid-size enterprises

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Security for the Cloud Era

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

Cisco Systems Korea

Cato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.

Cato Networks. Network Security as a Service

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Security Landscape Thorsten Stoeterau Security Systems Engineer - Barracuda Networks

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

How We Delivered Compliance to a London-based Law Firm. A Network Security Project Case Study.

WHITE PAPER. Applying Software-Defined Security to the Branch Office

Networking Drivers & Trends

BUILDING A NEXT-GENERATION FIREWALL

FIREWALL BEST PRACTICES TO BLOCK

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Christopher Covert. Principal Product Manager Enterprise Solutions Group. Copyright 2016 Symantec Endpoint Protection Cloud

Deployment Scenarios Microsoft TMG Standard, TMG Enterprise, TMG Branch Office series Appliances

Angelo Gentili Head of Business Development, EMEA Region, PartnerNET

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

PROTECT WORKLOADS IN THE HYBRID CLOUD

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Vendor: Cisco. Exam Code: Exam Name: Cisco Sales Expert. Version: Demo

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

The Top 6 WAF Essentials to Achieve Application Security Efficacy

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

AKAMAI CLOUD SECURITY SOLUTIONS

Juniper Solutions for Turnkey, Managed Cloud Services

Campus Network Design

Simplify Your Network Security with All-In-One Unified Threat Management

Mitigating Branch Office Risks with SD-WAN

Security Gap Analysis: Aggregrated Results

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

State of Cloud Adoption. Cloud usage is over 90%, are you ready?

The New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

Synchronized Security

MaaS360 Secure Productivity Suite

Copyright 2011 Trend Micro Inc.

A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management

Why we need Intelligent Security? Juha Launonen Sourcefire, Inc.

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Passit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

SONICWALL SECURITY HEALTH CHECK SERVICE

Sichere Applikations- dienste

Stopping Advanced Persistent Threats In Cloud and DataCenters

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

SONICWALL SECURITY HEALTH CHECK SERVICE

Securing the SMB Cloud Generation

Security Assessment Checklist

Securing Your Microsoft Azure Virtual Networks

Gladiator Incident Alert

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

Security Made Simple by Sophos

Simplifying the Branch Network

Security Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems. BRKSEC-2052_c Cisco Systems, Inc. All rights reserved.

Securing Your Amazon Web Services Virtual Networks

Simplify PCI Compliance

SONICWALL SECURITY HEALTH CHECK PSO 2017

SECURING DEVICES IN THE INTERNET OF THINGS

Endpoint Protection : Last line of defense?

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

Rethinking Security: The Need For A Security Delivery Platform

SD-WAN Solution How to Make the Best Choice for Your Business

Next Generation Privilege Identity Management

AT&T Endpoint Security

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

PrecisionAccess Trusted Access Control

SteelConnect. The Future of Networking is here. It s Application- Defined for the Cloud Era. SD-WAN Cloud Networks Branch LAN/WLAN

Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

Encryption Vision & Strategy

SRX als NGFW. Michel Tepper Consultant

IxLoad-Attack TM : Network Security Testing

Allot Corporate Presentation

SECURING DEVICES IN THE INTERNET OF THINGS

Cloud Security: Constant Innovation

Cisco Firepower with Radware DDoS Mitigation

Synchronized Security

Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution

What to Look for When Evaluating Next-Generation Firewalls

Integrated Access Management Solutions. Access Televentures

Training UNIFIED SECURITY. Signature based packet analysis

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Security+ SY0-501 Study Guide Table of Contents

Office 365 Buyers Guide: Best Practices for Securing Office 365

Verizon Software Defined Perimeter (SDP).

Software-Defined Secure Networks in Action

Benefits of SD-WAN to the Distributed Enterprise

Securing Your Most Sensitive Data

Cisco Security Manager 4.1: Integrated Security Management for Cisco Firewalls, IPS, and VPN Solutions

Advanced Threat Protection Buyer s Guide GUIDANCE TO ADVANCE YOUR ORGANIZATION S SECURITY POSTURE

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Cybersecurity for Service Providers

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Transcription:

Business Strategy Theatre

Security posture in the age of mobile, social and new threats Steve Pao, GM Security Business 01 May 2014

In the midst of chaos, there is also opportunity. - Sun-Tzu

Security: The Present is Not Sustainable OPPOSING FORCES ARE WELL KNOWN New threats New user attacks New infrastructure attacks The Target Limited Staff Limited Budget Limited Expertise

Unique Point of Industry Transition Current death spiral Hacks! New Security Paradigm and Economics New Security Platforms Virtual, Cloud, Public Cloud, Network Virtualization Appliances Opportunity for disruption Both for existing and new and existing security providers

Circa 2003 WE NEED INTRUSION DETECTION WITH DEEP PACKET INSPECTION Of course, IPS and DPI are built into firewalls today

Circa 2006 WE NEED POLICY-BASED EMAIL ENCRYPTION Of course, Email Encryption is built into gateways today

Circa 2010 WE NEED CONTEXT- SENSITIVE DATA LEAKAGE PREVENTION Of course, DLP is bundled with content security today

Today WE NEED SANDBOX PROTECTION AGAINST APT S Of course, sandboxing will be built into malware protection

APT s can exploit all vulnerabilities in the current threat environment not just through malware

Mobility

Mobility Copies of email and other content everywhere Public Wi-Fi Man-in-the-Middle, ARP spoofing Small screens Hard to see phishing attacks

Social Media Hackers go where the eyeballs are Barracuda Labs research agenda is here The hacker can look like your VP of Sales

Botnets & Crimeware

Botnets & Crimeware Targets do not need to have high visibility Infrastructure can being attacked on every vector programmatically Botnets are sold as SaaS ( Crimeware ) attackers do not need to be hackers; they just need financial motivation to pay hackers

New Vulnerabilities

New Vulnerabilities There are dedicated employees whose job is to constantly change the Web applications Software defects (normal) introduce new vulnerabilities Discovering and fixing defects takes time and this opens the window of attack

Overlay on Customer Constraints Gartner budget dollars 5% of revenue on IT 5% of IT budget on security People versus equipment 45% hardware / software The rest is personnel, outsourcing and consulting Budget $50 Million IT $2.5 Million Security $125k HW/SW $60k

Limited Budget Why Best in Class is hard Budget $$$

Failing to Protect a Vector Creates Risk

The Goldilocks Problem

Too Complex: Bag of Parts Build Your Own Solution Email security Ironport Web security Blue Coat WAF Imperva Firewall CheckPoint SSL VPN Juniper

Too Constrained: All In One It s a Floor Wax and a Dessert Topping One product for multiple uses even when: Features are compromised Latency profiles are different

Just Right: Unified Best in Class Enterprise Bag of Parts Best in Class Powerful Scalable Separate Expensive Hard to Use Midmarket SMB All In One Unified Affordable Easy to Use Compromises Lacks Features Constrained

Just Right: Unified Best in Class Enterprise Bag of Parts Best in Class Powerful Scalable Separate Expensive Hard to Use Midmarket Unified SMB All In One Affordable Easy to Use Compromises Lacks Features Constrained

Just Right: Unified Best in Class Enterprise Bag of Parts Powerful Scalable Separate Expensive Hard to Use Midmarket Unified Best In Class SMB All In One Affordable Easy to Use Compromises Lacks Features Constrained

Just Right: Unified Best in Class Enterprise Bag of Parts Separate Expensive Hard to Use Midmarket Unified Best In Class Powerful Scalable SMB All In One Affordable Easy to Use Compromises Lacks Features Constrained

Just Right: Unified Best in Class Enterprise Bag of Parts Separate Expensive Hard to Use Midmarket Unified Best In Class Powerful Scalable Affordable Easy to Use SMB All In One Compromises Lacks Features Constrained

Approach Build to Last Design the architecture to protect the threat vectors Adjust deployment models as attack surfaces change Mitigate individual threats through features Make adopting new technology easy and affordable

Protect All Threat Vectors Security Resources to Protect The Network Itself Email server Web server Internet File Server Network users Mobile

Deploying Unified, Best In Class Cloud-based Central Management Next Generation Firewall Web Security Email Security Application Security SSL VPN Servers Mobile Device Computer Deployment Options: Appliance Cloud Virtual

Start with Next Generation Firewall Next generation firewall requirements High Performance Architecture Granular Application Control User based security policy Bandwidth management Link Aggregation and Failover Intelligent Traffic Optimization IDS/IPS Cloud-based Anti-malware and URL Filtering Integrated site-to-site, client-based and SSL VPN DoS/DDoS protection Built-in wifi (specific models) Central Management

Complete Application Visibility

Dynamic Link Management ISP 1 60% of HTTP ISP 2 20% of HTTP ISP 3 20% of HTTP

Secure Connectivity IPsec Site -to- Site VPN SSL VPN Client-to-Site VPN IPsec, PPTP, SSL Internal Corporate Resources SSL VPN*: BFW X200 and higher

Cloud Scaled Security URL filter, Malware scanning, Reporting Predictable computing on-premises Elastic computing in the cloud Massive scalability Avoid frequent refresh or upgrades

Beyond Firewall Email Security Web Security Data Center Security Secure Remote Access

Unifying Best In Class Virtual Appliance Web Filter Spam Firewall Web App Firewall Load Balancer ADC Consolidat ed Web Filter Spam Firewall Web App Firewall Load Balancer ADC Public Cloud Web App Firewall NG Firewall Hosted Cloud Web Security Service Email Security Service Centralized Management Cloud Control

Demand Consistent Interfaces

Demand Central Management

Extend to Mobile Mobile Device Management Secure Remote Access

Choose Your Providers Carefully Mid-market 100 5000 Users All-in-one Cheap One box Feature Gaps Low performance Best-in-Class Next Generation Easy to use Scalable Unified Affordable Bag-of-parts Multiple vendors Complex Expensive Resource intensive

Use Cases Profile Mid-sized networks, 1-5 locations Requirements Application Control Social Media Regulation SSL inspection Site-to-site VPN Reporting. Decision criteria Support Total cost of ownership Single vendor

Summary Current threat escalation continues Protecting threats in isolation doesn t work Protect all network threat vectors Individual threats are simply features Consider management and costs Choose providers that match your business

Business Strategy Theatre

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback