The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

Similar documents
GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

THE ACCENTURE CYBER DEFENSE SOLUTION

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

CloudSOC and Security.cloud for Microsoft Office 365

Symantec Ransomware Protection

Zero Trust on the Endpoint. Extending the Zero Trust Model from Network to Endpoint with Advanced Endpoint Protection

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Michael Weisgerber, CISSP Senior Channel Systems Engineer CEUR

Palo Alto Networks PCNSE7 Exam

A Comprehensive CyberSecurity Policy

Paloalto Networks PCNSA EXAM

PrecisionAccess Trusted Access Control

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

VM-SERIES FOR VMWARE VM VM

App-ID. PALO ALTO NETWORKS: App-ID Technology Brief

Juniper Sky Advanced Threat Prevention

Next-Gen CASB. Patrick Koh Bitglass

JUNIPER SKY ADVANCED THREAT PREVENTION

Defending Against Unkown Automation is the Key. Rajesh Kumar Juniper Networks

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Kaspersky Cloud Security for Hybrid Cloud. Diego Magni Presales Manager Kaspersky Lab Italia

Security Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis

FIREWALL OVERVIEW. Palo Alto Networks Next-Generation Firewall

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

THE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson

Symantec Endpoint Protection Family Feature Comparison

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Palo-Alto PCNSE7. Palo Alto Networks Certified Network Security Engineer.

McAfee Advanced Threat Defense

RSA NetWitness Suite Respond in Minutes, Not Months

Qualys Cloud Platform

BUILD A NEXT-GENERATION SECURITY OPERATIONS CENTER

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Cloud Customer Architecture for Securing Workloads on Cloud Services

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE

Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security

DECRYPT SSL AND SSH TRAFFIC TO DISRUPT ATTACKER COMMUNICATIONS AND THEFT

PROTECT WORKLOADS IN THE HYBRID CLOUD

SYMANTEC DATA CENTER SECURITY

SECURITY PLATFORM FOR HEALTHCARE PROVIDERS

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

Palo Alto Networks PAN-OS

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING.

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

SECURITY REFERENCE BLUEPRINT FOR HIGHER EDUCATION

Forescout. eyeextend for Palo Alto Networks Wildfire. Configuration Guide. Version 2.2

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

Agile Security Solutions

Paperspace. Security Primer & Architecture Overview. Business Whitepaper. 20 Jay St. Suite 312 Brooklyn, NY 11201

TRAPS ADVANCED ENDPOINT PROTECTION

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

NETWORK AND ENDPOINT SECURITY

Sun Mgt Bonus Lab 11: Auto-Tagging in PAN-OS 8.X

Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

Understanding the Dynamic Update Mechanism Tech Note

White Paper. Why IDS Can t Adequately Protect Your IoT Devices

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Medigate and Palo Alto Networks Integration

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

PREVENT CREDENTIAL THEFT IN HEALTHCARE

APP-ID. A foundation for visibility and control in the Palo Alto Networks Security Platform

Identiteettien hallinta ja sovellusturvallisuus. Timo Lohenoja, CISPP Systems Engineer, F5 Networks

Test Accredited Configuration Engineer (ACE) Exam PAN OS 6.0 Version

Threat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN)

New methods to protect the network. Deeper visibility with Cisco NGFW Next Generation Firewall

ADC im Cloud - Zeitalter

Un SOC avanzato per una efficace risposta al cybercrime

Proteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro

Proactive Approach to Cyber Security

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security

Cato Networks. Network Security as a Service

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Corrigendum 3. Tender Number: 10/ dated

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

MODERN DESKTOP SECURITY

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

10 FOCUS AREAS FOR BREACH PREVENTION

ONBOARDING GUIDE GLOBALPROTECT CLOUD SERVICE FOR REMOTE NETWORKS

WHITE PAPER. AirGap. The Technology That Makes Isla a Powerful Web Malware Isolation System

Best Practices in Securing a Multicloud World

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Citrix SD-WAN for Optimal Office 365 Connectivity and Performance

Evolution Of Cyber Threats & Defense Approaches

Managed Security Services RFP 2019 Q&A

Getting over Ransomware - Plan your Strategy for more Advanced Threats

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Traditional Security Solutions Have Reached Their Limit

Building a More Secure Cloud Architecture

Compare Security Analytics Solutions

SECURING YOUR MICROSOFT ENVIRONMENT

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Transcription:

The Next Generation Security Platform Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

The Next Generation Enterprise Security Platform Core Value Proposition An Enterprise Security Platform that safely enables all applications through granular use control and prevention of known and unknown cyber threats for all users on any device across any network. Prevention 1 st

Detect new unknown attacks across all traffic 154 total different application types used in the past year >50% of unknown malware via Web- browsing is Encrypted Internet Utility 6% Business systems 11% Storage8 ERP/CRM 1% Collaboration 5% Social Networking Office programs 1% backup 1% 8% Gaming 1% Proxy 3% Remote Access 1% Audio streaming 1% Photo8Video 6% Internet Utility 5% email 17% File Sharing 33%

What s changed?.volume Attack Vectors Zero Days Sheer volume Traditional security design fails to cope with the sheer attack volume and keep pace

30 minutes of malware Stop the spread, prevent attacks New infection every 3 seconds After. 1 minute = 2,021 instances 15 minutes = 9,864 instances 30 minutes = 45,457 instances

Security needs for a Paradigm Shift Current Security Thinking Detection The action or process of identifying the presence of something concealed Remediation The action or remedying something, in particular of reversing or stopping environmental damage Palo Alto Networks Thinking Prevention 1 st The action of stopping something from happening or arising

Preventing Attacks The Next Generation Enterprise Security Platform Complete visibility Reduce attack surface area Prevent all known threats Prevent new threats All applications All users All context Encrypted traffic SaaS Cloud Mobile Enable business apps Block bad apps Limit app functions Limit file types Block web sites Exploits* Malware Command and control Malicious web sites Bad domains Stolen credentials Static analysis Dynamic analysis Attack techniques Anomaly detection Analytics Orchestration & Automation

The Next Generation Enterprise Security Platform SaaS Security Aperture AutoFocus WildFire Identify and block known and unknown malware, incremental updates every 5 minutes Threat Prevention URL Filtering Threat Protection and Prevention with Single Pass Architecture (App- ID, User- ID, Content- ID, URL Filtering, ) Threat Intelligence Traps GlobalProtect Adv. EndPoint Protection: Malware and Exploit Prevention

App-ID Identify the application User-ID Identify the user Content-ID Scan the content NGFW What about?

NGFW What about? Single Pass Software: performs operations once ü App- ID: identify the application ü User- ID: identify the user ü Content- ID: scan the content, single- pass scanning Parallel Processing Hardware: high level performance ü Separated Dataplane and Management Plane ü Specialized processing groups that work in harmony to perform critical functions Works also for VM! Using dedicated vcpu

1 Phishing email sent to victim Breaking credential theft attack cycle 2 Credentials sent to phishing page NGFW What s new? Mail server Domain controller Application server RADIUS Analyzed by WildFire, blocked by PAN-DB Suspicious credential submission blocked Policy-based MFA enforced at network layer 3 Adversary navigates through network to access critical applications with stolen credentials

PANOS v8.0 New PA- Series NGFW What s new? PA-5200 SERIES PA-800 SERIES PA-220 Up to 10x performance and capacity increases Front-to-back cooling Up to 10x decryption performance increase Up to 35x SSL session capacity increase Higher port density, flexible I/O, & hardware resiliency

PANOS v8.0 New VM- Series NGFW What s new? Extra small (200M) Branch office, vcpe, Network based MSSP Small, Medium (2-4G) Hybrid cloud, segmentation, and Internet gateway Large, Extra Large (8-16G) NFV component in virtualized data center and service provider environments VM-50 VM-100 VM-200 VM-300 VM-1000-HV VM-500 VM-700 200M App- ID,100M Threat, 50K sessions Up to 2G App- ID, 1G Threat, 250K sessions Up to 4G App- ID, 2G Threat, 800K sessions Up to 8G App- ID, 4G Threat, 2M sessions Up to 16G App- ID, 8G Threat, 10M sessions

WildFire all-new analysis engine PANW Wildfire Threat Intelligent Cloud New machine learning The only custom-built anti-evasion malware analysis environment Final frontier for anti-vm detection Static Analysis Dynamic Analysis Heuristic engine Bare Metal Analysis Detection of known exploits, malware, and new variants Detonation reveals zero-day exploitation & malware Dynamically steers highly evasive, suspicious files to bare metal Detonates malware on real hardware, detecting all VM-aware malware

PANW Wildfire Threat Intelligent Cloud Researcher-grade C2 protection, at scale Removing the trade-off, effectiveness with scale: WildFire Extract C2 payload ü Automatic high-fidelity signature creation Automatic signature generation ü Capturing C2 data from WildFire execution ü Daily content updates More Coverage 10 times more payloadbased C2 signatures release per day (and growing) Higher Effectiveness New automatically generated C2 signatures cover between 200-300 unique malware samples per signature

WildFire Global Cloud Infrastructure PANW Wildfire Threat Intelligent Cloud Regional Clouds WildFire Global Cloud Analysis performed in-region EU Customer files stored in-region Local research staff handles engine accuracy maintenance CA VA Analysis data / signatures Customer files JP Intelligence & Prevention Analysis data and signatures sent to global cloud All customers receive global signature package AutoFocus continues to have global visibility SOC 2 & ISO certified datacenters SOC 2 Compliant WildFire infrastructure All customers continue to receive a global WildFire signature package every 5 minutes Customers choose which clouds to use to meet privacy needs

PANW TRAPS Advanced Endpoint Protection Prevention Requires a Combination of Multiple Purpose- built Methods 6 Malware8 Quarantine WildFire8 1 Inspection8&8 Analysis ü Prevention Focused ü Malware Prevention ü Exploit Prevention ü Automated Prevention w/ Threat Intel ü Persistent Protection Admin 5 Override Policies Trusted8 4 Publisher8 Identification Traps MultiLMethod8 Malware Prevention 3 Execution8 Restrictions Static8Analysis8 2 via8machine8 Learning

SAFELY ENABLE SaaS APPLICATIONS PANW Aperture Cloud SaaS Security ü Connects customer s SaaS apps over application API ü Sends hashes and.exe to the Wildfire Cloud ü Deep content inspection based on keywords, regex, & industry standard data classifiers i.e. PCI, PII etc. ü Machine learning allows custom data classification ü Extracts users, collaborators, and access information ü Calculate risks based on threats, data & occurrences ü Allows administrator to take actions like end user notification, quarantine etc. to mitigate risks. Office 365 SANCTIONED SaaS

PANW AutoFocus Threat Intelligence TIME TO RESPONSE Decrease time to identify and respond to new, targeted attack ü AutoFocus was much easier than the current manual monitoring for alerts used by the Security Operations Center (SOC) team. ü Demonstrated quicker response time, flagging malicious activity their SOC team hadn t seen yet. ü Provided immediate answers on What happened, and Did we lose anything? for malware events

Threat Intelligence Feeds Network Enforcers Private Feeds SIEM Threat Intelligence Platforms Endpoint Enforcers Search Sessions Samples Cloud Intelligence AutoFocus Match Indicators Action Indicator Store Apps MineMeld PANW AutoFocus MineMeld On Premise End Point SIEM Firewall Proxies Local MineMeld

Complete Data Security Next Generation Enterprise Security Platform APERTURE GLOBALPROTECT NEXT GEN FIREWALL TRAPS Public Cloud (IaaS, PaaS) Office 365 Software as a Service (SaaS) NEXT GEN FIREWALL NEXT GEN FIREWALL WF AUTOFOCUS F Private Cloud (SDN, NSX, ACI) Threat Intelligent Cloud

Thank You! Domenico Stranieri Pre- Sales System Engineer Palo Alto Networks EMEA Italy dstranieri@paloaltonetworks.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback