The Future of Information Security Is Context Aware and Adaptive
|
|
- Chastity Christal Lawrence
- 8 years ago
- Views:
Transcription
1 The Future of Information Security Is Context Aware and Adaptive Gartner RAS Core Research Note G , Neil MacDonald, 14 May 2010, RA Most of today s security infrastructure is static enforcing policies defined in advance in environments where IT infrastructure and business relationships are relatively static. This is no longer sufficient in an environment that is highly dynamic, multisourced and virtualized, and where consumer-oriented IT is increasingly used in lieu of enterprise-owned and provisioned systems. Key Findings Context-aware security is the use of supplemental information to improve security decisions at the time the decision is made, resulting in more-accurate security decisions capable of supporting more-dynamic business and IT environments. Context information that will be relevant to security decisions is not limited to environmental context and will include context information from multiple sources. awareness, identity awareness and content awareness are all examples of the broader shift to context-aware and adaptive security infrastructures. In static IT infrastructures, ownership became a proxy for trust. This model no longer works. Every element of our enterprise computing stack needs to be treated with a degree of uncertainty and skepticism. Binary trust will be replaced with a paradigm of trustability. Context-aware and adaptive security will be the only way to securely support the dynamic business and IT infrastructures emerging during the next 10 years. Recommendations Context awareness helps make security an enabler, not an inhibitor, of dynamic business requirements. Begin the transformation to context-aware and adaptive security infrastructure now as you replace legacy static security infrastructure, such as firewalls, and Web security gateway and endpoint protection platforms. Use the framework provided in this research as a way to evaluate security offerings for their capability to incorporate richer context information at the time of a security decision.
2 2 Question security vendors on their specific road maps for application, identity and content awareness, as well as the ability to incorporate other types of context information into their policy enforcement decisions. Remove hard-coded and static security policies from applications and other systems, and move them to externalized security policy enforcement points capable of consuming realtime context information. STRATEGIC PLANNING ASSUMPTION By 2015, 90% of enterprise security solutions deployed will be context aware. ANALYSIS 1.0 Context Awareness and Information Security Context is the circumstances within which something exists or happens, and that can help explain or understand it (see Acronym Key and Glossary Terms). Context-based computing uses supplemental context information to improve the computing experience at the point of consumption. Applying this to information security, context-based security is the use of supplemental information to improve security decisions at the time the decisions are made. Rapidly changing business and threat environments, as well as user demands, are stressing static security policy enforcement models. Information security infrastructure must become adaptive by incorporating additional context at the point when a security decision is made, and we are already seeing signs of this transformation. security solutions are evolving to incorporate application awareness and identity awareness into their offerings. Information protection solutions are evolving to deliver content awareness., identity and content awareness are all part of the same underlying shift to incorporate more context at the point when a security policy enforcement decision is made. To enable faster and more-accurate assessments of whether a given action should be allowed or denied, we must incorporate more real-time context information at the point when a security decision is made. 2.0 Why Context, Why Now? Consider a layered IT stack model of the network, device, operating system (OS), application, identity, content and process as shown in Figure 1. All these layers encompass physical or logical entities (objects) packets, machines, applications, services, users, groups, transactions and so on. Information security can be thought of as the enforcement of a series of policies (in other words, a set of security policy enforcement points) to enable action between Figure 1. Example of a Layered IT Stack Source: Gartner (May 2010) different entities in an IT stack, with the goal of protecting the confidentiality, integrity, availability, authenticity and accountability of the information and workloads being handled among them (see Figure 2). As shown in Figure 2, security decisions occur when an entity at any layer on the left side wants to take an action on an entity on the right side. For example: Can this IP address talk with this other IP address? This type of policy is traditionally enforced by network firewalling. Can this user load and run this unknown application? This type of policy is traditionally enforced by antivirus and application whitelisting software. Can this user access this content? This type of policy is traditionally enforced by access control and digital rights management mechanisms. Can this input be accepted by this application? This type of policy is traditionally enforced by application-level firewalls (such as a Web application or a database firewall) Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. or its affiliates. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner s research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.
3 When IT and business infrastructures are fairly static and welldefined, these security decisions are simpler, and there are fewer of them. In most cases, for the past 30 years, our organizations owned and controlled most of the entities shown in Figure 1 and Figure 2. In static IT infrastructures, ownership became a proxy for trust. Because we owned and controlled most of the pieces, information security policy enforcement points were typically only placed at the demarcation point (perimeter) between something we owned and something we didn t own (and, therefore, didn t trust). For example, we placed network firewalls where our network connected to the outside world, placed security gateways where we received outside and placed antivirus software where our systems accepted unknown executable code from the outside world. This model of trusting us (we own it, we control it) and not trusting them (they own it, they control it) and placing security policy enforcement points only where we had a handoff between us and them has worked reasonably well, but is coming under extreme pressure. This model fails in a world where we increasingly don t own all the pieces of our business and IT infrastructures. Multiple converging trends in business and IT are tearing down the silos of traditional IT infrastructure, and tearing down the traditional, well-defined boundaries of our businesses. Collectively, these six trends are driving the need for adaptive, context-based security: 1. Mobilization. Our increasingly mobile workforce requires us to support anywhere, anytime access to our systems from a variety of locations using devices that vary in their trustability, including home machines. 2. Externalization and collaboration. This is the business imperative to open our IT systems to the outside world for the purposes of collaboration. By 2015, in most enterprises, more external users will access internal systems than employees. 3. Virtualization. The decoupling and abstraction of the entire IT stack and movement to next-generation virtualized data centers means that workloads and information will no longer be tied to specific devices and fixed IP addresses, breaking static security policies based on physical attributes. 4. Cloud computing. The shift to cloud-based computing resources means that we no longer own or control the infrastructure or applications that hold and process our workloads and information. 5. Consumerization. The increasing use of technology designed for consumers (devices and applications) in the enterprise requires that we now allow a wide variety of devices, not all of which are owned by the enterprise, to connect to our systems (e.g., smartphones and USB memory sticks), and users that demand access a wider variety of consumer applications (e.g., Facebook). 3 Figure 2. Example Information Security Decisions Among Entities Can this entity take this action Examples: Open Read Write Communicate with Execute Copy Print Paste Attach to Insert inside of Mount Migrate Start Stop Archive Recover on this entity? Source: Gartner (May 2010)
4 4 6. Industrialization of hackers. The shift from mass to targeted attacks requires a shift in protection strategies where we have less trust of internal users and systems, either as a result of a compromised insider or a targeted attack launched from a one of our own internal systems that has been compromised. 3.0 Real-Time Context Leads to Measures of Trustability The six trends identified here will collectively force a shift to contextbased, adaptive security infrastructure. Instead of binary and static yes/no, us/them decisions that we can anticipate and define in advance, security decisions in emerging computing and business environments are not as clearly defined and not known in advance. Traditional approaches of whitelisting (allow known good, block everything else) and blacklisting (block known bad, allow everything else) assume we have excellent, high assurance information as to what is trusted and what is not. This is no longer the case. Every element of our computing stack will need to be treated with a degree of uncertainty and skepticism. Security decisions that were largely black and white, and where policies were set statically in advance, become decisions with a multitude of shades of gray made dynamically at the time the request is made. Instead of perceived absolute trust (which we never really had), we will shift to a paradigm that embraces variable levels of trustability adaptive and context-aware security policy enforcement mechanisms that help us answer the real question: Do I have enough trust in the entities involved to take the requested action at my current level of risk tolerance and given the current context to allow the action to take place? For example, This user wants to execute this financial transaction should this be allowed or not? Adaptive and context-aware security infrastructure would look at the context of the request before allowing or denying the request. Is the device trustable? Is the network connection trustable? Where is the device currently located? When was the last access? How strong was the authentication credential used? What time of day is it? Does the transaction requested fall within historical patterns of being normal? To enable faster and more-accurate assessments of whether a given action should be allowed or denied, we must incorporate more real-time context information at the time a security decision is made. This is the heart of adaptive and context-aware security. 4.0 Types of Context That Are Relevant to Security Decisions Today, context-aware computing is most commonly associated with the use of environmental context information (such as location and time of day) to improve computing experiences. In a simple security example, a sensitive application could be restricted for use from only within an enterprise s physical location and only during working hours. In Figure 3, we have extended Figure 2 to include environmental context information. However, in Gartner s definition of context-based computing, there is no restriction that environmental information be the only type of information that can be used to improve the computing experience. An Information Model for Context-Enriched Services maps out a four-layer model for different types of context information that provides a more detailed framework for this information. There are many types of contextual information that can be used at the point of the security decision to improve the security decision. In addition to the community and environmental context from Gartner s context information model, any of the layers shown in Figure 3 can provide additional context for improved security decisions. Table 1 contains some examples. All these layers environmental, community, process, content, identity, application, OS, device and network can provide useful context to real-time security decisions being made at the layers below them. For example, identity-level and application-level information can provide additional context to a network-level firewalling decision. Content-level information can provide additional context to a decision as to whether a document should be allowed to be ed. Indeed, there are multiple real-world examples of the shift to the incorporation of context information in security decisions. 5.0 Examples of Context-Aware, Adaptive Security Infrastructure Today We are seeing a shift to context-aware, adaptive security infrastructure across all areas of information security today. -level firewalls have been among the first to be transformed. Being lower in the stack, they are the most affected by the six trends identified in this research. As workers become more mobile, as businesses open up to collaborate, as computing shifts to the Web and cloud-based computing models, and as workloads are virtualized, traditional security policies based on static device and network-level attributes (such as port number or IP address) are increasingly ineffective. In Defining the Next- Generation Firewall, we highlight the importance of application awareness (incorporating context information from the next context layer up, as shown in Table 1) as a key requirement of a nextgeneration firewall. In Introducing the -Aware, we highlight the importance of incorporating identity information into next-generation network adaptive security infrastructures (such as the TrustSec Initiative from Cisco). There are many other examples of the shift to adaptive security infrastructure throughout information security infrastructure: and Access Management Authentication is incorporating more real-time context at the point of the authentication decision, such as requiring stronger authentication when the context of the transaction indicates unusual behavior. Interestingly, in another example of the consumerization of enterprise IT, many of these techniques were pioneered many years ago to support consumer payment transactions (for example, store-based credit card payments or Web-based payments) where financial services institutions and other payment acceptors have little or no control over end-user devices, OSs or networks, and were forced to incorporate more context into adaptive security policy decisions to reduce fraud. Likewise, authorization decisions are also becoming more contextual with the shift to externalized authorization and entitlement management solutions that are better able to consume
5 Figure 3. Adding Environmental Context to Security Decisions 5 Can this entity take this action Examples: Open Read Write Communicate with Execute Copy Print Paste Attach to Insert inside of Mount Migrate Start Stop Archive Recover on this entity? Source: Gartner (May 2010) In this context? Environmental context examples: Location Time of day context information when policies are not statically predefined and hard-coded into applications. Organizations have also struggled with the static limitations of traditional role-based access control mechanisms, which are too static for adaptive computing environments. The move to externalize authorization enforcement and the shift to attribute-based access control, authorization-based access control (ZBAC) and claims-based access architectures highlight this shift to incorporate context information in access management decisions. Data Protection To adequately protect sensitive information throughout its life cycle and across the entire enterprise IT ecosystem, most security policy enforcement points are becoming content aware. Content-aware data loss prevention (DLP) tools enable the dynamic application of policy based on the classification of content determined at the time of an operation for example, providing security gateways the ability to identify when sensitive content is being sent via and applying the appropriate security policy (for example, allow, block, log and encrypt) based on the context, such as the information being sent and the identity and role of the person the information is being sent to. access control (NAC) Whether used on guest networks, virtual private network (VPN) access or for all network access, NAC solutions are using real-time contextual information before allowing workstations to connect to the enterprise network. For example, based on a health assessment of the device to see if it is patched, doesn t appear to be compromised and has a current version of antivirus installed and running, or based on whether the device is known and placing unknown devices onto a guest network. Intrusion prevention systems (IPSs) Rather than apply all IPS rules to all traffic flows, next-generation IPS systems are able to use real-time contextual knowledge of what version of an OS or application a workload is running and what vulnerabilities are present in the systems they are protecting (for example, Real-time Awareness (RNA)/Real-time User Awareness (RUA) integration with Sourcefire). This context improves the speed and accuracy of IPS decisions, allowing more-efficient use of processing resources, as well as reducing the chance of false positives. Endpoint protection platforms (EPPs) Faced with the increasing ineffectiveness of signature-based approaches, EPP vendors are supplementing traditional whitelisting and blacklisting models with community-based reputation services that provide real-time reputation look-up information when determining whether a given piece of executable code is trustable enough or not.
6 6 Table 1. Examples of Context Information That Might Be Relevant to a Security Decision Context Layer Environmental Community Content Example Categories at This Layer Local environment Macroenvironment Friends Family Social networks Customer facing Revenue producing Files Databases Executable content Input Organization User Group Service Transaction APIs Uniform resource identifier (URI)/URL es Threads System calls drivers Virtualization platform type Virtual machine or physical IP Address Packets Connection types Port/protocol Examples of Contextual Information at This Layer Location Prior location Proximity Time of day, month, year Time elapsed since last action Temperature Ambient lighting Relationships Patterns of uptake Presence Links Tagging Importance of the process Impact on revenue if down SLA requirements Current users of the process Sensitivity of content Trust of the content Reputation of executable code Reputation of the Known vulnerabilities Input from the collective Reputation of the user Strength of authentication Current role Team membership Clearance level Transaction amount limit Credit rating Reputation of the application Reputation of the URL Sensitivity of the transaction Amount of the transaction Historical patterns of behavior Patch level Known vulnerabilities SLA requirements Historical patterns of behavior Health of the OS Patch level Known vulnerabilities Root of trust measurements Reputation of the IP address reputation Health of the device Managed/unmanaged Enterprise owned? Storage encrypted? Strength of encryption? Accelerometer data Traffic encrypted? Strength of encryption? Historical patterns of behavior Known vulnerabilities Source: Gartner (May 2010)
7 Secure Web gateways (SWGs) Like the EPP, simple Web proxy filtering and blocking based solely on URL information is increasingly insufficient. SWGs are evolving well beyond static URL filtering to incorporate context information such as the reputation of the URL, the location and reputation of the source IP address and other information at the point of the security policy enforcement decision. These products are also becoming content aware to help monitor for data loss on outbound connections. While a few of the information security vendors have adopted the term adaptive security infrastructure, most are using the terms application awareness, identity awareness and content awareness as adaptive and context-aware security capabilities are added. Instead of being separate requirements, we believe these are all examples of an underlying architectural shift to contextaware and adaptive security infrastructure. Each independently describes the need to incorporate higher levels of context into security decisions to improve those decisions. 6.0 Looking Ahead: Context Lays the Foundation for the Shift to Adaptive Risk-Based Security Context is a foundational element for adaptive security infrastructure, but alone it is not sufficient. In a world where the entire IT stack has been decoupled, and our systems and information have been dispersed around the world on systems we don t own and don t control, attempting to predetermine all possible usage scenarios and enforce them using static, predefined security policies will simply not scale, nor provide the flexibility demanded by businesses. In dynamic business and IT environments, we cannot anticipate all needs to access systems and content. Static security infrastructure is becoming an inhibitor to dynamic business needs. Context-aware security mechanisms provide a layer of abstraction and automation of security policies that can adapt to the context of the request and the time the security decision is made. Users will have access to things they would have otherwise been restricted from using static policies where the need for them to access the information wasn t presupposed. Even becoming context aware, we cannot place a security policy enforcement point at every demarcation point between something we own and control, and something we don t. Information security budgets cannot continue to grow at a faster rate than overall IT budgets. The realities of budget and resource constraints will force us to start using differential and intelligent security protection where the risk/reward ratio is optimized. We cannot protect everything equally, nor is everything we need to protect of equal value. As information security evolves to become adaptive and context aware, our approach to risk management must change as well. Rather than deploying all security controls possible, we must shift to intelligent and adaptive placement of controls based on the context of the action being requested the importance of the process being protected, the content being handled, the trustability of the entities involved and our tolerance for risk This is often referred to as the shift to trust-based or risk-based security, and context awareness will be a key enabler. Finally, although there are examples of application, identity, and content awareness being used to context-enrich security infrastructure, process awareness is the next frontier. Here, knowledge of the context of the business process supported by the requested action will be a factor in context-aware, risk-based decision making for example, how important the process is to the revenue generation capabilities of the business or the number of people that would be affected if the process became unavailable. -awareness and context will require tighter integration with operational infrastructures, which also has the same need to support SLAs for these processes and the same fundamental requirement to provide resilient systems and information as information security does. 7
8 8 Acronym Key and Glossary Terms Context Context action Context analysis Context aware Context broker Context data Context-enriched service Context provider the circumstances within which something exists or happens, and that can help explain or understand it an action triggered in response to a change in context rules that are applied by a context broker in response to the arrival of context data, and that either deduce new context data or trigger context actions an adjective used to describe applications or services that use context a software component that collects and stores context data, deduces context, and triggers context actions raw or processed information that contributes to determining the context of a person or object a service that exploits or is enriched by context an organization that operates a context broker to provide contextual services
From Secure Virtualization to Secure Private Clouds
From Secure Virtualization to Secure Private Clouds Gartner RAS Core Research Note G00208057, Neil MacDonald, Thomas J. Bittman, 13 October 2010, RV2A108222011 As enterprises move beyond virtualizing their
More informationRethinking IT and IT Security Strategies in an Era of Advanced Attacks, Cloud and Consumerization
Rethinking IT and IT Security Strategies in an Era of Advanced Attacks, Cloud and Consumerization Neil MacDonald VP and Gartner Fellow Gartner Information Security, Privacy and Risk Research Twitter @nmacdona
More informationSecurity Without Compromise: Context-Aware and Adaptive Next-Generation Firewalls
Fast Facts In 2012, 9 billion devices were connected to the Internet, and 50 billion are projected to be connected by 2020. Global data center traffic is expected to quadruple over the next five years,
More informationNGFWs will be most effective when working in conjunction with other layers of security controls.
Research Publication Date: 12 October 2009 ID Number: G00171540 Defining the Next-Generation Firewall John Pescatore, Greg Young Firewalls need to evolve to be more proactive in blocking new threats, such
More informationReadiness Assessments: Vital to Secure Mobility
White Paper Readiness Assessments: Vital to Secure Mobility What You Will Learn Mobile devices have been proven to increase employee productivity and job satisfaction, but can also pose significant threats
More informationContent Security: Protect Your Network with Five Must-Haves
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
More informationBYOD Policy & Management Part I
Introduction Many of today s endpoints are neither known nor protected. According to Gartner, enterprises are only aware of 80 percent of the devices on their network. Those 20 percent of unknown devices
More informationAragon Research RESEARCH NOTE. Workplace Service. Mobile Security in a BYOD World
Aragon Research Author: Mike Anderson Mobile Security in a BYOD World Summary: Employee-owned devices at work put significant strain on security and manageability. Government agencies need policy and mobile
More informationRealize That Big Security Data Is Not Big Security Nor Big Intelligence
G00245789 Realize That Big Security Data Is Not Big Security Nor Big Intelligence Published: 19 April 2013 Analyst(s): Joseph Feiman Security intelligence's ultimate objective, enterprise protection, is
More informationAddressing Advanced Web Threats. Addressing Advanced Web Threats: Protect Your Data and Brand
Addressing Advanced Web Threats: Protect Your Data and Brand What You Will Learn From collaboration to communication to data access, the web is a mission-critical business tool. Enterprises rely on the
More informationWhat Are Network Security Platforms?
Markets, J. Pescatore, M. Easley, R. Stiennon Research Note 7 November 2002 Network Security Platforms Will Transform Security Markets An integrated network security platform approach will increase network
More informationIBM Endpoint Manager for Core Protection
IBM Endpoint Manager for Core Protection Device control and endpoint protection designed to guard against malware and loss of sensitive data Highlights Delivers real-time endpoint protection against viruses,
More informationChief Security Strategist Symantec Public Sector
Chief Security Strategist Symantec Public Sector Advanced Persistent Threat Further things to understand about the APT Compromised Game Networks Lulzec Anonymous/YamaTough WikiLeaks 101 Global Intelligence
More informationSecuring BYOD With Network Access Control, a Case Study
Securing BYOD With Network Access Control, a Case Study 29 August 2012 ID:G00226207 Analyst(s): Lawrence Orans VIEW SUMMARY This Case Study highlights how an organization utilized NAC and mobile device
More informationWhite Paper. Architecting the security of the next-generation data center. why security needs to be a key component early in the design phase
White Paper Architecting the security of the next-generation data center A White Paper by Bloor Research Author : Fran Howarth Publish date : August 2011 teams involved in modernization projects need to
More informationNETWORK ACCESS CONTROL AND CLOUD SECURITY. Tran Song Dat Phuc SeoulTech 2015
NETWORK ACCESS CONTROL AND CLOUD SECURITY Tran Song Dat Phuc SeoulTech 2015 Table of Contents Network Access Control (NAC) Network Access Enforcement Methods Extensible Authentication Protocol IEEE 802.1X
More informationCisco Security Intelligence Operations
Operations Operations of 1 Operations Operations of Today s organizations require security solutions that accurately detect threats, provide holistic protection, and continually adapt to a rapidly evolving,
More informationOrganizations Must Employ Effective Data Security Strategies
Research Publication Date: 30 August 2005 ID Number: G00123639 Organizations Must Employ Effective Data Security Strategies Rich Mogull Organizations can best protect data through a hierarchical data security
More informationAddressing Security for Hybrid Cloud
Addressing Security for Hybrid Cloud Sreekanth Iyer Executive IT Architect IBM Cloud (CTO Office) Email : sreek.iyer@in.ibm.com Twitter: @sreek Blog: http://ibm.co/sreek July 18, 2015 Cloud is rapidly
More informationCloud Security Primer MALICIOUS NETWORK COMMUNICATIONS: WHAT ARE YOU OVERLOOKING?
A Cloud Security Primer : WHAT ARE YOU OVERLOOKING? LEGAL DISCLAIMER The information provided herein is for general information and educational purposes only. It is not intended and should not be construed
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationidentity as the new perimeter: securely embracing cloud, mobile and social media agility made possible
identity as the new perimeter: securely embracing cloud, mobile and social media agility made possible IT transformation and evolving identities A number of technology trends, including cloud, mobility,
More informationdefending against advanced persistent threats: strategies for a new era of attacks agility made possible
defending against advanced persistent threats: strategies for a new era of attacks agility made possible security threats as we know them are changing The traditional dangers IT security teams have been
More informationThe Hillstone and Trend Micro Joint Solution
The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry
More informationFrom Secure Virtualization to Secure Private Clouds
Research Publication Date: 13 October 2010 ID Number: G00208057 From Secure Virtualization to Secure Private Clouds Neil MacDonald, Thomas J. Bittman As enterprises move beyond virtualizing their data
More informationThe Need for Intelligent Network Security: Adapting IPS for today s Threats
The Need for Intelligent Network Security: Adapting IPS for today s Threats James Tucker Security Engineer Sourcefire Nordics A Bit of History It started with passive IDS. Burglar alarm for the network
More informationSygate Secure Enterprise and Alcatel
Sygate Secure Enterprise and Alcatel Sygate Secure Enterprise eliminates the damage or loss of information, cost of recovery, and regulatory violation due to rogue corporate computers, applications, and
More informationTechnology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection
Technology Blueprint Secure Your Virtual Desktop Infrastructure Optimize your virtual desktop infrastructure for performance and protection LEVEL 1 2 3 4 5 SECURITY CONNECTED REFERENCE ARCHITECTURE LEVEL
More informationCisco Virtualization Experience Infrastructure: Secure the Virtual Desktop
White Paper Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop What You Will Learn Cisco Virtualization Experience Infrastructure (VXI) delivers a service-optimized desktop virtualization
More informationUsers and Vendors Speak Out: Intrusion Detection and Prevention
Market Analysis Users and Vendors Speak Out: Intrusion Detection and Prevention Abstract: With network security concerns multiplying, intrusion protection systems are a hot commodity. But don't count out
More informationCarbon Black and Palo Alto Networks
Carbon Black and Palo Alto Networks Bring Together Next-Generation Endpoint and Network Security Solutions Endpoints and Servers in the Crosshairs of According to a 2013 study, 70 percent of businesses
More informationEffective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention
Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention Your Security Challenges Defending the Dynamic Network! Dynamic threats 䕬 䕬 䕬 䕬 Many threats
More informationCounterACT Plugin Configuration Guide for ForeScout Mobile Integration Module MaaS360 Version 1.0.1. ForeScout Mobile
CounterACT Plugin Configuration Guide for ForeScout Mobile Integration Module Version 1.0.1 ForeScout Mobile Table of Contents About the Integration... 3 ForeScout MDM... 3 Additional Documentation...
More informationLeading The World Into Connected Security. Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA
Leading The World Into Connected Security Dipl.-Inform., CISSP, S+ Rolf Haas Enterprise Technology Specialist Content Lead EMEA History of Defining Largest Dedicated Delivering a Next Generation Architecture
More informationThe Identity Defined Security Alliance
The Identity Defined Security Alliance A combined solution for achieving Identity Defined Security Whether it s creation of an authentication ceremony, definition and enforcement of policy, enforcement
More informationManaging Web Security in an Increasingly Challenging Threat Landscape
Managing Web Security in an Increasingly Challenging Threat Landscape Cybercriminals have increasingly turned their attention to the web, which has become by far the predominant area of attack. Small wonder.
More informationeguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life
Executive s Guide to Windows Server 2003 End of Life Facts About Windows Server 2003 Introduction On July 14, 2015 Microsoft will end support for Windows Sever 2003 and Windows Server 2003 R2. Like Windows
More informationSymantec Endpoint Security Management Solutions Presentation and Demo for:
Symantec Endpoint Security Management Solutions Presentation and Demo for: University System of Georgia Board of Regents Information Technology Services Executive Summary Business Requirements To migrate
More informationHow To Calculate Hd Costs
Total Cost of Ownership Comparison of PCs With Hosted Virtual Desktops, 2011 Update Gartner RAS Core Research Note G00209403, Federica Troni, Mark A. Margevicius, Michael A. Silver, 14 December 2010, RA12
More informationHierarchy of Needs for Content Networking
Technology, M. Fabbi Research Note 28 October 2002 Hierarchy of Needs for Content Networking Enterprises should understand the hierarchy of needs for content networking, which is illustrated by examining
More informationSECURITY PLATFORM FOR HEALTHCARE PROVIDERS
SECURITY PLATFORM FOR HEALTHCARE PROVIDERS Our next-generation security platform prevents successful cyberattacks for hundreds of hospitals, clinics and healthcare networks across the globe. Palo Alto
More informationDeploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks.
Table of Contents Section 1: Executive summary...1 Section 2: The challenge...2 Section 3: WLAN security...3 and the 802.1X standard Section 4: The solution...4 Section 5: Security...4 Section 6: Encrypted
More informationCisco Cloud Web Security
Data Sheet Today s highly connected and fast-moving world is filled with complex and sophisticated web security threats. Cisco delivers the strong protection, complete control, and investment value that
More informationENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS. Version 2.0
ENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS Version 2.0 July 20, 2012 Table of Contents 1 Foreword... 1 2 Introduction... 1 2.1 Classification... 1 3 Scope... 1
More informationData Center Security That Accelerates Your Business
Solution Overview Data Center Security That Accelerates Your Business Business today runs at a breakneck pace. Customers want exceptional service, and workers expect instant access to their job tools,
More informationCompany Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.
Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim
More informationMarket Guide for Network Sandboxing
G00271317 Market Guide for Network Sandboxing Published: 2 March 2015 Analyst(s): Lawrence Orans, Jeremy D'Hoinne Choosing a network sandboxing solution is challenging due to the wide array of options
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationSecuring Your Enterprise in the Cloud. IT executives must be ready to move to the cloud safely
Securing Your Enterprise in the Cloud IT executives must be ready to move to the cloud safely The technology pendulum is always swinging. And chief information security officers must be prepared to swing
More informationCoIP (Cloud over IP): The Future of Hybrid Networking
CoIP (Cloud over IP): The Future of Hybrid Networking An overlay virtual network that connects, protects and shields enterprise applications deployed across cloud ecosystems The Cloud is Now a Critical
More informationCisco TrustSec Solution Overview
Solution Overview Cisco TrustSec Solution Overview 2012 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 10 Contents Introduction... 3 Solution Overview...
More informationSECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION
SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION How ThreatBLADES add real-time threat scanning and alerting to the Analytics Platform INTRODUCTION: analytics solutions have become an essential weapon
More informationDeploying Firewalls Throughout Your Organization
Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense
More informationPenta Security 3rd Generation Web Application Firewall No Signature Required. www.gasystems.com.au
Penta Security 3rd Generation Web Application Firewall No Signature Required www.gasystems.com.au 1 1 The Web Presence Demand The Web Still Grows INTERNET USERS 2006 1.2B Internet Users - 18% of 6.5B people
More informationThe Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know
The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know I n t r o d u c t i o n Until the late 1990s, network security threats were predominantly written by programmers seeking notoriety,
More informationCisco Cloud Security Accelerates Cloud Adoption
White Paper Cisco Cloud Security Accelerates Cloud Adoption Introduction Cloud computing is gaining customer attention at a fascinating pace. An Infonetics research report published in early 2011 noted
More informationMobile Security: The good, the bad, the way forward
Mobile Security: The good, the bad, the way forward Get the most out of HP s Mobility Protection Services Jan De Clercq, Felix Martin, HP TC, December, 2013 Today s Presenter Name Jan De Clercq Title &
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationNext Gen Firewall and UTM Buyers Guide
Next Gen Firewall and UTM Buyers Guide Implementing and managing a network protected by point solutions is far from simple. But complete protection doesn t have to be complicated. This buyers guide explains
More informationI D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!
I D C T E C H N O L O G Y S P O T L I G H T S e r ve r S e c u rity: N o t W h a t It U s e d t o Be! December 2014 Adapted from Worldwide Endpoint Security 2013 2017 Forecast and 2012 Vendor Shares by
More informationNetwork Security. Intertech Associates, Inc.
Network Security Intertech Associates, Inc. Agenda IT Security - Past to Future Security Vulnerabilities Protecting the Enterprise What do we need in each site? Requirements for a Security Architecture
More informationBraindumps.700-295.50.QA
Braindumps.700-295.50.QA Number: 700-295 Passing Score: 800 Time Limit: 120 min File Version: 6.0 http://www.gratisexam.com/ Comprehensive, easy and to the point study material made it possible for me
More informationHow To Sell Security Products To A Network Security Company
Market Segment Definitions Author Joshua Mittler Overview In addition to product testing, NSS Labs quantitatively evaluates market size for each of the product categories tested. NSS provides metrics that
More informationWhite Paper. Why Next-Generation Firewalls Don t Stop Advanced Malware and Targeted APT Attacks
White Paper Why Next-Generation Firewalls Don t Stop Advanced Malware and Targeted APT Attacks White Paper Executive Summary Around the world, organizations are investing massive amounts of their budgets
More informationSourceFireNext-Generation IPS
D Ů V Ě Ř U J T E S I L N Ý M SourceFireNext-Generation IPS Petr Salač CCNP Security, CCNP, CICSP, CCSI #33835 petr.salac@alefnula.com Our Customers Biggest Security Challenges Maintaining security posture
More informationFinding Email Security in the Cloud
WHITE PAPER: FINDING EMAIL SECURITY IN THE CLOUD Finding Email Security in the Cloud CONTENTS Introduction 3 I. Why Good Enough Security is Never Good Enough 3 Mind your security gaps 4 II. Symantec Email
More informationSecuring your IT infrastructure with SOC/NOC collaboration
Technical white paper Securing your IT infrastructure with SOC/NOC collaboration Universal log management for IT operations Table of contents Executive summary 2 IT operations: Handle IT incidents and
More informationEXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY
EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY Dean Frye Sourcefire Session ID: SEC-W05 Session Classification: Intermediate Industrialisation of Threat Factories Goal: Glory,
More informationOrganizations Should Implement Web Application Security Scanning
Research Publication Date: 21 September 2005 ID Number: G00130869 Organizations Should Implement Web Application Security Scanning Amrit T. Williams, Neil MacDonald Web applications are prone to vulnerabilities
More informationCloud, SDN and the Evolution of
Cloud, SDN and the Evolution of Enterprise Networks Neil Rickard Gartner is a registered trademark of Gartner, Inc. or its affiliates. This publication may not be reproduced or distributed in any form
More informationSecuring Virtual Applications and Servers
White Paper Securing Virtual Applications and Servers Overview Security concerns are the most often cited obstacle to application virtualization and adoption of cloud-computing models. Merely replicating
More informationUsing Palo Alto Networks to Protect the Datacenter
Using Palo Alto Networks to Protect the Datacenter July 2009 Palo Alto Networks 232 East Java Dr. Sunnyvale, CA 94089 Sales 866.207.0077 www.paloaltonetworks.com Table of Contents Introduction... 3 Granular
More informationRunning head: Next Generation Firewalls 1
Running head: Next Generation Firewalls 1 Next Generation Firewalls Rob Cavana East Carolina University ICTN 4040 Enterprise Information Security Dr Phil Lunsford and Mrs. Constance Boahn April 13 th 2015
More informationWatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA 98104 www.watchguard.com
SMALL BUSINESS NETWORK SECURITY GUIDE WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION AUGUST 2004 SMALL BUSINESS NETWORK SECURITY GUIDE: WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION
More informationNext Generation IPS and Reputation Services
Next Generation IPS and Reputation Services Richard Stiennon Chief Research Analyst IT-Harvest 2011 IT-Harvest 1 IPS and Reputation Services REPUTATION IS REQUIRED FOR EFFECTIVE IPS Reputation has become
More informationNext-Generation Firewalls: Critical to SMB Network Security
Next-Generation Firewalls: Critical to SMB Network Security Next-Generation Firewalls provide dramatic improvements in protection versus traditional firewalls, particularly in dealing with today s more
More informationA Look at the New Converged Data Center
Organizations around the world are choosing to move from traditional physical data centers to virtual infrastructure, affecting every layer in the data center stack. This change will not only yield a scalable
More informationFIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES
FIVE KEY CONSIDERATIONS FOR ENABLING PRIVACY IN HEALTH INFORMATION EXCHANGES The implications for privacy and security in the emergence of HIEs The emergence of health information exchanges (HIE) is widely
More information10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection. September 2011
10 Potential Risk Facing Your IT Department: Multi-layered Security & Network Protection September 2011 10 Potential Risks Facing Your IT Department: Multi-layered Security & Network Protection 2 It s
More informationPutting Web Threat Protection and Content Filtering in the Cloud
Putting Web Threat Protection and Content Filtering in the Cloud Why secure web gateways belong in the cloud and not on appliances Contents The Cloud Can Lower Costs Can It Improve Security Too?. 1 The
More informationSecurity Virtual Infrastructure - Cloud
Security Virtual Infrastructure - Cloud Your Name Ramkumar Mohan Head IT & CISO Orbis Financial Corporation Ltd Agenda Cloud Brief Introduction State of Cloud Cloud Challenges Private Cloud Journey to
More informationSIEM and IAM Technology Integration
SIEM and IAM Technology Integration Gartner RAS Core Research Note G00161012, Mark Nicolett, Earl Perkins, 1 September 2009, RA3 09302010 Integration of identity and access management (IAM) and security
More informationService management White paper. Manage access control effectively across the enterprise with IBM solutions.
Service management White paper Manage access control effectively across the enterprise with IBM solutions. July 2008 2 Contents 2 Overview 2 Understand today s requirements for developing effective access
More informationWHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment... 2. Adaptive Network Security...
WHITEPAPER Top 4 Network Security Challenges in Healthcare Addressing Them with Adaptive Network Security Executive Summary... 1 Top 4 Network Security Challenges Addressing Security Challenges with Adaptive
More informationemail management solutions
Safeguard business continuity and productivity with Mimecast email management solutions Computacenter and Mimecast in partnership Expert software solutions Computacenter and Mimecast help organisations
More informationSecuring the Internet of Things
Business Brief Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy IoT Architectural Challenges Given the diversity and scale of the IoT, new security
More informationSecuring the Mobile Enterprise with Network-Based Security and Cloud Computing
Securing the Mobile Enterprise with Network-Based Security and Cloud Computing Gustavo de los Reyes, Sanjay Macwan, Deepak Chawla, Cristina Serban AT&T Security Research Center {gdelosreyes, sjm, dchawla,
More informationFrank Andrus WHITEPAPER. CTO, Bradford Networks. Evolve your network strategy to meet new threats and achieve expanded business imperatives
WHITEPAPER The Emergence of Adaptive Network Security Evolve your network strategy to meet new threats and achieve expanded business imperatives Frank Andrus CTO, Bradford Networks Executive Summary...
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationOffice 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.
Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD. Your Valuable Data In The Cloud? How To Get The Best Protection! A world safe for exchanging digital information
More informationMisconceptions surrounding security in a virtualized environment
Misconceptions surrounding security in a virtualized environment Clavister White Paper ization is a boom technology, and it is imperative that this environment is secure as any other part of the network.
More informationARCHITECT S GUIDE: Comply to Connect Using TNC Technology
ARCHITECT S GUIDE: Comply to Connect Using TNC Technology August 2012 Trusted Computing Group 3855 SW 153rd Drive Beaverton, OR 97006 Tel (503) 619-0562 Fax (503) 644-6708 admin@trustedcomputinggroup.org
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationSecurity in the Software Defined Data Center
Security in the Software Defined Data Center Francesco Vigo Senior Systems Engineer, VMware fvigo@vmware.com Ugo Piazzalunga Technical Manager, SafeNet ugo.piazzalunga@safenet-inc.com Agenda Software Defined
More informationBig Data and Security: At the Edge of Prediction
Big Data and Security: At the Edge of Prediction Mark Seward Splunk Inc. Fred Wilmot Splunk Inc. Session ID: Session Classification: SPO2-T17 Intermediate The Way Cyber Adversaries Think Where is the most
More informationEconomics of the Cloud: Business Value Assessments
Economics of the Cloud: Business Value Assessments Gartner RAS Core Research Note G00168554, Joseph Feiman, David W. Cearley, 25 September 2009, RA7 042010 This research defines and quantitatively assesses
More information