Network Security. Intertech Associates, Inc.

Transcription

1 Network Security Intertech Associates, Inc.

2 Agenda IT Security - Past to Future Security Vulnerabilities Protecting the Enterprise What do we need in each site? Requirements for a Security Architecture Summary

3 Convergence of Networks & Security Threats Architecting Secure Networks is Critical Building the Perimeter Dot Com Bubble Burst Internet Rationalized Internet reliance Security threats Architecting a Secure Future

4 Enterprises Are Struggling To Keep Up Enforce point proliferations Performance requirements Technology coordination Branch offices in different locations, more types of end points More users, more locations, more demanding applications Security technologies and policies required to work in harmony Since 2003, enterprises have invested $19bn in security (IDC, Gartner, Infonetics) Are we safer? BUT Was the spending effective? Is the job done?

5 Security Vulnerability Vectors External Intentional Unintentional Internal

6 Security Vulnerability Vectors External Intentional / Attack Denial of of Service Vandalism Data Theft / Industrial Espionage Malware Extortion & Organized Crime Physical destruction thru IT IT manipulation Unintentional / Misuse Loss of of Remote Access Passwords Loss of of mobile devices (Laptops, PDAs) with Data Internal Data Theft Fraud Resource Misuse Planting of of Trojans/Malware Eavesdropping Configuration Errors Data sent to to wrong recipient or or publicly posted Trojans/Viruses entering the Enterprise thru users misuse

7 Security Vulnerability A Business Problem External External Intentional Intentional Unintentional Unintentional Revenue Loss Reputation Damage Liability Internal Internal + Regulatory & Internal Compliance Executive Responsibility A Business Problem (Not Just a Technology Problem)

8 Protection Vectors Attack Prevention Security Measurement Data Protection Security Management Secured Access

9 Protection Vectors: Attack Prevention Network Security Firewall Antivirus URL Filtering IPS/IDS Consolidation from Stand-Alone devices to to Unified Threat Management (UTM) Expanding slowly to to the Internal Application Security Application Intelligence Web Security Voice Over IP Messaging Security and Instant Messaging Gateways Anti-Virus Anti-Spyware Anti-Spam

10 Protection Vectors: Data Protection Data Loss Data Encryption on Mobile Devices (e.g. Laptops, Smart Phones, PDA) and Storage Data Protection & Port Control Control unauthorized data copying to to external devices (e.g. USB) Data Leakage Enforce outbound information flow through Messaging and Network Gateways Digital Rights Management Control Access and Usage of of Digital Data

11 Protection Vectors: Secured Access Site-To-Site Authenticated & Encrypted Communication Between Enterprise Sites, B2B Complex Routing Scenarios Remote Access Secured Client & Clientless Access (Technologies: IPSec, SSL VPN) Static and Mobile Devices Full Protection for the End-Points (UTM) Access Portals SSL VPN Portals for easy, unified access to to company resources based on permissions Network Access Control Control which devices are allowed to to access the network (Physical Ports, WiFi, Mobile) Device compliance checks (e.g. version of of A/V Software) Quarantine

12 Protection Vectors: Security Management Policy Efficient Centralized Management of of Security Policies Work Flow Management (Change Control) Device Central Management for multiple types of of devices across-sites Device Provisioning Centralized Software and Security Updates Users User Provisioning User Activity Monitoring Incidents Event and Data Collection & Correlation Monitoring Forensics Analysis Automated Response

13 Protection Vectors: Security Measurement Are we Safer? Was the Spending Effective? Is Is the Job Done? Security Information Management - Define Operational Metrics & Business Metrics Vulnerability Assessment Proactive Scanning Network Intelligence Collection combined with Policy Information Ethical Hacking Risk Reports & Analysis Auditing Follow Audit trail for users, systems and application resources Evaluation of of resource access rights vs. actual user activity Compliance Express & Track compliance with user-defined policy as well as control framework of of official regulations

14 while maintaining security levels and keeping cost under control? Management cost Spiraling management cost Hardware / software acquisition cost Deployment cost (centrally and in remote offices) Employee training cost Ongoing integration and maintenance cost Protection Compromised security More time from vulnerability discovery to patch More difficult to maintain unified policies Lower visibility, less accurate auditing Increasing complexity

15 A Holistic Approach Is Required Integrate multiple capabilities into each enforcement point Pluggable Architecture allowing Best-Of- Breed solutions while maintaining consistency Affordable hardware and software performance Central management using one console Enterprisewide updates One click Insightful monitoring, auditing, Security measurement

16 An Ounce of Prevention Assessment of Facility and Related Conditions Determine what you need and why Plan, Plan and Plan Design Solve ONLY the problems you have Stake Holder Buy-In Determine practical use of System Implement