Check Point and Security Best Practices. December 2013 Presented by David Rawle

Transcription

1 Check Point and Security Best Practices December 2013 Presented by David Rawle

2 Housekeeping o Mobiles on Silent o No File Alarms planned o Fire exits are in front and behind and down the stairs o Downstairs and through the shop

3 What is the concept of today?

4 Agenda About us Concepts of Data Security Security Best Practices Check Point Best Practices

5 About us All the benefits of a small independent reseller with the security of being backed by a large group Ingenuity Agility Responsiveness Passionate and proud about what we do

6 About us 2.3 Billion 700 Million UK Business 20 Million 150 Million 14 Million

7 Concepts of Data Security The game has changed Business can t just keep building walls Users want access to Data from everywhere You need to do everything you can to prevent access from malicious sources

8 Concepts of Data Security Businesses need to do everything they can to make data available in a secure manner With the best will in the world at this time you can t do this with one product; you need a tiered approach If a breach happens you need to know: How that data was accessed What the data was Where that data went

9 Concepts of Data Security This years RSA Security Keynote themes were around Big Data transforming security What does that mean?

10 Security best practices

11 SANS Critical Top 20

12 SANS Critical Top 20

13 SANS Critical Top 20

14 SANS Critical Top 20 Critical Control 1: Inventory of Authorized and Unauthorized Devices Critical Control 2: Inventory of Authorized and Unauthorized Software Critical Control 3: Secure Configurations for Hardware and Software on Mobile Devices, Laptops, Workstations, and Servers Critical Control 4: Continuous Vulnerability Assessment and Remediation Critical Control 5: Malware Defenses Critical Control 6: Application Software Security Critical Control 7: Wireless Device Control Critical Control 8: Data Recovery Capability Critical Control 9: Security Skills Assessment and Appropriate Training to Fill Gaps Critical Control 10: Secure Configurations for Network Devices such as Firewalls, Routers, and Switches

15 SANS Critical Top 20 Critical Control 11: Limitation and Control of Network Ports, Protocols, and Services Critical Control 12: Controlled Use of Administrative Privileges Critical Control 13: Boundary Defense Critical Control 14: Maintenance, Monitoring, and Analysis of Audit Logs Critical Control 15: Controlled Access Based on the Need to Know Critical Control 16: Account Monitoring and Control Critical Control 17: Data Loss Prevention Critical Control 18: Incident Response and Management Critical Control 19: Secure Network Engineering Critical Control 20: Penetration Tests and Red Team Exercises

16 Critical Control 1: Inventory of Authorised and Unauthorised Devices Critical Control 2: Inventory of Authorised and Unauthorised Software

17 Windows XP End of support 8 th April 2014 So what? If a vulnerability is found in Windows 8, 7 or Vista then it is almost certain that vulnerability will be in XP XP WILL NOT be patched Every patch Tuesday is a list of Zero Day vulnerabilities for Windows XP

18 Patching Over 70% of vulnerabilities are in Applications WSUS is a great start How do you patch your other software?

19 Demo

20 Check Point versions

21 Which version should you be on? R75.47 Solid build with all current hotfixes R76 Seems to have memory leak issues R77 Newest build but also seemingly more stable than R76

22 Which version should you be on? R75.47 or R77 is our current recommendation (05/12/13)

23 Virtual Management Servers

24 Virtual Management Servers If you are backing up the VM you don t need much space for backups within Gaia Run a separate SmartEvent/Logging box (Not VM) Thick provision where possible

25 Demo

26 Multi Domain Management What is it? Do you need it?

27 Demo

28 Use the latest build

29 Software updates in R77 Set to manual it is a useful way of getting hotfixes and upgrade images

30 Demo

31 Stay on top of your Rulebase

32 Demo

33 Central Device Management in R77

34 Demo

35 CPVIEW in R77

36 Demo

37 Backups

38 Demo

39 Threat Emulation

40 Demo

41 SmartLog

42 Demo

43 Mobile Enterprise Client More BYOD than MDM Just works up to R77 Will break in R77.10 as it needs a license

44 Mobile Enterprise Client

45 Mobile Enterprise Client

46 Demo

47 Check Point VS Virtual Firewalling Far more complex Free on high end appliances But.

48 Demo

49 Endpoint Deployments We get a disparate amount of Endpoint tickets Why??

50 Endpoint Deployments IT Security people are used to isolated systems that they control Often they do not consider the end-user element when deploying software Training is essential Reseller to Administrator Administrator to end-user

51 Endpoint Deployments Do you know how to? Use the one time password feature? Reset a machine in Check Point when it is rebuilt? Recover a machine if the OS becomes corrupt? Even if you know do your Desktop Admin people? That s just FDE

52 Coming in R77.10? Hotfixes