SourceFireNext-Generation IPS
|
|
- Magdalen Goodwin
- 8 years ago
- Views:
Transcription
1 D Ů V Ě Ř U J T E S I L N Ý M SourceFireNext-Generation IPS Petr Salač CCNP Security, CCNP, CICSP, CCSI #33835 petr.salac@alefnula.com
2 Our Customers Biggest Security Challenges Maintaining security posture with changing business models and attack vectors Continuously protecting across a dynamic threat landscape Reducing complexity and fragmentation of security solutions
3 Who is Sourcefire? Founded in 2001, based in Columbia, MD Security from Cloud to Core Market leader in (NG)IPS New entrant to NGFW space with strong offering Groundbreaking Advanced Malware Protection solution Innovative 52+ patents issued or pending Pioneer in IPS, context-driven security, advanced malware World-class research capability Owner of major Open Source security projects Snort, ClamAV, Razorback October 7, 2013, Cisco completed the acquisition of Sourcefire $2.7B investment in security!
4 Leadership The Path Up and Right Sourcefire has been a leader in the Gartner Magic Quadrant for IPS since Cisco and/or its affiliates. All rights reserved. As of December 2013 Source: Gartner (December 2013) Cisco Confidential 4
5 Mapping Technologies to the Model A T T A C K C O N T I N U U M Control Enforce Harden Detect Block Defend Scope Contain Remediate Firewall Patch Mgmt IPS IDS AMD App Control Vuln Mgmt AV FPC Log Mgmt VPN IAM Anti-Malware Forensics SIEM V I S I B I L I T Y & C O N T E X T
6 How it s done Attack Continuum NGFW NGIPS AMP Network Endpoint Virtual Cloud FIreSIGHT Management Center
7 Sourcefire Agile Security Solutions Management Center APPLIANCES VIRTUAL NEXT- GENERATION FIREWALL NEXT- GENERATION INTRUSION PREVENTION ADVANCED MALWARE PROTECTION COLLECTIVE SECURITY INTELLIGENCE CONTEXTUAL AWARENESS HOSTS VIRTUAL MOBILE APPLIANCES VIRTUAL 11
8 FirePOWER Benefits LCD Display Quick and easy headless configuration Connectivity Choice Change and add connectivity inline with network requirements Configurable Bypass or Fail Closed Interfaces For IDS, IPS or Firewall deployments Device Stacking Scale monitoring capacity through stacking Lights Out Management Minimal operational impact Cisco and/or its affiliates. All rights reserved. SSD Solid State Drive for increased reliability Hardware Acceleration For best in class throughput, security, Rack size/mbps, and price/mbps Cisco Confidential 12
9 Appliances Summary All appliances include: Integrated lights-out management Sourcefire acceleration technology LCD display Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
10 Virtual Defense Center/Virtual Sensor Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
11 Hosts Vulnerabilities Passive Discovery Services Communications Users Applications All the time In real-time
12 What does their traffic look like over time? What operating systems? 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
13 View all application traffic Look for risky applications 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
14 Geolocation for source and destination URL 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
15 Intrusion events by impact, priority, hosts, users 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
16 File analysis Malware detection 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
17 Dashboard Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
18 Awareness Who is at the host OS & version Identified What other systems / IPs did user have, when? Server applications and version Client Applications Client Version Application Only Sourcefire delivers complete network visibility
19 BEFORE Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
20 FW integration with IPS Only a license Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
21 Policy-Driven Visibility and Control Filter Access and Apply Protection by Application, User, and Traffic Path Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
22 Policy-Driven Visibility and Control Filter Access and Apply Protection by Application, User, and Traffic Path Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
23 Policy-Driven Visibility and Control Filter Access and Apply Protection by Application, User, and Traffic Path Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
24 Policy-Driven Visibility and Control Filter Access and Apply Protection by Application, User, and Traffic Path Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
25 Updates from Cloud (VRT) IPS SW, vulnerabilities with platforms Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
26 Updates from Cloud (VRT) Snort Rules Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
27 Chaining FW with IPS and File Analysis Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
28 Chaining FW with IPS and File Analysis Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
29 DURING Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
30 What counts with NGIPS? Context Speed Accuracy Flexibility Value Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
31 Leadership* Class leader in detection Class leader in performance Class leader in vulnerability coverage Completely evasion free Ratings* 99% detection & protection 34 Gbps inspected throughput 60M concurrent connections $15 TCO / protected Mbps "For the past five years, Sourcefire has consistently achieved excellent results in security effectiveness based on our real-world evaluations of exploit evasions, threat block rate and protection capabilities. Vikram Phatak, CTO NSS Labs, Inc. The overall system is mature, logging all critical data necessary for forensic and compliance auditing. NSS Labs Management CAR. Ratings* 98% detection & protection 52 Gbps inspected throughput 120M concurrent connections $17 TCO / protected Mbps Leadership* Class leader in performance Class leader for TCO Class leader in sessions Completely evasion free * NSS Labs, Network IPS Product Analysis Sourcefire 3D8260 v4.10, April 2012 NSS Labs, Next-Generation Firewall Product Analysis Sourcefire February Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
32 Speed Sensor Common packet acquisition chain Scalable hardware Raw compute power Flow processors Rules scale as log n Analysis Impact analysis Contextual data at source Rich pivot interfaces Correlation Rules Remediation Services 100,000 events 5,000 events 500 events 20 events +10 events 3 events 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
33 Security Dashboard Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
34 Alerting Correlation User Interface Presentation engine Reporting engine SMS me only if a valid attack Remediation Rules engine services gets through to one of our Reputation Geolocation services Correlation engine services executives Anomaly Android Detection phones. Detection Engines Directory mapping Directory Services Identity Network Awareness Threat awareness User Awareness Awareness DAQ
35 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
36 By IPS Impact Flag 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
37 By Discovery Events 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
38 By Malware 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
39 Remediation Modules 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
40 Replicate Modules in Remediation Instances 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
41 Definition for Remediation Instance 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
42 Creating the Rule For DoS Mitigation 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
43 Rule together with mitigation instance for DoS blocking 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
44 Summary Universal Remediation Module Correlation Rule: if DoS detected Specific Remediation Instance Correlation Policy 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
45 Summary Traffic Profile Correlation Rule: if anomaly detected Generate alert Correlation Policy 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
46 Policy Creation 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
47 Policy Creation 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
48 Rule Creation 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
49 Traffic Profile 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
50 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57
51 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58
52 Enhanced High-Availability Devices directly connected via the HA Link external interfaces Clustered devices must be the same model with identical NetMods HA Link interface depends upon the potential throughput of each cluster member 60
53 IPv6 Awareness & Support IPv6 support is fully integrated From policies to event viewers to table views. Network discovery of IPv6 hosts User Agent, Impact Flag and rule recommendations all work with IPv6 Nmap can scan over IPv6 IPv6 discovery events can stream via estreamer Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61
54 AFTER Cisco and/or its affiliates. All rights reserved. Cisco Confidential 66
55 File Type Detection: Policy Cisco and/or its affiliates. All rights reserved. Cisco Confidential 67
56 Advanced Malware Protection Solution Dedicated FirePOWER appliance for Advanced Malware Protection with subscription OR Add-on subscription to any FirePOWER appliance for NGIPS Advanced Malware Protection subscription for hosts, virtual and mobile devices Complete advanced malware protection to protect networks and devices Cisco and/or its affiliates. All rights reserved. Cisco Confidential 70
57 Dynamic Analysis: Process Overview File Detected on FirePOWER - Calculates hashes -Saves a copy if policy dictates* FirePOWER Appliance 1892y skfhsd FireSIGHT Management Hash metadata sent to AMP Cloud AMP Cloud Response: E.g. - Disposition = Unknown -Threat Score = Unknown * File is sent to VRT Services Cloud for Dynamic Analysis* (if policy dictates) 1892y skfhsd Dynamic analysis:* - Analysis queue Status - Error Status - Threat Score <optional proxy*> <optional proxy*> Sourcefire Cloud Services Cisco and/or its affiliates. All rights reserved. VRT Dynamic Analysis Cloud* (Files) FireAMP Cloud (Metadata / Hashes) * = New with 5.3 Cisco Confidential 71
58 Finding patient 0: Trajectory analysis Look wide (AMP for Networks), look deep (AMP for Endpoints) Look wide: Network trajectory What systems were infected? When did it happen? Where is patient 0? What else did it bring in? Look Deep: Device trajectory Cisco and/or its affiliates. All rights reserved. Cisco Confidential 73
59 Network File Trajectory The time of entry Systems infected Cisco and/or its affiliates. All rights reserved. Cisco Confidential 75
60 Can be launched directly from dashboard 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 81
61 Template created from the dashboard 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 82
62 Templates can be customized or created 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 84
63 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 85
64 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 86
65 Collective Security Intelligence Private & Public Threat Feeds IPS Rules Malware Protection Sourcefire Vulnerability Research Team Sandboxing Machine Learning Big Data Infrastructure Reputation Feeds Vulnerability Database Updates Sourcefire AEGIS Program Sandnets File Samples (>180,000 per day) FireAMP Community Honeypots Advanced Microsoft & Industry Disclosures SPARK Program Snort & ClamAV Open Source Communities
66 Děkuji za pozornost D Ů V Ě Ř U J T E S I L N Ý M
Cisco and Sourcefire. AGILE SECURITY : Security for the Real World. Stefano Volpi
Cisco and Sourcefire AGILE SECURITY : Security for the Real World Stefano Volpi SOURCEfire Worldwide John Chambers statement Security is the TOP issue for Cisco and many of the CIO s in the industry. We
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationCisco Security: Moving to Security Everywhere. #TIGcyberSec. Stefano Volpi 13-10-2015
#TIGcyberSec Cisco Security: Moving to Security Everywhere Stefano Volpi 13-10-2015 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco is All In with Security I expect security
More informationEffective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention
Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention Your Security Challenges Defending the Dynamic Network! Dynamic threats 䕬 䕬 䕬 䕬 Many threats
More informationRequirements When Considering a Next- Generation Firewall
White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration
More informationEXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY
EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY Dean Frye Sourcefire Session ID: SEC-W05 Session Classification: Intermediate Industrialisation of Threat Factories Goal: Glory,
More informationDeploying Next Generation Firewall with ASA and Firepower services
Deploying Next Generation Firewall with ASA and Firepower services Dragan Novaković Security Consulting Systems Engineer March 2015. Threat Landscape Demands more than Application Control 60% of data is
More informationSourcefire Next-Generation IPS
Sourcefire Next-Generation IPS Key NGIPS Capabilities Snort IPS detection engine Network intelligence Impact assessment User identification Automated policy tuning Network behavior analysis Packet-level
More informationHow To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)
McAfee Security: Intrusion Prevention System REV: 0.1.1 (July 2011) 1 Contents 1. McAfee Network Security Platform...3 2. McAfee Host Intrusion Prevention for Server...4 2.1 Network IPS...4 2.2 Workload
More informationProtection Against Advanced Persistent Threats
Protection Against Advanced Persistent Threats Peter Mesjar Systems Engineer, CCIE 17428 October 2014 Agenda Modern Threats Advanced Malware Protection Solution Why Cisco? Cisco Public 2 The Problem are
More informationBelgacom Security Convention. Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve
Belgacom Security Convention Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve Belgacom Security Convention The new, continuous security model Hans De Raeve Product Manager Belgacom Sean Newman Product
More informationSourcefire Next-Generation IPS
Sourcefire Next-Generation IPS Sourcefire Next-Generation IPS sets a new standard for advanced threat protection, integrating real-time contextual awareness, intelligent security automation, and unprecedented
More informationBraindumps.700-295.50.QA
Braindumps.700-295.50.QA Number: 700-295 Passing Score: 800 Time Limit: 120 min File Version: 6.0 http://www.gratisexam.com/ Comprehensive, easy and to the point study material made it possible for me
More informationCisco ASA with FirePOWER Services. October 2014
Cisco ASA with FirePOWER Services October 2014 What We Are Announcing September 16, 2014 Industry s First Threat-Focused NGFW Proven Cisco ASA firewalling + Industry leading NGIPS and AMP Cisco ASA with
More informationHow To Protect Your Network From A Threat From A Rogue Host Or A Rogue Server From A Hacker (For A Fee)
Next-Generation Intrusion Detection & Prevention Manuel Minzoni, Brand Manager ITWAY VAD Today s Reality Begin the transformation to context-aware and adaptive security infrastructure now as you replace
More informationFive Steps For Securing The Data Center: Why Traditional Security May Not Work
White Paper Five Steps For Securing The Data Center: Why Traditional Security May Not Work What You Will Learn Data center administrators face a significant challenge: They need to secure the data center
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationMcAfee Network Security Platform
McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationThe Hillstone and Trend Micro Joint Solution
The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry
More informationNext Generation Enterprise Network Security Platform
Next Generation Enterprise Network Security Platform November 2014 Lyndon Clough - Territory Sales Manager Derran Guinan Systems Engineer Agenda The Palo Alto Networks story Today s Threat Landscape The
More informationStallion SIA Seminar 2.12.2015 PREVENTION FIRST. Introducing the Enterprise Security Platform. Sami Walle Regional Sales Manager
Stallion SIA Seminar 2.12.2015 PREVENTION FIRST Introducing the Enterprise Security Platform Sami Walle Regional Sales Manager CYBER THREATS ARE GETTING MORE ADVANCED Advanced Persistent Threat Uses a
More informationWhy Use Big Data for a Security Service?
Using Big Data for Good Advanced Malware Protection as a Cloud Service Gary Spiteri Security Engineer 17 July 2012 Why Use Big Data for a Security Service? Because the traditional way is broken Industry
More informationCisco Cybersecurity Pocket Guide 2015
Cisco Cybersecurity Pocket Guide 2015 Why Security Security investment: A top priority Security: A critical boardroom topic Why Security? Security Investment: A Top Priority Figure 1 How Enterprises View
More informationHillstone Intelligent Next Generation Firewall
Hillstone Intelligent Next Generation Firewall Kris Nawani Solution Manager (Thailand) 12 th March 2015 1 About Hillstone Networks Founded 2006 by Netscreen visionaries World class team with security,
More informationWHITE PAPER SPLUNK SOFTWARE AS A SIEM
SPLUNK SOFTWARE AS A SIEM Improve your security posture by using Splunk as your SIEM HIGHLIGHTS Splunk software can be used to operate security operations centers (SOC) of any size (large, med, small)
More informationCisco Web Security: Protection, Control, and Value
Cisco Web Security: Protection, Control, and Value Benefits Strong protection: Protects every device through a sophisticated global threat-intelligence infrastructure, which includes Cisco Talos Security
More informationHow To Buy Nitro Security
McAfee Acquires NitroSecurity McAfee announced that it has closed the acquisition of privately owned NitroSecurity. 1. Who is NitroSecurity? What do they do? NitroSecurity develops high-performance security
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationOn and off premises technologies Which is best for you?
On and off premises technologies Which is best for you? We don t mind what you buy, as long as it is YELLOW! Warren Sealey and Paul-Christian Garpe On Premises or in the cloud? 1 Agenda Why Symantec? Email
More informationBEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR
BEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR The IndustrializaBon of Hacking SophisEcated AFacks, Complex Landscape Hacking Becomes an Industry Phishing, Low
More informationHow To Manage Sourcefire From A Command Console
Sourcefire TM Sourcefire Capabilities Store up to 100,000,000 security & host events, including packet data Centralized policy & sensor management Centralized audit logging of configuration & security
More informationРешения HP по информационной безопасности
Решения HP по информационной безопасности Евгений Нечитайло ynechyta@hp.com Mobile: +380 67 464 0218 Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject
More informationCisco Cloud Web Security
Data Sheet Today s highly connected and fast-moving world is filled with complex and sophisticated web security threats. Cisco delivers the strong protection, complete control, and investment value that
More informationCisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016
Cisco Advanced Malware Protection Ross Shehov Security Virtual Systems Engineer March 2016 The Reality Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection
More informationContent Security: Protect Your Network with Five Must-Haves
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
More informationCisco Advanced Malware Protection
Solution Overview Cisco Advanced Malware Protection Breach Prevention, Detection, Response, and Remediation for the Real World BENEFITS Gain unmatched global threat intelligence to strengthen front-line
More informationIBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer
IBM Security QRadar SIEM & Fortinet / FortiAnalyzer Introducing new functionality for IBM QRadar Security Intelligence Platform: integration with Fortinet s firewalls and logs forwarded by FortiAnalyzer.
More informationIntelligent Cybersecurity for the Real World
Intelligent Cybersecurity for the Real World Ali Fuat TÜRKAY aturkay@cisco.com 0 532 677 4080 Ali Fuat Türkay: Security Sales Fuat Kılıç: Consulting System Engineer Hakan Tağmaç: Emerging Markets SE Manager
More informationIBM Advanced Threat Protection Solution
IBM Advanced Threat Protection Solution Fabio Panada IBM Security Tech Sales Leader 1 Advanced Threats is one of today s key mega-trends Advanced Threats Sophisticated, targeted attacks designed to gain
More informationThreat-Centric Security for Service Providers
Threat-Centric Security for Service Providers Enabling Open & Programmable Networks Sam Rastogi, Service Provider Security Product Marketing, Security Business Group Bill Mabon, Network Security Product
More informationNetwork Security Solution. Arktos Lam
Network Security Solution Arktos Lam Dell Software Group(DSG) 2 Confidential Trend Dell Software addresses key trends Cloud Big data Mobility Security Management Security 3 Software We deliver security
More informationThe Need for Intelligent Network Security: Adapting IPS for today s Threats
The Need for Intelligent Network Security: Adapting IPS for today s Threats James Tucker Security Engineer Sourcefire Nordics A Bit of History It started with passive IDS. Burglar alarm for the network
More informationSecurity Information & Event Management (SIEM)
Security Information & Event Management (SIEM) Peter Helms, Senior Sales Engineer, CISA, CISSP September 6, 2012 1 McAfee Security Connected 2 September 6, 2012 Enterprise Security How? CAN? 3 Getting
More informationHow To Protect Your Virtual Infrastructure From Attack From A Cyber Threat
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security
More informationQRadar SIEM and FireEye MPS Integration
QRadar SIEM and FireEye MPS Integration March 2014 1 IBM QRadar Security Intelligence Platform Providing actionable intelligence INTELLIGENT Correlation, analysis and massive data reduction AUTOMATED Driving
More informationSecurity Intelligence Services. www.kaspersky.com
Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats
More informationAchieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR
Achieving Actionable Situational Awareness... McAfee ESM Ad Quist, Sales Engineer NEEUR The Old SECURITY Model Is BROKEN 2 Advanced Targeted Attacks The Reality ADVANCED TARGETED ATTACKS COMPROMISE TO
More informationAdaptive IPS Security in a changing world. Dave Venman Security Engineer, UK & Ireland
Adaptive IPS Security in a changing world Dave Venman Security Engineer, UK & Ireland 2 Who Is Sourcefire? Mission: To help customers manage increasing risks and regulations by providing the most effective,
More informationNext Generation Firewalls and Sandboxing
Next Generation Firewalls and Sandboxing Joe Hughes, Director www.servicetech.co.uk Summary What is a Next Generation Firewall (NGFW)? Threat evolution Features Deployment Best practices What is Sandboxing?
More informationSpeed Up Incident Response with Actionable Forensic Analytics
WHITEPAPER DATA SHEET Speed Up Incident Response with Actionable Forensic Analytics Close the Gap between Threat Detection and Effective Response with Continuous Monitoring January 15, 2015 Table of Contents
More informationFROM PRODUCT TO PLATFORM
FROM PRODUCT TO PLATFORM DATA EQUIPMENT 2016 Mikkel Bossen Agenda Today s Challenges Data Growth, SSL encryption, Application Growth & SaaS What s hiding in under the surface? Legacy Security is that really
More informationContent-ID. Content-ID URLS THREATS DATA
Content-ID DATA CC # SSN Files THREATS Vulnerability Exploits Viruses Spyware Content-ID URLS Web Filtering Content-ID combines a real-time threat prevention engine with a comprehensive URL database and
More informationIntro to NSX. Network Virtualization. 2014 VMware Inc. All rights reserved.
Intro to NSX Network Virtualization 2014 VMware Inc. All rights reserved. Agenda Introduction NSX Overview Details: Microsegmentation NSX Operations More Information SDDC/Network Virtualization Security
More informationCisco Security Strategy Update Integrated Threat Defense. Oct 28, 2015
Cisco Security Strategy Update Integrated Threat Defense Oct 28, 2015 Breaches are the New Normal FDA Wards of Security Flaw in Infusion Pump Cisco Confidential Cisco s Covers the Threat-Centric Entire
More informationSecure Cloud-Ready Data Centers Juniper Networks
Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security
More informationMcAfee Network Security Platform A uniquely intelligent approach to network security
McAfee Network Security Platform A uniquely intelligent approach to network security Key Advantages Unparalleled threat prevention Next-generation architecture. Advanced botnet and malware callback detection.
More informationQ1 Labs Corporate Overview
Q1 Labs Corporate Overview The Security Intelligence Leader Who we are: Innovative Security Intelligence software company One of the largest and most successful SIEM vendors Leader in Gartner 2011, 2010,
More informationCisco ASA und FirePOWER Services
Cisco ASA und FirePOWER Services 1 Die Abwehr von Bedrohungen ist ein Prozess Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Firewall/VPN Applikations-Kontrolle
More informationCisco Cloud Web Security Datasheet
Cisco Cloud Web Security Datasheet October 2014 Table of Contents Table of Contents... 1 Overview... 2 Features and Benefits by License... 3 CWS Essentials License... 3 CWS Premium... 4 Advanced Threat
More informationConcierge SIEM Reporting Overview
Concierge SIEM Reporting Overview Table of Contents Introduction... 2 Inventory View... 3 Internal Traffic View (IP Flow Data)... 4 External Traffic View (HTTP, SSL and DNS)... 5 Risk View (IPS Alerts
More informationIntroducing IBM s Advanced Threat Protection Platform
Introducing IBM s Advanced Threat Protection Platform Introducing IBM s Extensible Approach to Threat Prevention Paul Kaspian Senior Product Marketing Manager IBM Security Systems 1 IBM NDA 2012 Only IBM
More informationImplementing Cisco Intrusion Prevention System 7.0 (IPS)
Implementing Cisco Intrusion Prevention System 7.0 (IPS) Course Overview: The Implementing Cisco Intrusion Prevention System (IPS) v7.0 course is a five-day course aims at providing network security engineers
More informationNetwork as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats
Network as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats Dragan Novaković Consulting Systems Engineer Security November 2015. New Networks Mean New Security Challenges
More information24/7 Visibility into Advanced Malware on Networks and Endpoints
WHITEPAPER DATA SHEET 24/7 Visibility into Advanced Malware on Networks and Endpoints Leveraging threat intelligence to detect malware and exploitable vulnerabilities Oct. 24, 2014 Table of Contents Introduction
More informationAdvanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA
Advanced Visibility Moving Beyond a Log Centric View Matthew Gardiner, RSA & Richard Nichols, RSA 1 Security is getting measurability worse Percent of breaches where time to compromise (red)/time to Discovery
More informationCisco IPS Tuning Overview
Cisco IPS Tuning Overview Overview Increasingly sophisticated attacks on business networks can impede business productivity, obstruct access to applications and resources, and significantly disrupt communications.
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationSOURCEFIRE 3D SYSTEM RELEASE NOTES
SOURCEFIRE 3D SYSTEM RELEASE NOTES Version 5.3 Original Publication: April 21, 2014 Last Updated: May 30, 2014 These release notes are valid for Version 5.3 of the Sourcefire 3D System. Even if you are
More informationIBM QRadar Security Intelligence April 2013
IBM QRadar Security Intelligence April 2013 1 2012 IBM Corporation Today s Challenges 2 Organizations Need an Intelligent View into Their Security Posture 3 What is Security Intelligence? Security Intelligence
More informationThe SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
More informationSANS Top 20 Critical Controls for Effective Cyber Defense
WHITEPAPER SANS Top 20 Critical Controls for Cyber Defense SANS Top 20 Critical Controls for Effective Cyber Defense JANUARY 2014 SANS Top 20 Critical Controls for Effective Cyber Defense Summary In a
More informationENABLING FAST RESPONSES THREAT MONITORING
ENABLING FAST RESPONSES TO Security INCIDENTS WITH THREAT MONITORING Executive Summary As threats evolve and the effectiveness of signaturebased web security declines, IT departments need to play a bigger,
More informationAppGuard. Defeats Malware
AppGuard Defeats Malware and phishing attacks, drive-by-downloads, zero-day attacks, watering hole attacks, weaponized documents, ransomware, and other undetectable advanced threats by preventing exploits
More informationThe Evolution of the Enterprise And Enterprise Security
The Evolution of the Enterprise And Enterprise Security Introduction Today's enterprise is evolving rapidly, with new technologies such as consumer-grade mobile devices, internet-based applications and
More informationWAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales
WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales The Cost of Cybercrime Sony $171m PlayStation 3 data breach (April 2011) $3 trillion
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationIntelligent Cybersecurity for the Real World. Cisco Cybersecurity Pocket Guide
Intelligent Cybersecurity for the Real World Cisco Cybersecurity Pocket Guide EMEA 2015 Content What an Opportunity! Security Investment is a Top Priority Why Cisco? Cisco is the Leading Security Company
More informationUnified Threat Management, Managed Security, and the Cloud Services Model
Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical
More informationWhat s Next for Network Security - Visibility is king! Gøran Tømte March 2013
What s Next for Network Security - Visibility is king! Gøran Tømte March 2013 Technology Sprawl and Creep Aren t the Answer More stuff doesn t solve the problem Firewall helpers have limited view of traffic
More informationThreat-Centric Security Solutions. György Ács Security Consulting Systems Engineer 3 rd November 2015
Threat-Centric Security Solutions György Ács Security Consulting Systems Engineer 3 rd November 2015 The Problem is Threats About Angler Exploit Kit http://www.networkworld.com/article/2989827/security/cisco-disrupts-60m-ransomware-biz.html
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationCustomer Service Description Next Generation Network Firewall
Customer Service Description Next Generation Network Firewall Interoute, Walbrook Building, 195 Marsh Wall, London, E14 9SG, UK Tel: +800 4683 7681 Email: info@interoute.com Interoute Communications Limited
More informationForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)
ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM) CONTENT Introduction 2 Overview of Continuous Diagnostics & Mitigation (CDM) 2 CDM Requirements 2 1. Hardware Asset Management 3 2. Software
More informationTake the Red Pill: Becoming One with Your Computing Environment using Security Intelligence
Take the Red Pill: Becoming One with Your Computing Environment using Security Intelligence Chris Poulin Security Strategist, IBM Reboot Privacy & Security Conference 2013 1 2012 IBM Corporation Securing
More informationOffice 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.
Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD. Your Valuable Data In The Cloud? How To Get The Best Protection! A world safe for exchanging digital information
More informationCautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture
More informationMcAfee - Overview. Anthony Albisser
McAfee - Overview Anthony Albisser Channel Account Manager About McAfee Founded in 1987, McAfee is now the world s largest dedicated security company (acquired by Intel in 2011) Global research for real-time
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationBenefits. Product Overview. There is nothing more important than our customers. DATASHEET
DATASHEET Security Information & Event Manager (SIEM) Compliance through Security Information and Event Management, Log Management, and Network Behavioral Analysis Product Overview Delivers fast, accurate
More informationPALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management
PALANTIR CYBER An End-to-End Cyber Intelligence Platform for Analysis & Knowledge Management INTRODUCTION Traditional perimeter defense solutions fail against sophisticated adversaries who target their
More informationMitigating Web Threats with Comprehensive, Cloud-Delivered Web Security
White Paper Mitigating Web Threats with Comprehensive, Cloud-Delivered Web Security Overview For collaboration, communication, and data access, the web has become a mission-critical business tool. But
More informationOVERVIEW. Enterprise Security Solutions
Enterprise Security Solutions OVERVIEW For more than 25 years, Trend Micro has innovated constantly to keep our customers ahead of an everevolving IT threat landscape. It s how we got to be the world s
More informationDiscover Security That s Highly Intelligent.
Discover Security That s Highly Intelligent. AlienVault delivers everything you need to detect, defend against, & respond to today s threats in minutes. About AlienVault Founded in 2007 and headquartered
More informationBricata Next Generation Intrusion Prevention System A New, Evolved Breed of Threat Mitigation
Bricata Next Generation Intrusion Prevention System A New, Evolved Breed of Threat Mitigation Iain Davison Chief Technology Officer Bricata, LLC WWW.BRICATA.COM The Need for Multi-Threaded, Multi-Core
More informationVMware Integrated Partner Solutions for Networking and Security
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security Networking and Security are complex, dynamic areas, and VMware recognizes
More informationNetwork that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE
Network that Know Rasmus Andersen Lead Security Sales Specialist North & RESE Email Gateway vendor CERT AV vendor Law enforcement Web Security Vendor Network security appliance vendor IT Department App
More information