FIREWALL INTELLIGENCE. 1 Copyright 2014 Juniper Networks, Inc.
|
|
- Ralf West
- 8 years ago
- Views:
Transcription
1 FIREWALL INTELLIGENCE 1
2 AGENDA SLIDE Introduction to Firewall Intelligence Overview Use Cases Demo / Screenshots Questions? 2
3 THE NEXT LEAP FORWARD FOR THE FIREWALL LAYER Next Gen Firewall Intelligent Firewall STATIC DYNAMIC 1 Traditional Firewall 3 LAYER 3
4 THE NEED FOR FIREWALL INTELLIGENCE The ability to attack is outpacing the ability for many to defend themselves. As the threats and markets that drive them continue to evolve, so too do the ways companies defend themselves. There is no silver bullet for security. Solutions must evolve from a collection of static standalone devices to an ecosystem of collaborating devices. Static firewalls may work for policy enforcement (ex: Firewall, AppFirewall) but is not good enough for threat detection and mitigation. Customer need the ability to include real-time threat feeds from any source that make sense for their specific industry, and not be locked into a single vendors feeds. 4
5 FIREWALL INTELLIGENCE ECOSYSTEM Data Feeds Spotlight Cloud Attacker Fingerprints Spotlight Intelligence Spotlight Connector SRX Firewalls WebApp Secure Custom Intelligence Feeds 5
6 AGENDA SLIDE Introduction to Firewall Intelligence Overview Use Cases Demo / Screenshots Questions? 6
7 CHALLENGES WITH EXISTING FEED SOLUTIONS Many of existing feed solutions does not provide good enough coverage since the feed is either too small or is not updated often enough Many of existing feed solution generates too many false positives. This provides two big challenges for the customers: It prevents admin from taking action based on feed data, due to the risk of blocking valid traffic. Due to the amount of false positives it is very hard for administrators to find the infected devices among all the false positives. Junipers Security Intelligence team takes a large set of both internal and external feeds, analyzes them in different test beds to then generate relevant and accurate feeds of data to our customers. 7
8 SPOTLIGHT CLOUD THE SECURITY INTELLIGENCE ENGINE Hacker Fingerprints Third Party Feeds Open Source Feeds Spotlight Cloud Juniper Security Intelligence Feeds` Internal Feeds Feed Validation - False Positive vs True Positive testing - Correlation between feeds - Machine based learning - 8
9 OVERVIEW OF THE SECURITY INTELLIGENCE SOLUTION Information Sources Spotlight Connector Enforcement Points Security Director Spotlight Cloud Spotlight Connector Custom whitelist/blacklist 9
10 COMPONENTS IN THE SECURITY INTELLIGENCE SOLUTION Information Sources Junos Space Platform (13.3r1) Enforcement Points Spotlight Cloud (C&C + GeoIP feed) Security Director (13.3r2) SRX Branch (2G) 12.1x46-D25* (550/650) 100s/200s TBD SRX 1k/3k 12.1x46-D25* WebAppSecure (5.5) (Attacker IP and Fingerprint feed) Spotlight Connector Custom whitelist/blacklist (IP list feed) SRX 5k 12.1x46-D25* * The exact Junos release is not yet committed and may change 10
11 AGENDA SLIDE Introduction to Firewall Intelligence Overview Use Cases Demo / Screenshots Questions? 11
12 WHAT CAN YOU DO WITH A SECURITY INTELLIGENCE ECOSYSTEM? Stop bots & detect infections w/ Command & Control blocking Custom intelligencebased controls Block hackers w/ attacker fingerprints And there will be more High speed incident response flexibility Dynamically control GEOIP traffic 12
13 USE-CASE #1: DETECTION OF INFECTED HOSTS Spotlight Cloud IP/URL feed Spotlight Connector IP/URL feed Internet SRX Command & Control Blocking Infected devices tries to connect to a known Command & Control server on the Internet. SRX mitigates the traffic based on a real-time feed of known Command & Control IP:s and URL:s from the Spotlight cloud. The feed data is dynamically loaded and does not require any commit or configuration change. 13
14 USE-CASE #2: GEOIP BASED TRAFFIC INSPECTION Dynamic Address Groups Dynamic Address Groups can be used as either Source Address or Destination Address in a firewall rule. A Dynamic Address Group is updated dynamically and does not require any configuration commit. The following type of feeds are supported in the first version: Custom IP-list feeds (from file) GeoIP feed (from Spotlight Cloud) 14
15 USE-CASE #3: CUSTOM IP FEEDS Blocking or changing inspection depth based on a custom feed of addresses. IP feed IP feed Internet Customer gets a list of IP addresses, from a trusted third party, that they want to use for policy enforcement. The file is posted on a webserver. The Connector polls this file on a given interval and updates the SRX dynamically with the IP:s, without any commit or configuration change required. Spotlight Connector The feed can either be used as simple blacklist, or it can be assigned to a dynamic address group and used for source or destination match in the firewall policy. 15
16 AGENDA SLIDE Introduction to Firewall Intelligence Overview Use Cases Demo / Screenshots Questions? 16
17 POLICY DEMO #1 Security Intelligence Policy - Command&Control - Attacker Fingerprints - Custom Blocklists 17 Copyright Juniper Networks, Inc.
18 HOW DO YOU CONFIGURE YOUR SRX FIREWALL FOR INTELLIGENCE? Information Source Profiles Policies Rules Identify the source of the intelligence Define what SRX does w/ the intelligence Use automated settings or customize your own Combine different profiles into a Security Intelligence policy Add Security Intelligence policies into Firewall policies 18
19 INTRODUCTION TO SD This is Security Director, is our central management platform that can manage thousands of SRX firewalls. From this platform you can configure - Firewall policies - VPN - Intrusion Prevention - NAT - (also normal Device Setting)..and - SECURITY INTELLIGENCE that we are going to talk about now 19
20 This is the landing page for Security Intelligence. SECURITY INTELLIGENCE OVERVIEW Information Sources. These sources provides intelligent real-time feed data to the Spotlight Connector. Example of feed-data is: - GeoIP (country-to-ip) mapping - Known destinations for Command&Control traffic - Hacker fingerprints - Custom Feeds (internal or third party) Spotlight Connector Central connection point between feeds and devices. Provides control and intelligence to the solution. Security Devices This is our family of SRX firewalls that will turn the security intelligence into actions and visibility. 20
21 Information Sources INFORMATION SOURCES We support three different type of information sources in the first release. Spotlight Cloud Juniper feed of GeoIP and C&C WebAppSecure Feed of attacker fingerprints and IP:s from Juniper WebApp Secure appliances. Custom Custom file that you can either manually upload or use a scheduled poll from a webserver. This enables customers to dynamically feed addresses into the SRX firewalls to either block or just increase inspection and visibility for. 21
22 PROFILES #1(2) Security Intelligence Profiles On this page the administrator configures profiles for what actions to take for a specific feed and for a specific Threat Level. Juniper provides Recommended Actions (that is why the settings are grey). If you want to change the default settings just change the Action from Default to Custom In the first release we support the following actions: - Permit - Block - Redirect With message, block-page or URL redirect 22
23 PROFILES #2(2) Feed categories that support threat levels in the first release are: - Command&Control - JWAS Attacker Fingerprints By changing from default to Custom you can now modify the default actions and log-levels as you need. 23
24 Policies SECINTEL POLICIES To make it easier to combine profiles and apply them consistently across multiple firewall rules, we have Policies. In the Policy you will select the profiles that you want to include. If you want to test a different profile you can easily just change it here and it will apply across all your firewall rules where you have referenced this policy. 24
25 Firewall Rulebase FIREWALL RULEBASE It is here in the firewall rulebase where you activate what Security Intelligence Policy that you want to enable for what type of traffic. It work in combination with all other existing SRX L7 features such as: - IPS - AppFW / AppQoS - AntiVirus - WebFiltering 25
26 POLICY #2 Dynamic Addressbook - Custom IP Feeds - GeoIP 26 Copyright Juniper Networks, Inc.
27 SECURITY INTELLIGENCE OVERVIEW This is the landing page for Security Intelligence. Information Sources. These sources provides intelligent real-time feed data to the Spotlight Connector. Example of feed-data is: - GeoIP (country-to-ip) mapping - Known destinations for Command&Control traffic - Hacker fingerprints - Custom Feeds (internal or third party) Spotlight Connector Central connection point between feeds and devices. Provides control and intelligence to the solution. Security Devices This is our family of SRX firewalls that will turn the security intelligence into actions and visibility. 27
28 Information Sources INFORMATION SOURCES We support three different type of information sources in the first release. Spotlight Cloud Juniper feed of GeoIP and C&C WebAppSecure Feed of attacker fingerprints and IP:s from Juniper WebApp Secure appliances. Custom Custom file that you can either manually upload or use a scheduled poll from a webserver. This enables customers to dynamically feed addresses into the SRX firewalls to either block or just increase inspection and visibility for. 28
29 DYNAMIC ADDRESS GROUPS Dynamic Address Groups Address Groups has existed for a very long time on firewalls. They enable admins to statically group addresses together so that they can be used throughout the firewall rule base. Dynamic Address Groups takes this one step further by allowing both firewall admins and non-firewall admins to dynamically feed IP addresses into a group that does not require any configure change nor commit on the firewall. Dynamic Address Groups supports two different type of feeds: - Custom IP lists - GeoIP (Country to IP Mapping) 29
30 USING DYNAMIC ADDRESS GROUPS IN FIREWALL RULEBASE You can use dynamic address groups both as Source Address and Destination Address in the firewall rulebase. This means that you can either block, or change the inspection level based on information in the feed. Example (above) - We want to block all outgoing traffic that has unwanted countries as destination, but for Suspicious Countries we permit the traffic but add IPS inspection. 30
31 VISIBILITY (STRM/JSA) 31 Copyright Juniper Networks, Inc.
32 CLIENT THREAT DASHBOARD 32
33 CLIENT THREAT DASHBOARD SRX-IPS Attack against Client WebBrowser SRX- C&C (Firewall Intelligence) Top Blocked Destination Countries SRX- Dynamic Blacklist (Firewall Intelligence) Top Blocked Countries SRX-AppFW Blocked Tunneling Applications SRX- C&C (Firewall Intelligence) Top Blocked Users SRX- Dynamic Blacklist (Firewall Intelligence) Top Blocked Users 33
34 SERVER THREAT DASHBOARD 34
35 SERVER THREAT DASHBOARD JWAS Top Deception Events SRX- IPS Top Attack Categories SRX- Fingerprint (Firewall Intelligence) Top Protected Internal Assets JWAS Top Attacked URL:s SRX- IPS Top Attacks SRX- Fingerprint (Firewall Intelligence) Top Threat Levels 35
36 QUESTIONS? 36 Copyright Juniper Networks, Inc.
Adaptive Intelligent Firewall - der nächste Entwicklungssprung der NGFW. Jürgen Seitz Systems Engineering Manager
Adaptive Intelligent Firewall - der nächste Entwicklungssprung der NGFW Jürgen Seitz Systems Engineering Manager Evolution of Network Security Next-Gen Firewall Application Visibility and Control User-based
More informationJUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM
JUNIPER NETWORKS SPOTLIGHT SECURE THREAT INTELLIGENCE PLATFORM May 2015 Nguyễn Tiến Đức ASEAN Security Specialist Agenda Modern Malware: State of the Industry Dynamic Threat Intelligence on the Firewall
More informationNetwork that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE
Network that Know Rasmus Andersen Lead Security Sales Specialist North & RESE Email Gateway vendor CERT AV vendor Law enforcement Web Security Vendor Network security appliance vendor IT Department App
More informationSecure Cloud-Ready Data Centers Juniper Networks
Secure Cloud-Ready Data Centers Juniper Networks JUNIPER SECURITY LEADERSHIP A $1B BUSINESS Market Leadership Data Center with High- End Firewall #1 at 42% Secure Mobility with SSL VPN #1 at 25% Security
More informationRETHINK SECURITY FOR UNKNOWN ATTACKS
1 Copyright 2012 Juniper Networks, Inc. www.juniper.net RETHINK SECURITY FOR UNKNOWN ATTACKS John McCreary Security Specialist, Juniper Networks AGENDA 1 2 3 Introduction 5 minutes Security Trends 5 minutes
More informationWhy Device Fingerprinting Provides Better Network Security than IP Blocking. How to transform the economics of hacking in your favor
Why Device Fingerprinting Provides Better Network Security than IP Blocking How to transform the economics of hacking in your favor Why Device Fingerprinting Provides Better Network Security than IP Blocking
More informationIT SECURITY SEMINAR "STALLION 141113" Security, NGFW fallacy & going Beyond IP? Juniper Networks - Jaro Pietikäinen
IT SECURITY SEMINAR "STALLION 141113" Security, NGFW fallacy & going Beyond IP? Juniper Networks - Jaro Pietikäinen JUNIPER TODAY 2012 Revenue: $4.4 Billion Global Presence: Offices In 47 Countries +9000
More informationNGFW is yesterdays news what is next in scope for the firewall in the threat intelligence age
NGFW is yesterdays news what is next in scope for the firewall in the threat intelligence age Dynamic Threat Protection for Enterprise Edge and Data Center Rasmus Andersen Lead Security Sales Specialist
More informationThe Threat Keeps Growing, Are we Doing it Wrong: David Naudé - Commercial Manager SA
The Threat Keeps Growing, Are we Doing it Wrong: David Naudé - Commercial Manager SA A NEW SECURITY APPROACH ACTIVE DEFENSE David Naude Commercial Manager Juniper Networks 2 Copyright 2013 2013 Juniper
More informationSpotlight Secure. Spotlight Secure Connector Getting Started Guide. Modified: 2015-06-04. Copyright 2015, Juniper Networks, Inc.
Spotlight Secure Spotlight Secure Connector Getting Started Guide Modified: 2015-06-04 Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net All rights
More informationJunos WebApp Secure 5.0.0-10 (formerly Mykonos)
Junos WebApp Secure 5.0.0-10 (formerly Mykonos) Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408 745 2000 or 888 JUNIPER www.juniper.net April, 2013 Juniper Networks, Inc.
More informationThe Hillstone and Trend Micro Joint Solution
The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry
More informationSECURE THE DATACENTER. Dennis de Leest Sr. Systems Engineer
SECURE THE DATACENTER Dennis de Leest Sr. Systems Engineer PURE PLAY IN HIGH-PERFORMANCE NETWORKING Breadth First 10 Years of Today s Of Juniper: Portfolio 1996-2006 Core Edge Access & Data Center WAN
More informationvsrx Services Gateway: Protecting the Hybrid Data Center
Services Gateway: Protecting the Hybrid Data Center Extending Juniper Networks award-winning security products to virtualized, cloud-based, and hybrid IT environments Challenge Virtualization and cloud
More informationDECODING SOFTWARE DEFINED NETWORKING (SDN) Nico Siebelink Technical Director Northern Europe
DECODING SOFTWARE DEFINED NETWORKING (SDN) Nico Siebelink Technical Director Northern Europe JUNIPER AND SDN IN THE NEWS 2 Copyright 2013 Juniper Networks, Inc. www.juniper.net WHY DO WE NEED SOFTWARE
More informationScott Lucas: I m Scott Lucas. I m the Director of Product Marketing for the Branch Solutions Business Unit.
Juniper Networks Next Generation Security for a Cybercrime World Lior Cohen Principal Solutions Architect Scott Lucas Director of Product Marketing, Branch Solutions Service Layer Technologies Business
More informationSecurity Administration R77
Security Administration R77 Validate your skills on the GAiA operating system Check Point Security Administration R77 provides an understanding of the basic concepts and skills necessary to configure Check
More informationMoving Towards An Adaptive, Intelligent Firewall
SECURELY ENABLING BUSINESS Moving Towards An, Rebecca Lawson Senior Director of Product Marketing, Juniper Networks Tom Schmatz VP of Partner Development, FishNet Security Stateful inspection NAT Routing
More informationContent Security: Protect Your Network with Five Must-Haves
White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as
More informationNext Generation IPS and Reputation Services
Next Generation IPS and Reputation Services Richard Stiennon Chief Research Analyst IT-Harvest 2011 IT-Harvest 1 IPS and Reputation Services REPUTATION IS REQUIRED FOR EFFECTIVE IPS Reputation has become
More informationZscaler Internet Security Frequently Asked Questions
Zscaler Internet Security Frequently Asked Questions 1 Technical FAQ PRODUCT LICENSING & PRICING How is Zscaler Internet Security Zscaler Internet Security is licensed on number of Cradlepoint devices
More informationTHE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS. Junos WebApp Secure Junos Spotlight Secure
THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS Junos WebApp Secure Junos Spotlight Secure SECURITY AT JUNIPER Customer segments Business segments Service providers, enterprise Routing,
More informationEXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY
EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY Dean Frye Sourcefire Session ID: SEC-W05 Session Classification: Intermediate Industrialisation of Threat Factories Goal: Glory,
More informationCyberoam Perspective BFSI Security Guidelines. Overview
Overview The term BFSI stands for Banking, Financial Services and Insurance (BFSI). This term is widely used to address those companies which provide an array of financial products or services. Financial
More informationREVOLUTIONIZING ADVANCED THREAT PROTECTION
REVOLUTIONIZING ADVANCED THREAT PROTECTION A NEW, MODERN APPROACH Blue Coat Advanced Threat Protection Group GRANT ASPLUND Senior Technology Evangelist 1 WHY DO I STAND ON MY DESK? "...I stand upon my
More informationThe Global Attacker Security Intelligence Service Explained
White Paper How Junos Spotlight Secure Works The Global Attacker Security Intelligence Service Explained Copyright 2013, Juniper Networks, Inc. 1 Table of Contents Executive Summary...3 Introduction...3
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationForeScout CounterACT. Device Host and Detection Methods. Technology Brief
ForeScout CounterACT Device Host and Detection Methods Technology Brief Contents Introduction... 3 The ForeScout Approach... 3 Discovery Methodologies... 4 Passive Monitoring... 4 Passive Authentication...
More informationPravail 2.0 Technical Overview. Exclusive Networks
Pravail 2.0 Technical Overview Exclusive Networks Pravail Features and Benefits Arbor Pravail APS is the a CPE-based security appliance focused on stopping availability threats Arbor Pravail APS Arbor
More informationWeb Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks r.gibala@f5.com
Web Application Security Radovan Gibala Senior Field Systems Engineer F5 Networks r.gibala@f5.com Security s Gaping Hole 64% of the 10 million security incidents tracked targeted port 80. Information Week
More informationSecurity Gateway R75. for Amazon VPC. Getting Started Guide
Security Gateway R75 for Amazon VPC Getting Started Guide 7 November 2011 2011 Check Point Software Technologies Ltd. All rights reserved. This product and related documentation are protected by copyright
More information10 Things Every Web Application Firewall Should Provide Share this ebook
The Future of Web Security 10 Things Every Web Application Firewall Should Provide Contents THE FUTURE OF WEB SECURITY EBOOK SECTION 1: The Future of Web Security SECTION 2: Why Traditional Network Security
More informationTop 10: Firewall Shopping Checklist NEXT. Best viewed with Adobe Reader
Top 10: Firewall Shopping Checklist Best viewed with Adobe Reader 1 Fast and Furious Performance 1 Fast and Furious Performance As with sports cars, performance is a top buying criteria for firewalls.
More informationTrend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond
Trend Micro Cloud App Security for Office 365 October 27, 2015 Trevor Richmond Too many malware incidents >90% Targeted Attacks Start with Email Attackers: Target specific companies or individuals Research
More informationPresentation Title: When Anti-virus Doesn t Cut it: Catching Malware with SIEM
LISA 10 Speaking Proposal Category: Practice and Experience Reports Presentation Title: When Anti-virus Doesn t Cut it: Catching Malware with SIEM Proposed by/speaker: Wyman Stocks Information Security
More informationTHE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS
THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS INCONVENIENT STATISTICS 70% of ALL threats are at the Web application layer. Gartner 73% of organizations have been hacked in the past two
More information8 Steps for Network Security Protection
8 Steps for Network Security Protection cognoscape.com 8 Steps for Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because
More information8 Steps For Network Security Protection
8 Steps For Network Security Protection 8 Steps For Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because of their
More informationEnterprise-Grade Security from the Cloud
Datasheet Website Security Enterprise-Grade Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-of-breed security
More informationWildFire Reporting. WildFire Administrator s Guide 55. Copyright 2007-2015 Palo Alto Networks
WildFire Reporting When malware is discovered on your network, it is important to take quick action to prevent spread of the malware to other systems. To ensure immediate alerts to malware discovered on
More informationIntroducing IBM s Advanced Threat Protection Platform
Introducing IBM s Advanced Threat Protection Platform Introducing IBM s Extensible Approach to Threat Prevention Paul Kaspian Senior Product Marketing Manager IBM Security Systems 1 IBM NDA 2012 Only IBM
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationZscaler Cloud Web Gateway Test
Zscaler Cloud Web Gateway Test A test commissioned by Zscaler, Inc. and performed by AV-TEST GmbH. Date of the report: April15 th, 2016 Executive Summary In March 2016, AV-TEST performed a review of the
More informationHow Lastline Has Better Breach Detection Capabilities. By David Strom December 2014 david@strom.com
How Lastline Has Better Breach Detection Capabilities By David Strom December 2014 david@strom.com The Internet is a nasty place, and getting nastier. Current breach detection products using traditional
More informationHow To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface
How To Load balance traffic of Mail server hosted in the Internal network and redirect traffic over preferred Interface How To Configure load sharing and redirect mail server traffic over preferred Gateway
More informationEVOLVED DATA CENTER ARCHITECTURE
EVOLVED DATA CENTER ARCHITECTURE A SIMPLE, OPEN, AND SMART NETWORK FOR THE DATA CENTER DAVID NOGUER BAU HEAD OF SP SOLUTIONS MARKETING JUNIPER NETWORKS @dnoguer @JuniperNetworks 1 Copyright 2014 Juniper
More informationCisco Cloud Web Security Key Functionality [NOTE: Place caption above figure.]
Cisco Cloud Web Security Cisco IT Methods Introduction Malicious scripts, or malware, are executable code added to webpages that execute when the user visits the site. Many of these seemingly harmless
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationCyberoam Security-as-a-Service on Amazon Web Services Cloud. www.cyberoam.com
Cyberoam Security-as-a-Service on Amazon Web Services Cloud What is Amazon Web Services (AWS)? Amazon Elastic Compute Cloud Rent computing capacity or infrastructure on the cloud A Web service that provides
More informationSTOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect
STOPPING LAYER 7 ATTACKS with F5 ASM Sven Müller Security Solution Architect Agenda Who is targeted How do Layer 7 attacks look like How to protect against Layer 7 attacks Building a security policy Layer
More informationCautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work Security concerns and dangers come both from internal means as well as external. In order to enhance your security posture
More informationHow To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)
McAfee Security: Intrusion Prevention System REV: 0.1.1 (July 2011) 1 Contents 1. McAfee Network Security Platform...3 2. McAfee Host Intrusion Prevention for Server...4 2.1 Network IPS...4 2.2 Workload
More informationHow To Secure Your Network With Juniper Networks
SECURITY SERVICES GATEWAYS PRODUCT CATEGORY BROCHURE Integrated Strong Security for Enterprise Data Center and Branch, Service Provider Infrastructure, and Cloud Deployments As threats to the network grow
More informationNETASQ & PCI DSS. Is NETASQ compatible with PCI DSS? NG Firewall version 9
NETASQ & PCI DSS Is NETASQ compatible with PCI DSS? We have often been asked this question. Unfortunately, even the best firewall is but an element in the process of PCI DSS certification. This document
More informationContemporary Web Application Attacks. Ivan Pang Senior Consultant Edvance Limited
Contemporary Web Application Attacks Ivan Pang Senior Consultant Edvance Limited Agenda How Web Application Attack impact to your business? What are the common attacks? What is Web Application Firewall
More informationJUNIPER. One network for all demands MICHAEL FRITZ CEE PARTNER MANAGER. 1 Copyright 2010 Juniper Networks, Inc. www.juniper.net
JUNIPER One network for all demands MICHAEL FRITZ CEE PARTNER MANAGER 1 Copyright 2010 Juniper Networks, Inc. www.juniper.net 2-3-7: JUNIPER S BUSINESS STRATEGY 2 Customer Segments 3 Businesses Service
More informationHow Shared Security Intelligence Can Better Stop Targeted Attacks
How Shared Security Intelligence Can Better Stop Targeted Attacks SESSION ID: SPO3-T07 Piero DePaoli Senior Director Global Product Marketing Symantec Corporation Targeted Attacks are an Increasing Issue
More informationCisco Remote Management Services for Security
Cisco Remote Management Services for Security Innovation: Many Take Advantage of It, Some Strive for It, Cisco Delivers It. Cisco Remote Management Services (RMS) for Security provide around the clock
More informationFirewall Firewall August, 2003
Firewall August, 2003 1 Firewall and Access Control This product also serves as an Internet firewall, not only does it provide a natural firewall function (Network Address Translation, NAT), but it also
More informationIBM Security X-Force Threat Intelligence
IBM Security X-Force Threat Intelligence Use dynamic IBM X-Force data with IBM Security QRadar to detect the latest Internet threats Highlights Automatically feed IBM X-Force data into IBM QRadar Security
More informationCOORDINATED THREAT CONTROL
APPLICATION NOTE COORDINATED THREAT CONTROL Interoperability of Juniper Networks IDP Series Intrusion Detection and Prevention Appliances and SA Series SSL VPN Appliances Copyright 2010, Juniper Networks,
More informationBlacklist Example Configuration for StoneGate
Blacklist Example Configuration for StoneGate 4.1 1 (8) Blacklist Example Configuration for StoneGate StoneGate versions: SMC 4.1.2, IPS 4.1.2, FW 3.0.8 Blacklist Example Configuration for StoneGate 4.1
More informationPART D NETWORK SERVICES
CONTENTS 1 ABOUT THIS PART... 2 2 PUBLIC NETWORK... 2 Internet... 2 3 PRIVATE NETWORK... 3 Global WAN services... 3 4 SECURITY SERVICES... 3 Firewall... 4 Intrusion Prevention (Network)... 5 SSL/IPSEC
More informationРешения HP по информационной безопасности
Решения HP по информационной безопасности Евгений Нечитайло ynechyta@hp.com Mobile: +380 67 464 0218 Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject
More informationWatchGuard Technologies, Inc. 505 Fifth Avenue South Suite 500, Seattle, WA 98104 www.watchguard.com
SMALL BUSINESS NETWORK SECURITY GUIDE WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION AUGUST 2004 SMALL BUSINESS NETWORK SECURITY GUIDE: WHY A REAL FIREWALL PROVIDES THE BEST NETWORK PROTECTION
More informationUnified Threat Management, Managed Security, and the Cloud Services Model
Unified Threat Management, Managed Security, and the Cloud Services Model Kurtis E. Minder CISSP Global Account Manager - Service Provider Group Fortinet, Inc. Introduction Kurtis E. Minder, Technical
More informationGame changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE
Game changing Technology für Ihre Kunden Thomas Bürgis System Engineering Manager CEE Threats have evolved traditional firewalls & IPS have not Protection centered around ports & protocols Expensive to
More informationBUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports
BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports Building a Security Operation Center Agenda: Auditing Your Network Environment Selecting Effective Security
More informationINTRUSION DECEPTION CZYLI BAW SIĘ W CIUCIUBABKĘ Z NAMI
INTRUSION DECEPTION CZYLI BAW SIĘ W CIUCIUBABKĘ Z NAMI Na przykładzie Junos WebApp Secure Edmund Asare INCONVENIENT STATISTICS 70% of ALL threats are at the Web application layer. Gartner 73% of organizations
More informationVeranderende bedreigingen Security in het virtuele datacenter
Veranderende bedreigingen Security in het virtuele datacenter Dennis Hagens Copyright Fortinet Inc. All rights reserved. Veranderende bedreigingen Security in het virtuele datacenter Dennis Hagens Copyright
More informationTough Times. Tough Choices.
Security-as-a-Service is the right choice, right now. Table of Contents A New Choice for Every Business: Security-as-a-Service 3 Security-as-a-Service: One Service, Countless Protections 4 Outsource Your
More informationFortigate Features & Demo
& Demo Prepared and Presented by: Georges Nassif Technical Manager Triple C Firewall Antivirus IPS Web Filtering AntiSpam Application Control DLP Client Reputation (cont d) Traffic Shaping IPSEC VPN SSL
More informationJuniper Networks and IPv6. Tim LeMaster Ipv6.juniper.net www.juniper.net
Juniper Networks and IPv6 Tim LeMaster Ipv6.juniper.net www.juniper.net IPv6 Leadership IPv6 supported in Junos since 2001 IPv6 supported in ScreenOS since 2004 First router to be IPv6 Certified by DoD/
More informationWhite Paper. Time for Integrated vs. Bolted-on IT Security. Cyphort Platform Architecture: Modular, Open and Flexible
White Paper Time for Integrated vs. Bolted-on IT Security Cyphort Platform Architecture: Modular, Open and Flexible Overview This paper discusses prevalent market approaches to designing and architecting
More informationConfiguration Example
Configuration Example Set Up a Public Web Server Behind a Firebox Example configuration files created with WSM v11.10.1 Revised 7/21/2015 Use Case In this configuration example, an organization wants to
More informationIndusGuard Web Application Firewall Test Drive User Registration
IndusGuard Web Application Firewall Test Drive User Registration Document Version 1.0 24/06/2015 Confidentiality INDUSFACE HAS PREPARED THIS DOCUMENT FOR INTERNAL PURPOSE. NEITHER THIS DOCUMENT NOR ITS
More informationHealthcare Security Vulnerabilities. Adam Goslin Chief Operations Officer High Bit Security
Healthcare Security Vulnerabilities Adam Goslin Chief Operations Officer High Bit Security Webinar Overview IT Security and Data Loss Breach Sources / Additional Information Recent Medical Breach / Loss
More informationModular Network Security. Tyler Carter, McAfee Network Security
Modular Network Security Tyler Carter, McAfee Network Security Surviving Today s IT Challenges DDos BOTS PCI SOX / J-SOX Data Exfiltration Shady RAT Malware Microsoft Patches Web Attacks No Single Solution
More informationSHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper
SHARE THIS WHITEPAPER Top Selection Criteria for an Anti-DDoS Solution Whitepaper Table of Contents Top Selection Criteria for an Anti-DDoS Solution...3 DDoS Attack Coverage...3 Mitigation Technology...4
More informationHost-based Intrusion Prevention System (HIPS)
Host-based Intrusion Prevention System (HIPS) White Paper Document Version ( esnhips 14.0.0.1) Creation Date: 6 th Feb, 2013 Host-based Intrusion Prevention System (HIPS) Few years back, it was relatively
More informationFortiWeb 5.0, Web Application Firewall Course #251
FortiWeb 5.0, Web Application Firewall Course #251 Course Overview Through this 1-day instructor-led classroom or online virtual training, participants learn the basic configuration and administration
More informationWith Great Power comes Great Responsibility: Managing Privileged Users
With Great Power comes Great Responsibility: Managing Privileged Users Darren Harmer Senior Systems Engineer Agenda What is a Privileged User Privileged User Why is it important? Security Intelligence
More informationHow To Choose A Next Generation Firewall
6 Steps to Evaluating a Next Generation Firewall What You Will Learn Whether you are evaluating a Next Generation Firewall for the first time or are researching because your current solution is less than
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationThe Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know
The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know I n t r o d u c t i o n Until the late 1990s, network security threats were predominantly written by programmers seeking notoriety,
More informationUse Bring-Your-Own-Device Programs Securely
Use Bring-Your-Own-Device Programs Securely By Dale Gonzalez December 2012 Bring-your-own-device (BYOD) programs, which allow employees to use their personal smartphones, tablets and laptops in and out
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationWildFire. Preparing for Modern Network Attacks
WildFire WildFire automatically protects your networks from new and customized malware across a wide range of applications, including malware hidden within SSL-encrypted traffic. WildFire easily extends
More informationIBM Security. 2013 IBM Corporation. 2013 IBM Corporation
IBM Security Security Intelligence What is Security Intelligence? Security Intelligence --noun 1.the real-time collection, normalization and analytics of the data generated by users, applications and infrastructure
More informationCarbon Black and Palo Alto Networks
Carbon Black and Palo Alto Networks Bring Together Next-Generation Endpoint and Network Security Solutions Endpoints and Servers in the Crosshairs of According to a 2013 study, 70 percent of businesses
More informationCreating a VPN with overlapping subnets
Creating a VPN with overlapping subnets This recipe describes how to construct a VPN connection between two networks with overlapping IP addresses in such a way that traffic will be directed to the correct
More informationCisco RSA Announcement Update
Cisco RSA Announcement Update May 7, 2009 Presented by: WWT and Cisco Agenda Cisco RSA Conference Announcements Collaborate with Confidence Overview Cisco s Security Technology Differentiation Review of
More informationNext Gen Firewall and UTM Buyers Guide
Next Gen Firewall and UTM Buyers Guide Implementing and managing a network protected by point solutions is far from simple. But complete protection doesn t have to be complicated. This buyers guide explains
More informationCisco Security Intelligence Operations
Operations Operations of 1 Operations Operations of Today s organizations require security solutions that accurately detect threats, provide holistic protection, and continually adapt to a rapidly evolving,
More informationEnd-to-End Application Security from the Cloud
Datasheet Website Security End-to-End Application Security from the Cloud Unmatched web application security experience, enhanced by real-time big data analytics, enables Incapsula to provide best-of-breed
More informationThe SIEM Evaluator s Guide
Using SIEM for Compliance, Threat Management, & Incident Response Security information and event management (SIEM) tools are designed to collect, store, analyze, and report on log data for threat detection,
More informationSecure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation
Secure Remote Access Solutions Balancing security and remote access Bob Hicks, Rockwell Automation Rev 5058-CO900C Agenda Control System Network Security Defence in Depth Secure Remote Access Examples
More informationPRODUCT CATEGORY BROCHURE
IDP Series Intrusion Detection and Prevention Appliances PRODUCT CATEGORY BROCHURE Staying One Step Ahead With the accelerating number of applications allowed in from the Internet and the higher frequency
More informationBraindumps.700-295.50.QA
Braindumps.700-295.50.QA Number: 700-295 Passing Score: 800 Time Limit: 120 min File Version: 6.0 http://www.gratisexam.com/ Comprehensive, easy and to the point study material made it possible for me
More informationCisco Cloud Web Security
Data Sheet Today s highly connected and fast-moving world is filled with complex and sophisticated web security threats. Cisco delivers the strong protection, complete control, and investment value that
More information