Uncover security risks on your enterprise network

Similar documents
Cloud Services Prevent Zero-day and Targeted Attacks

Check Point: Sandblast Zero-Day protection

Cisco Advanced Services for Network Security

Intro to Firewalls. Summary

Unknown threats in Sweden. Study publication August 27, 2014

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Modular Network Security. Tyler Carter, McAfee Network Security

How To Protect Your Network From Attack From A Virus And Attack From Your Network (D-Link)

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

74% 96 Action Items. Compliance

CALNET 3 Category 7 Network Based Management Security. Table of Contents

INSTANT MESSAGING SECURITY

Top 10 Reasons Enterprises are Moving Security to the Cloud

Extreme Networks Security Analytics G2 Vulnerability Manager

Building A Secure Microsoft Exchange Continuity Appliance

Fighting Advanced Threats

Global Partner Management Notice

End-user Security Analytics Strengthens Protection with ArcSight

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

Cisco Cloud Web Security Key Functionality [NOTE: Place caption above figure.]

NetDefend Firewall UTM Services

Security Services. 30 years of experience in IT business

McAfee Database Security. Dan Sarel, VP Database Security Products

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Firewalls. Securing Networks. Chapter 3 Part 1 of 4 CA M S Mehta, FCA

How To Protect A Network From Attack From A Hacker (Hbss)

Security Administration R77

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

The Importance of Cybersecurity Monitoring for Utilities

Driving Company Security is Challenging. Centralized Management Makes it Simple.

White Paper. How to Effectively Provide Safe and Productive Web. Environment for Today's Businesses

Unified Threat Management, Managed Security, and the Cloud Services Model

Why Leaks Matter. Leak Detection and Mitigation as a Critical Element of Network Assurance. A publication of Lumeta Corporation

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

Secure Your Mobile Workplace

Content-ID. Content-ID URLS THREATS DATA

Top 10 Features: Clearswift SECURE Gateway

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Firewall and UTM Solutions Guide

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 6 Network Security

Firewalls for small business

SECURING YOUR MODERN DATA CENTER WITH CHECK POINT

Unified Security, ATP and more

Workshop. Avril 2015 Benoit Buonassera

Countermeasures against Bots

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Introducing IBM s Advanced Threat Protection Platform

IBM Security QRadar Vulnerability Manager

Enabling Business Beyond the Corporate Network. Secure solutions for mobility, cloud and social media

2012 Data Breach Investigations Report

NetDefend Firewall UTM Services

ESET Endpoint Security 6 ESET Endpoint Antivirus 6 for Windows

The Hillstone and Trend Micro Joint Solution

場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR

INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe

MANAGED SECURITY SERVICES (MSS)

Cyan Networks Secure Web vs. Websense Security Gateway Battle card

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Analyzing HTTP/HTTPS Traffic Logs

How To Secure Your Store Data With Fortinet

CMPT 471 Networking II

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

Check Point Partner Marketing Campaign Plan

Security for NG9-1-1 SYSTEMS

Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention

Networking for Caribbean Development

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

Intelligent, Scalable Web Security

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

THE TOP 4 CONTROLS.

Incident Response. Six Best Practices for Managing Cyber Breaches.

10 Smart Ideas for. Keeping Data Safe. From Hackers

Unified network traffic monitoring for physical and VMware environments

Windows Remote Access

WildFire. Preparing for Modern Network Attacks

STOPPING LAYER 7 ATTACKS with F5 ASM. Sven Müller Security Solution Architect

Stop advanced targeted attacks, identify high risk users and control Insider Threats

H.I.P.A.A. Compliance Made Easy Products and Services

Projectplace: A Secure Project Collaboration Solution

Cisco Advanced Malware Protection for Endpoints

A HELPING HAND TO PROTECT YOUR REPUTATION

NAC at the endpoint: control your network through device compliance

AVeS Cloud Security powered by SYMANTEC TM

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

Scott Lucas: I m Scott Lucas. I m the Director of Product Marketing for the Branch Solutions Business Unit.

The Evolution of Information Security at Wayne State University

Payment Card Industry Data Security Standard

FIVE PRACTICAL STEPS

CSG & Cyberoam Endpoint Data Protection. Ubiquitous USBs - Leaving Millions on the Table

Trend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond

Transcription:

Uncover security risks on your enterprise network Sign up for Check Point s on-site Security Checkup. About this presentation: The key message of this presentation is that organizations should sign up for a Security Checkup assessment in order to uncover security threats they are exposed to so that they can be aware of any hidden threats and be able to protect themselves on time. The main benefit of the assessment that it is conducted by a security expert who will follow thought-out the process: conduct the security assessment, analyze the findings and advice on how improve security if needed. 1

SOMETIMES, YOUR NETWORK IS FULL OF SURPRISES Your corporate network offers access to valuable and sensitive information. Information that must never fall into the wrong hands. Can you be sure there aren t any hidden surprises threatening your most precious data assets? No stealthy malware, back doors, data leaks or other security vulnerabilities? 2

2014 SECURITY REPORT reveals In order to understand what are the critical security threats organizations are exposed to today and should be addressed in 2014 and beyond, the Check Point security research team analyzed event data from more than 10,000 organizations world wide in 2013. The Check Point 2014 Security Report presents the results of our research. 3

73% 75% 56% 88% 33%? INFECTED WITH BOTS USING P2P APPLICATIONS USING PROXY ANONYMIZERS EXPERIENCED DATA LOSS UNKNOWN MALWARE ORGANIZATIONS ARE VULNERABLE The highlights of our research: 73% of organizations were found infected with bots. In 75% of organizations P2P file sharing applications were detected in use by employees. P2P applications open a backdoor into the corporate network might cause data leakage and malware infections. In 56% of organizations Proxy Anonymizer applications were detected in use by employees. Anonymizers applications bypass security and hide user s web activity. 88% of organizations experienced at least one potential data loss incident. Our research found that 33% of organizations downloaded at least one unknown form of malware. The malware was embedded mainly into PDF, EXEs, archives or Microsoft Office files. Unknown malware refers to zero-days or new forms of malicious code that exploit software vulnerabilities and cannot be detected at the time of exploitation, even by up-todate antivirus, anti-bot or Intrusion Prevention System (IPS) solutions. According to these statistics, most organizations are vulnerable to security threats. 4

WHICH SECURITY THREATS YOUR ORGANIZATION IS EXPOSED TO? Which security threats your organization is expose to? Early exposure of hidden threats will enable you to and address these risks on time and enhance the security your organization. 5

Introducing Check Point introduces it s Security Checkup assessment. In a similar way that a doctor gives you a medical health check to help you understand your health status, a Security Checkup provides a security status of your organization s networks. It will uncover security threats your organization is exposed to. 6

SECURITY CHECKUP THREAT ANALYSIS REPORT At the end of this assessment, you will get a threat analysis report that includes all the security incidents detected during the assessment and a set of recommendations on how to protect against these threats. A security expert will discuss the findings with you and how they can be prevented. 7

SECURITY CHECKUP HELPED ALREADY THOUSANDS OF ORGANIZATIONS SINCE 2012 More than 4,000 Security Checkup assessments have been conducted so far world wide helping organizations of any size and industry be more secure. We offer you the opportunity to conduct a Security Checkup in your organization as well. 8

THE REPORT RISKY WEB APPLICATIONS AND SITES MALWARE INFECTED COMPUTERS EXPLOITED VULNERABILITIES DATA LOSS INCIDENTS BANDWIDTH ANALYSIS COMPLIANCE & SECURITY POLICY CHECK The report covers a full range of security risks: High risk web applications and websites used by employees such as: P2P File Sharing applications, Proxy anonymizers, File Storage applications, malicious websites and more. Analysis of malware threats which include computers infected with bots, viruses and also unknown malware (zero days and malwares that cannot be detected by traditional antivirus systems. Exploited vulnerabilities of servers and computers in the organization indicating possible attacks. Sensitive data sent from inside the organization outside the organization via emails or web. Bandwidth analysis listing the top bandwidth consuming applications and accessed websites that can help organizations understand who and what is hogging your network bandwidth. Compliance and best practices, this section is only relevant to existing Check Point customers with an active Security Management. This section compares the current rule base configuration with Check Point best practices recommendations and also provides a compliance check of the rule base with many of the known industry standards (such as PCI, HIPAA, ISO etc ). 9

PROTECTION RECOMMENDATIONS RISKY WEB APPLICATIONS AND SITES MALWARE INFECTED COMPUTERS EXPLOITED VULNERABILITIES DATA LOSS INCIDENTS BANDWIDTH ANALYSIS COMPLIANCE & SECURITY POLICY CHECK The report also helps to understand what is needed in order to protect against the detected risks. The report includes a section with recommendations on how to protect the organization from these threats. 10

SECURITY CHECKUP ASSESSMENT conducted on-site by security experts SETTING UP A SECURITY GATEWAY CONNECTING TO NETWORK ANALYZING THE FINDINGS DISCUSSING THE FINDINGS using Check Point latest technology to inspect traffic and generating a report and advising how to enhance security Let s see how the Security Checkup assessment works. The assessment is conducted on-site by security experts and includes four main steps: 1. The first step sees the security expert set up a Check Point Security Gateway on which the assessment will be conduced. All relevant Check Point Software blades are being activated and configured (For example: Application Control, URL Filtering, IPS, Anti-Bot, Anti-Virus, Threat Emulation, DLP, Identity Awareness if required, SmartEvent etc ) 2. Next, the device arrives on-site and is plugged into the organization's network to inspect network traffic, without any network downtime and without any need for changes in network configuration. We will discuss how this is being done on the following slides. It is recommended to leave the unit to inspect traffic for at least a week so enough traffic is monitored (but a few days can be enough in some instances). The longer the time period, the better. The assessment can be conducted to either existing Check Point customers or net new customers. 3. In the next step, the security expert will remove the device from the network, analyze the results, and generate the Security Checkup report. 4. In the final step the security expert will present the findings and have an open discussion about security technologies and about security solutions to protect your network and address the weak points detected in the report. 11

EVERYONE BENEFITS FROM THE CHECKUP C-LEVEL EXECUTIVES SECURITY OFFICERS SECURITY ADMINISTRATORS SOC OPERATORS awareness checkup security policy checkup security configuration checkup visibility checkup The report is designed to bring value to anyone in the organization that has a concern with the current security status. It is designed to be easy to read on all levels, even by non security experts. It makes C-level executives aware of the security status within their organization and helps them find out if there are any critical risks that require immediate attention. The report also helps security officers validate the organizational security policy and check whether there are any gaps which require urgent actions, enabling enhancement of their current security architecture. In addition, security administrators can check their current security configuration. Security incidents might indicate that there are some misconfigurations, over permissive security configurations or even limitations in current security solutions. And finally, the report provides operators of the Security Operation Center (SOC) an additional source of visibility into the organizational security posture. Uncovering new security risks they were not aware of such as malware infected computers, might indicate that the existing SOC systems does not provide the security coverage they need. 12

ORGANIZATIONS CANNOT AFFORD NETWORK DOWNTIME Connecting a Security Checkup device into a network might raise the concern of network downtime. We are aware of organizations policies for zero network downtime. We also know that IT network teams are usually reluctant about plugging an external device into their network and/or changing their current network configuration. 13

ZERO RISK TO THE NETWORK vs. connected to Mirror Port or TAP Inline To avoid any risk of downtime and eliminate the need to change network configuration, the Security Checkups have the option of using a Monitor Port (configured on the Security Checkup device). To inspect traffic, the Monitor Port connects to a Mirror Port (also known as Span Port) on a network switch or to a TAP device (Test Access Point). It means that only copied network traffic is being inspected and by that it removes all the challenges of inline connectivity. The Monitor Port does not transmit any traffic to the network and in this way there is no downtime risk and no change to the existing network configuration. 14

WHAT ABOUT PRIVACY? The Security Checkup assessments exposes security incidents and risks which is usually sensitive information for organizations. What about the privacy of this information and what if your policy does not allow us to plug 3 rd party devices into your network? 15

WE RESPECT OUR CUSTOMERS PRIVACY We fully respect our customer's privacy. After all, we are a security company. After monitoring traffic, usually the analysis of the findings and the report creation are done off premise to save customer's time while analyzing the results, however the report can also be generated on-site and the logs can be deleted before the security expert leaves the premises. To make is even more private, the whole assessment can been done on-site, end to end including the setup stage. If the organizational policy does not permit a 3 rd party device plugged into the network, there is also an option to install the Security Checkup device on-site by using a server which will be provided by you (the Hardware needs to be supported by Check Point s Hardware Compatibility List, list available at http://www.checkpoint.com/services/techsupport/hcl/). This way nothing is being brought from outside the organization and nothing is leaving the premises. Only under customer's agreement we collect anonymized information for statistical purposes. This data does not include any information that can reveal the organization identity. 16

WHAT S IN IT FOR YOU? What are the main benefits for you? 17

YOUR BENEFITS AWARENESS of security risks FOCUS and priority on where security needs improvement TECHNOLOGY introduction into new security capabilities These are your key benefits: Better awareness of the security risks you are exposed to and may not have been aware of. The Security Checkup also helps to point out and prioritize the security gaps that require improvement. And finally, you are being introduced to the latest security technology that covers all aspects of network security. 18

GET AN EXPERT S ADVICE This is the part where our expert will help you to address any security issues and can make your organization more secure. Our security experts can be your advisor. 19

SIGN UP FOR YOUR ON-SITE SECURITY CHECKUP WATCH THE VIDEO FILL IN THE REQUEST FORM DOWNLOAD SAMPLE REPORT checkpoint.com/securitycheckup Visit the Security Checkup public landing page. It includes some information about the assessment, a short video and a form to submit a request for a Security Checkup. checkpoint.com/securitycheckup 20

UNCOVER SECURITY RISKS ON YOUR ENTERPRISE NETWORK. SIGN UP FOR CHECK POINT S ON-SITE SECURITY CHECKUP. Uncover security risks on your enterprise network. Sign up for check point s on-site security checkup at checkpoint.com/securitycheckup 21

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information