Applications erode the secure network How can malware be stopped?



Similar documents
Dell Security Next-Generation Firewalls

Dell SonicWALL Next Generation Firewall(Gen6) and Integrated Solution. Colin Wu / 吳 炳 東 Colin_Wu1@dell.com

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager

Application Intelligence, Control and Visualization

Next-Generation Firewalls: Critical to SMB Network Security

Dell SonicWALL Portfolio

How Traditional Firewalls Fail Today s Networks And Why Next-Generation Firewalls Will Prevail

Providing Secure IT Management & Partnering Solution for Bendigo South East College

Network Security Solution. Arktos Lam

Achieve Deeper Network Security

1110 Cool Things Your Firewall Should Do. Extending beyond blocking network threats to protect, manage and control application traffic

Achieve Deeper Network Security and Application Control

How To Control Your Network With A Firewall On A Network With An Internet Security Policy On A Pc Or Ipad (For A Web Browser)

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

SonicWALL Unified Threat Management. Alvin Mann April 2009

Simple security is better security Or: How complexity became the biggest security threat

Jort Kollerie SonicWALL

10 Strategies to Optimize IT Spending in an Economic Downturn. Wong Kang Yeong, CISA, CISM, CISSP Regional Security Architect, ASEAN

What to Look for When Evaluating Next-Generation Firewalls

How to Build a Massively Scalable Next-Generation Firewall

Unified Threat Management, Managed Security, and the Cloud Services Model

Astaro Gateway Software Applications

Content-ID. Content-ID URLS THREATS DATA

Why Protection and Performance Matter

Why protection & performance matter

SuperMassive E10000 Series

Network protection and UTM Buyers Guide

SonicOS 5.9 One Touch Configuration Guide

Introducing IBM s Advanced Threat Protection Platform

The Benefits of SSL Content Inspection ABSTRACT

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

FIREWALL. Features SECURITY OF INFORMATION TECHNOLOGIES

SonicWALL ECLASS Netw

The Hillstone and Trend Micro Joint Solution

Networking for Caribbean Development

Using Palo Alto Networks to Protect the Datacenter

Mobile workforce management software solutions. Empowering the evolving workforce with an end-to-end framework

Secure Cloud-Ready Data Centers Juniper Networks

Importance of Web Application Firewall Technology for Protecting Web-based Resources

Forefront Threat Management Gateway (TMG) Whitepaper The Solution.

Content Scanning for secure transactions using Radware s SecureFlow and AppXcel together with Aladdin s esafe Gateway

IINS Implementing Cisco Network Security 3.0 (IINS)

Move over, TMG! Replacing TMG with Sophos UTM

The Cisco ASA 5500 as a Superior Firewall Solution

Is Your Network Ready for VoIP?

Secure Web Gateways Buyer s Guide >

Clean VPN Approach to Secure Remote Access for the SMB

Fortigate Features & Demo

Firewall Feature Overview

Next-Generation Firewall Market Analysis: The SonicWALL Difference CONTENTS

Protect your internal users on the Internet with Secure Web Gateway. Richard Bible EMEA Security Solution Architect

BlackRidge Technology Transport Access Control: Overview

SonicWALL Corporate Design System. The SonicWALL Brand Identity

Controlling SSL Decryption. Overview. SSL Variability. Tech Note

R&S SITGate Next-Generation Firewall Secure access to Internet and cloud services

A Websense White Paper Implementing Best Practices for Web 2.0 Security with the Websense Web Security Gateway

Security Administration R77

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Cybercrime: evoluzione del malware e degli attacchi. Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

Zscaler Internet Security Frequently Asked Questions

Best Practices in Deploying a Secure Wireless Network

Firewall Sandwich. Aleksander Kijewski Presales Engineer Dell Software Group. Dell Security Peak Performance

Palo Alto Networks Next-Generation Firewall Overview

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network

How to choose the right NGFW for your organization: Independent 3 rd Party Testing

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013

Cyberoam Next-Generation Security. 11 de Setembro de 2015

McAfee Network Security Platform

Cisco IOS Advanced Firewall

NGFWs will be most effective when working in conjunction with other layers of security controls.

Clean VPN Approach to Secure Remote Access

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR

Implementing Cisco IOS Network Security

Moving Beyond Proxies

ANNEXURE TO TENDER NO. MRPU/IGCAR/COMP/5239

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

Intro to NSX. Network Virtualization VMware Inc. All rights reserved.

Results of Testing: Juniper Branch SRX Firewalls

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

Contents. Release Purpose. Platform Compatibility. SonicOS TZ 105 / TZ 205 Series Release Notes. SonicOS

Next Gen Firewall and UTM Buyers Guide

Protecting Your Network Against Risky SSL Traffic ABSTRACT

Protect Breakout: Connected Security for a Connected World

Inspection of Encrypted HTTPS Traffic

Huawei Eudemon200E-N Next-Generation Firewall

Network Security. Protective and Dependable. 52 Network Security. UTM Content Security Gateway CS-2000

Transcription:

Vulnerabilities will continue to persist Vulnerabilities in the software everyone uses everyday Private Cloud Security It s Human Nature Programmers make mistakes Malware exploits mistakes Joe Gast Recent headlines Do you trust end users??? Applications erode the secure network How can malware be stopped? Web 2.0 Tunneling Apps File Transfer, Video, Audio, Chat, Browser Gaming, Email, CRM, etc Allow ports 80/443 Allow Everything Yahoo! ebay HOW? HOW? Important Apps Unimportant Apps ORACLE Salesforce Skype AIM myspace amazon.com SAP SIEBEL Twitter YouTube facebook BitTorrent www.martinandassoc.com 1

Legacy Gateway Security Model Implementation What if you had a security solution that could Server Server Server Server Server THREAT THREAT Internet Your security solution is inspecting all traffic coming in and going out from the Internet? Right? Automatically block attacks (intrusion, malware, etc) Automatically identify applications by their DNA Automatically identify users Illuminate all application traffic on the network Allow you to control by application and user Dell SonicWALL network security capabilities Global threat visibility and intelligence First-Generation Firewall Capabilities Application Visibility and Control Supports Stateful Packet Inspection, NAT, IPSec VPNs, & SSL VPNs Granular control & real-time visualization of applications running North America 946,497,494 IPS attacks Europe 467,195,993 IPS attacks Integrated IPS Protects against a comprehensive array of network-based threats and vulnerabilities Asia 136,43, 706 IPS attacks SSL Decryption and Inspection AD/LDAP Integration (SSO) Decrypts and inspects SSL traffic for threats, applies application, URL and content control policies User identification and activity are made available through seamless AD/LDAP SSO South America 85,036,625 IPS attacks Africa 12,087,222 IPS attacks Bump-In-the-Wire Deployment Anti-Malware & Content Transparent mode deployment, in addition to Layer-3 Gateway & Cloud AV, Anti-Spyware, Anti-Spam, & URL/Content 4-month Snapshot: Sep Dec 2013 Oceania 11,139,882 IPS attacks +1M Sensors 249 Countries 24X7 X365 15M+ Counter-measures 50K+ Malware samples collected daily 15K+ Malicious event analyzed daily Application visualization & control Break the malware cycle URL Page Visit Compromised Good Site Identify 5000+ Application Signatures By Application By User/Group LDAP/SSO By Content Inspection Categorize By Application By Application Category By Destination By Content By User/Group Control Prioritize Apps by Policy Manage Apps by Policy Block Apps by Policy Detect and Block Malware Manage network bandwidth SSL Decryption Intrusion Prevention Network Anti-Virus Cloud Anti- Virus Botnet Exploit Malware Request Malware Malware Hosting Site www.martinandassoc.com 2

Web content filtering Dynamically updated rating architecture. Application traffic analytics Web-based management Web Caching and rating architecture IP based HTTPS content filtering 16M+ 56+ Granular level blocking based on predefined Report & Analyze Application traffic analytics suite - Website rating database used to block categories. integration with Dell SonicWALL GMS, inappropriate and illegal content, reduces IP-based HTTPS content filtering to control Analyzer & Scrutinizer provides real-time organizational liability and increases user access to web sites over encrypted and historic analysis of data transmitted productivity HTTPS through the security solution. Intrusion detection & prevention NSS Labs 2013 & 2014 IPS SVM, Recommended Quadrant Detect & Prevent Software vulnerabilities such as buffer Comprehensive Pure Pattern Matching Reporting On-box reporting overflows, peer-to-peer and instant Buffer Overflow Detection IPfix / Netflow exporting messaging exploits, backdoor attacks, Botnet detection & blocking and other malware. DoS / Flood detection Geo IP monitoring & blocking SSL decryption & inspection Gateway anti-malware powered by the cloud Scans & Prevents installation of malicious spyware and 13M+ signatures detecting millions of pieces Unlimited Dell SonicWALL Reassembly-Free Deep disrupts background communications of malware and intelligent enough to Packet Inspection engine scans analyzes from existing spyware programs that detect new variants providing effective all files in real time regardless of file transmit confidential data All protocols zero-day protection size or compression. across every port, including SSL traffic with DPI SSL. SSL decryption and inspection Deep Packet Inspection of Secure Socket Layer (DPI-SSL) SSL traffic decrypted, inspected, then re-encrypted Client DPI-SSL and Server DPI-SSL Inspects SSL sessions on all ports independent of protocol Content can be scanned as well as injected (e.g. HTTP/S block pages) All Security Services are supported Extends Deep Packet inspection to SSL traffic Inspects Inspects SSL traffic across other security Granular Control Inclusion/Exclusion list to customize scanning both LAN and WAN traffic for mechanisms, such as URL filtering, IP & which traffic DPI-SSL inspection allows threats and vulnerabilities Gateway AV better management of CPU Dell SonicWALL network security capabilities Highly efficient single-pass RFDPI security engine Proven & proprietary Reassembly-Free Deep Packet Inspection Deep SSL Packet Decryption Inspection 1. Stateful Packet Inspection 2. Intrusion Prevention The front-line network defense against application attacks 3. Application Identification & Visualization Can t control what you can t see 4. User Identification through Single Sign On (SSO) Correlate network traffic with users 5. Application Control Granular control (Allow Facebook, Block Social Gaming) 6. SSL Decryption Don t allow threats to tunnel through encrypted channels 7. Threat Prevention Anti-X (Virus/Trojan/Malware) Input Packet TCP Reassembly Preprocessors Low-latency ultra-scalable single pass Deep Packet Inspection engine Signature Signature Pattern Definition Language Interpreter Deep Packet Inspection Engine Output Packet Postprocessors Policy Decision API www.martinandassoc.com 3

Linearly scalable on a massively multi-core architecture Intra-VLAN Security Model Implementation Malware may be introduced within any single zone, but will be inspected, blocked, and alerted to as it attempts to propagate to other zones. Server Server Server Server Server The Firewall now inspects data going between all network zones, including internal-to-internal traffic 1 Core 96 Cores From the TZ to an NSA and even the SuperMassive BYOD Users Internet All network traffic can be forced into the appropriate zone via VLAN Tagging on switches, and with Layer 3 Gateways on the firewall. Its all the same security engine! 20 Event Notification A virus is introduced internally. It infects the other zones on network. Activate Gateway Antivirus Inspection on Zone Interface. Gateway scans, stops, and discards virus. A log VIRUS ALERT is sent to the admin. Off box visualization and network intelligence Export Rich data through NetFlow/IPFIX with Extensions Provides security monitoring for distributed installations Run collector in the cloud, send data over VPN 21 Dell SonicWALL Security Appliance Lineup The all new Dell SonicWALL Gen6 Trusted Zone Appliance SMB/Campus/Branch Enterprise, Data Center SuperMassive Series TZ Series NSA Series SuperMassive E10800 SuperMassive E10400 TZ SOHO/W TZ 300/W TZ 400/W TZ 500 TZ 600 NSA 4600 NSA 3600 NSA 2600 NSA 6600 NSA 5600 SuperMassive 9800 SuperMassive 9600 SuperMassive 9400 SuperMassive 9200 www.martinandassoc.com 4

Dell secure mobile access solution Enable mobile worker productivity while protecting from threats Industry leading security effectiveness Provide simple, policy-enforced, per app VPN access to permitted resources Enforce and manage mobile device policy terms Authenticate user and validate app and device integrity Enable secure SSL VPN connections and granular network access controls Centralize access policy management Mobile Connect app Secure Remote Access appliance 1.78 Billion Malware blocked 14 Zero day exploits blocked 2013 1.06 Trillion Intrusions prevented 50,000+ Malware samples collected every day ICSA Labs Next-Generation Firewall Evaluation results: Certifications 100% Effective for application identification & control (Productivity) 100% Effective against malware (Protection) 100% Effective for user-based authentication Dell No SonicWALL false positives is the first and only firewall to receive the ICSA Labs Enterprise Firewall Certification and ICSA Labs Next-Generation Firewall Evaluation. Common Criteria FIPS IPv6 / USGv6 UC-APL* VPAT Suite B / CsFC* VPNC WiFi Alliance Q&A and Thank you! Joe Gast Martin and Associates joe.gast@martinandassoc.com www.martinandassoc.com 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information