Endpoint Security Risk Management: Control Without Compromise



Similar documents
ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

Policy Management: The Avenda Approach To An Essential Network Service

Payment Card Industry Data Security Standard

Requirements When Considering a Next- Generation Firewall

How To Protect Your Network From Attack From A Network Security Threat

FIVE PRACTICAL STEPS

Information Technology Solutions

Network Security and Vulnerability Assessment Solutions

HP and netforensics Security Information Management solutions. Business blueprint

White Paper. Time for Integrated vs. Bolted-on IT Security. Cyphort Platform Architecture: Modular, Open and Flexible

INSERT COMPANY LOGO HERE

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

Enterprise Security Solutions

LOG AND EVENT MANAGEMENT FOR SECURITY AND COMPLIANCE

Smart Data Center Solutions

Boosting enterprise security with integrated log management

Update On Smart Grid Cyber Security

Addressing BYOD Challenges with ForeScout and Motorola Solutions

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Data Center Solutions

Total Protection for Compliance: Unified IT Policy Auditing

CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT

QRadar Security Intelligence Platform Appliances

Alcatel-Lucent Services

Cisco Remote Management Services for Financial Services

Information & Asset Protection with SIEM and DLP

POINT OF VIEW. The Critical Role of Networking in Enterprise Resource Planning. Introduction

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

WHITEPAPER. Addressing Them with Adaptive Network Security. Executive Summary... An Evolving Network Environment Adaptive Network Security...

Cisco SAFE: A Security Reference Architecture

Dynamic Service Desk. Unified IT Management. Solution Overview

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

A Look at the New Converged Data Center

Lumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks

Managed Services. Business Intelligence Solutions

ForeScout CounterACT. Continuous Monitoring and Mitigation

The Trellis Dynamic Infrastructure Optimization Platform for Data Center Infrastructure Management (DCIM)

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop

ForeScout CounterACT CONTINUOUS DIAGNOSTICS & MITIGATION (CDM)

Readiness Assessments: Vital to Secure Mobility

Security Information Management (SIM)

How To Buy Nitro Security

IBM QRadar Security Intelligence April 2013

Concurrent Technologies Corporation (CTC) is an independent, nonprofit, applied scientific research and development professional services

Identity and Access Management Integration with PowerBroker. Providing Complete Visibility and Auditing of Identities

How To Protect Your Cloud From Attack

Remote Management Services Portfolio Overview

Chapter 1 The Principles of Auditing 1

Data Center Networking Managing a Virtualized Environment

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Top 10 Reasons Enterprises are Moving Security to the Cloud

CHAPTER 3 : INCIDENT RESPONSE FIVE KEY RECOMMENDATIONS GLOBAL THREAT INTELLIGENCE REPORT 2015 :: COPYRIGHT 2015 NTT INNOVATION INSTITUTE 1 LLC

Implementing Software- Defined Security with CloudPassage Halo

Secure Networks for Process Control

Best Practices for Building a Security Operations Center

Getting Started with the iscan Online Data Breach Risk Intelligence Platform

Symantec Mobile Management 7.2

MANAGED SERVICES PROVIDER. Dynamic Solutions. Superior Results.

Network Virtualization

Providing a work-your-way solution for diverse users with multiple devices, anytime, anywhere

What is Security Intelligence?

Securing the Borderless Enterprise

Your Location Instant NOC using Kaseya. Administrator at Remote Location Secure access to Management Console from anywhere using only a browser

ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Sygate Secure Enterprise and Alcatel

The Trellis Dynamic Infrastructure Optimization Platform for Data Center Infrastructure Management (DCIM)

Avoiding the Top 5 Vulnerability Management Mistakes

Q1 Labs Corporate Overview

Vulnerability Management

ARCHITECT S GUIDE: Comply to Connect Using TNC Technology

IBM Tivoli Endpoint Manager for Security and Compliance

Cisco Remote Management Services for Security

Injazat s Managed Services Portfolio

Current IBAT Endorsed Services

Paul Cochran - Account Manager. Chris Czerwinski System Engineer

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Continuous Network Monitoring

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Small and Midsize Business Protection Guide

Preemptive security solutions for healthcare

INTRODUCING isheriff CLOUD SECURITY

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

Meeting the Challenges of Virtualization Security

Security Information & Event Management (SIEM)

IBM QRadar Security Intelligence Platform appliances

What Is Cisco Mobile Workspace Solution?

SonicWALL Clean VPN. Protect applications with granular access control based on user identity and device identity/integrity

Symantec Client Management Suite 8.0

How to Secure Your Environment

Permeo Technologies WHITE PAPER. HIPAA Compliancy and Secure Remote Access: Challenges and Solutions

Technical Note. ForeScout CounterACT: Virtual Firewall

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Extreme Networks Security Analytics G2 Vulnerability Manager

How To Build A Data Center

Clavister InSight TM. Protecting Values

ARCHITECT S GUIDE: Mobile Security Using TNC Technology

Active Network Defense: Real time Network Situational Awareness and a Single Source of Integrated, Comprehensive Network Knowledge

Transcription:

Endpoint Security Risk Management: Control Without Compromise A V 2 R P O R T F O L I O G R O U P C O M P A N Y

Contents Introduction 3 The Current Information Security Landscape 4 Red Lambda s Assurity SRM : Unified Security Risk Management 5 Features & Benefits 6 Why Red Lambda? 8 A Look to the Future 8

Introduction Driven by competitive pressures and a changing climate of accountability, organizational strategies toward information security are changing. Operational responsibilities increasingly span functional units, requiring a move away from disconnected islands of policy toward comprehensive risk management solutions that bridge disparate technologies. As such, there is a growing trend among vendors toward delivering a one-stop-shopping approach to security risk management. However, in order to achieve the uniform policy control promised by these all-in-one solutions, administrators have to rely on one vendor, and relinquish their ability to choose the best point solutions. Successfully managing risk within the context of organizational strategy requires the flexibility to choose the best technologies that meet operational objectives. By integrating security processes across the organization into a single, holistic framework, organizations are able to reduce their exposure to risk efficiently while addressing the demands of compliance and competition. This white paper outlines how Red Lambda s Assurity SRM product can provide organizations with a comprehensive security risk management solution that maximizes return-oninvestment for existing hardware, software and training expenditures, while improving the operational efficiency of risk and compliance processes. 3

The Current Information Security Landscape As organizations have become increasingly information-centric, the motivations for threats against these resources have evolved from the casual to the criminal. With each new wave of attack, point solutions have been introduced to address them. In fact, if anything is certain in the security marketplace, it is that threats, and the safeguards that contain them, will continue their steady march forward. for consolidation and integration of security operations could never be greater, yet the security market continues its winnertake-all approach. Even in environments that choose to implement a single-vendor risk management approach, organizations find themselves integrating many different devices, interfaces, and applications together in a process that is anything but simple. Instead of reaping the benefits of reduced complexity and improved efficiency, organizations find themselves locked into a web of compromises. Defense in depth necessitates a layered approach to security across the endpoints, devices and resources in an organization. No single vendor will ever be able to provide all of the bestin-class tools in the risk management equation at the same time. It is clear that a fresh approach to this problem is required to ensure effective risk management and sound compliance practices in real-world environments. Historical Trends of Attack or Misuse, 2006 CSI/FBI Computer Crime and Security Survey Meanwhile, security management has been caught in a quagmire. Organizations are forced to choose between selecting the best tools for their budget and operational needs, and integrated security management solutions are focused on certain platforms or network hardware. Faced with expanding government regulations and competitive pressures, the need We need to move beyond today s scenario, where users struggle to implement NAC as a successful security framework. Just how bad is it? We ve found that 40% of enterprises surveyed had begun NAC deployments, but only 4% actually finished. - Forrester Research, April 2007 4

Red Lambda s Assurity SRM : Unified Security Risk Management Overview Red Lambda s security risk management system, Assurity SRM, has a different approach to proactively managing and protecting endpoints, information and resources. Assurity SRM uses Red Lambda s patent-pending collaborative grid technology to integrate seamlessly with existing devices and tools distributed across an organization, while marshalling unused resources to maximize efficiency. Assurity SRM coordinates these tools and devices into virtual teams, each one focused on collecting, processing, responding or proactively managing the environment to mitigate risk and achieve compliance. Linking threat protection, vulnerability management, network access control, leakage protection and other security controls to a highly-scalable, modular automation framework, Assurity SRM gives organizations the flexibility to select the best point technologies for their specific needs without compromise. The entire risk management process of the organization may be controlled and monitored from a central location, or parceled out across a federation of responsible parties, regardless of the underlying technologies in place. Assurity SRM acts as a pervasive policy abstraction layer, allowing administrators to specify proactive and reactive risk mitigation policies spanning the enterprise without worrying about whether or not the specific components were designed to work together. Security controls may be snapped into the framework via modular wrappers that make the controls available as services on Assurity SRM collaborative grid. By leveraging these security services together as the building blocks of policy workflows, Assurity SRM ensures that the most appropriate technologies are used to address threats, support compliance and mitigate risk. Real-world security management, punctuated by a high level of integration required by its supporting processes, is frequently a web of one-off scripting and complicated management. Well-understood, proven best practices guide most strategic decisions, yet integrating each new element complicates management and creates new dependencies. Because safeguards from different vendors frequently have no way to coordinate to secure information, overlapping controls can misalign security, creating vulnerabilities rather than protecting from threats. The value of access control and threat mitigation technology is that it s flexible and not baked into your infrastructure. This architecture more easily accommodates a centralized or federated policy store for consistent enforcement. Moreover, a software-based solution will operate across heterogeneous environments, ranging from hardware like routers, switches, and security appliances to software like configuration management, Active Directory, and the client security server. - Forrester Research, April 2007 Unfortunately, IT organizations faced with these challenges find themselves trading agility and efficiency for security. Red Lambda s Assurity SRM solution enables organizations to fully leverage their previous security, endpoint and infrastructure investments, readily accommodate future technologies, and make policy decisions and take action unfettered by the limitations of a specific product suite and inappropriate redundancies. 5

Features and Benefits Red Lambda s Assurity SRM system provides numerous benefits to organizations seeking to holistically take control of their risk management operations. Namely: Total Security Visibility: Assurity SRM collects, filters, correlates and aggregates security events from devices, tools and endpoints across the organization to monitor and react to threats. Assurity SRM automatically maps network topology, dependencies, and endpoints, and performs vulnerability analysis and relative asset valuations. Combining threat, vulnerability, value and other factors, Assurity SRM quantitatively profiles the security risk posture of the network, and provides full threat analysis with path mapping, vulnerability analysis and automated endpoint security management from a single interface. Assurity SRM modular wrapper library has full support for a wide array of open source and commercial endpoint, network security, logging and vulnerability analysis tools. In addition, Assurity SRM has an integrated, fully-distributed deep packet inspection engine, capable of monitoring traffic, applications, behavior and anomalies across the network. Ubiquitous Network Access Control: As part of its suite of preventative safeguards, Assurity SRM provides fully integrated pre/post-admission network access control (NAC). Its flexible Java architecture provides a seamless end-user experience for Windows, Mac and Linux endpoints over wired, wireless and VPN connections, with or without 802.1x. Administrators may choose from a broad array of Layer 2, 3 & 7 quarantine controls, including VLAN steering, ARP poisoning, dynamic ACLs, firewall & IPS rules, proxy redirection and others. Administrators also have the freedom to deploy any mix of installed agents or agent-less endpoints as required. Endpoint posture assessment supports a variety of popular software, and provides administrators with the ability to add custom applications as required. Multi-vendor VPN support ensures that policies are applied correctly to remote hosts. In addition, existing commercial NAC deployments can be invisibly integrated into Assurity SRM, providing advanced automation and risk management capabilities across platforms. Mitigates Endpoint Information Exposure: Assurity SRM proactively tracks endpoint information exposure, monitors and configures access controls, correlates audit records and maintains encryption. The system proactively manages endpoint information leakage protection (ILP) policy and integrates with best-in-class 3rd part ILP solutions for complete solutions for protecting data in motion and data at rest. Integrated risk analysis incorporates exposure information for more thorough risk visualization. Supports Compliance Requirements: Assurity SRM s underlying collaborative grid maintains secure archives of correlated and aggregated threat, vulnerability, control and policy action information. Users may choose retention periods, encrypted storage and other options in support of the most demanding compliance requirements. Holistic auditing, extensive notification support and automated reporting save time associated with compliance and regulatory processes. 6

Features and Benefits Vulnerability & Configuration Management: Assurity SRM provides automated configuration and remediation of endpoint security, including support for popular patch deployment tools, native OS manipulation and other mechanisms. Administrators may also choose to mix in selfremediation processes that transfer responsibility for compliance to the end user for environments desiring that approach. In addition, Assurity SRM supports a large collection of open source and commercial vulnerability analysis tools to take full advantage of existing investments in training and software. Modular Software-based Framework: Assurity SRM is a software-only solution that is designed to harmonize, not replace, existing network hardware, security appliances, software tools and endpoints. Its collaborative grid framework seamlessly coordinates underutilized resources, information and interfaces across an organization to perform the underlying tasks required for security risk management. A modular wrapper-based architecture allows new third party point solutions to be included ad-hoc as needed, and a large library of wrappers for open source and commercial security tools, network hardware and software applications is included. Assurity SRM acts as a policy abstraction layer, coordinating disparate capabilities, and allowing administrators to take a strategic, integrated approach to security risk management. Integrated Risk Management Console: Assurity SRM management console provides dashboard views of all risk, threat, vulnerability, configuration, exposure and network access control information. Central policy administration, asset valuation and the visual workflow designer combine with overlay-driven network visualization, comprehensive reporting and integrated case management to dramatically reduce the cost of managing security risks and meeting compliance requirements. Streamlines IT Operations Workflow & Reduces Costs: Assurity SRM provides an extensive library of pre-defined policy actions that can be selected for rapid deployment. In addition, Assurity SRM includes a visual workflow automation designer, which allows the deployment of complex actions by simply drawing their flow chart. This capability drastically reduces the burden of administration by acting as an abstraction layer between custom actions and the specific devices and tools of the network. Radical Scalability: Assurity SRM underlying foundation is based upon collaborative grid architecture, a unique fusion of the best elements of grid computing and P2P. Unlike other solutions based on dedicated hardware, or client-server architectures, Assurity SRM s underlying collaborative grid architecture is scale-free. This means that Assurity SRM has no practical limit to the size of its deployed environment. With its ability to leverage spare distributed resources, Assurity SRM continues to become more resilient and more capable the more nodes that are deployed. This means no requirement for dedicated hardware, no more monolithic upgrades and best of all, a minimal total cost of ownership (TCO). 7

Why Red Lambda? Red Lambda is a leader in the development of collaborative grid technology - a fusion of traditional grid computing and P2P - for use in distributed computing applications, Red Lambda s proprietary cgrid architecture is at the forefront of collaborative grid platforms. Every Red Lambda product leverages cgrid s extreme scalability, resiliency, and computational efficiency, resulting in products that integrate easily into various network environments. Red Lambda was founded by a quorum of experts from network engineering, security, the sciences and software development who believed that there had to be a better way to secure organizations. Instead of trying to build a better mousetrap, the team at Red Lambda focused on solutions that coordinated and harmonized resources, allowing them to be used together to collectively protect against threats, automate workflow and mitigate risk. Red Lambda s proven security solutions have yielded exceptional results, and earned high praise from customers, analysts and reviewers alike. Please visit www.redlambda.com for case studies, and more information about how we can help you let your network protect your network. A Look To The Future Red Lambda s mission is clear: We are committed to delivering practical, experience-driven security solutions for integrated security management, automation and risk mitigation. The future of yesterday has become the reality of today. Information security is on the cusp of an integration renaissance, during which organizational strategy and security operations will be unified to achieve practical goals and solve real problems. IT administrators need to continue to be able to choose the best technologies for their goals, budget and immediate needs, without losing integrated policy coordination. Aligning business priorities with information security requires a flexible, intelligent solution that works with, not against, existing investments to maximize ROI and minimize TCO. A system focused on proactively mitigating risk as the means to providing tangible value to the enterprise. Red Lambda s Assurity SRM solution is the first fully distributed, modular security risk management framework designed to streamline operations, eliminate vendor compromises, ensure compliance and most importantly, improve security. 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information