Solutions for admission control and data loss prevention in a modern corporate network



Similar documents
Symantec DLP Overview. Jonathan Jesse ITS Partners

Cisco TrustSec Solution Overview

Bring Your Own Device (BYOD) and 1:1 Initiatives: What Questions Do You Need to Answer Before Jumping In?

Secure Your Mobile Device Access with Cisco BYOD Solutions

SOSPG2. Implementing Network Access Controls. Nate Isaacson Security Solution Architect

Bring Your Own Device

Cisco Virtualization Experience Infrastructure: Secure the Virtual Desktop

Cisco Secure BYOD Solution

Secure Access into Industrial Automation and Control Systems Industry Best Practice and Trends. Serhii Konovalov Venkat Pothamsetty Cisco

Cisco Identity Services Engine

Stefan Dürnberger. Consulting Systems Engineer Cisco Deutschland. sduernbe@cisco.com. Co-Author Bitkom Leitfaden BYOD

Cisco s BYOD / Mobility

Providing a work-your-way solution for diverse users with multiple devices, anytime, anywhere

ACADEMIA LOCAL CISCO UCV-MARACAY CONTENIDO DE CURSO CURRICULUM CCNA. SEGURIDAD SEGURIDAD EN REDES. NIVEL I. VERSION 2.0

ForeScout CounterACT. Device Host and Detection Methods. Technology Brief

SECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD

BYOD(evice) without BYOI(nsecurity)

Secure Access into Industrial Automation and Control Systems Best Practice and Trends

Cisco & Big Data Security

Data Sheet: Endpoint Security Symantec Network Access Control Comprehensive Endpoint Enforcement

(d-5273) CCIE Security v3.0 Written Exam Topics

Cisco Integrated Video Surveillance Solution: Expand the Capabilities and Value of Physical Security Investments

Cyber Security Services: Data Loss Prevention Monitoring Overview

Whitepaper. Securing Visitor Access through Network Access Control Technology

Configure ISE Version 1.4 Posture with Microsoft WSUS

Cisco IT Validates Rigorous Identity and Policy Enforcement in Its Own Wired and Wireless Networks

Policy Management: The Avenda Approach To An Essential Network Service

Cisco BYOD Smart Solution: Take a Comprehensive Approach to Secure Mobility

Comprehensive real-time protection against Advanced Threats and data theft

Internet Content Provider Safeguards Customer Networks and Services

Deploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks.

BYOD Strategy and Solutions

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES

Cisco TrustSec How-To Guide: Planning and Predeployment Checklists

For your eyes only - Encryption and DLP Erkko Skantz

Chapter 1 The Principles of Auditing 1

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT

How To Use Cisco Identity Based Networking Services (Ibns)

Addressing BYOD Challenges with ForeScout and Motorola Solutions

This chapter describes the licensing mechanism and schemes that are available for Cisco ISE and how to add and upgrade licenses.

CompTIA Security+ (Exam SY0-410)

CCIE Security Written Exam ( ) version 4.0

Cisco Secure Network Server

Readiness Assessments: Vital to Secure Mobility

Network Virtualization Network Admission Control Deployment Guide

Check Point NAC and Endpoint Security Martin Koldovský SE Manager Eastern Europe

CompTIA Network+ (Exam N10-005)

Payment Card Industry Data Security Standard

Data Protection McAfee s Endpoint and Network Data Loss Prevention

MDM Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

Symantec Consulting Services

CONSUMERIZATION OF IT BYOD and Cloud-based File Storage

Cisco Passguide Exam Questions & Answers

Cisco Small Business ISA500 Series Integrated Security Appliances

WHAT S NEW IN WEBSENSE TRITON RELEASE 7.8

Network Access Control in Virtual Environments. Technical Note

Unified Security, ATP and more

Secure Networks for Process Control

Symantec VIP Integration with ISE

Cisco Advanced Routing and Switching for Field Engineers - ARSFE

Cisco Actualtests Exam Questions & Answers

WEBSENSE TRITON SOLUTIONS

Response to Questions CML Managed Information Security

Five Tips to Ensure Data Loss Prevention Success

MaaS360 Mobile Service

What s New in PCI DSS Cisco and/or its affiliates. All rights reserved. Cisco Systems, Inc 1

Implementing Cisco IOS Network Security

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

Cisco SecureX Product Brochure

Your Location Instant NOC using Kaseya. Administrator at Remote Location Secure access to Management Console from anywhere using only a browser

APWG. (n.d.). Unifying the global response to cybecrime. Retrieved from

Network as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats

XenMobile Integration with Cisco Identity Service Engine. Secure Access How -To Guides Series

APPENDIX 3 LOT 3: WIRELESS NETWORK

» WHITE PAPER X and NAC: Best Practices for Effective Network Access Control.

PCI Solution for Retail: Addressing Compliance and Security Best Practices

Preparing your network for the mobile onslaught

ENTERPRISE IT SECURITY ARCHITECTURE SECURITY ZONES: NETWORK SECURITY ZONE STANDARDS. Version 2.0

INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe

Avaya Identity Engines Portfolio

If you can't beat them - secure them

IT Security. Muscat 15+ ABOUT US IN A GLANCE

Secure Network Access for Personal Mobile Devices

Cisco Adaptive Security Appliances and Citrix NetScaler Gateway citrix.com

Top 10 Reasons Enterprises are Moving Security to the Cloud

ADDENDUM 12 TO APPENDIX 8 TO SCHEDULE 3.3

Performanta Pty Ltd. Company Profile. May Trust. Practical. Performanta.

Network Security. Network Security. Protective and Dependable. > UTM Content Security Gateway. > VPN Security Gateway. > Multi-Homing Security Gateway

Security Considerations for DirectAccess Deployments. Whitepaper

Cisco TrustSec How-To Guide: Guest Services

Lucent VPN Firewall Security in x Wireless Networks

Technical Note. ForeScout CounterACT: Virtual Firewall

Technical Note. CounterACT: 802.1X and Network Access Control

ForeScout Technologies Is A Leader Among Network Access Control Vendors

Transcription:

Solutions for admission control and data loss prevention in a modern corporate network 15 th Finance Tech Forum Yasen Spasov Sales & Pre-sales Manager

Executive Summary Founded in 1995 Subsidiary of INTRACOM Telecom (100%) which major shareholders are JSC SITRONICS (51%) and INTRACOM Holdings (49%) Main activities: design, development, implementation & support of high quality technologies and turnkey projects Number of employees: 60 Broad portfolio of several core business offerings: Wireless Network Systems Telco Software ICT Solutions and Services Variety of customers in the sectors of: Telecommunications Enterprise Financial Public Key partnerships with best-of-breed vendors Certified in accordance with EN ISO 9001:2008 standard requirements 2

Corporate World END USER EXPECTATIONS Over 15 Billion devices by 2015, with average worker with 3 devices New workspace: anywhere, anytime 71% Next Gen Y workforce do not obey policies 60% will download sensitive data on personal device IT TRENDS 50% workloads are virtualized - to increase efficiency 2/3 of workloads will be in the cloud by 2016 71% of the world s mobile data traffic will be video in 2016 Mobile malware has doubled (2010 to 2011) 3 REDUCE SECURITY RISK IMPROVE END USER PRODUCTIVITY INCREASE OPERATIONAL EFFICIENCIES

Addressing the needs Cisco Identity Services Engine (ISE) Authorized Access How can I restrict access to my network? Can I manage the risk of using personal PCs, tablets, smart-devices? Access rights on-prem, at home, on the road? Devices are healthy? Guest Access Can I allow guests Internet-only access? How do I manage guest access? Can this work in wireless and wired? How do I monitor guest activities? Non-User Devices How do I discover non-user devices? Can I determine what they are? Can I control their access? Are they being spoofed? 4

Previous Cisco TrustSec Solution Portfolio Identity & Access Control Access Control System AnyConnect Identity & Access Control + Posture NAC Manager NAC Server NAC Agent Device Profiling & Provisioning + Identity Monitoring NAC Profiler NAC Collector Standalone appliance or licensed as a module on NAC Server Guest Lifecycle Management 5 NAC Guest Server

Next Generation Solution Portfolio Identity & Access Control Access Control System AnyConnect Identity & Access Control + Posture Device Profiling & Provisioning + Identity Monitoring NAC Manager NAC Server NAC Profiler NAC Collector Standalone appliance or licensed as a module on NAC Server ISE 6 Guest Lifecycle Management NAC Guest Server NAC Agent

Secure Access: Classification Attributes Who? Employee Attacker Guest What? Personal Device Company Asset How? Wired Wireless VPN Where? @ Starbucks Headquarters When? Week Days Weekends 8:00 AM 6:00 PM (8:00am 5:00pm) PST 7

Providing the context essential to control Identity 1 Cisco ISE Profiling HTTP IEEE 802.1x EAP User Authentication NetFlow SNMP HQ Company Asset 2 Profiling to Identify Device VLAN 10 VLAN 20 4 Corporate Resources DNS RADIUS DHCP 2:38 p.m. Personal Asset 3 Posture of the Device Wireless LAN Controller Unified Access Management Policy Decision 5 Enforce Policy in the Network Internet Only 6 Full or Partial Access Granted 8

What is DLP? Where is your confidential data? How is it being used? How best to prevent its loss? DISCOVER MONITOR PROTECT DATA LOSS PREVENTION (DLP) 9

Symantec Products Storage Network Discover Data Insight Network Protect Endpoint Endpoint Discover Endpoint Prevent Network Network Monitor Network Prevent Management Platform Enforce Platform 10

for Storage Storage Network Discover Data Insight Network Protect Symantec Advantage The broadest coverage including file servers, databases, email, websites, groupware Custom scan management: Inventory, incremental and parallel scans Identify frequent users of confidential information Data Insight Extensive fix capabilities: ERM and encryption support, plus custom FlexResponse actions 11

for Endpoint Endpoint Endpoint Discover Endpoint Prevent Symantec Advantage Efficient, unobtrusive discovery Content-aware coverage of all activity including USB, print, fax, email, web Continuous protection even when disconnected from the corporate network Protect remote employee data even when in a private cloud Built-in agent management Extend endpoint security initiatives 12

for Network Network Network Monitor Network Prevent Symantec Advantage Scalable network monitoring Social media coverage Hosted messaging and web security services support Broad coverage of MTAs, gateways and proxies Integration with Symantec BrightMail Gateway (SBG) 13

Incident Review: Tablet Snapshot (Gmail) This Gmail incident shows the message was blocked and it shows exact matches. 14

Symantec Architecture MTA or Proxy SPAN Port or Tap Disconnected 15 SECURED CORPORATE LAN DMZ

Our Values Expertise local and international Experience solution provider Excellence drive customer s success through innovative solutions 16

INTRACOM BULGARIA S.A. 36 Dragan Tzankov Blvd., Interpred WTC, Block A, Floor 9, 1040 Sofia, Bulgaria tel.: +359 2 80 77 777 fax: +359 2 80 77 788

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information