Leveraging node based cloud containers to secure borderless networks

Similar documents
FireSphere Advanced APT Defense Web and Application Security Mobile Security

Top 10 Reasons Enterprises are Moving Security to the Cloud

Unmatched protection for borderless networks, covering BYOD, MDM and the Cloud

Detecting Threats Via Network Anomalies. Paul Martini Cofounder and CEO iboss Cybersecurity

Sophistication of attacks will keep improving, especially APT and zero-day exploits

Cisco ASA and Cloud Web Security: Best-in-Class Network Security Combined with Best-in-Class Web Security

Securing Virtualization with Check Point and Consolidation with Virtualized Security

Hyper-V Network Virtualization Gateways - Fundamental Building Blocks of the Private Cloud

you us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services

Delivering Managed Services Using Next Generation Branch Architectures

Cloud Based Secure Web Gateway

February Considerations When Choosing a Secure Web Gateway

Web Security Update. A Radicati Group, Inc. Webconference. The Radicati Group, Inc. Copyright March 2010, Reproduction Prohibited

Hillstone Intelligent Next Generation Firewall

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

Radware Cloud Solutions for Enterprises. How to Capitalize on Cloud-based Services in an Enterprise Environment - White Paper

Proactively Secure Your Cloud Computing Platform

Securing Dispersed Networks

Optimizing Service Levels in Public Cloud Deployments

Secure Cloud Computing

Web Security Gateway Anywhere

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Looking Ahead The Path to Moving Security into the Cloud

Securing the private cloud

Maginatics Cloud Storage Platform A primer

Network Performance + Security Monitoring

Performance Evaluation of Intrusion Detection Systems

wipro.com 10 Things to Look for in Software Defined WAN With SD WAN solutions coming of age, the year 2016 is expected to be its break out year

Buyers Guide to Web Protection

The Distributed Cloud: Automating, Scaling, Securing & Orchestrating the Edge

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

AppGuard. Defeats Malware

The first agentless Security, Virtual Firewall, Anti- Malware and Compliance Solution built for Windows Server 2012 Hyper-V

Detecting Anomalous Behavior with the Business Data Lake. Reference Architecture and Enterprise Approaches.

EVOLVED DATA CENTER ARCHITECTURE

Security is a top priority. The reasons for reliable network security keep growing.

Endpoint Threat Detection without the Pain

HTTPS Inspection with Cisco CWS

Cisco Advanced Malware Protection for Endpoints

On-Premises DDoS Mitigation for the Enterprise

Presenting Mongoose A New Approach to Traffic Capture (patent pending) presented by Ron McLeod and Ashraf Abu Sharekh January 2013

Preventing Data Leaks At The Firewall A Simple, Cost-Effective Way To Stop Social Security and Credit Card Numbers From Leaving Your Network

Protection Against Advanced Persistent Threats

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

The Dirty Secret Behind the UTM: What Security Vendors Don t Want You to Know

Symantec Protection Suite Add-On for Hosted and Web Security

Cloud and VM Based Security

Enabling Business Beyond the Corporate Network. Secure solutions for mobility, cloud and social media

Content Security Gateway Series Real-time Gateway Web Security Against Spyware and Viruses

A Mock RFI for a SD-WAN

Advanced Persistent Threats

Active Visibility for Multi-Tiered Security // Solutions Overview

Guest Speaker. Michael Sutton Chief Information Security Officer Zscaler, Inc.

MANAGED EXCHANGE SOLUTIONS Secure, Scalable and Compliant Hosted Environments

Digital transformation

F5 Identity and Access Management (IAM) Overview. Laurent PETROQUE Manager Field Systems Engineering, France

Taking to the Skies:IT Flight Plan for Cloud Security

Comprehensive real-time protection against Advanced Threats and data theft

OPTIMIZING PERFORMANCE IN AMAZON EC2 INTRODUCTION: LEVERAGING THE PUBLIC CLOUD OPPORTUNITY WITH AMAZON EC2.

Developing SAP Enterprise Cloud Computing Strategy

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

SourceFireNext-Generation IPS

Next Steps Toward 10 Gigabit Ethernet Top-of-Rack Networking

Why a Network-based Security Solution is Better than Using Point Solutions Architectures

Moving Beyond Proxies

MOVING SECURITY TO THE CLOUD. pandasecurity.com

WHITE PAPER. Managed Security. Five Reasons to Adopt a Managed Security Service

CLOUD NETWORK DEFENSE

Whitepaper. ISP Redundancy. A Practical Guide to ISP Redundancy and Uninterrupted Internet Connectivity

Meraki as Cisco Cloud Services Manage your network Where ever you are!

The Netskope Active Platform

E-Guide. Sponsored By:

Cloud Customer Architecture for Web Application Hosting, Version 2.0

Cloud Management. Overview. Cloud Managed Networks

Cisco AnyConnect Secure Mobility Solution Guide

SAAS VS. ON-PREMISE SECURITY. Why Software-as-a-Service Is a Better Choice for and Web Threat Management

Check Point taps the power of virtualization to simplify security for private clouds

Effective End-to-End Cloud Security

Threat-Centric Security for Service Providers

The Cost Benefits of a Hybrid Approach to Security

Increase Simplicity and Improve Reliability with VPLS on the MX Series Routers

TRITON AP-WEB COMPREHENSIVE REAL-TIME PROTECTION AGAINST ADVANCED THREATS & DATA THEFT

FROM PRODUCT TO PLATFORM

Security and Billing for Azure Pack. Presented by 5nine Software and Cloud Cruiser

White Paper. Time for Integrated vs. Bolted-on IT Security. Cyphort Platform Architecture: Modular, Open and Flexible

Integration Maturity Model Capability #5: Infrastructure and Operations

VIGILANCE INTERCEPTION PROTECTION

Cybercrime: evoluzione del malware e degli attacchi. Cesare Radaelli Regional Sales Manager, Italy cradaelli@paloaltonetworks.com

Cisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016

Seven Reasons to Embrace Cloud Security

Introducing IBM s Advanced Threat Protection Platform

Mobile Security and Management Opportunities for Telcos and Service Providers

Relational Databases in the Cloud

Ensuring the Security of Your Company s Data & Identities. a best practices guide

Virtual Client Solution: Desktop Virtualization

Fileweave. Large File Transfer. Seamless Microsoft Outlook add-in. Simple drag and drop functionality

Cloud for Credit Unions Leveraging New Solutions to Increase Efficiency & Reduce Costs Presented by: Hugh Smallwood, Chief Technology Officer

Introduction to the Mobile Access Gateway

Cisco Advanced Malware Protection for Endpoints

Transcription:

Leveraging node based cloud containers to secure borderless networks

Issue: Traditional security appliances were designed to protect web browsing Example: Secure Web Gateways Secure Web Browser Gateway Only scans for exploits & malware on web pages

Challenge: Internet access consists of more than web pages Applications & Malware co-exist outside of the web browser and are connected to the Internet Cloud They focus on web browser activity Are blind to non-web browser Internet traffic on the device Applications and evasive protocols (i.e.tor) exist outside of the web browser Legacy solutions lack effective approaches to managing SSL traffic TOR This leaves a massive security blind spot which is leveraged by malware, ransomware and exploits

Increasing this challenge is the growth of remotes sites and mobile employees Legacy approach responds by deploying more appliances or backhauling data which is inefficient & costly Internet Backhaul used to scan data with appliances at HQ Corporate HQ VPN Global Sites SWG Appliances deployed at remote locations to secure traffic is expensive and cumbersome Traditional on-premises security appliances Branch offices Traffic is backhauled to HQ through expensive MPLS links introducing latency and cost

Alternatively, hybrid cloud deployments are utilized which only complicates matters Requires managing multiple consoles which increases demand for administrative resources and limits network visibility Corporate HQ = On-Premise appliances Security is scanned via appliances at HQ with policy & reporting managed through the on-premises admin console Import/export logs between HQ and cloud to keep them in sync Remote Sites = Cloud web security Security is provided in the cloud with policy & reporting managed through the cloud policy admin console Internet Cloud Security On-premise policy console Cloud policy console Inconsistent User Experience Security Appliances User Experience at HQ Because security is applied by appliances deployed at HQ, users get a web experience provided by the appliances at HQ Mobile User Experience Because security is applied in the cloud, users get a web experience provided by the cloud web security platform

All-cloud web security s monolithic cloud architecture becomes a concern Data is shared across one massive cloud increasing compliance concerns for the mobile workforce Monolithic? Traditional Cloud Security Concerns with traditional cloud security A monolithic cloud architecture which shares sensors and databases across many customers Regulatory compliance? This cloud can fracture leading to latency as well as expose organizations to security breaches Concerns meeting regulatory compliance such as Safe Harbor Corporate data is forced to the cloud, which may not be desirable HQ is forced to the cloud

We can solve these challenges by leveraging a flexible node-based elastic container cloud architecture Advantages: Benefit from the infinite scalability and elasticity of the cloud Comprehensive security to protect remote sites and mobile users with security that follows users in the cloud Cloud nodes are elastic and can be customerhosted, reside in the cloud virtualized fabric, or both Cloud Container Eliminates hybrid deployment pain points of managing hardware and multiple policy consoles Provides a seamless node-based solution for customers who are cloud adverse or restricted from adopting the cloud

Node based cloud containers Containers vs. Virtual Appliances Cloud architecture is fundamentally different from conventional security cloud architectures Does not rely on virtual appliances instantiated in the cloud to replace traditional appliances Cloud utilizes a proprietary container-based virtualized architecture Leveraging nodes to deliver an infinitely scalable, dynamic and elastic cloud

How the Cloud container is built Cloud customer container URL Filtering Module Reporting Module Advanced Threat Defense (ATD) Module Advanced Threat Defense (ATD) Nodes Node Cluster Module Built from Nodes Container Built from Modules CLOUD CONTAINER Cloud Container Built from individual modules working together (e.g. URL, Reporting, ATD) Represents all of the iboss cloud functionality for a customer 1 Container = Multiple Modules Modules represent a component (e.g., URL, Reporting, ATD), and together they create a customer container. They independently scale on demand, resulting in a more resilient cloud architecture 1 Module = Multiple Virtualized Nodes Multiple cloud nodes performing the same functions cluster together. Module functionality is identically replicated in each node. Each node is a virtual instance (VM), and can be created or destroyed in seconds across the node fabric

The flexibility of a node-based elastic cloud container architecture is unmatched Corporate HQ Traffic is scanned through customer hosted nodes that reside locally at corporate HQ 4 Remote sites and branch offices Traffic is scanned through virtualized cloud nodes residing in the cloud fabric Mobile Users Traffic is scanned through virtualized cloud nodes residing in the cloud fabric Cloud Container Encapsulates all nodes, providing consistent policy & reporting across all users and managed through one central management console in a secure isolated environment Elastic Cloud Container Cloud nodes servicing mobile users Cloud nodes servicing remote sites Hosted nodes at Headquarters 4

Stream based security leveraging elastic containers eliminates blind spots Deep stream-based packet scanning engine with full traffic visibility provides security beyond the web browser Cloud Stream based advantages: TOR communication blocked preventing loss Zeus TOR TOR Security that extends beyond web browser traffic to secure all Internet traffic Leverages a node based elastic container cloud architecture to secure all users and locations with ease Enables safe access to approved SaaS applications ensuring uninterrupted business operation Detects evasive, polymorphic malware including those masking communication via TOR (ex. Zeus64, Locky)

Module for anomaly does not rely on known malware samples Normal traffic Alerting Threshold Abnormal traffic Data Hijack In Progress Internet Internet Alerts Sent Protection against even the most advanced polymorphic malware Triggers based on behavior of the current data compared to normal data baseline Does not rely on malware signature updates This makes it capable of detecting malware even if it has never been seen in the wild and is unclassified Shortens the data loss window. For every passing minute that elapses waiting for a signature update, thousands of files are stolen resulting is massive losses

Secures borderless networks in a node-based containerized environment cloud node-based elastic container Single policy & reporting admin console Virtualized cloud nodes cloud node-based elastic container cloud Virtualized cloud nodes HQ Cloud HQ Customer hosted cloud nodes servicing HQ Hosted cloud node servicing mobile users Hosted cloud node servicing branch offices HQ, remote sites, and mobile users secured by hosted cloud nodes

Cloud node-based containers prepare you for the future node-based elastic container Virtualized cloud nodes in cloud fabric Policy console remains consistent during migration iboss node Customer hosted nodes Nodes migrate seamlessly Internet Today Tomorrow Hosted node migrates to cloud nodes

Are you prepared for the future? On-premises appliances and hybrid solutions require network restructuring and purchasing new products Must invest resources to migrate security policies & report logs Migration to cloud security Traditional Appliances Today Limited migration path Dispose of on premises appliances = increased TCO Tomorrow Massive network restructuring

For more information, visit www.iboss.com Connect with us: 16

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information