Sicherheit durch Open Source?! Markus Hennig CTO, Astaro

Similar documents

Astaro Gateway Software Applications

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

Boston Area Windows Server User Group April 2010

Astaro Security Gateway V7 Active/Active-Cluster Licensing Partner FAQ

Ensure your digital records have a future. Digital preservation

Why use Linux Based Server??

How To Manage Information Technology

Komplettschutz für den Mittelstand

Symantec Enterprise Firewalls. From the Internet Thomas Jerry Scott

Infrastruktur Sicherheit mit Checkpoint

Linux Server Support by Applied Technology Research Center. Proxy Server Configuration

If you have questions or find errors in the guide, please, contact us under the following address:

HOB Remote Desktop VPN Secure access for remote workers and business partners to your enterprise network

Release: 1. ICASAS206A Detect and protect from spam and destructive software

Securing Virtualization with Check Point and Consolidation with Virtualized Security

Benutzerfreundlich, tiefe Betriebskosten und hohe Sicherheit. Warum sich diese Ziele nicht widersprechen müssen

DataTrust Online Backup

WatchGuard: Your Security Partner of Choice. Carlos Vieira

World-class security solutions for your business. Business Products. C a t a l o g u e

BSD Firewalling with pfsense. NYCBSDCon 2010

Unified Threat Management Systems (UTMS), Open Source Routers and Firewalls. Tim Hooks Scott Rolf

Intelligent Logging & Reporting Cyberoam iview Appliance

Die neuen Sophos Suiten - Alles in einer Lizenz

Barracuda Backup for Managed Services Providers Barracuda makes it easy and profitable. White Paper

Sophos Acquires Cyberoam

Working in a ubiquitous computing environment

MANAGED DATABASE SOLUTIONS

Tagesordnung WIN/IP-Forum

quick documentation Die Parameter der Installation sind in diesem Artikel zu finden:

KERIO TECHNOLOGIES KERIO WINROUTE FIREWALL 6.4 REVIEWER S GUIDE. (Updated April 14, 2008)

A progressive and integrated approach to protecting corporate networks

SOLARIS 10 SECURITY. Technical Overview. Andreas Neuhold Systems Practice Lead Austria Sun Microsystems, GesmbH

INTRODUCING KERIO WINROUTE FIREWALL

SafeEnterprise SSL igate Managing Central Access to Resources with VPX Technology

Sophos UTM. Remote Access via PPTP. Configuring UTM and Client

Sophos Roadshow. Complete Security Vision

Sophos UTM. Remote Access via SSL. Configuring UTM and Client

Sabine Reich SAP. Test Workbench - Introduction

The Advantages of a Firewall Over an Interafer

Astaro User Portal: Getting Software and Certificates Astaro IPsec Client: Configuring the Client...14

A progressive and integrated approach to protecting corporate networks

SAP Enterprise Portal 6.0 KM Platform Delta Features

Federated Network Security Administration Framework

The Attacker s Target: The Small Business

Your Security Partner of Choice

Traditional Commercial Software Development. Open Source Development. Traditional Assumptions. Intangible Goods. Dr. James A.

World-class security solutions for your business. Kaspersky. OpenSpaceSecurity

Check Point taps the power of virtualization to simplify security for private clouds

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

KASPERSKY ANTI-MALWARE PROTECTION SYSTEM BE READY FOR WHAT S NEXT. Kaspersky Open Space Security

repositor.io Simple Repository Management Jürgen Brunk München, 03/2015

CA Computer Associates. Nils Meyer CA Computer Associates GmbH Hamburg

By Jascha Wanger

hyperguard Defining a dwaf to secure cloud applications By Alexander Meisel, CTO and Co-Founder

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments

Certificate SAP INTEGRATION CERTIFICATION

What would you like to protect?

Research Note. Mobile working in a company

A Manager s Guide to Unified Threat Management and Next-Gen Firewalls

Status of Open Source and commercial IPv6 firewall implementations

Use of DB2 purescale with SAP Applications

FEATURE. THE RISE OF SSL VPNS by Ian Kilpatrick, chairman Wick Hill Group. Summary of feature words. * Recent growth of SSL VPNs

INFORMATION PROTECTED

Professional Integrated SSL-VPN Appliance for Small and Medium-sized businesses

4. Exercise: Developing CERT Infrastructure 4.1 GENERAL DESCRIPTION 4.2 EXERCISE COURSE. 4.3 Introduction to the exercise. CERT Exercises Handbook

ESET Security Solutions for Your Business

IBM Endpoint Manager Product Introduction and Overview

University of Edinburgh. School of Informatics. Intellectual Property and the Digital Age. Chris Martin

Proof of Concept Guide

MANAGED EXCHANGE SOLUTIONS Secure, Scalable and Compliant Hosted Environments

Why Free Patch Management Tools Could Cost You More

BRFplus Field Configuration for Portfolio Management

Sophos (Schweiz) AG May 2012

CMPT 471 Networking II

Realizing the Breakthrough Economics of Linux and Open Source through Hybrid Development. Tim Yeaton, President and CEO Black Duck Software

IREBOX X. Firebox X Family of Security Products. Comprehensive Unified Threat Management Solutions That Scale With Your Business

MANAGED SECURITY SERVICES

Solution Brief: Enterprise Security

Astaro Security Gateway V8. Remote Access via L2TP over IPSec Configuring ASG and Client

Firewall and UTM Solutions Guide

SharePoint Unlimited... or how to deal with the explosive growth of unstructured data in SharePoint in a secure and transparent manner.

Sophos UTM Endpoint meets Gateway. Jonathan Hope Channel Manager Network Security UK & Ireland

THE EVOLUTION CONTINUES

Getting Started with HC Exchange Module

Sophos UTM. Remote Access via SSL Configuring Remote Client

Security Gateway 10er Serie

ICAWEB423A Ensure dynamic website security

WatchGuard SSL 2.0 New Features

Operating System Security

NOCTUA by init.at THE FLEXIBLE MONITORING WEB FRONTEND

Closed-Loop Engineering Integrated Product Development at a Vehicle Manufacturer

Firewalls Overview and Best Practices. White Paper

Secure VoIP for optimal business communication

Red Hat and the Telecommunications

MICROS Customer Support

Linux VPS with cpanel. Getting Started Guide

WHITE PAPER. Best Practices for Globally Deploying Wireless Messaging

Transcription:

Sicherheit durch Open Source?! Markus Hennig CTO, Astaro

Open Source? Sicherheit Open Source Page 2

Open Source! Sicherheit Open Source Page 3

Open Source the most famous Sicherheit Open Source Page 4

Sicherheit Open Source Page 5

Linux Linux Foundation 2008: - 33.00 files - 13Mill LoC - 7500 Man Year - 1.4 Mrd$ value Sicherheit Open Source Page 6

Sicherheit durch Open Source? - Why not? - AES, 3DES WEP, DECT, GSM A5/1 A5/2 - Secrecy Security - Security is not a state, but a process! - Security is not absolute, but relative! - Real security is not compromised when people become aware of it Sicherheit Open Source Page 7

Security Myths about Open Source Eyes that look do not always see High level of complexity in the code prevents most users from in-depth audit "Hotspots" in the code are reviewed regularly - others parts are not Large tester-base can not show the absence of bugs, therefore you need qualified code security examination You not only have friendly code analysts, there are also hostile ones Open source is no security panacea Sicherheit Open Source Page 8

Open Source in Astaro Produkten EAL 4+ Sicherheit Open Source Page 9

The Netfilter project as an example - Description: Linux packet filter, featuring stateful firewalling, all variations of NAT and load balancing and packet mangling - the project was founded in 1999 in Australia, currently has 5 core members and more than 700 contributors of significant code parts - grew to 93.000 lines of code in 3 years, average of 1.400 postings/month on the devel mailing lists, currently around 300 active developers - 65 code improvements or fixes/month per stable release from the community - example: FTP-conntrack bug being fixed during 'off hours' while Astaro developers were sleeping - according to the questions asked on the mailing lists from different authors, Astaro believes thousands are examining the code (Netfilter, 2003) Sicherheit Open Source Page 10

Astaro Company Profile Founded 2000 220 employees Headquarters in: - Karlsruhe (Germany) - Boston (USA) Worldwide Offices > 3000 partners & resellers worldwide 24/7 Service Astaro protects more than 100.000 networks for ca. 60.000 customers in over 60 countries Sicherheit Open Source Page 11

1..10 The Astaro Difference Only Astaro appliances are available in three different types Nobody's more flexible One-Click Clustering Nobody's faster Prooven technology Over 60,000 customers are already protecting more than 100,000 networks with an Astaro appliance 10-Minute-Setup Sicherheit Open Source Page 12

Weltweites Netzwerk von zertifizierten Partnern Sicherheit Open Source Page 13

Astaro Unified Threat Management Appliances Sicherheit Open Source Page 14

Astaro 2000 Sicherheit Open Source Page 15

Sicherheit Open Source Page 16

Astaro Security Gateway-Architecture Firewall Astaro enhanced Linux Hardened Linux Distribution with installation wizard and automatic hardware detection Proprietary platform Web Content Filter Secure Operating System Virus Protection The glue for easy-to-use products: MiddleWare, WebAdmin, Confd, Up2Date, SelfMonitor, High Availability Open Source applications Cutting-edge security applications like netfilter, squid, exim etc. Mostly first out there and very reliable. Proprietary applications Remote Access Range of proprietary Astaro and 3rd party technologies for up-selling, currently virus scanner and URL list Sicherheit Open Source Page 17

Understanding the Open Source ecosystem - Open Source : used as a general term for software with source code open to read for everybody - Different licenses usable: BSD, GPL, Artistic License, similar licenses models from SUN, Microsoft, What is interesting on Open Source? Projects Programs Products Source Code Method Organization Involved people Involved Organization Sicherheit Open Source Page 18

Using Open Source Open Source ist Mittel zum Zweck, nicht Selbstzweck Open Source Code... Organisation, Methode, Leute Open Source: Mozilla, KDE Linux, OpenSSL lighttpd, JsTetris Sicherheit Open Source Page 19

Using Open Source Open Source ist Mittel zum Zweck, nicht Selbstzweck Open Source Code... Organisation, Methode, Leute Open Source: Mozilla, KDE Linux, OpenSSL lighttpd, JsTetris Open Source ist auch eine Methode: distributed, de-central, un-democratric open and flexible without costs difference to commercial software engineering GPL: GNU Public License is a valid software license Kunden: - interessiert OS überhaupt nicht - wollen ein Produkt, kein OS Projekt - vergleichen TCO, nicht frei verfügbaren Source Code Sicherheit Open Source Page 20

Vielen Dank! Fragen?