Enterprise Security Platform for Government

Similar documents
The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud

A Modern Framework for Network Security in Government

VM-Series for VMware. PALO ALTO NETWORKS: VM-Series for VMware

About the VM-Series Firewall

About the VM-Series Firewall

Breaking the Cyber Attack Lifecycle

WildFire. Preparing for Modern Network Attacks

Palo Alto Networks. October 6

Palo Alto Networks Cyber Security Platform for the Software Defined Data center. Zekeriya Eskiocak Security Consultant Palo Alto Networks

Palo Alto Networks Next-Generation Firewall Overview

Palo Alto Networks Next-generation Firewall Overview

How Palo Alto Networks Can Help With ASD's Top Cyber Intrusion Mitigation Strategies

Content-ID. Content-ID enables customers to apply policies to inspect and control content traversing the network.

Securing the Virtualized Data Center With Next-Generation Firewalls

CASE STUDY. AUSTRIAN AIRLINES Modernizes Network Security for First Class Performance

Moving Beyond Proxies

FROM PRODUCT TO PLATFORM

Content-ID. Content-ID URLS THREATS DATA

Securing Traditional and Cloud-Based Datacenters With Next-generation Firewalls

REPORT & ENFORCE POLICY

App-ID. PALO ALTO NETWORKS: App-ID Technology Brief

Next Generation Security Strategies. Marc Sarrias Regional Sales Manager

Palo Alto Networks and Splunk: Combining Next-generation Solutions to Defeat Advanced Threats

A Modern Framework for Network Security in the Federal Government

Agenda , Palo Alto Networks. Confidential and Proprietary.

Carbon Black and Palo Alto Networks

MEETING CSIP OBJECTIVES WITH AN AUTOMATED AND PREVENTIVE SECURITY APPROACH

Integrated Approach to Network Security. Lee Klarich Senior Vice President, Product Management March 2013

Palo Alto Networks Users Group. February 2014

Next Generation Enterprise Network Security Platform

The Hillstone and Trend Micro Joint Solution

Palo Alto Networks. September 2014

WildFire Overview. WildFire Administrator s Guide 1. Copyright Palo Alto Networks

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Does your Citrix or Terminal Server environment have an Achilles heel?

Panorama. Panorama provides network security management beyond other central management solutions.

McAfee Security Architectures for the Public Sector

Addressing APTs and Modern Malware with Security Intelligence Date: September 2013 Author: Jon Oltsik, Senior Principal Analyst

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

Data Center Micro-Segmentation

Set Up a VM-Series Firewall on the Citrix SDX Server

THREAT INTELLIGENCE CLOUD

Session 9: Changing Paradigms and Challenges Tools for Space Systems Cyber Situational Awareness

How To Protect A Virtual Desktop From Attack

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

Advanced Threat Protection with Dell SecureWorks Security Services

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Deployment Guide for Citrix XenDesktop

Critical Security Controls

Next-Generation Datacenter Security Implementation Guidelines

Covert Operations: Kill Chain Actions using Security Analytics

May Palo Alto Networks 232 E. Java Drive Sunnyvale, CA

Technology Blueprint. Secure Your Virtual Desktop Infrastructure. Optimize your virtual desktop infrastructure for performance and protection

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre

Panorama PANORAMA. Panorama provides centralized policy and device management over a network of Palo Alto Networks next-generation firewalls.

Cybersecurity Imperatives: Reinvent Your Network Security With Palo Alto Networks

How Attackers are Targeting Your Mobile Devices. Wade Williamson

CASE STUDY. NEXON ASIA PACIFIC Nexon Securely Onboards 25 Cloud Customers in Only Eight Months

SANS Top 20 Critical Controls for Effective Cyber Defense

What s Next for Network Security - Visibility is king! Gøran Tømte March 2013

you us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

Understanding SCADA System Security Vulnerabilities

REMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION

How To Create An Insight Analysis For Cyber Security

Perspectives on Cybersecurity in Healthcare June 2015

The Importance of Cybersecurity Monitoring for Utilities

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Meeting the Challenges of Virtualization Security

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Set Up a VM-Series NSX Edition Firewall

Unified Security, ATP and more

Stallion SIA Seminar PREVENTION FIRST. Introducing the Enterprise Security Platform. Sami Walle Regional Sales Manager

How To Buy Nitro Security

Orchestrating Software Defined Networks (SDN) to Disrupt the APT Kill Chain

BlackRidge Technology Transport Access Control: Overview

APERTURE. Safely enable your SaaS applications.

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

SOLUTION BRIEF. Next Generation APT Defense for Healthcare

Five Steps For Securing The Data Center: Why Traditional Security May Not Work

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

White Paper. Advantage FireEye. Debunking the Myth of Sandbox Security

Trend Micro InterScan Web Security and Citrix NetScaler SDX Platform Overview

Secure Cloud-Ready Data Centers Juniper Networks

Using Palo Alto Networks to Protect the Datacenter

Defending Against Cyber Attacks with SessionLevel Network Security

Threat-Centric Security for Service Providers

Firewall Feature Overview

PANORAMA. Panorama provides centralized policy and device management over a network of Palo Alto Networks next-generation firewalls.

Streamline PCI Compliance With Next-generation Security

Cloud and Data Center Security

Networking for Caribbean Development

SPEAR PHISHING AN ENTRY POINT FOR APTS

Network Access Control in Virtual Environments. Technical Note

Transcription:

Enterprise Security Platform for Government

Today s Cybersecurity Challenges in Government Governments are seeking greater efficiency and lower costs, adopting Shared Services models, consolidating data centers and moving to virtualization. They must find ways to increase capacity in fewer data centers and adopt virtualization without impacting security. As some of the most targeted organizations in the world, they know nation-states and other adversaries will continue to threaten sensitive information, military networks and communications with Zero Days and Advanced Persistent Threats (APTs). Such attacks cut straight through today s endpoint solutions undetected. Targeting endpoints through frequented websites and credential theft, as well as blended tactics, they look for any weak point to penetrate. Critical infrastructure including Supervisory Control and Data Acquisition (SCADA) systems which run nations power grids and other utilities, weapons systems and more must also be prioritized. Such systems need security solutions which can understand their proprietary protocols and block traditional IT applications and unauthorized users from these critical networks. Modern military personnel and mobile civilian workers are increasingly untethered from their government networks using mobile devices as well as advanced tactical mobile gear. As such, cyber defense is at an all-time high priority and must not only focus on prevention but resilience in the face of an attack. It must defend the endpoint however defined by the strategic, tactic, military or civilian entity and thwart advanced attacks and lateral movement to ensure resilience when attackers Government challenges and initiatives: Advanced and highly targeted threats at the endpoint, lateral movement through the network Need security for consolidated and virtualized data centers Protect Shared services Ensure resilient real-time tactical communications Protect sensitive data Support military s future sailor/soldier/airman reach the heart of the network. To effectively protect today s government networks, a modern cyber defense is necessary. Traditional Point solutions Don t Address Modern Government Needs To overcome these challenges and effectively prevent today s most advanced cyber attacks, a disruptive, comprehensive approach a platform approach is necessary. Palo Alto Networks enterprise security platform eliminates complexities involved with point products firewall, IPS, IDS, URL filtering, endpoint antivirus, and more. The enterprise security platform realizes this vision of comprehensive security by integrating the power of three core elements: NEXT-GENERATION FIREWALL NATIVELY INTEGRATED N E T W O R K THREAT INTELLIGENCE CLOUD AUTOMATED CLOUD Figure 1: Palo Alto Networks enterprise security platform. E N D P O I N T EXTENSIBLE ADVANCED ENDPOINT PROTECTION The advanced endpoint prevention, Traps, ensures that the point of entry for most advanced threats, the host, is secure. It uses a disruptive approach to prevention, stopping the underlying techniques used by exploits and malware in their attack chain. This is unlike the ineffective and burdensome approach used by traditional endpoint solutions which only look at the ever growing repository of known signatures, strings, and behaviors to try to deter Zero Day attacks. The threat intelligence cloud (public or private) analyzes and correlates intelligence from all platform security functions URL Filtering, mobile security, IPS/threat prevention and the virtual execution engine or sandbox, WildFire and validated community input. WildFire immediately discovers previously unknown malware and communicates the results to the platform to automatically generate signatures. All threat intelligence is distributed PAGE 2

to the network and endpoints to ensure they are protected. Known, Zero Day and advanced attacks, including APTs, can all be prevented from endpoint to data center. This is all done automatically, reducing operational burden and shortening an organization s response time. Governments can select a cloud or private threat intelligence network option. This innovative architecture can be operated at a fraction of the cost it takes to deploy and manage an equivalent set of point products. Government Benefits to Platform Security Palo Alto Networks enterprise security platform provides several benefits while enabling a solid cyber defense with detection, prevention and resilience: Advanced threats and APTs at the endpoint: Advanced endpoint protection, unlike traditional government host-based security solutions, can prevent an adversary who uses active exploits of software vulnerabilities as an advanced attack against the government. By mitigating the finite number of exploitation techniques an attacker must use to deliver their exploit, rather than analyzing and reacting to every exploit, prevents delivery entirely. Advanced threats and APTs in the network: By supporting all of the applications used by adversaries not just web and email and selectively decrypting SSL communications often used to hide attacker communications, uncover more ways the adversary can get in and move laterally. Advanced attackers use content disguised in common protocols such as UDP and FTP, use peer-to-peer applications and port hopping, as well as other evasive maneuvers. The platform sees it all. Full-threat view: With the sophistication and highly targeted nature of attacks against governments, the adversary can use numerous approaches and actions to get in and move across the network. Palo Alto Networks Threat Intelligence from the cloud or an on-premises government-run platform constantly gathers intelligence on evasive applications and converts the intelligence back into all platform devices. This ensures that organizations maintain control of evasive applications to ensure authorized activity traverses the networks while unauthorized activity fails to route. Our application research and intelligence team is available to perform custom intelligence analysis on any application the government deems necessary to ensure quality of service and control at every location on the enterprise. With this important triumvirate, the platform approach is the key to preventing advanced attacks and Zero Days. Resilience: If and when an adversary makes its way onto the network, they are limited in what they can do, where they can go and what data they can access. With network segmentation allowing only approved users access to approved applications the platform instills a zero-trust environment. Advanced attacks at the endpoint can be mitigated with an advanced techniques approach. And the attacker is discoverable. The platform provides more control over authorized and unauthorized traffic than any other solution. Data center consolidation and virtualization security: With the same complete visibility and protection to the data center without impact to speed or efficiency, the platform examines 100 percent of the traffic flowing in and out of the data center and between every application. Segmenting North-South (physical) and East-West (virtual) traffic, the platform tracks virtual application provisioning and changes via dynamic address groups, and automation and orchestration support via REST-API. The Palo Alto Networks virtual (VM)-Series for NSX can be deployed as a service with VMware NSX and Panorama, with VMware ESXi as part of a virtual network configuration for East-West traffic inspection, and as guest VMs on Citrix NetScaler SDX, consolidating Application Delivery Controllers (ADCs) and security services for multi-tenant, and Citrix XenApp/ XenDesktop deployments. The virtual platforms are also available for Kernel-based Virtual Machine (KVM) Hypervisors. Scale: Scaling to support more data in fewer entry points, the platform supports Government data consolidation and cost reduction efforts. PAGE 3

SCADA network security: Enforce network segmentation of government SCADA networks from the IT networks, enable legitimate SCADA protocols and content onto the network and only to approved SCADA network users through Role-based access controls (RBAC). The platform library contains application signatures for control network applications including Modbus, OSIsoft PI, ICCP, DNP3, and more, without disruption of critical systems such as sewage, water, electric and more on Army bases, posts and camps. Tactical Network security: Overcome lack of necessary security skillsets in tactical deployments that could increase the risk from misconfiguration, incorrect security policy rule, or missed signature update. Configure from a central management platform, automatically provision and deploy. Support custom application signatures for custom government or military applications and threat signatures all locally or through the centralized management platform, as well as signatures for threats specific to the network/ enclave or division without necessitating direct vendor support. Kill chain-wide defense: If caught at any stage in the kill chain, the attacker s strategy fails. Critical areas the platform defends against either outright attack or lateral movement to a desired target are data center edge and inter-vm, endpoints (mobile and fixed), tactical and SCADA networks. Private threat intelligence cloud: With immediate access to threat intelligence for Security Operations Centers, situational awareness requirements, and other cyber intelligence analysis needs, access integrated logs to quickly investigate and correlate events, locate data needed for timely investigations and incident response and make it actionable through log queries or custom signatures. Governments can develop and manage their own threat intelligence cloud on a closed, dedicated Palo Alto Networks WF-500 threat intelligence platform. (See Figure 2.) Zero Days Unknown Malware Known Malware Evasive Applications Threat Protection (URL/C2/ Etc) THREAT INTELLIGENCE Automated File Analysis Immediate Intelligence Conversion Wildfire Automated Global Dissemination Active Network Traffic Platform Devices Endpoint Memory Endpoint Agents Mobility Devices GlobalProtectVPN Internet Coalition! Mobile! Deployed Data Center Component/Subscriber Premise/DMZ Figure 2: Palo Alto Networks enterprise private threat intelligence cloud for Government. PAGE 4

What Risks Exist In Your Government Network? A strong cyber defense, agile to the needs of Governments globally as well as to the adversaries tactics and tool changes, is germane to the future. Palo Alto Networks meets the cyber security needs of its government customers by providing a future-proof platform with visibility, prevention and resilience from endpoint across the heart of the network and data center and for all threat types. Customers across all continents and numerous industries, the Fortune 100 and the most advanced governments and militaries rely on Palo Alto Networks to improve their cybersecurity posture. Schedule an Ultimate Test Drive (UTD) for hands-on experience with the platform. Find out how you can quickly discover what protocols, applications and risks exist on your own network. 4401 Great America Parkway Santa Clara, CA 95054 Main: +1.408.753.4000 Sales: +1.866.320.4788 Support: +1.866.898.9087 www.paloaltonetworks.com Copyright 2015, Palo Alto Networks, Inc. All rights reserved. Palo Alto Networks, the Palo Alto Networks Logo, PAN-OS, App-ID and Panorama are trademarks of Palo Alto Networks, Inc. All specifications are subject to change without notice. Palo Alto Networks assumes no responsibility for any inaccuracies in this document or for any obligation to update information in this document. Palo Alto Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. PAN_WP_ESPG_011215

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information