Threat Ready: The Benefits of Segmentation Burwood Group, Inc. Threat Ready: The Benefits of Segmentation

Agenda Burwood Intro Segmentation Overview Perimeter Segmentation Data Center Segmentation Micro-Segmentation Communication Restrictions vs Security Benefits 9/17/2018 The Benefits of Segmentation

Our Perspective: IT Trends Increased demand for IT to add strategic value to the organization Focus on leveraging innovation and technology outside the enterprise (inside-out to outside-in) Increased data availability demands quantitative insights Heightened end-user technology expectations Impact of mobile device market explosion Demand for fast access to data and applications from any consumer device Move towards the cloud Move from traditional infrastructure to converged (or hyper-converged) infrastructure Cloud-platform adoption leads to security concerns Increased “as a service” technology consumption 9/17/2018 Burwood Group Overview

Our Point of View Burwood Group Business Processes Knowledge Technology Ecosystem To achieve its strategic goals, an organization’s technology investments must lead directly to specific business and clinical outcomes. To achieve an outcome, the organization’s technology must be designed, built and managed to deliver knowledge to the end user. Burwood Group integrates an organization’s technology ecosystem and business processes and knowledge to enable its people to perform in the unique context of their environment. We KNOW that tech investments MUST lead directly to specific outcomes. The tech MUST be designed to deliver that “knowledge” to the end user. Burwood can integrate the tech ecosystem. 9/17/2018 Burwood Group Overview

Segmentation Overview Credible Resource (Wikipedia) “Network segmentation in computer networking is the act or profession of splitting a computer network into subnetworks, each being a network segment. Advantages of such splitting are primarily for boosting performance and improving security.” Burwood Organizing your network based on applications, users, content, or business function Applying security to this organization by enforcing restrictions between network segments on a need to know basis https://en.wikipedia.org/wiki/Network_segmentation All of this is based on zero-trust and CIA 9/17/2018 The Benefits of Segmentation

Zero Trust Secure Access All resources are accessed in a secure manner regardless of location Access Restrictions Least privilege or “need-to-know” restrictions Verify Ensure users, applications, and content are all legitimate Inspect & Log Record all access and user activity From Del – don’t have to limit to three zones, can subdivide

Segmentation Overview What does this mean to your organization? Are you applying segmentation now? Are you applying security between your network segments? 9/17/2018 The Benefits of Segmentation

Perimeter Segmentation Most organizations are already segmenting their perimeter The implementation of a DMZ is segmentation 9/17/2018 The Benefits of Segmentation

Perimeter Segmentation Already utilizing the Zero-Trust Model Deny “Untrust” to “Trust” Restrict “Untrust” to “DMZ” Restrict “DMZ” to “Trust” Common practice and easy implementation 9/17/2018 The Benefits of Segmentation

Perimeter Segmentation Securing all perimeter traffic from external threats Why is this only at the perimeter? Issues Only 20% of an organizations network traffic traverses the perimeter firewall This leaves 80% of traffic unfiltered, unrestricted, and insecure Arkin VMware reference 9/17/2018 The Benefits of Segmentation

Data Center Segmentation This is where the most critical assets reside Malicious users know this and their end goal is the data center Malware is targeted and designed to spread 9/17/2018 The Benefits of Segmentation

Data Center Segmentation Recent example of an outbreak that could have been prevented Healthcare customer hit with Qakbot Virus designed to spread through fileshares and and removable drives Steals information and opens a backdoor to the compromised machine Infected machines could be cleaned As soon as they were cleaned, they would be infected again by spreading of malware 9/17/2018 The Benefits of Segmentation

Data Center Segmentation Initial infection may not have been prevented but propagation of malware could be Concept of network “bulkheads” 9/17/2018 The Benefits of Segmentation

Data Center Segmentation Prevent the propagation of malware Increased visibility Granular traffic restrictions 9/17/2018 The Benefits of Segmentation

Data Center Segmentation 9/17/2018 The Benefits of Segmentation

Data Center Segmentation Steady State Quarterly Review: Re-occurring Health-checks New Feature implementations Expanded Education Convert to App Restrictons Project Work: SSL Decryption Review policies and logs Convert to application enforcement Create custom applications Implement Next-Generation Security Security Cleanup and Management Review and Configure: Firewall Policy Cleanup Firewall documentation Security logging Centralized reporting Utilize Security Suite Configuration: Content ID Threat Prevention APT Protection URL Filtering User Restrictions Migrate/Transition Project Work: - Discover Current State - Migrate/Install NGFW - Design Migration Plan - Migrate/Cutover Test and Validate Operate/ Manage Stateful Inspection 9/17/2018 The Benefits of Segmentation 17

Micro Segmentation Data Center Segmentation is for North-South traffic Micro Segmentation is for East-West traffic Traffic within a virtual environment Traffic on the same logical network (intra-VLAN inspection) 9/17/2018 The Benefits of Segmentation

Micro Segmentation Unconstrained communication Little or no lateral controls inside perimeter Low priority systems are targeted first. Attackers can move freely around the data center. Internet 10110100110 101001010000010 1001110010100 Attackers then gather and exfiltrate data over weeks or even months. Data Center Perimeter The Benefits of Segmentation

Micro Segmentation Why can’t we have individual firewalls for every VM? With traditional technology, this is operationally infeasible. Expensive and protect North-South traffic and not East-West Physical firewalls Internet Slow, costly, and complicated Virtual firewalls Hypervisor VM Data Center Perimeter The Benefits of Segmentation

Micro Segmentation VDI - A converged infrastructure means virtual desktops run on the same infrastructure as servers VDI Data Center Perimeter Internet East West VMware NSX and Palo Alto Networks

Micro Segmentation Additional Benefits Technologies that provide micro segmentation also provide data center automation Provide the first step for hybrid, public/private cloud environments 9/17/2018 The Benefits of Segmentation

Communication Restrictions and Security Layer 3/4 vs Layer 7 firewall Virtually all manufacturers will agree that port and protocol is not enough security today Locking policies down to known applications communicating across known ports is paramount 9/17/2018 The Benefits of Segmentation

Communication Restrictions and Security Context security includes more than network traffic Applications Content URL filtering, Antivirus, Anti-Spyware, IPS Users These items all work together to provide a secure zero-trust network architecture 9/17/2018 The Benefits of Segmentation

Benefits Segmentation allows us to organize and secure our networks Creating network bulkheads to limit propagation Increased restrictions to comply with least privilege and Zero-Trust Micro segmentation provides visibility into areas of the network we previously could not see Implementing a phased approach to the installation of these services is key 9/17/2018 The Benefits of Segmentation

Contact Us Justin Flynn Manager, Sales Engineering Burwood Group, Inc. jflynn@burwood.com 312.327.4657