Next Generation FWs Against Modern Malware and Threads Hakan Unsal – Technical Security Consultant Tunc Cokkeser – Regional Sales Manager.

Slides:



Advertisements
Similar presentations
1 May 19th, 2009 Announcement. 2 Drivers for Web Application Delivery Web traffic continues to increase More processing power at data aggregation points.
Advertisements

Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
Application Usage and Risk Report 7 th Edition, May 2011.
Dynamic Computing & Dynamic Threats Requires Dynamic Security.
Modern Malware Mixer. Jul-10Jul-11 Palo Alto Networks at a Glance Corporate Highlights Disruptive Network Security Platform Safely Enabling Applications.
Palo Alto Networks Jay Flanyak Channel Business Manager
Palo Alto Networks Overview
© Blue Coat Systems, Inc All Rights Reserved. APTs Are Not a New Type of Malware 1 Source: BC Labs Report: Advanced Persistent Threats.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
Network Security Essentials Chapter 11
Palo Alto Networks Product Overview
Breaking the Lifecycle of the Modern Threat Santiago Polo Sr. Systems Engineer Palo Alto Networks, Inc.
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
Next Generation Network Security Carlos Heller System Engineering.
Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Cyber Threats: Industry Trends and Actionable Advice Presented by: Elton Fontaine.
“Next Generation Security” ISACA June Training Seminar Philip Hurlston 6/20/14.
Palo Alto Networks Threat Prevention. Palo Alto Networks at a Glance Corporate Highlights Founded in 2005; First Customer Shipment in 2007 Safely Enabling.
11 Zero Trust Networking PALO ALTO NETWORKS Zero Trust Networking April 2015 | ©2014, Palo Alto Networks. Confidential and Proprietary.1 Greg Kreiling.
Barracuda Web Application Firewall
Blue Coat Systems Securing and accelerating the Remote office Matt Bennett.
Palo Alto Networks Solution Overview May 2010 Denis Pechnov Sales, EMEA.
© 2007 Palo Alto Networks. Proprietary and Confidential Page 1 | Next Generation Firewalls Nir Zuk Founder and CTO.
Palo Alto Networks Customer Presentation
SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.
LittleOrange Internet Security an Endpoint Security Appliance.
MIGRATION FROM SCREENOS TO JUNOS based firewall
What Are We Missing? Practical Use of the Next-Generation Firewall: Controlling Modern Malware and Threats Jason Wessel – Solutions Architect.
Palo Alto Networks Product Overview Karsten Dindorp, Computerlinks.
Next-Generation Firewall Palo Alto Networks. Page 2 | Applications Have Changed, firewalls have not The gateway at the trust border is the right place.
© 2007 Palo Alto Networks. Proprietary and Confidential Page 1 | Palo Alto Networks – next page in firewalling It’s time to fix the firewall! Tiit Sokolov.
ShareTech 2015 Next-Gen UTM.
Palo Alto Networks Modern Malware Cory Grant Regional Sales Manager Palo Alto Networks.
What Did You Do At School Today Junior?
NEXT GENERATION FIREWALLS Why NGFWs are Next-Generation FWs?
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Infrastructure Consolidation Cloud/SaaS Web 2.0 Converged Communications Virtualization Mobile Devices.
© 2014 VMware Inc. All rights reserved. Palo Alto Networks VM-Series for VMware vCloud ® Air TM Next-Generation Security for Hybrid Clouds Palo Alto Networks.
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.
CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.
Network security Product Group 2 McAfee Network Security Platform.
Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.
BEN ROBINSON, ACCOUNT EXECUTIVE, PALO ALTO NETWORKS SAFELY ENABLE YOUR SAAS APPLICATIONS.
About Palo Alto Networks
APPLICATION PERFORMANCE MANAGEMENT The Next Generation.
Moving from Reactive to Proactive – DeepNines and ESU 3 Nate Jackson, Territory Manager Greg Jackson, Vice President of Technical Services Martin Rosas,
© 2006, iPolicy Networks, Inc. All rights reserved. Security Technology Correlation Proneet Biswas Sr. Security Architect iPolicy Networks
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
Juniper Networks Mobile Security Solution Nosipho Masilela COSC 356.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
NSA 240 Overview For End Users. 2 New Challenges To Solve  Threats Are Increasing  Web 2.0 & SaaS  Impacts to servers, users & networks  Threats go.
Palo Alto Networks - Next Generation Security Platform
Palo Alto Networks SLO WUG NG Silvester Drobnič, CHS d.o.o.
Blue Coat Cloud Continuum
Firewall requirements to secure IPv6 networks – finished playing! LANCom seminar, Maribor Ides Vanneuville, Palo Alto Networks – Next-Generation firewall.
Web Content Security Unlock the Power of the Web
Barracuda NG Firewall ™
Web Content Security Unlock the Power of the Web
Barracuda Firewall The Next-Generation Firewall for Everyone
Basic Policy Overview Palo Alto.
Prevent Costly Data Leaks from Microsoft Office 365
Firewalls at UNM 11/8/2018 Chad VanPelt Sean Taylor.
UNM Enterprise Firewall
The Next Generation Cyber Security in the 4th Industrial Revolution
Presentation transcript:

Next Generation FWs Against Modern Malware and Threads Hakan Unsal – Technical Security Consultant Tunc Cokkeser – Regional Sales Manager

The Strategic Role of Modern Malware Infection Escalation Remote Control Malware Industry: 1 Trillion Dollar A new unknown MALWARE in each 1,5 sec Hidden in SSL or SSH tunneld / encrypted traffic Resource consuming MALWARE

Industry Challenges in Controlling Malware © 2011 Palo Alto Networks. Proprietary and Confidential.Page 3 | Unreliable enforcement Sandboxes lack enforcement, while enforcement points lack sandbox intelligence Lack of outbound traffic controls Lack of actionable information Inability to recognize files as malware Targeted malware New and refreshed malware Long windows to protection Infecting files are hidden Inside applications Encrypted traffic, proxies Non-standard ports Drive-by-downloads

Applications Have Changed; Firewalls Have Not © 2011 Palo Alto Networks. Proprietary and Confidential.Page 4 | Need to restore visibility and control in the firewall BUT…applications have changed Ports Applications IP Addresses Users Packets Content More than %67 of all applications use port 80 and 443

Why we need a NGFW? Applications Carry Risk © 2011 Palo Alto Networks. Proprietary and Confidential.Page 5 | Applications can be threats P2P file sharing, tunneling applications, anonymizers, media/video Applications carry threats Qualys Top 20 Vulnerabilities – majority result in application- level threats Applications & application-level threats result in major breaches – RSA, Comodo, FBI

Why we need a NGFW? Traditional Solutions are no longer a solution... More stuff doesnt solve the problem Firewall helpers have limited view of traffic Complex and costly to buy and maintain © 2011 Palo Alto Networks. Proprietary and Confidential.Page 6 | Internet Putting all of this in the same box is just slow

Why we need a NGFW? Control Must Be In The Firewall © 2011 Palo Alto Networks. Proprietary and Confidential.Page 7 | Port Policy Decision App Ctrl Policy Decision Application Control as an Add-on Port-based FW + App Ctrl (IPS) = two policies Applications are threats; only block what you expressly look for Implications Network access decision is made with no information Cannot safely enable applications IPS Applications Firewall PortTraffic Firewall IPS App Ctrl Policy Decision Scan Application for Threats Applications ApplicationTraffic NGFW Application Control Application control is in the firewall = single policy Visibility across all ports, for all traffic, all the time Implications Network access decision is made based on application identity Safely enable application usage

How a NGFW Should Be!!! The Right Answer: Make the Firewall Do Its Job © 2011 Palo Alto Networks. Proprietary and Confidential.Page 8 | New Requirements for the Firewall 1. Identify applications regardless of port, protocol, evasive tactic or SSL 2. Identify users regardless of IP address 3. Protect in real-time against threats embedded across applications 4. Fine-grained visibility and policy control over application access / functionality 5. Multi-gigabit, in-line deployment with no performance degradation

How a NGFW Should Be!!! Palo Alto Networks Controls the Threat Vector Simple, yet powerful control of 900+ applications – block, or allow but scan for threats

How a NGFW Should Be!!! Negative Security Method No Longer Works... © 2011 Palo Alto Networks. Proprietary and Confidential.Page 10 |

How a NGFW Should Be!!! Positive Security Methodology... » The ever-expanding universe of applications, services and threats » Traffic limited to approved business use cases based on App and User » Attack surface reduced by orders of magnitude » Complete threat library with no blind spots Bi-directional inspection Scans inside of SSL Scans inside compressed files Scans inside proxies and tunnels Only allow the apps you need Safely enable the applications relevant to your business © 2011 Palo Alto Networks. Proprietary and Confidential.Page 11 |

How a NGFW Should Be!!!Secure Enablement Secure Enablement - Block – e.g. – all P2P applications - Allow - but scan for threats - Allow - but limit app users - Allow - but limit app functions - Allow - but limit apps in a session - Allow - but limit access time - Allow - but shape (QoS) Low High Network Control

How a NGFW Shoud Be!!! Application Identification Algorithm

How a NGFW Should Be!!! BitTorrent

How a NGFW Should Be!!! BitTorrent: As Seen by Security Infrastructure

How a NGFW Should Be!!! Realtime Monitoring for Applications, Users & Content Application Command Center (ACC) - Uygulama, URL, tehditler ve data filtreleme aktivitelerini görüntüler © 2010 Palo Alto Networks. Proprietary and Confidential.Page 16 | Facebook için Filtre oluştur Facebook ve Ginger kullanıcısı İçin Filtre oluştur Sadece Ginger kullanıcısını görüntülemek için Facebooku kaldır

How a NGFW Should Be!!! WildFire Architecture © 2011 Palo Alto Networks. Proprietary and Confidential.Page 17 | Unknown files comming from Internet cloud Compare to Known Files Sandbox Environment Signature Generator Admin Web Portal FW sends the unknown file to Wildfire Cloud New signitures are updated on all FWs.

How a NGFW Should Be!!! A Realtime Application Identification Throughput L3/L4 UDP Packet throupghput is no longer reflects your requirements!!! APP - ID Application Identification Enabled Throughput is important for you!!! L7 Throughput should be considered No Acceptance for Dramatic Performance Decrease !!!

How a NGFW Should Be!!! Single-Pass Parallel Processing (SP3) Architecture © 2011 Palo Alto Networks. Proprietary and Confidential.Page 19 | Single Pass Operations once per packet - Traffic classification (app identification) - User/group mapping - Content scanning – threats, URLs, confidential data One policy Parallel Processing Function-specific parallel processing hardware engines Separate data/control planes Up to 20Gbps, Low Latency

© 2010 Palo Alto Networks. Proprietary and Confidential How a NGFW Should Be!!! Multi Gigs realtime High Throughput 80 Gbps switch fabric interconnect 20 Gbps QoS engine Signature Match HW Engine Stream-based uniform sig. match Vulnerability exploits (IPS), virus, spyware, CC#, SSN, and more Security Processors High density parallel processing for flexible security functionality Hardware-acceleration for standardized complex functions (SSL, IPSec, decompression) 20Gbps Network Processor 20 Gbps front-end network processing Hardware accelerated per- packet route lookup, MAC lookup and NAT 10Gbps Data PlaneSwitch Fabric 10Gbps... QoS Flow control Route, ARP, MAC lookup NAT Switch Fabric Signature Match SSLIPSec De- Compress. SSLIPSec De- Compress. SSLIPSec De- Compress. CPU 12 CPU 1 CPU 2 CPU 12 CPU 1 CPU 2 CPU 12 CPU 1 CPU 2 RAM Quad-core mgmt High speed logging and route update Dual hard drives Control Plane Core 1 RAM SSD Core 2 Core 3 Core 4

Technology Sprawl & Creep Are Not The Answer More stuff doesnt solve the problem Firewall helpers have limited view of traffic Complex and costly to buy and maintain © 2011 Palo Alto Networks. Proprietary and Confidential.Page 21 | Internet Putting all of this in the same box is just slow

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.