Software-Defined Secure Networks in Action

Slides:



Advertisements
Similar presentations
Palo Alto Networks Jay Flanyak Channel Business Manager
Advertisements

Security Life Cycle for Advanced Threats
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
11 Zero Trust Networking PALO ALTO NETWORKS Zero Trust Networking April 2015 | ©2014, Palo Alto Networks. Confidential and Proprietary.1 Greg Kreiling.
Ronald Beekelaar Beekelaar Consultancy Forefront Overview.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
SECURE CLOUD-READY DATA CENTERS AppSecure development IDC IT Security conference – 2011 Budapest.
MIGRATION FROM SCREENOS TO JUNOS based firewall
IBM Security Network Protection (XGS)
© 2012 IBM Corporation IBM Security Systems 1 © 2014 IBM Corporation IBM Security Network Protection (XGS) Advanced Threat Protection Integration Framework.
1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.
The World's Most Secured Browsing Solution COCKPIT4i is a radically new, powerful solution that protects against the security risks posed by exposure to.
Partnering For Profitability Growing your business with Microsoft Forefront Security Solutions Mark Hassall Director Security & Access BG Microsoft Corporation.
©2003–2008 Check Point Software Technologies Ltd. All rights reserved. CheckPoint new security architecture and R70 highlights.
Internal NetworkExternal Network. Hub Internal NetworkExternal Network WS.
How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Welcome to the Human Network Matt Duke 11/29/06.
©2014 Bit9. All Rights Reserved Endpoint Threat Prevention Charles Roussey | Sr. Sales Engineer Detection and Response in Seconds.
MANAGEMENT ANTIMALWARE PLATFORM Microsoft Malware Protection Center Dynamic Signature Svc Available only in Windows 8 Endpoint Protection Management.
1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.
Paul Stich CEO Mobile App Risk Management – Over 5 million mobile apps – Small customer – 300 employees = 13,800 apps – Enterprise customer – 100K employees.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
Sophos Live Protection. Agenda 1.Before and After Scenarios 2.Minimum Required Capabilities 3.How we do it 4.How we do it better.
Network security Product Group 2 McAfee Network Security Platform.
1 ABNER GERMANOW DIRECTOR ENTERPRISE MARKETING. 2 NEW ATTACK SURFACES DATACENTER CONSOLIDATIONNEW DEVICESBRANCH LOCATIONS.
Synchronized Security Revolutionizing Advanced Threat Protection
Sky Advanced Threat Prevention
Copyright © 2014 Juniper Networks, Inc. 1 Juniper Unite Cloud-Enabled Enterprise Juniper’s Innovation in Enterprise Networks.
Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.
ECAT 4.1 – Rule Your Endpoints What’s New Customer Overview.
Enterprise’ Ever-Evolving Challenge & Constraints Dealing with BYOD Challenges Enable Compliance to Regulations Stay Current with New Consumption Models.
An Introduction to Deception Based Technology Asif Yaqub Nick Palmer February 5, 2016.
Introducing Dell SonicWALL Capture Advanced Threat Protection Service
No boundaries with Unified Web Security Solutions Steven Vlastra Sr. Systems Engineer - Benelux.
Blue Coat Cloud Continuum
Title Line Subtitle Line Top of Content Box Line Top of Footer Line Left Margin LineRight Margin Line Top of Footer Line Top of Content Box Line Subtitle.
Understanding and breaking the cyber kill chain
Barracuda NG Firewall ™
Software Defined Secure Networks
Leverage the Cloud to Minimize the Impact of Ransomware
Securing Your Network with Juniper
CompTIA Security+ Study Guide (SY0-401)
Chapter 6: Securing the Cloud
Firmware threat Dhaval Chauhan MIS 534.
Barracuda Web Security Flex
Juniper Software-Defined Secure Network
Critical Security Controls
The Game has Changed… Ready or Not! Andrew Willetts Technologies, Inc.
Hybrid Management and Security
Microsoft Operations Management Suite Insight and Analytics
Real-time protection for web sites and web apps against ATTACKS
Securing the Network Perimeter with ISA 2004
Active Cyber Security, OnDemand
How Smart Networks are Changing Corporate Networks
Advanced Borderless Network Architecture Sales Exam practice-questions.html.
Jon Peppler, Menlo Security Channels
Virtualization & Security real solutions
CompTIA Security+ Study Guide (SY0-401)
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Check Point Connectra NGX R60
Shifting from “Incident” to “Continuous” Response
The Next Generation Cyber Security in the 4th Industrial Revolution
Secure once, run anywhere Simplify your security with Sophos
Building an Integrated Security System Microsoft Forefront code name “Stirling” Ravi Sankar Technology Evangelist | Microsoft
Healthcare Cloud Security Stack for Microsoft Azure
Software-Defined Secure Networks in Action
AbbottLink™ - IP Address Overview
(With Hybrid Network Support)
Cybersecurity and Cyberhygiene
Per Söderqvist Per Söderqvist Sales Engineer
Presentation transcript:

Software-Defined Secure Networks in Action Nguyễn Tiến Đức ASEAN Security Specialist

1 2 3 4 AGENDA IoT Malware Software-Defined Secure Networks Software-Defined Secure Networks in Action 4 Sumary

IoT malware

Real world examples of IoT malware/ransomware Thermostat ransomware1 Amazon cameras malware2 Jeep remote control3 http://motherboard.vice.com/read/internet-of-things-ransomware-smart-thermostat http://www.securityweek.com/malware-found-iot-cameras-sold-amazon https://www.wired.com/2015/07/hackers-remotely-kill-jeep-highway/

Software-Defined Secure Networks

Software Defined Secure Networks Policy, Detection, and Enforcement Unified and Responsive Leverage entire network and ecosystem for threat intelligence and detection Automated Malware Defense Dynamic, Adaptive Policy Orchestration Threat Intelligence DETECTION POLICY ENFORCEMENT Utilize any element of the network as an enforcement point Dynamically execute policy across all network components including third party devices DETECTION ENFORCEMENT

Software Defined Secure Networks (SDSN) Unified Security Platform DETECTION Third Party Threat Intel Juniper Security Cloud Detection Spotlight Secure Threat Intelligence Sky Advanced Threat Prevention (ATP) Fast, effective protection from advanced threats Integrated threat intelligence Policy POLICY Security Director + Policy Enforcer Policy Enforcement, Visibility, Automation Intelligent enforcement to firewalls, switches, third party devices and routers Robust visibility and management DETECTION SRX Physical Firewall vSRX Virtual Firewall Enforcement ENFORCEMENT Third Party Elements* Consistent protection across physical/virtual Open and programmable environment EX & QFX Switches MX Routers* *Roadmap Network as a single enforcement domain - Every element is a policy enforcement point

The ATP verdict chain Staged analysis: combining rapid response and deep analysis Suspect file Suspect files enter the analysis chain in the cloud Cache lookup: (~1 second) Files we’ve seen before are identified and a verdict immediately goes back to SRX 1 Anti-virus scanning: (~5 second) Multiple AV engines to return a verdict, which is then cached for future reference 2 3 Static analysis: (~30 second) The static analysis engine does a deeper inspection, with the verdict again cached for future reference Dynamic analysis: (~7 minutes) Dynamic analysis in a custom sandbox leverages deception and provocation techniques to identify evasive malware 4

Security Director Policy Enforcer Infected Endpoint Scenario Enables remediation via Policy Enforcer workflows in Security Director Delivers micro security services to switches such as EX, QFX Updates enforcement criteria automatically with new threat data Tracks infected host/endpoint movement from site to site via MAC address vs IP address Sky ATP detects malware; renders verdict 2 Threat Intel Sky ATP 3 Enforcement policy rendered vSRX Firewall 4 Policy Enforcer Security Director Switch 4 Enforcement policy automatically deployed Malware enters 1 5 Infected endpoint quarantined

Software-Defined Secure Networks in Action

SDSN isolates infected host State-full filter on Firewall + Access list on the Switch port Threat Intel Sky ATP Infected host = 192168.10.225 Firewall Firewall Switch Switch 192.168.10.225

Client is no longer able to browse the internet or local network Within minutes the client is isolated from the network preventing proliferation of the malware

SDSN tracks host and enforces Threat Intel Sky ATP Infected host = 192168.10.225 Firewall Firewall Switch Switch 192.168.10.225 192.168.10.225

The Right Policy for the Right Job Different threat levels need different policies Anomalous lightbulb? Quarantine and create new policy for appropriate behavior Compromised core switch? Neutralize the threat and shut down the tunnel vs. killing the switch Software Defined Secure Networks (SDSN) Policy Orchestration + Enforcement Shut down light bulb OR Kill illegitimate tunnel

Summary

Thank you

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.