Automatizacija mrežne bezbednosti Ivan Mladenović Regional Manager Adriatic
O kompaniji… Osnovana 1991 u Poljskoj, u privatnom vlasništvu VAD sa kancelarijama u CEE regiji Fokus na naprednim tehnologijama u delu bezbednosti, mrežnih sistema i menadžmentu Izuzetan portfolio proizvođača opreme i tehnologija (Gartner, IDC) Rad na prezentaciji naprednih rešenja partnerima i krajnjim korisnicima Edukacija tržišta kroz razne hands-on treninge sa vrlo efikasnom prodajnom i tehničkom podrškom Praćenje svetskih trendova u cilju što bolje edukacije korisnika
Portfolio u Adriatic regiji NEW Acronis Arista Networks A10 Networks CyberArk HPE (Aruba Networks) Juniper Networks Microsens MobileIron Pulse Secure Rapid7 Rubrik SonicWall Tufin Ucopia Communications Trainings and professional services CLICO NEW
Komponente IT arhitekture
Rešavanje kritičnih bezbedonosnih i IT pitanja Da li sam kompromitovan? Da li sam ranjiv? Da li sam optimizovan? Threat Exposure Management Incident Detection & Response Log Management & IT Analytics VULNERABILITY MANAGEMENT USER BEHAVIOR ANALYTICS ENDPOINT VISIBILITY & ASSET MANAGEMENT APPLICATION SECURITY TESTING INCIDENT DETECTION & RESPONSE INFRASTRUCTURE MONITORING & TROUBLESHOOTING ATTACK SIMULATION ENDPOINT VISIBILITY & INTERROGATION LOG MANAGEMENT & COMPLIANCE Software + Managed Services
Vulnerability Management Threat Exposure Management Vulnerability Management | Application Security | Penetration Testing Vulnerability Management Know your weak points Prioritize what matters most Improve Your Outcomes Know your weak points: Know your weak points: Uncover your hidden attack surface Validate vulnerabilities with Metasploit® Contextualize assets using RealContext™ Prioritize what matters most: Focus on the highest risks using RealRisk™ Deliver impactful, actionable remediation plans Implement best practice security controls Improve your outcomes: Drive decisions using powerful reporting Meet vulnerability management compliance requirements
Threat Exposure Management Vulnerability Management | Application Security | Penetration Testing Know your weak points Prioritize what matters most Improve Your Position Know your weak points: World’s largest code-reviewed exploit database Simulate real-world attacks to test your defenses Find weak credentials Prioritize what matters most: Highlight weaknesses throughout attack chain Closed-loop integration with Nexpose for remediation Improve your position: Scale and speed up penetration testing User awareness programs using phishing campaigns Complete compliance programs faster
Izazovi sa IT upravljanjem u delu mrežne bezbednosti Compliance & Risk Kompleksnost Stalne promene Konektivnost Komunikacija Velike kompanije imaju od 10 pa do 100 promena nedeljno Automatizacija nebezbednih procesa Greške u konfiguraciji lako dovode do service downtime-a Prolazno vreme do rešavanja problema može biti značajno Zahtevi za pristupima od strane dev tima i conf greške dovode do ugrožavanja bezbedonosnih i security polisa Propusti mogu biti nedetektovani i nedeljama Naviše zahteva za promenama dolaze od aplikativnih promena Loša komunikacija između DEC i IT tima Kompanije imaju desetine Firewall, rutera i svičeva Svaki uređaj poseduje kompleksnu conf sa 100 i više rulova Heterogene tehnologije Rezultat: Greške i gubitak kontrole Konfiguracione promene mogu trajati i do 2 nedelje kako bi se implementirale 8
Implementirajte mrežne promene Vizija Implementirajte mrežne promene za 1 dan umesto 1 nedelje sa uvećanom tačnošću i bezbednošću, koristeći automatizaciju i analitiku
Orchestration Suite™ Business Applications Rešava problem koji nastaje usled potrebe za brzom isporukom aplikacija i manualnog procesa promena bezbedonosnih polisa Network Infrastructure 10
Orchestration Suite™ Tufin Orchestration Suite Business Applications Network Infrastructure
Orchestration Suite™ Tufin Orchestration Suite Business Applications Application Connectivity Business Continuity Tufin Orchestration Suite Proactive Risk & Compliance Change Automation & Provisioning Real-time Policy Retrieval, Tracking & Alerting Network Topology & Policy Analysis Engine Network Infrastructure 12
Orchestration Suite™ Centralno upravljanje Vizualizacija povezanosti Promene i obaveštavanja Unified Security Policy™
Hvala vam! Ivan.Mladenovic@clico.rs