Infrastructure Consolidation Cloud/SaaS Web 2.0 Converged Communications Virtualization Mobile Devices
How does this compare to your 2010 Priorities? Source: Gartner (March 2010)
Datacenter 1 Datacenter 2 Consolidated and Virtualized Datacenter Server Group 1 Server Group 1 Datacenter N Server Group 2 Server Group 2 Server Group N Server Group N Benefits Reduces overhead equipment/power/staff Improves bandwidth between applications Implications No inter-data center security Access risk consolidation Disaster risk consolidation
Cloud Service $X/month HQ User 1 HQ User 1 HQ User 2 HQ User 2 Remote User 1 VM 1 VM 2 VM 3 Benefits Rapid scalability and redundancy Decreases cap-ex Implications Data & applications are beyond your perimeter Intense utilization & dependency on WAN bandwidth and optimization Direct access from mobile users to your data Latency/Bandwidth sensitive applications suffer HQ
Server 1 30% load Server 2 20% load Server 3 15% load Virtualized Server 65% load App 1 App 2 App 3 VM 1 VM 2 VM 3 Benefits Efficiency Performance Implications Hypervisor threats Inter-application security MASSIVE Bandwidth concentration per server
User Profile Data Apps Kiosk Coffee Shop Laptop PDA Benefits Productivity – access from anywhere, anytime Disaster avoidance Implications Tying access rules to individuals is much harder Many of the endpoints are unmanaged I.T. NOT in control of Mobile devices
Benefits Cheaper, simpler, more scalable network Single network vendor Implications Bandwidth competition, performance Risk consolidation Exposure to internet-borne threats All Apps On One Network
Benefits Collaboration drives productivity Improved marketing and sales Insight into customers/prospects Implications Dramatic increase in bandwidth New threat vectors – new threats Traffic is not just Good or Bad Blogs Social Networking Micro-blogs IM Streaming video P2P Online games Wikis
Social Networking = Business Networking When did Facebook become a business application? Blogging Facebook Twitter IM Streaming video Streaming audio Downloading files Playing games Webmail Wikis Malware, Trojans, BotNets, Intrusions out of control + Business Social Networking out of control = Escalating Demand for Network Bandwidth
The Scalability Problem Trade-off Network Security for Network Performance? First Internet- borne attacks Dot-com boom fuels traffic surge. Internet bogs down New forms of malware (SQL Slammer, Sasser, etc.) make DPI a necessity for everyone Web 2.0, SaaS, rich media, drive bandwidth consumption
Acceptable Business ApplicationsUnacceptable Application Chaos IT Controls Challenged
Application Intelligence Requires a new firewall paradigm focused around Applications Users Content
Application Chaos So many on Port 80 Massively Scalable Next-Generation Security Platform High Performance Multi-Core Re-Assembly Free DPI Ingress Control Identify Categorize Prioritize Apps by Policy Manage Apps by Policy Block Apps by Policy Detect and Block Malware Detect & Prevent Intrusion Attempts By Application, Not by Port & Protocol By User/Group, Not by IP By Content Inspection, Not by Filename By Application By Application Category By Destination By Content By User/Group Walking the Tightrope: New Technology Adoption and Mitigating Risk ? ? ? ? ? ? ?
Massively Scalable Next-Generation Security Platform High Performance Multi-Core Re-Assembly Free DPI Application Chaos So many on Port 80 Ingress Control Identify Categorize Prioritize Apps by Policy Manage Apps by Policy Block Apps by Policy Detect and Block Malware Detect & Prevent Intrusion Attempts By Application, Not by Port & Protocol By User/Group, Not by IP By Content Inspection, Not by Filename By Application By Application Category By Destination By Content By User/Group Walking the Tightrope: New Technology Adoption and Mitigating Risk
Application Chaos So many on Port 80 Malware Blocked Massively Scalable Next-Generation Security Platform High Performance Multi-Core Re-Assembly Free DPI Ingress Control Identify Categorize Prioritize Apps by Policy Manage Apps by Policy Block Apps by Policy Detect and Block Malware Detect & Prevent Intrusion Attempts By Application, Not by Port & Protocol By User/Group, Not by IP By Content Inspection, Not by Filename By Application By Application Category By Destination By Content By User/Group Walking the Tightrope: New Technology Adoption and Mitigating Risk
Application Chaos So many on Port 80 Malware Blocked Massively Scalable Next-Generation Security Platform High Performance Multi-Core Re-Assembly Free DPI Ingress Control Identify Categorize Prioritize Apps by Policy Manage Apps by Policy Block Apps by Policy Detect and Block Malware Detect & Prevent Intrusion Attempts By Application, Not by Port & Protocol By User/Group, Not by IP By Content Inspection, Not by Filename By Application By Application Category By Destination By Content By User/Group Walking the Tightrope: New Technology Adoption and Mitigating Risk
Application Chaos So many on Port 80 Critical Apps Prioritized Bandwidth Acceptable Apps Managed Bandwidth Unacceptable Apps Blocked Malware Blocked Massively Scalable Next-Generation Security Platform High Performance Multi-Core Re-Assembly Free DPI Ingress Egress Control Identify Categorize Prioritize Apps by Policy Manage Apps by Policy Block Apps by Policy Detect and Block Malware Detect & Prevent Intrusion Attempts By Application, Not by Port & Protocol By User/Group, Not by IP By Content Inspection, Not by Filename By Application By Application Category By Destination By Content By User/Group Walking the Tightrope: New Technology Adoption and Mitigating Risk Critical Acceptable Block
Application Chaos So many on Port 80 Critical Apps Prioritized Bandwidth Acceptable Apps Managed Bandwidth Unacceptable Apps Blocked Malware Blocked Massively Scalable Next-Generation Security Platform High Performance Multi-Core Re-Assembly Free DPI Ingress Egress Control Identify Categorize Prioritize Apps by Policy Manage Apps by Policy Block Apps by Policy Detect and Block Malware Detect & Prevent Intrusion Attempts By Application, Not by Port & Protocol By User/Group, Not by IP By Content Inspection, Not by Filename By Application By Application Category By Destination By Content By User/Group Next Generation Firewall Critical Bandwidth Managed Bandwidth Block
Massively Scalable Technology Scan Everything - every bit, every protocol, every user & application 20 Massively Scalable Architecture Multi-core, parallel architecture - up to 1024 cores Clustering technology for high throughput & availability Unlimited data size, formats, or connections High network bandwidth with low latency Real time, Deep Packet Inspection Patented Re-Assembly Free DPI –scaling up to 40Gbps for full malware protection Foundation for all network security technologies Simultaneous, proactive, multi-threat scanning Industry's top percentile for catch rates Best Solution Economics Products in every price band, price/performance leadership Easy to adopt, deploy and manage Interoperable, modular platform
Walking the Tightrope: New Technology Adoption and Mitigating Risk 21
22 Dynamic Security for the Global Network
Application Chaos So many on Port 80 Critical Apps Prioritized Bandwidth Acceptable Apps Managed Bandwidth Unacceptable Apps Blocked Malware Blocked Massively Scalable Next-Generation Security Platform High Performance Multi-Core Re-Assembly Free DPI Ingress Egress Control Identify Categorize Prioritize Apps by Policy Manage Apps by Policy Block Apps by Policy Detect and Block Malware Detect & Prevent Intrusion Attempts By Application, Not by Port & Protocol By User/Group, Not by IP By Content Inspection, Not by Filename By Application By Application Category By Destination By Content By User/Group Walking the Tightrope: New Technology Adoption and Mitigating Risk Critical Bandwidth Managed Bandwidth Block
1.Do you have situational awareness of your network? 2.Are you embedding network security into your new technology deployments? 3.Are you able to scan all of your network traffic without degrading your network performance? 4.Is your network security architecture designed to scale 10x? 5.Can your network security provide applications intelligence, control, visualization plus provide maximum security effectiveness? 6.Are your policy & management and threat communications network scalable and real-time? Mitigating your Risks – Top 6 Questions to Ask
Thank You! Questions? Patrick Sweeney VP of Product Management SonicWALL
Block or allow? Who has taken on Web 2.0 as a part of their infrastructure? What if you could allow but degrade the experience? What happens if you could apply granular policy to Web-based applications? How would it benefit your business to be able to see every application across the network? How about matching productivity and security through scanning every packet of data being transmitted through these applications? Questions (verbal)
Executing on our Vision Advanced Technology, Scalable Solutions Re-Assembly Free Deep Packet Inspection
Datacenter 1 Datacenter 2 Consolidated and Virtualized Datacenter Server Group 1 Server Group 1 Datacenter N Server Group 2 Server Group 2 Server Group N Server Group N Benefits Reduces overhead equipment/power/staff Improves bandwidth between applications Implications No inter-data center security Access risk consolidation Disaster risk consolidation
User Profile Data Apps Kiosk Coffee Shop Laptop PDA Benefits Productivity – access from anywhere, anytime Disaster avoidance Implications Tying access rules to individuals is much harder Many of the endpoints are unmanaged
Server 1 30% load Server 2 20% load Server 3 15% load Virtualized Server 65% load App 1 App 2 App 3 VM 1 VM 2 VM 3 Benefits Efficiency Performance Implications Hypervisor threats Inter-application security