(CISCO) Self-Defending Networks Ben Sangster. Agenda (CISCO) Self-Defending Network Concept Why do we need SDN’s? Foundation of the CSDN? Endpoint Protection.

Slides:

Advertisements

Similar presentations

Guide to Network Defense and Countermeasures Second Edition

Advertisements

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

Microsoft Security Solutions A Great New Way of Making $$$ !!! Jimmy Tan Platform Strategy Manager Microsoft Singapore.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Zombie or not to be: Trough the meshes of Botnets - Guillaume Lovet AVAR 2005 Tianjin, China.

Introducing Kaspersky OpenSpace TM Security Introducing Kaspersky ® OpenSpace TM Security Available February 15, 2007.

IT security Are you protected against hackers?. Why are we in danger?  The Internet is worldwide, publicly accessible  More and more companies and institutes.

© 2008 McAfee, Inc. “Endpoint” Security Defining the endpoints and how to protect them.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Wireless Network Security

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

(Geneva, Switzerland, September 2014)

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Stephen S. Yau CSE , Fall Security Strategies.

© 2003, Cisco Systems, Inc. All rights reserved _07_2003_Richardson_c11 Security Strategy Update Self Defending Network Initiative Network Admission.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Wireless Network Security. Access Networks Core Networks The Current Internet: Connectivity and Processing Transit Net Private Peering NAP Public Peering.

Barracuda Spam & Virus Firewall. Introduction to the Barracuda Spam & Virus Firewall Complete server protection –Spam Blocking (95+ percent) Extremely.

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

Forefront Security Exchange. Problem Meddelande system och sammarbetsprodukter är underbarar mål för elak kod och “distrubition” av äkta dynga… Viruses.

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

Computing Concepts – Part 2 Getting Started with Applied Computer Concepts Computing Concepts: Part 2 1.

Lesson 7 Intrusion Prevention Systems. UTSA IS 3523 ID & Incident Response Overview Definitions Differences Honeypots Defense in Depth.

INTRODUCING F-SECURE POLICY MANAGER

1 Network Admission Control to WLAN at WIT Presented by: Aidan McGrath B.Sc. M.A.

SEC835 Database and Web application security Information Security Architecture.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Dell Connected Security Solutions Simplify & unify.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

1 CISCO SAFE: VALIDATED SECURITY REFERENCE ARCHITECTURE What It Is Business Transformation Top Questions To Ask To Initiate The Sale Where It Fits KEY.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Pg 1 of 25 AGI IP-Based Network Solutions Phil Flores Major Account Manager – Cisco Systems, inc.

In the Crossfire International Cooperation and Computer Crime Stewart Baker.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Management for IP-based Applications Mike Fisher BTexaCT Research

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Basic Security Networking for Home and Small Businesses – Chapter 8.

1 Managing A Global Corporate Protection Infrastructure Jeannette Jarvis Association of Anti Virus Asia Researchers November 26, 2004.

Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:

1 Topic 2: Lesson 3 Intro to Firewalls Summary. 2 Basic questions What is a firewall? What is a firewall? What can a firewall do? What can a firewall.

SECURITY Professor Mona Mursi. ENVIRONMENT IT infrastructures are made up of many components, abstractly: IT infrastructures are made up of many components,

Data Communications and Networks Chapter 10 – Network Hardware and Software ICT-BVF8.1- Data Communications and Network Trainer: Dr. Abbes Sebihi.

Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.

Module 11: Designing Security for Network Perimeters.

Connected Security Your best defense against advanced threats Anne Aarness – Intel Security.

©2015 HEAT Software. All rights reserved. Proprietary & Confidential. Ransomware: How to Avoid Extortion Matthew Walker – VP Northern Europe.

Role Of Network IDS in Network Perimeter Defense.

© 2006, iPolicy Networks, Inc. All rights reserved. Security Technology Correlation Proneet Biswas Sr. Security Architect iPolicy Networks

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Self-Defending Networks Self-Defending Networks By-  Aseem Khan  Adeeb Akhil Shahi  Mohammed Sohail  Saiprasad H Bevinakatti.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.

Cyber Security for the real world Tim Brown Dell Fellow and CTO Dell Security Solutions.

SELF-DEFENDING NETWORK. CONTENTS Introduction What is Self Defending Network? Types of Network Attacks Structure of Self Defending Network Conclusion.

AT&T Premises-Based Firewall Enhanced SBS Solution

Check Point Connectra NGX R60

How to Mitigate the Consequences What are the Countermeasures?

Networking for Home and Small Businesses – Chapter 8

Intrusion Detection system

Network Access Control

Networking for Home and Small Businesses – Chapter 8

Networking for Home and Small Businesses – Chapter 8

Security Insights: Secure Messaging

Presentation transcript:

(CISCO) Self-Defending Networks Ben Sangster

Agenda (CISCO) Self-Defending Network Concept Why do we need SDN’s? Foundation of the CSDN? Endpoint Protection Endpoint Protection Admission Control Admission Control Infection Containment Infection Containment Intelligent Correlation and Incident Response Intelligent Correlation and Incident Response Inline IDS and Anomaly Detection Inline IDS and Anomaly Detection Application Security and Anti-X Defense Application Security and Anti-X DefenseSummaryQuestions

Cisco Self-Defending Network (CSDN) Concept A systems-based solution that allows entities to use their existing infrastructure in new ways to: Reduce windows of vulnerability Reduce windows of vulnerability Minimize the impact of attacks Minimize the impact of attacks Improve overall infrastructure availability and reliability Improve overall infrastructure availability and reliability

CSDN Concept (cont.) CSDN also helps create autonomous systems that can quickly react to an outbreak with little to no human intervention

Why do we need CSDN’s? Evolution of network  Evolution of attacks on networks Traditional approach  Defense-in-depth Proactive defense mechanisms Proactive defense mechanisms CSDN approach Adaptive defense mechanisms Adaptive defense mechanisms

Why do we need CSDN’s? (cont.) Proactive defense mechanisms…not obsolete, simply inefficient in responding to breeches in network security Proactive solutions frontload defense mechanisms

Proactive Defense Example Internet Outer Firewall DMZ Inner Firewall Internal Corp. Network Servers (e.g. web, , proxy) Development Network

Why do we need CSDN’s? (cont.) Adaptive Solutions…focus isn’t solely on preventing network attacks Attempt to effectively: Detect Detect Respond Respond Recover Recover Little to no adverse effect on the network and its users

Why do we need CSDN’s? (cont.) Key elements of an adaptive solution: Remain active at all times Remain active at all times Perform unobtrusively Perform unobtrusively Minimize propagation of attacks Minimize propagation of attacks Quickly respond to as-yet unknown attacks Quickly respond to as-yet unknown attacks

Foundation of a CSDN 1.Endpoint Protection 2.Admission Control 3.Infection Containment 4.Intelligent Correlation and Incident Response 5.Inline IDS and Anomaly Detection 6.Application Security and Anti-X Defense

Endpoint Protection You are only as strong as your weakest link One non-sanitized end-user system connected behind a robust, efficient defense can spell D-O- O-M for a network Cisco Security Agent Point of presence on end user systems that enables efficient exchange of valuable network threat information as it occurs Point of presence on end user systems that enables efficient exchange of valuable network threat information as it occurs Endpoint system virus, worm detection/protection Endpoint system virus, worm detection/protection

Admission Control Not only core component of a CSDN, but incorporated into other technologies by over 30 industry-leading vendors Network Admission Control (NAC) assists in determining the level of access to grant an end- user system in accordance with the security policy when it initially joins the network NAC also assists in managing end-user system’s compliance with security patches and updates

Infection Containment The ability to identify non-compliant systems or network attacks as they occur and react appropriately, minimizing the effect of the breech Potentially the #1 core component of a secure system belonging to a CSDN

Intelligent Correlation and Incident Response Services that provide the ability to exchange: Event information Event information Implications of an event occurring Implications of an event occurring Necessary actions to take Necessary actions to take The appropriate nodes or systems to enforce actions in real-time The appropriate nodes or systems to enforce actions in real-time These services aide in adapting to changes and countering attacks that are occurring in the network as they occur rather than after they occur

Application Security and Anti-X Defense A menagerie of application layer security products that address the “ever-evolving” classes of threats which are not effectively addressed by traditional firewall and network IDS products Threat examples: based SPAM and phishing based SPAM and phishing Spyware Spyware Unauthorized peer-to-peer activity Unauthorized peer-to-peer activity

Summary New phraseology NOT a new technology Encompassing security solution that is proactive AND adaptive in nature that envelopes every level of network security rather than just specific layers Key difference in CSDN and traditional security solutions…ability of CSDN’s to communicate and share information among different security products employed within the CSDN

Questions