Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2006, iPolicy Networks, Inc. All rights reserved. Security Technology Correlation Proneet Biswas Sr. Security Architect iPolicy Networks

Published bySabrina Logan Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2006, iPolicy Networks, Inc. All rights reserved. Security Technology Correlation Proneet Biswas Sr. Security Architect iPolicy Networks"— Presentation transcript:

1 © 2006, iPolicy Networks, Inc. All rights reserved. Security Technology Correlation Proneet Biswas Sr. Security Architect iPolicy Networks pbiswas@ipolicynetworks.com 510-687-3152 Ray West Director Network Services John Brown University rtwest@jbu.edu 479-524-7188

2 www.ipolicynetworks.com iPolicy Networks Confidential © 2006, iPolicy Networks, Inc. All rights reserved. Agenda  iPolicy Networks Decoding of blended Threats Challenges of Point Solutions Role of Integrated Security Single Pass Architecture – Developing the correlation  John Brown University Overview of Network Infrastructure Security Upgrade Initiative Key criteria in evaluation of solutions Glimpse of network after deployment

3 www.ipolicynetworks.com iPolicy Networks Confidential © 2006, iPolicy Networks, Inc. All rights reserved. Blended Threats Exploit Multiple Vulnerabilities Communicate with Controlling Servers Separate propagation and attack vectors Upgrade through rogue sites

4 www.ipolicynetworks.com iPolicy Networks Confidential © 2006, iPolicy Networks, Inc. All rights reserved. Example  Lupii Worm An infected system would communicate with its attacker over UDP port 7222. This communication could be used to launch a DoS attack or generate new update commands. Exploit Web vulnerabilities on a set of systems it plans to infect and spread. Attempt to connect to a rogue site like [http://62.101.193.244/xxxx/lupii] to upgrade itself and avoid detection attempts by IDS systems.http://62.101.193.244/xxxx/lupii

5 www.ipolicynetworks.com iPolicy Networks Confidential © 2006, iPolicy Networks, Inc. All rights reserved. Challenges for Point Solutions  Takes care of the threat in its current form, not future variants TechnologyWhat it will doFailure Firewall Block all communication on port 7222 Next update from the rogue site could change the port number IDS/IPS block a set of exploits being used by the worm infected system Next update from a rogue site, could use a different set of exploits Content Filtering Block the rogue site access Site could change as there is a communication channel through the firewall

6 www.ipolicynetworks.com iPolicy Networks Confidential © 2006, iPolicy Networks, Inc. All rights reserved. Role of Integrated Security - I  Sandbox the threat + += Integrated Security IDS/IPS Block Attack Firewall Block Communication URL Filtering Block Upgrade ++ Attack CommunicateUpgrade X X X = Firewall Rule: Block all communication UDP port 7222 IDS Rule: Block all Web exploit patterns URL Filtering Rule: Block all access to rogue site - http://62.101.193.244/xxxx/lupii http://62.101.193.244/xxxx/lupii Blended Threat

7 www.ipolicynetworks.com iPolicy Networks Confidential © 2006, iPolicy Networks, Inc. All rights reserved. Role of Integrated Security - II  Define policies which span across multiple technologies  Performance Impact of sequential processing – throughput and latency.  Introduce new Security technologies with negligible impact  Ease of Management

8 www.ipolicynetworks.com iPolicy Networks Confidential © 2006, iPolicy Networks, Inc. All rights reserved. Single Pass Architecture Packets Out Packets In

Download ppt "© 2006, iPolicy Networks, Inc. All rights reserved. Security Technology Correlation Proneet Biswas Sr. Security Architect iPolicy Networks"

Similar presentations

Marc Grégoire, DRDC Ottawa Luc Beaudoin, Bologik Inc.

Marc Grégoire, DRDC Ottawa Luc Beaudoin, Bologik Inc.
New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.
Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.
1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.

1 Computer Networks: A Systems Approach, 5e Larry L. Peterson and Bruce S. Davie Chapter 8 Network Security Copyright © 2010, Elsevier Inc. All rights.
Zombie or not to be: Trough the meshes of Botnets - Guillaume Lovet AVAR 2005 Tianjin, China.

Zombie or not to be: Trough the meshes of Botnets - Guillaume Lovet AVAR 2005 Tianjin, China.
© 2006 Vigilar, Inc. All rights reserved worldwide. Contents are property of Vigilar, Inc. www.vigilar.com VoIP Penetration Testing: Lessons Learned, Tools.

© 2006 Vigilar, Inc. All rights reserved worldwide. Contents are property of Vigilar, Inc. VoIP Penetration Testing: Lessons Learned, Tools.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor

Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor
2 3856_10_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Security Technologies.

2 3856_10_2001_c1_X © 2001, Cisco Systems, Inc. All rights reserved. Security Technologies.
6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.

6/4/2015National Digital Certification Agency1 Security Engineering and PKI Applications in Modern Enterprises Mohamed HAMDI National.
IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.

IT Security Doug Brown Jeff Bollinger. What is security? P.H.P. People Have Problems Security is the mitigation and remediation of human error in information.
Profile-Based Web Intrusion Prevention System by Donovan Thorpe CS526 Fall 2002.

Profile-Based Web Intrusion Prevention System by Donovan Thorpe CS526 Fall 2002.
Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.

Copyright 2011 Trend Micro Inc. Trend Micro Web Security- Overview.
Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.

Beyond the perimeter: the need for early detection of Denial of Service Attacks John Haggerty,Qi Shi,Madjid Merabti Presented by Abhijit Pandey.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.

© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.

UNCLASSIFIED Secure Indirect Routing and An Autonomous Enterprise Intrusion Defense System Applied to Mobile ad hoc Networks J. Leland Langston, Raytheon.
Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.

Security Engineering II. Problem Sources 1.Requirements definitions, omissions, and mistakes 2.System design flaws 3.Hardware implementation flaws, such.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
(Geneva, Switzerland, September 2014)

(Geneva, Switzerland, September 2014)
Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Lesson 10 – SECURING YOUR NETWORK Security devices Internal security External security Viruses and other malicious software OVERVIEW.

Similar presentations

Ads by Google