Presentation is loading. Please wait.

Presentation is loading. Please wait.

Stop Cyber Threats With Adaptive Micro-Segmentation

Published byAmber Hubbard Modified over 6 years ago

Similar presentations

Presentation on theme: "Stop Cyber Threats With Adaptive Micro-Segmentation"— Presentation transcript:

1 Stop Cyber Threats With Adaptive Micro-Segmentation
David Gurley Senior Systems Engineer - Texas

2 Why Micro-Segmentation? What is Adaptive Micro-Segmentation?
Agenda Why Micro-Segmentation? What is Adaptive Micro-Segmentation? Illumio’s Adaptive Security Platform Architecture Slow

3 Common Breach Methodology
What is Driving Micro-Segmentation? Number of Breaches in 2016 Alone 2,260 months 3-6 Average Dwell Time Common Breach Methodology Step 1: Breach low value workload Step 2: Map paths and connections Step 3: Move to high value assets Two statistics typify the last decade: [Click]/[click] Attackers advantage at the perimeter, but Ds should have advantage in the interior. But that’s not what happens. – Why? I saw this pattern at NSC, and this drove me to transition to Illumio. #breaches: from 2016 Verizon Data Breach Report Dwell time: from 2015 Ponemon Advanced Threats study Nail down dwell time to a single statistic. Attackers think in graphs

4 What’s Happening Behind The Firewall?
Internal data center communication aka East / West traffic

5 Complications of Traditional FWs for Internal Segmentation
59% of companies have little to no security visibility into traffic flows between applications 87% of companies have multiple outages resulting from configuration issues 4 hours to create a SINGLE firewall rule for a new application 75% of companies have no method to remove expired ACLs or firewall rules

6 What is Micro-Segmentation?
”Segmentation adds separation and defense in depth, which is needed to contain attacks and limit the impact of a successful exploit.” – Greg Young, Research VP, Gartner Stop the spread of unauthorized lateral movement Control Contain X A flexible and adaptable segmentation solution architected and designed for today’s modern data center and cloud

7 Adaptive Micro-Segmentation - Goals
Stop Cyber Threats Container Bare-metal Virtual Machine Private DC Cloud Visibility into network-based communication Adapt to changes in data center and cloud Control lateral movement (aka East/West traffic) Reduce friction between Application / Security / Infrastructure teams Secure applications running anywhere on anything

8 Coarse Grained Segmentation
Layers of Adaptive Micro-Segmentation x User-Segmentation Coarse Grained Segmentation Micro-segmentation Nano-segmentation Groups Users Entitlements Geo Environmental Zone Process Container Application Application Tier Workload (VM, Bare Metal) Course Grained Segmentation - Environmental Segmentation – segmenting environments such as development and production (Morgan Stanley) Micro Segmentation  – segmentation at the application or application tier level (Salesforce) Nano-segmentation – process level segmentation for dynamic applications like Active Directory (CAA) User Segmentation – dynamic enforcement of user connectivity to applications HR users only see HR apps These are the various levels of Adaptive Segmentation that translate into how customers use Illumio today….

9 Illumio Adaptive Security Platform (ASP)™
Collection/Enforcement Points Controller Labels Role Application Environment Location BARE-METAL SERVER VIRTUAL MACHINE CONTAINERS NETWORK AWS AND AZURE SECURITY GROUPS Context & Telemetry Workloads | IPs | Services | Flows Declarative Natural Language Policy API Policy Compute Engine Security Rules Policy State Idle Build/Test Enforce API

10 How Customer Are Using Adaptive Segmentation
Flow Visibility & Application Dependency Mapping Segmenting & Protecting High-Value Applications Segmenting Environments Migrating Applications Active Directory Securing Hybrid Environments and / or Greenfield Data Centers User Segmentation

11 You Can’t Secure What You Can’t See
Understand application dependencies and risk Model policy with visual feedback before enforcing Check compliance and identify threats

12 600+ Workloads, 1.2M Flows

13 Turns Into

14 Illumio: Capabilities
"Illumio pioneered traffic flow visibility to allow you to accelerate your micro-segmentation strategy.” Neil MacDonald - VP Distinguished Analyst, Gartner Illumio: Capabilities Illumination Understand & visualize applications & workload relationships Model & test security policies Identify & alert on threats behind the firewall Enforcement Enforce policy anywhere: data center, private & public cloud Adapt to changes through continuous policy computation Write policies in natural language; labels & relationships SecureConnect Encrypt data-in-motion between any workloads or entire applications Enable policy-driven encryption anywhere Create on-demand IPsec connections Full Visibility, Enforcement, and Encryption

15

16

17

18

19

20 Thank You

Download ppt "Stop Cyber Threats With Adaptive Micro-Segmentation"

Similar presentations

B. Ramamurthy 4/17/20151. Overview of EC2 Components (fig. 2.1) 10..* 1 1 1 1 4/17/20152.

B. Ramamurthy 4/17/ Overview of EC2 Components (fig. 2.1) 10..* /17/20152.
The Most Analytical and Comprehensive Defense Network in a Box.

The Most Analytical and Comprehensive Defense Network in a Box.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.

Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.

©2014 Bit9. All Rights Reserved Building a Continuous Response Architecture.
© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.

© 2015 Cisco and/or its affiliates. All rights reserved. 1 The Importance of Threat-Centric Security William Young Security Solutions Architect It’s Our.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
MyCloudIT Removes the Complexity of Moving Cloud Customers’ Entire IT Infrastructures to Microsoft Azure – Including the Desktop MICROSOFT AZURE ISV: MYCLOUDIT.

MyCloudIT Removes the Complexity of Moving Cloud Customers’ Entire IT Infrastructures to Microsoft Azure – Including the Desktop MICROSOFT AZURE ISV: MYCLOUDIT.
How to protect your Virtual Datacenter Michiel van den Bos.

How to protect your Virtual Datacenter Michiel van den Bos.
VMware NSX and Micro-Segmentation

VMware NSX and Micro-Segmentation
12 Steps to Cloud Security A guide to securing your Cloud Deployment Vishnu Vettrivel Principal Engineering Lead,

12 Steps to Cloud Security A guide to securing your Cloud Deployment Vishnu Vettrivel Principal Engineering Lead,
Flight is a SaaS Solution that Accelerates the Secure Transfer of Large Files and Data Sets Into and Out of Microsoft Azure Blob Storage MICROSOFT AZURE.

Flight is a SaaS Solution that Accelerates the Secure Transfer of Large Files and Data Sets Into and Out of Microsoft Azure Blob Storage MICROSOFT AZURE.
Protecting High-Value Applications: A New Approach John Westerman.

Protecting High-Value Applications: A New Approach John Westerman.
DenyAll Delivering Next-Generation Application Security to the Microsoft Azure Platform to Secure Cloud-Based and Hybrid Application Deployments MICROSOFT.

DenyAll Delivering Next-Generation Application Security to the Microsoft Azure Platform to Secure Cloud-Based and Hybrid Application Deployments MICROSOFT.
Microsoft Azure and ServiceNow: Extending IT Best Practices to the Microsoft Cloud to Give Enterprises Total Control of Their Infrastructure MICROSOFT.

Microsoft Azure and ServiceNow: Extending IT Best Practices to the Microsoft Cloud to Give Enterprises Total Control of Their Infrastructure MICROSOFT.
1 Implementing a Virtualized Dynamic Data Center Solution Jim Sweeney, Principal Solutions Architect, GTSI.

1 Implementing a Virtualized Dynamic Data Center Solution Jim Sweeney, Principal Solutions Architect, GTSI.
Deep Security and VMware NSX Advanced Security Framework for the Software-Defined Data Center Anand Patil National Sales Manager, SDDC CONFIDENTIAL1.

Deep Security and VMware NSX Advanced Security Framework for the Software-Defined Data Center Anand Patil National Sales Manager, SDDC CONFIDENTIAL1.
Check Point vSEC STORY [Protected] Non-confidential content.

Check Point vSEC STORY [Protected] Non-confidential content.
READ ME FIRST Use this template to create your Partner datasheet for Azure Stack Foundation. The intent is that this document can be saved to PDF and provided.

READ ME FIRST Use this template to create your Partner datasheet for Azure Stack Foundation. The intent is that this document can be saved to PDF and provided.
Grow Your Business with the Security Leader

Grow Your Business with the Security Leader
Chapter 6: Securing the Cloud

Chapter 6: Securing the Cloud

Similar presentations

Ads by Google