Presentation is loading. Please wait.

Presentation is loading. Please wait.

Defending high value targets in the cloud using IP Reputation

Published byIna Kopp Modified over 6 years ago

Similar presentations

Presentation on theme: "Defending high value targets in the cloud using IP Reputation"— Presentation transcript:

1 Defending high value targets in the cloud using IP Reputation
ThreatSTOP Tom Byrnes, Founder and CEO 1 1

2 Summary ThreatSTOP: Using Cloud derived intelligence to deliver IP block-lists to firewalls to protect against current threat sources. Sorteo Games: Private Virtualized cloud service providing mobile and online gaming, as well as back-end processing for regulated lottery games. Vyatta: Physical and Virtual firewalls providing infrastructure services to run both. 1/17/2019

3 Set up for Demo Placeholder 1/17/2019

4 Asymmetric Net-Warfare
FireWall LB LAN FireWall LB Access Router Firewall HTML FTP Mail HTML FTP Mail LAN 1/17/2019

5 Sorteo Games Sorteo Games Games:
leading provider of regulated server-based wireless, Web and electronic lottery systems and services in Latin America proprietary technology combining server-based gaming, with wireless connectivity currently holds two national lottery systems and distribution licenses and operates the leading government regulated revenue generating national lottery wireless & interactive channels and electronic lottery terminals in Mexico. 1/17/2019

6 Botnet Defense Cloud Enables firewalls to block all traffic to and from known criminal sites 1. Aggregate threat feeds from public and proprietary monitors 2. Produce predictive, real-time threat list by proprietary correlation engine 3. Deliver threat list to firewalls via DNS (patent-pending) 4. Firewalls block inbound/ outbound traffic 5. Customer logs become part of ThreatSTOP defense network 5 1 ThreatSTOP Botnet Defense Cloud service, uses IP reputation, updated in real-time and automatically distributed via DNS, enabling firewalls to: protect networks against botnets and criminal malware block outbound “call homes” to command and control block incoming reconnaissance and attacks prevents data theft increases network “goodput” reduce network load and attack surface reduce capital and operational costs 2 4 3 1/17/2019 6

7 Vyatta Vyatta : software-based, open-source, network operating system
works on standard x86 hardware works on common virtualization platforms VMware Xen & XenServer Red Hat KVM AMI for Amazon provides a complete enterprise-class routing and security feature set capable of scaling from DSL to 20Gbps performance used by thousands of physical and virtual infrastructures around the world, from small enterprise to Fortune 500 customers 1/17/2019

8 Sorteo Games WAN 1/17/2019

9 The Problem Sorteo Games is a high value, high visibility target
Needs to be well protected, and auditable Has to ensure compliance with regulations limiting geographic access Thousands of attack scans and password cracking attempts per day Needs to be accessible to consumers, mobile, and retail But How? 1/17/2019

10 The Solution We did this independently, but this slide, taken from Chris Brenton’s presentation on The Basics of Virtualization Security, available on the CSA website, describes the architecture we used, excluding the addition of ThreatSTOP 1/17/2019

11 US Datacenter The US Datacenter provides backend processing and the web/wap servers as well as SMS gateway services. A cluster of Vyatta firewalls on Dell hardware firewall both the public and private IP address space, and provide internal VPN connections to other Sorteo Games sites. Separate hardware, still protected by the Vyatta cluster, provide the connections to payment processors. All connections are filtered through he Vyattas, and protected by ThreatSTOP. 1/17/2019

12 US Office The US Office provides typical Office Automation and Development services. All servers are virtualized and clustered. A cluster of Vyatta firewalls as VMs, one on each ESXi node firewall private IP address space, and provide internal VPN connections to other Sorteo Games sites. All connections are filtered through the Vyattas, and protected by ThreatSTOP. 1/17/2019

13 Mexico Datacenter The Mexico Datacenter handles the actual issuance of tickets and manages the interface to the lottery. The hosts are doubly secured by a hardware VPN to the US Datacenter and all, except the ESXi host and the Vyatta VM, are behind a Vyatta firewall, with strictly limited connections to only those systems absolutely needed. Security policy is enforced at both the Vyatta VM and the Vyattas in the US Datacenter. This location has no Internet access, and so does not run ThreatSTOP. 1/17/2019

14 Asymmetric Net-Warfare
Firewall FireWall LB LAN FireWall LB Access Router HTML FTP Mail HTML FTP Mail LAN 1/17/2019

15 The Result Thanks to the “cloak of invisibility” attackers think there’s “nothing to see, move along now”, and so the average volume of attacks and scans decreased by a factor of 3, and attacks are far less persistent, so the baseline is even lower. 1/17/2019

16 Port Distribution 1/17/2019

17 Drilldowns 1/17/2019

18 In VPC 1/17/2019

19 Applications Proactive security
Cost/Bandwidth reduction for hosted services Geographic Filtering Reporting across multiple locations and facility types Forensics 1/17/2019

20 Demo 1/17/2019

21 Summary Vyatta provides single platform that can be used across physical and virtual infrastructure, with same UI and feature set ThreatSTOP provides cloud service delivering security of the cloud, to the cloud Sorteo Games has a secure service enabling customers to play wherever, whenever, and however suits them NOTHING BUT NET! 1/17/2019

22 Thank You Tom Byrnes, CEO tomb@threatstop.com 760-542-1550 x 4242
Cell: 1/17/2019

Download ppt "Defending high value targets in the cloud using IP Reputation"

Similar presentations

Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.

Cybersecurity Training in a Virtual Environment By Chinedum Irrechukwu.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
Presented by Serge Kpan LTEC 4550.020 Network Systems Administration 1.

Presented by Serge Kpan LTEC Network Systems Administration 1.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.

1 Managed Security. 2 Managed Security provides a comprehensive suite of security services to manage and protect your network assets –Managed Firewall.
Barracuda Load Balancer Server Availability and Scalability.

Barracuda Load Balancer Server Availability and Scalability.
1 Monday, June 27, 2011Copyright© 2011 Dragnet Dragnet ® Cloud Service Introduction Matthew McLeod, Managing Director

1 Monday, June 27, 2011Copyright© 2011 Dragnet Dragnet ® Cloud Service Introduction Matthew McLeod, Managing Director
Agenda Review route summarization Cisco acquire Sourcefire Review Final Exam.

Agenda Review route summarization Cisco acquire Sourcefire Review Final Exam.
1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.

1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.
P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.

P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.
Cloud Computing & Amazon Web Services – EC2 Arpita Patel Software Engineer.

Cloud Computing & Amazon Web Services – EC2 Arpita Patel Software Engineer.
1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.

1 Managed Premises Firewall. 2 Typical Business IT Security Challenges How do I protect all my locations from malicious intruders and malware? How can.
Firewall Network Processor™: Technical Concept and Business Solutions FNP™ – is a trademark of Fractel Inc. December 2008 Columbus.

Firewall Network Processor™: Technical Concept and Business Solutions FNP™ – is a trademark of Fractel Inc. December 2008 Columbus.
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C97-721796-00.

© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco Confidential. For Channel Partners only. Do not distribute. C
Basic Network Gear Created by Alex Schatz. Hub A hub is a very basic internetworking device. Hubs connect multiple machines together and allow them to.

Basic Network Gear Created by Alex Schatz. Hub A hub is a very basic internetworking device. Hubs connect multiple machines together and allow them to.
BOTNET DEFENSE FROM THREATSTOP & JUNIPER Stop Botnets Stealing From You! Presenter: Ken Liu, V.P. Business Development ThreatSTOP, Inc.

BOTNET DEFENSE FROM THREATSTOP & JUNIPER Stop Botnets Stealing From You! Presenter: Ken Liu, V.P. Business Development ThreatSTOP, Inc.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

Similar presentations

Ads by Google