1. Dalibor Ratković dalibor.ratkovic@telegroup.ba TeleGroup 03.11.2010. god. Sigurnost IT resursa nove generacije

2. Slide 2 Agenda Današnja situacija na polju IT sigurnosti Mehanizmi zaštite Praktična riješenja Pitanja i odgovori Demonstracija i pilot projekti kod korisnika

3. Slide 3 Rizici kojima ste izloženi Prekid poslovnih aktivnosti Gubitak produktivnosti Krađa informacija Odgovornost za nastalu situaciju Narušena reputacija i gubitak povjerenja kod korisnika

4. Slide 4 Upravljanje procesom sigurnosti 99% organizacija je prijavilo incident iako su imali antivirusnu zaštitu i firewall sisteme Potrebno je izvršiti zaštitu od svih mogućih prijetnji

5. Slide 5 Kreatori čuvenih virusa Profil: –Muškarci –Između 14 i 34 godine –Bez djevojke –BEZ KOMERCIJALNOG INTERESA !!!!

6. Slide 6 Današnja realnost According to investigators, in 2003, a student of Balakov Institute of Engineering, Technology and Management, Ivan Maksakov, 22, developed a few knowbots and set up a network of hackers. The bots initiated DoS- attacks on the web-sites of bookmakers, which were accepting stakes in the Internet.

7. Slide 7 Organizovane kriminalne grupe

8. Slide 8 Phishing Andrew Schwarmkoff Connection to the russian Mafia Phishing of Creditcard-Numbers „The Phisher-King“

9. Slide 9 Koliko je velika malware industrija? The FBI claims financial loss from spyware and other computer-related crimes have cost U.S. businesses $62 Billion in 2005 26,150 unique phishing variations counted in August 2006 by the Anti- Phishing Working Group Costs of goods and services in cybercrime forums: $1000 – $5000: Trojan program, which could steal online account information $ 500: Credit Card Number with PIN $80-$300: Change of billing data, including account number, billing adress, Social Security number, home adress and birth date $150: Driver‘s licence $150: Birth certificate $100: Social Security Card $7 - $25: Credit card number with security code and expiration date. $7: Paypal account log-on and password

10. Slide 10 Threat Evolution to Crimeware 2001 Complexity 2003200420052007 Crimeware Spyware Spam Mass Mailers Intelligent Botnets Web Based Malware Attacks Multi-Vector Multi- Component Web Polymorphic Rapid Variants Single Instance Single Target Regional Attacks Silent, Hidden Hard to Clean Botnet Enabled Vulnerabilities Worm/ Outbreaks

11. Slide 11 More Dangerous & Easier To Use Packet Forging/ Spoofing 19901980 Password Guessing Self Replicating Code Password Cracking Exploiting Known Vulnerabilities Disabling Audits Back Doors Sweepers Sniffers Stealth Diagnostics High Low 2000 DDOS Internet Worms Technical Knowledge Required

12. Slide 12 Sadašnja Situacija 22,000 new malware samples per day, a network worm breakout and the sandbox- enabled antivirus Nearly 30,000 Malicious Web Sites Appear Each Day

13. Slide 13 Međunarodni standardi Financial Services Regulations  Basel II – Global  Gramm-Leach-Bliley Act (GLBA) – US  Payment Card Industry (PCI) Security Standard – Global Industrijski standardi  BS ISO/IEC 27002 Compliance - Global  CobiT - Global  Data Protection Act (DPA) - UK

14. Slide 14 Metodologija zaštite u IP mrežama

15. Slide 15 Zaštita na klijentu/hostu na više nivoa 1025 ?? 445 135 115 80

16. Slide 16 Zaštita na Internet gateway na više nivoa

17. Slide 17 Dva nivoa zaštite two-tier

18. Slide 18 RIješenja 1 Firewall IPS/IDS sitemi Content Monitoring/Filtering Antivirus na hostovima, mail box i na nivou GW Antispam zaštita Endpoint security WAF SSL VPN

19. Slide 19 RIješenja 2 Data Leakage Prevention Encryption/PKI/Digital Certificates Identity & Access Management (NAC) Patch Management Penetration Testing/Risk & Vulnerability Assessment Log and Event Management Platform Database Security IT Forensics

20. Slide 20 Partneri Telegroupa

21. Slide 21 Partneri

22. Slide 22 Content Monitoring/Filtering Kontrola Internet pristupa kao značajnog elementa u poslovanju Privatno korištenje Interneta narušava poslovne aplikacije –30-40% saobraćaja ne koristi se u poslovne svrhe –P2P programi, Instat Messanger, Skype, Kaaza... 30% od ukupnog broja zaposlenih šalju povjerljive informacije slučajno ili namjerno

23. Slide 23 Web Threats are Increasing The Malware Landscape is slowly shifting to Web- based attacks (HTTP) and a collaboration of existing technologies is needed to combat the new wave of malware threats Worms No fundamental change, slow growth WebThreats High Volume and Growing

24. Slide 24 Blue Coat - kompletno rešenje Public Internet Internal Network Port 80 traffic Reporter Visual Policy Manager Management Tools Director Authenticate IM ProxySG Streaming P2P ProxyAV Web AV Filtering

25. Slide 25 IPS/IDS riješenja

26. Slide 26 IPS/IDS riješenja

27. Slide 27 IPS/IDS riješenja

28. Slide 28 EndPoint Security Know your environment  Vulnerability assessment and network discovery Manage Known Risk  Through effective patch management Manage Unknown Threats  Through white list based application control Prevent data leakage  White list based peripheral device management  Secure data in transit Secure mobile devices  Disk encryption with boot protection  Protection for mobile devices

29. Slide 29 Lumension Device Control  Enables only authorized removable (peripheral) devices to connect to network, laptop, thin client, laptop and desktop  Reduces risk of data theft, data leakage and malware introduction via unauthorized removable media  Assures and proves compliance with the landslide of regulations governing privacy and accountability

30. Slide 30 Blue Coat Visibility PacketShaper –Install onto network (inline or out) –AutoDiscover & measure Classify –Find all applications on network –See hard to find - P2P, Skype, YouTube, iTunes, Flash TV –Break down Enterprise applications SAP, Citrix, Microsoft Measure –Utilization –Response times –120+ stats

31. Slide 31 Top 10 and Response Times Top 10 : Where Budget is Spent –How much bandwidth is recreational –P2P, YouTube, FlashTV, iTunes, etc –What % goes to mission critical Response Times –Total Delay: per transaction, per app –Network Delay: time on network –Server Delay: Time spent by server SAP Response Times Spiking Cause: Spike in connection hitting server. Most connections ignored Total Delay SAP Order Entry: 1220 ms Network Delay: 340 ms Server Delay: 880 ms

32. Slide 32 PacketShaper Visibility –All Applications –Real Time Voice MOS Granular QOS –Per App, User, Call –Intelligent MPLS –Real Time Optimization Compression –Diskless –2x-4x Capacity Gain 32

33. Slide 33 Reference Telekom Srpske Uprava za Indirektno oprezivanje, MUP RS Klinički Centar Univerzitet Apeiron, Slobomir Univerzitet, Statistički zavod RS, HET Vlada Brčko distrikta VolksBanka, Komercijalna Banka Nova Banka Balkan Investment Banka Pavlović Banka Bobar Banka

34. Slide 34 Implementirano rješenje

35. Slide 35 Implementirano rješenje br. 2

36. Slide 36 Implementirano rješenje br. 2

37. Pitanja i odgovori! TeleGroup Marije Bursać 8 78000 Banja Luka, Republika Srpska, BiH +387 51 321 000 http://www.telegroup-bih.com