1 / 27

World’s first driver-centric desktop firewall with central control for corporate laptops

Explore the world's first driver-centric desktop firewall with central control for corporate laptops. Learn about packet filtering, process control, NetOp Desktop Firewall, NetOp Policy Server, and examples of usage.

jherschel
Télécharger la présentation

World’s first driver-centric desktop firewall with central control for corporate laptops

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. World’s first driver-centric desktop firewall with central control for corporate laptops

  2. Product Presentation • What is a firewall? • Packet Filtering • Process Control • NetOp Desktop Firewall • NetOp Policy Server • Examples of usage

  3. Product Presentation • What is a firewall? • Packet Filtering • Process Control • NetOp Desktop Firewall • NetOp Policy Server • Examples of usage

  4. What is a Firewall? • The Original Firewall • The word firewall was originally used in London as a name for a brick wall placed between wooden houses and its purpose was to slow down fires that otherwise would spread rapidly through the city. • The Information Technology Firewall • The IT community was inspired by the history above and started to use the name firewall for an entity that could limit or filter data packets passing from one network through the entity to another network. • The main purpose of a firewall is to shield computers placed behind the firewall from unwanted or malicious data packets originating from computers located somewhere on the other side of the firewall.

  5. What is a Firewall? ... • Perimeter Firewalls • This is the traditional firewall used today by most companies that are connected to the Internet. Its primary objective is to protect computers behind the firewall from unwanted data packets originating from the Internet. • Once a PC is through the firewall, there is no control. • Often the firewall has applied a technology called Network Address Translation (NAT) that make the internal computers invisible to computers on the Internet. They will see all data packets as coming from the firewall itself. • Most Perimeter Firewalls are dedicated computers running firewall software on top of a highly customized operating system.

  6. What is a Firewall? ... • Standard Personal Firewalls (computer perimeter centric) • After a while companies started to realize that a Perimeter Firewall was not enough. A single computer located behind a Perimeter Firewall could communicate unrestricted with any internal computer and jeopardize the security. • A Personal Firewall is firewall software with a local configuration running on top of a standard operating system and its purpose is to protect the computer itself.

  7. What is a Firewall? ... • Distributed Personal Firewalls • A Distributed Personal Firewall is firewall software with a centralized managed configuration running on top of a standard operating system and its purpose is to protect the computer itself. • These distributed personal firewalls are centrally managed by a Policy Server • A distributed personal firewall Include all standard personal firewall features.

  8. What is a Firewall? ... • Comparing the different types of firewalls • Perimeter Firewall External attacks Internal attacks Easy administration • Standalone Personal Firewall External attacks Internal attacks Easy administration • Distributed Personal Firewall External attacks Internal attacks Easy administration ü û ü ü ü û ü ü ü

  9. What is a Firewall? ... • The main problem • By analyzing the reason to security breaches it appears quite clearly that over 70 % of all security problems are caused by computers placed on the inside of the Perimeter Firewall. • Further investigations reveal that one of the biggest problems is the laptop computers connecting to a number of unknown networks in airports, hotels, customer sites and home offices while they are outside the Perimeter Firewall. • The trend with more and more wireless networks and an increasing number of laptop computers emphasizes the security risk. Internal Computer LaptopComputer PerimeterFirewall

  10. Product Presentation • What is a firewall? • Packet Filtering • Process Control • NetOp Desktop Firewall • NetOp Policy Server • Examples of usage

  11. Packet Filtering • IP FilteringEach IP packet, which is sent to or through a firewall, is evaluated by a set of dynamic or static rules. Unwanted or malicious IP packets can be blocked if certain criteria as the source and destination IP addresses, protocol type, source or destination port are met. ü û Internal Computer External Computer Perimeter Firewall

  12. <129.142.88.27><192.168.1.1>><443><1431><TCP><34EF456CAB29><23450A9><129.142.88.27><192.168.1.1>><443><1431><TCP><34EF456CAB29><23450A9> Packet Filtering … • ExampleBelow is an rule defining that only IP packets normally used for web browser traffic are allowed to reach any computer on the Internet. <dest. addr.><source addr.><dest. port><source port><protocol><data><checksum> û Any Any 80 Any TCP ü ü û ü ü

  13. Product Presentation • What is a firewall? • Packet Filtering • Process Control • NetOp Desktop Firewall • NetOp Policy Server • Examples of usage

  14. Process Control • ProcessesWhenever a program or a service is loaded into memory the operating system starts it as a process. A process consists of code lines written by a programmer to a specific operating system. These code lines can be part of a friendly program like a word processor, but they can also be part of a malicious program like a worm or Trojan horse. • Viewing processesIn the Windows task Manager you can see the different programs and services.

  15. Process Control … • What is Process Control?This is a validation check against a process control program database to determine the following conditions for a process: • May a process be loaded at all? • May a running process communicate with the network? The database contains signatures that uniquely identifies each defined process and prevents renaming fraud. ? ü

  16. Product Presentation • What is a firewall? • Packet Filtering • Process Control • NetOp Desktop Firewall • NetOp Policy Server • Examples of usage

  17. NetOp Desktop Firewall • Centrally controlled, distributed personal firewallThe NetOp Desktop Firewall is a true driver based firewall client designed specifically to meet the needs of corporate business and it consists of the following main functionality: • Process Control • Packet Filtering • Local or centrally managed configuration

  18. Key features NDIS Miniport Driver and TDI Driver based firewall. Profile system with automatic Network detection rules. Secure Component Checking and protection against Process Hijacking. Deny unknown processes from executing. Firewall rules are active the moment the operating system has a network connection. Stealth ports. Advanced event logging and real time packet view. Bi-directional blocking of ports and protocols. Bi-directional control of trusted networks. Bi-directional control of banned networks. Encrypted communication. Maintenance password. Gigabit & Wireless Compatibility. Low system overhead. MSI Installation. NetOp Desktop Firewall …

  19. Product Presentation • What is a firewall? • Packet Filtering • Process Control • NetOp Desktop Firewall • NetOp Policy Server • Examples of usage

  20. NetOp Policy Server • Distributed NetOp Desktop FirewallsNetOp Desktop Firewall can optionally be centrally managed by the NetOp Policy Server. It includes the modules NetOp Policy Server Console, Master Server and Replica Server. • Control NetOp Desktop Firewalls • Centralized Management DesktopFirewalls Console MasterServer ReplicaServers

  21. Key features Administration from a decentralized Policy Server Console. Master Server holding main Security Policies and log information. Multiple Replica Servers for fault tolerance and load distribution. Manage and monitor Master and Replica Servers in real-time. Manage multiple administrators for work load delegating. All Desktop Firewall configuration organized in Security Policies for easy management. Use Microsoft Active Directory Security Groups to apply Security Policies to computers. The administrator can stop all Internet access instantly. Advanced statistics and logging for trouble shooting and load monitoring. NetOp Policy Server …

  22. Product Presentation • What is a firewall? • Packet Filtering • Process Control • NetOp Desktop Firewall • NetOp Policy Server • Examples of usage

  23. Example 1 • Silent monitoring of process activity • The NetOp Desktop Firewalls are running in a non-restrictive mode monitoring process information. • The process information is send to the Policy Server and stored in the Master Server database. • From the Policy Server Console the administrator can now filter the process information and analyze the results. Based on the results the administrator can apply Security Policies for specific unwanted processes like games, file sharing service and peer-to-peer programs. 1 2 3 1 2 3

  24. Example 2 • Mobile computers using different Profiles depending on location • While connected to the internal network the Policy Server has applied a very strict profile that only allows approved programs to run and communicate. • When the laptop user leaves the company and connects directly to the Internet, a different profile allows the user to temporary approve programs. • After the laptop user returns to the internal network the strict profile is automatically applied again and prevents any programs that was temporary approved to run and thus protecting the internal network from malicious programs. 1 2 3 3 1 2

  25. Example 3 • Working in unsafe environment like a public access wireless network • Working in unshielded environment like public hotspots or airports any computer has access to perform direct attacks at your laptop computer. • Using NetOp Desktop Firewall will completely stealth the presence of you laptop by only allowing outbound packets for specific programs, ports and protocols. 1 2 1 2

  26. Example 4 • Emergency computer lock down • A unknown malicious process runs rampant through the network spreading from computer to computer. Time is critical during the initial moments like this. • From the Policy Server Console the administrator can within seconds perform an emergency lock down of NetOp Desktop Firewall computers. • Once the process has been identified a Security Policy can be applied and the NetOp Desktop Firewalls computers can be re-opened. 1 2 3 1 2 3

  27. World’s first driver-centric desktop firewall with central control for corporate laptops

More Related