1 / 17

SECURITY FOR SECURITIES AND INSURANCE INDUSTRY

SECURITY FOR SECURITIES AND INSURANCE INDUSTRY. Daniel Phuan Security Engineer Check Point Software, South Asia. Business Moves to the Web. 2000s. Web Servers Proliferate* 1993: 200 1998: 100 Million 2003: 500 Million. “Webification” of the Enterprise. Web Remote Access

bruce-sosa
Télécharger la présentation

SECURITY FOR SECURITIES AND INSURANCE INDUSTRY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SECURITY FOR SECURITIES AND INSURANCE INDUSTRY Daniel Phuan Security Engineer Check Point Software, South Asia

  2. Business Moves to the Web 2000s • Web Servers Proliferate* • 1993: 200 • 1998: 100 Million • 2003: 500 Million “Webification” of the Enterprise • Web Remote • Access • Customer Portals • SSL VPN Mid 1990s • Enterprise Web • Applications • CRM • BPM • ERM • EAI Web Reliance • Intranet Web Portal • Dynamic • Plumtree • IBM • Microsoft • External Web Site • Dynamic Early 1990s • Legacy Apps w/ Web Interface • Outlook Web Access • SAP • Intranet Web Portal • Static, Manual • External Web Site • Static Sophistication of Web Environment • Delivering Access over the Web • Customer Portals • Partners Portals • SSL VPN • Applications Deliver Web Interface • MS Outlook • SAP • Oracle • Peoplesoft • Seibel *IDC

  3. SSL VPN: Anywhere Access Add more remote users beyond current 20 percent • Less technical employees • Partners Reduce remote access support costs • Browser based; no client maintenance • Less end user complexity Additional access options • Access from home PC, corporate PC, Internet kiosk • Day Extenders • Email • Basic applications • Home computer • Teleworkers • Email • Applications • Company computer • Mobile workers • Email • Basic applications • Company computer or public computer • Intranet • Email • Applications • Files • Extranet • Portal • Applications • Files • Extranet access • Partner computers

  4. SSL VPN: Everywhere Access • With IPSec you knew who was coming in • With SSL VPN you don’t (usually) Firewall, antivirus + Access Agreement Company- owned PC Partner PC Company- owned PC Employee home PC Partner PC Public Internet kiosk Completely unmanaged/unsecured

  5. Web Threat Environment Most cyber attacks and Internet security violations are generated through Internet applications.

  6. Integrating Web Security • Secure coding practices • Penetration testing & auditing • Web Application Firewalls • Endpoint Security Web-Related Trends • Intranet Portals • Web enable legacy applications • Extranet portals • SSL VPN Web-based access Web Enabling Business

  7. SSL VPN Drivers Business Drivers • More access from more places • Broadband in the home, kiosks, business centers • The rise of the Day Extender • A few hours at home a week • Increasingly mobile workforce • Growth in business partnerships, Extranets • Security concerns of Web-based systems • Security concerns from non-managed PCs Solutions • SSL VPN • Creates an SSL Web-based interface for employees and partners • Deploy Web Security and Endpoint security controls with SSL VPN Fast Fact #1: 30% -SSL VPNs that are deployed for Extranet use Fast Fact #2: 26.5 -Typical # of Spyware programs running on endpoint PCs Source #1: Check Point user survey Source #2: Earthlink Spy Audit, 1/1/04 through 6/30/04

  8. Web Application Firewall Drivers Business Drivers • 90’s- aggressively deployed web apps and portals • Explosion of Web-based threats • SQL Injection, Command Injection, Cross Site Scripting, Buffer overflow attacks, worms, etc. • Corporations held liable for ensuring customer privacy and data integrity • Most applications do not provide basic security checks • Input validation • Very Expensive to retrofit security in existing infrastructure Solution • Network-based Web security • Provide security checks at the perimeter • Easier & quicker than updating all servers Fast Fact: 20 Years -Years retailer Guess must under go annual security audit for exposing credit cards to hackers Source: http://www.securityfocus.com/news/5968

  9. Endpoint Security Drivers Business Drivers • More access from more places • Broadband in the home, kiosks, business centers • Exponential growth in malicious attacks • Spyware, Malware, Trojan Horses • Businesses creating Web portals • Increased information sharing with partners • SSL VPN Web-based access from unmanaged endpoints Solutions • Desktop Security in the enterprise • Firewalls, AV, etc. • Browser-based security solutions • Push security controls through the browser • Malware Scan, host check, etc. Fast Fact: Every 30 Seconds -frequency of attacks on a computer on the Internet Fast Fact: One in Three -PCs with system level malware in Earthlink study Source #1: mi2G Intelligence Unit, London, UK, August 2004 Source #2: Earthlink Spy Audit, 1/1/04 through 6/30/04

  10. Check Point Web Security Portfolio • SSL VPN for Web-based remote access • Connectra, The Web Security Gateway • Unified SSL VPN, Web security, and Endpoint security • SSL Network Extender • Network-level SSL VPN for Connectra & VPN-1 • Web Application Firewall • Web Intelligence • Web Security for Connectra & VPN-1 • Endpoint Security • Integrity Clientless Security • Integrated into Connectra, available for Web applications Bringing Business to the Web Securing the Web for Business

  11. Web Security Solution

  12. Introducing ConnectraWeb Connectivity with Unmatched Security Web Security Gateway Features • Secure Web-Based Connectivity • Integrated Server Security • Adaptive Endpoint Security • One-Click SSL Extranet • Seamless Network Deployment and Management SSL VPN Integrated Security Easy Deployment

  13. Introducing SSL Network ExtenderSecure Network-Level Connectivity over the Web • Network-level connectivity over SSL VPN • Browser Plug-in • Supports all IP-based applications • TCP, UDP, ICMP, FTP, etc. • Integrated with Check Point Gateways • Connectra • Enables native applications support • VPN-1 • Combined IPSec and SSL SSL

  14. Introducing Web IntelligenceProtection for the Entire Web Environment Web application firewall technology for Check Point products. • Advanced Product Features • Malicious Code Protector ™ Patent-pending technology that catches buffer overflow attacks and other malicious code. • Advanced Streaming Inspection Extends the inspection and reconstruction capabilities of the INSPECT architecture by adding active traffic control of live traffic streams. • Simple Deployment and Management Built to be quickly deployed to protect Web servers without complex tuning and configuration. • Seamless Integration with Check Point ProductsProvides protection for the entire Web environment. • Included in Connectra • Available as an add-on to VPN-1 gateways • Will be available on InterSpect Web Servers

  15. Introducing Integrity Clientless Security Key Features • Spyware Detection & Remediation • Simple Deployment & Maintenance • Network Access Policy Enforcement • Integrates with Web Applications- Outlook Web Access, Extranet Portals • Integrated with Connectra Key Benefits • Stops ID and password theft, prevents data loss • Makes it easy to secure non-IT controlled PC’s that access the enterprise network • Prevents any non-compliant remote PC from compromising enterprise security

  16. Check Point Securing the Web for Business • Intranet Portals • Web enable legacy applications • Extranet Portals • SSL VPN web-based access • Connectra • SSL Network Extender Web Enabling Business Integrating Web Security • Secure coding practice • Penetration testing & Auditing • Web Application Firewalls • Web Intelligence • Endpoint Security • Integrity Clientless Security

  17. Check Point Web Security Thank You!

More Related