1 / 29

Securing your Digital Assets Gabriel Tan, District Manager, South Asia Nokia Enterprise Solutions

Securing your Digital Assets Gabriel Tan, District Manager, South Asia Nokia Enterprise Solutions. About Nokia. World leader in mobile communications Frontrunner in providing mobile, broadband and IP networks Sixth most valuable brand (Interbrand)

chambray
Télécharger la présentation

Securing your Digital Assets Gabriel Tan, District Manager, South Asia Nokia Enterprise Solutions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing your Digital Assets Gabriel Tan, District Manager, South Asia Nokia Enterprise Solutions

  2. About Nokia • World leader in mobile communications • Frontrunner in providing mobile, broadband and IP networks • Sixth most valuable brand (Interbrand) • One of the world’s most respected companies(PriceWaterhouse & Financial Times) • As mobility and Internet converge, Nokia is committed to further enrichingthe daily lives of people

  3. Nokia Organisation Mobile Phones Multimedia Networks Customer and Market Operations Technology Platforms Strategy, Research, Venturing and Business Infrastructure EnterpriseSolutions

  4. Top of mind issues for security • Hardened for security • Simple & manageable • Reliable • Cost • Support multiple applications …and something that adds more complexity …securing wireless

  5. … and they want more from these appliances. What is the primary driver behind appliance-based security technology? What Security Function are you likely to deploy on a security appliance? Customers still want security appliances … By 2007, 80% of all network security solutions will be delivered viaa dedicated appliance. - IDC

  6. Nokia Aligned With Market Preferences Gartner (2005) In-Stat (2005) • Set For Explosive Growth Forrester (2005) • 50% of enterprises prefer separate stand alone appliances • 14% prefer all-in-one • 28% prefer integrated Source: Gartner (July 2005)

  7. Nokia IP Security Platforms Nokia IP2250 DataCenter Service Providers Nokia IP1260 Nokia IP1220 Large Enterprise Nokia IP710 Price Nokia IP560 Small to Mid Enterprise Nokia IP380/IP385 Nokia IP350/IP355 Remote Office Branch Office Check Point VPN-1 Pro or VPN-1 Express Nokia IP260/IP265 Nokia IP40 Performance & Functionality

  8. 300,000+ Installations Check Point / Nokia Installations 2006 1998 The Power of Two: The CheckPoint and Nokia • Overview • 8+, year partnership between Nokia and Check Point • Nokia and Check Point Provide Security to 92 out of Fortuner 100. Check Point • No. 1 Internet Security Company: Built on Firewall Software Success • Award winning GUI • Patented Stateful Inspection Nokia • Internet Security Appliance Pioneer • Built to secure demanding traffic • Fastest performance Platform For Check Point (IPSO) • ‘Audit’ Grade HW Build, OS and Management tools Enterprise and Carrier • The First and Leading HA Firewall Solution for Check Point • Global Support and Service • Innovation • Patented security technologies • Jointly-developed acceleration technologies • Several IETF Reference Points (IPv6, VRRP) etc.. • 600+ security focused engineers

  9. Nokia IP26x Nokia IP40 Nokia Security Firewall Appliances • IPSO - Hardened OS designed for security • Simple procurement and configuration • Single support point for the entire solution • Comprehensive quality assurance on complete hardware and software solution • Network-centric product architecture • First-Call, Final-Resolution support Nokia IP2250 Nokia IP12xx Nokia IP710 Nokia IP3xx

  10. Nokia IP Security Appliance Platforms • Hardware • Nokia Pioneered The IP Security Appliance, knows more about Security Appliances Than Any other Vendor • Nokia Designs and builds Entire Appliance Platform, down To Component Level, including boards etc… • Nokia Develops and QA’s all hardware driver software, with specialized toolsets and bench configurations • Nokia Provides Redundant hot swap power supplies • Nokia Provides Redundant hot swap Network Interface Cards • Nokia Provides Solid State and HDD based System Solutions • Nokia Delivers High Port Density, High Connectivity Solutions • Nokia IP Appliances are Built with Ease of Serviceability in mind • All Systems Quality Assured Under Ideal and ‘Real World’ Operational Environments • All ‘installed base’ hardware, operating system and application combinations QA’d together • Nokia Continues To Invest in Hardware Innovations – ADPs, Solid State Support, 10GigE

  11. Nokia IP Security Operating System • Operating System – IPSecurity Operating System • Network Element Operating System, Optimised For Packet Forwarding • IPSO High Performance Forwarding based on Patented IP Switching Technology • ASIC Firewall Performance From Software Based Firewall, with no Restrictions on Flexibility • Built On Carrier Grade, ‘Battle’ Proven, IP Networking BSD IP Stack, used by Operators and ISPs • Nokia Hardened* Operating System IPSOTM • Early Implementation of Digitally Signed OS • Less Than 10 CERTs in 8+ Years of Field Deployments • Firewall acceleration pioneer, Nokia Patented IP Firewall Flows • The market leader and pioneer in integrated high availability firewall technology VRRP-MC to IP Clustering • World Class, well proven, standards adherent routing • Well proven IPv6 Implementation, deployed in ISP and Operator Networks for 5yrs+ • Multiple OS Image Management for rollback and recovery operations • Powerful CLI, and Diagnostic Shells • Nokia Pioneered Web Interface For Security Appliance Management – Nokia Voyager Element Manager • Nokia Pioneered Security Appliance System Level Management – Nokia Horizon Manager • Do No Harm patch, upgrade and management technology for Entire Systems including Security Applications • Nokia Hardware and Software Asset Auditing tools • Nokia Brings F.C.A.P.S Best of Breed NMS to Security Appliance - Nokia Appliance Manager

  12. What is A Secure Appliance Operating System? • “Applications cannot be more secure than the kernel functions they call” • OS is the right place for security Operating system security is fundamental to the security of every computing system because operating systems are a critical point of failure for the entire system. Unfortunately, attempts to secure computer systems continue to be based on the flawed assumption that adequate security can be provided in applications with the existing security mechanisms of mainstream operating systems. The reality is that secure applications require secure operating systems, and any effort to provide system security that ignores this premise is doomed to fail. – NSA

  13. Anatomy of A Secure Appliance Operating System Enforces the Security Policywith a Security Model implemented by kernel components and by kernel modularity Programming Techniques Development Procedures Security Hardening Identification and Authentication User Data Protection including Access Control File integrity Security Audit … Common Criteria ITSEC FIPS 140 IS 17799 SAS-70 Secure Delivery Digitally-Signed Binaries Secure Lockdown BuildingSecureSoftware Security Functions System Architecture Deployment Processes Independent Validation & Certifications

  14. Software Based(Server Appliance) Packet Processing Policy CPU General Purpose Operating System Security Solutions Flexible but NOT fast

  15. Hardware Based (ASICs) Policy Packet Processing ASIC Based Security Solution Fast but NOT flexible

  16. Nokia IP Security Appliance Nokia Policy CPU CPU CPU CPU API CPU CPU CPU NPU Packet Processing Fast + Flexible

  17. Software Based(Server Appliance) Packet Processing Policy CPU Hardware Based (ASICs) Policy Packet Processing Nokia Unique Value Proposition Nokia Policy CPU CPU CPU CPU API CPU CPU CPU NPU Packet Processing Fast + Flexible Flexible but NOT fast Fast but NOT flexible

  18. "As a dedicated hardware platform, the Nokia IP260 offers some ferocious capabilities.“ -Network Computing Magazine Nokia IP2xx “This product shows how two companies can work together to create a product better than the sum of its parts” -Secure Computing Magazine Nokia IP3xx “A versatile and flexible solution for the high end of the market” -Secure Computing Magazine Nokia IP2250 In Other People’s Words

  19. IP Security Appliance Business • Business Week, 28 Aug ‘02- Nokia's Security Connection"force to be reckoned with... According to tech researcher IDC, Nokia is quickly grabbing market share in the exploding market for firewall/VPN appliances“ • 25.6% of Asia Pacific Security Appliance Market Share • Nokia with Check Point VPN-1/FireWall-1 has 62% VPN and 41% firewall market share (Infonetics Research, VPN Hardware Market) • Frost & Sullivan 2005 Firewall market sharefor Vietnam, Nokia ranked #1

  20. Executive access Employees using a non-corporate device at home, a library or a café Client-server applications like Outlook, & Notes Nokia SSL VPN Internet Web-enabled applications SFA, CRM, ERP Enterprise Intranet Employees using a corporate device at a hotel or using Wi-Fi provider Firewall Mainframe, SSH, FTP, Telnet Partners, suppliers & contractors Linux & Unix users Nokia SSL VPN Enables new mobile connectivity applications Business Continuity

  21. Nokia IP VPN Gateways • Fully-integrated, secure IPSec VPN gateways, with multiple options, for fast, easy deployment in high-performance networks • Advanced dynamic connectivity to mobile devices and other VPN gateways through robust broadband and routing functionality • Extreme system availability using diskless hardware, patented clustering and patent-pending adaptive networking technologies • Product targeted for government sales through planned industry certification including FIPS-140-2, EAL4, ICSA and VPN Consortium Large Office Nokia 500i *VPN Gateway Medium Office Price Nokia 100iVPN Gateway Nokia 50i VPN Gateway Remote Office Branch Office Nokia 5i and Nokia 10iVPN Gateways Performance * Available in 1H 2005

  22. Corporate Wi-Fi Wireless Network (GPRS, 3G) Nokia Mobile IP VPN Solution Mobile VPN Client Native Windows L2TP/IPSec client Remote Access Connectivity Headquarters Internet Nokia 50i Nokia 10i Branch Office Nokia VPN Mgr(with Nokia SSM) Nokia MobileVPN Client Site-to-Site Connectivity

  23. Nokia Enterprise Solutions IT Security Infrastructure IT Apps / Assets ANY Mobile Device Nokia VPN Manager / NHM Mobile Devices& PDAs Employees on enterprise device Nokia Firewall/VPN Nokia SSL VPN Access Network Internet Nokia IP VPN Applications, Files, Authentication, etc. Employees on non-enterprise device Authentication & Encryption Access Control Intrusion Detection Anti-Virus

  24. Nokia Service – First Call – Final Resolution Nokia provides integrated single source, and single contract, support for Check Point VPN-1, Nokia IP Security Platforms, interface cards, VPN accelerator cards, HA software and routing protocols. • Direct Access To Engineering • Support resources have a direct line to hardware engineering, software engineering and QA teams – No company boundaries to span during resolution • Three SCP Accredited TAC centers for follow the sun service • Comprehensive support offerings available worldwide • 8x5 VAR fulfilled or Nokia fulfilled support • 8x5 onsite VAR fulfilled or Nokia fulfilled support • 24x7 VAR fulfilled or Nokia fulfilled support • 24x7 onsite VAR fulfilled or Nokia fulfilled support

  25. Global Support Infrastructure Finland UK Hungary Germany Italy Spain Belgium Canada Japan USA East China China USA West HK USA South East Taiwan Mexico Columbia India Singapore Malaysia Brazil Argentina • Hardware Repair and Replacement Services • Networking Equipment • Field support in more than 2000 cities • Onsite Service Options: NBD, Same Day • 4 Hour Response, 2 Hour Response • Mobile Devices • Advanced Exchange • Return and Repair • Walk In Service • End User help desk support delivered by 19 Customer Care Centers globally • Set up assistance • Access to device specialists • >1000s of repair service points globally • Enterprise level technical support delivered by • Global Technical Assistance Centers • Nokia First Call-Final Resolution • Follow The Sun Support • Available 365x24x7

  26. Technical Support: Global 365x24x7 Nokia Technical Support (First Call – Final Resolution) through Follow the Sun Model. Three regional Technical Assistance Centers (TACs) & four Product Line Support (PLS) Centers located with R&D. (TACs) in Kanata, London, Singapore, India and Tokyo. (PLS) in Mountain View, Pittsburgh, India & Helsinki. Advanced HW Replacement: 5 Global DHL Hosted Spares Depots in Cincinnati, Brussels, Singapore, Tokyo & Shanghai. Same Day Shipping Globally & Next Day Delivery in the US, EU, Singapore, Japan & China. Global TAC & Field Infrastructure On-Site HW Replacement: Global Field Services Infrastructure for 5x8xNBD / 24x7x4h On-site HW Replacement. 2000 Field Service Locations Globally

  27. Firewall Network AV ID/P ServicesBroad Attack Detection Deep PacketInspection Application Control Real Time Response ServicesVirus Mitigation Spyware, Adware, Malware Detection and Control Malicious MobileCode Mitigation ServicesAccess Control Application Control Protocol Validation Enforcement Security Appliances with a “tuned” Operating System(Nokia appliances with IPSO Operating System) Services Resiliency, Performance, Policy Control, flow management, Anomaly Detection, Regulatory Compliance, extensibility Nokia Uniqueness in Unified Threat Management • Problem: • Multiple discrete services x Multiple Locations = Security Trade-Offs • Nokia UTM: • Unified secure mobility services x Multiple locations = Limited Trade-Offs

  28. Firewall VPN (IP &/or SSL) ID/P Directory Services Email VoIP Directory DNS Security and Mobility Unification Nokia Unified Threat Management Functions Email, PIMServer • All-in-one secure mobility architecture • Ease of management, integration, deployment • Consolidated management framework NokiaManagementCenter(Admin Interface)

More Related