480 likes | 699 Vues
Optimizing Network Security Greg Brown McAfee Network Defense. Organized Hackers. ERP. SaaS. Web 2.0. Targeted Attacks. facebook. twitter. CRM. Today’s Environment. Internet. Bots. Organized Hackers. ERP. SaaS. Web 2.0. Targeted Attacks. facebook. twitter. Salesforce.
E N D
Organized Hackers ERP SaaS Web 2.0 TargetedAttacks facebook twitter CRM Today’s Environment Internet Bots
Organized Hackers ERP SaaS Web 2.0 TargetedAttacks facebook twitter Salesforce Complexity Impact Fragmented technology management Multi-product solutions(NAC, Data Protection) Compliance requirements Increased operational cost Data and productivity risk Reduced business agility Today’s Environment Internet Bots
A Better Way What if… • Security technology worked together seamlessly • Threat protection was prevalent throughout your network • Investigation escalations could be simplified • Compliance was a natural result of your security investment • Security could reduce your operating costs 4
Optimized Security Architecture Global Threat Intelligence Sustained Compliance Security Innovation Alliance (SIA) System Network Security Management Platform Network Network
McAfee Network Security Portfolio Management Protection Policy Platform • Comprehensive threat/vulnerability protection • Enabled by Global Threat Intelligence • User-aware policy controls • Flexible policy definition • Compliance monitoring • Common Management framework • Optimized workflow • Role-based administration • High performance • Scalability • Enterprise-class reliability • Flexible delivery (appliance, blades, virtual) Network
Internet Gateways Network Defense Intrusion Prevention User Behavior NAC Firewall DLP UTM Web Email McAfee Network Security Portfolio
Every Day is Day Zero • Over 1,200,000 malware detections identified in first half 2009 • 80% of malware is obfuscated with packers and compression technologies • Password stealing Trojans increased 225% in 2007 • 80% of attacks financially motivated; up from 50% two years ago # of Threats Being prepared requires continual research on a global scale
Global Threat IntelligenceUnique to McAfee Global Threat Intelligence Automated Compliance System Network Security Management Platform
Most Comprehensive NetworkSecurity Research Web Security Research EmailSecurityResearch NetworkSecurityResearch RegulatoryComplianceResearch McAfeeCustomers MalwareResearch VulnerabilityResearch Global Threat Intelligence Automated Compliance System Network Security Management Platform
Protocol definition/behavior/ reputation • Network attack definitions • Phishing/Malware • IP/URL reputation • Content based malware • Exploits • Protocol definition/behavior/reputation • Vulnerability assessment • Anti-malware • IP/URL reputation • Spam profiles • Anti-malware • Protocol definition/behavior/ reputation • Network attack definitions • IP reputation • Anti-Malware • IP/URL reputation • Spam profiles • Network attack profiles • Anti-malware Intrusion Prevention User Behavior NAC Firewall UTM DLP Web Email Global Threat Intelligence Technology Capabilities
Gotyou.com BOTS Web Gateway Email Gateway Firewall - IPS Global Threat IntelligenceZero Day Response Environment Internet • New phishing email • on webmail 2. User clicks 3. Malware detected even without a signature
Gotyou.com BOTS Web Gateway Email Gateway Global ThreatIntelligence Firewall - IPS Global Threat IntelligenceZero Day Response Environment Internet 4. Samples Fingerprinted 5. Attributes analyzed in real time 6. Reputations and Signatures Updated
Security Management Incident Investigations Network Security sees BOT instruction channel activity Leaves voicemail. “Got your message. I am in the middle of a critical database upgrade. I’ll check into it ASAP.” Calls local sysdmin to have system diagnosed Leaves voicemail. Leaves voicemail. And the process repeats with each new incident
McAfee ePolicy OrchestratorOptimizes Your Security Architecture Web Security Research EmailSecurityResearch NetworkSecurityResearch RegulatoryComplianceResearch McAfeeCustomers MalwareResearch VulnerabilityResearch Automated Compliance System Network Common Reporting/Status Common Information Base Automation and Workflow Global Threat Intelligence Security Management Platform
Automation and Workflow Incident Identified Adminstrator sees Bot instruction channel being blocked by IPS Network IPS
Automation and Workflow System Health Gets health and security info about the source from ePO System flagged for remediation VulnerabilityManager
Automation and Workflow Scope of the Incident To see who they haveexchanged data with ePO VulnerabilityManager Network UserBehavior
Automation and Workflow Data at Risk And see what data was potentially impacted Network UserBehavior Network DLPCapture Management Integration Turns Days into Clicks
Comprehensive Security Portfolio Partial Best in Class None/inferior
Analysts Agree: McAfee Leads Leaders Challengers Leaders Current Offering Strategy Niche Players Visionaries Completeness of Vision Forrester Gartner Strong Performers Web E-mail DLP Web IPS E-mail Firewall Ability to Execute
Industry Quotes “Organizations must take a more unified approach to security.The days of managing network defense, Web and messaging security and data security as separate activities simply won’t succeed in today’s economic and threat environment. Effective Network Security must have global intelligence and must be integrated into the broader organizational security management infrastructure. For the next three to five years, reducing cost of ownership will drive security investments.” Chris Christiansen, Vice President, Security Practice, IDC
Industry Quotes “The opportunity for customers to save money and improve protection is incredible. McAfee has taken leading products and bundled them in a way that can fundamentally change the customer’s economics. With Web 2.0 threats growing, this provides us with a compelling value proposition for our customers.” Douglas Hollenshead, President and CEO, Future Com
County of Orange, California Challenge • Brittle, sprawling, aging firewalls • Increasing malware risks • High compliance bar • Extreme budget pressures Evaluated each Product Category Standalone • Consolidated 57 firewalls to 8 McAfee Firewall Enterprise (Sidewinder) • Replaced existing mail and Web with McAfee Mail Gateway (Ironmail) and Web Gateway(Webwasher) Benefits from Single-Vendor Solution • Reduced infrastructure change time from 45 days to 4. • Met all outbound compliance and reporting requirements • Estimated taxpayer savings of $42K/day! 24
County of Orange, California “In four years we haven’t had an outbreak or a breach. {With Secure Computing} they got stopped at our edge …other counties called us and said, “Why? What did you do different than we’ve done? Because we got infected…” Tony Lucich, CISO 25
Adena Health Systems Challenge • Detect and block malicious traffic from outside the firewall • Protect 100 servers, 1,700 workstations, and highly specialized medical applications • Reclaim network bandwidth Benefits of McAfee Network Security Platform • Delivered complete perimeter protection for a large, regional network • Immediately identified malicious traffic • Reduced the cost of protection while simplifying management • Scaled easily to meet network growth 26
Adena Health Systems “McAfee Network Security Platform …has been running without a problem since it was installed. Its functionality is fully deployed …We’re very happy with McAfee Network Security Platform.” Brian Young , Sr. Network Security & System Administrator 28
Your Opportunity See how McAfee can… • Enhance your business agility • Improve your network protection • Improve security responsiveness • Enhance the ROI of your security investments Learn more about the products • Face to Face demo with a product specialist • Scope a solution for your environment 29
Product Features and Benefits Intrusion Prevention User Behavior NAC Firewall UTM DLP Web Email
McAfee Firewall Enterprise Appliance Firewall • Comprehensive, high performance firewall • Robust central management • Fully integrated anti-virus, URL filtering, SSL decryption and on-firewall IPS • Reputation-based filtering • Virtualized and rugged deployment options Customer Benefits • Streamlined firewall management processes • Improved protection through reduced attack surface\ • Improves responsiveness to emerging business needs
McAfee Network Intrusion Prevention Intrusion Prevention • Award-winning, network-class protection for absolute security confidence • 10-Gigabit Ethernet performance • Real-time risk-aware IPS • System-aware IPS with McAfee ePO™ integration • Dynamic network access control Customer Benefits • Improved network availability and performance • Stream-lined security management processes through ePO integration • Reduced risk and cost associated with patching cycles
McAfee Network Access Control Appliance NAC • Access Protection for Unmanaged Endpoints • Tightly integrated with ePO for Managed Endpoint NAC • Identity-based access control • Comprehensive post-admission control • Network class reliability and availability Customer Benefits • Flexible deployment and policy definition • Reduced risks from guest and infected systems • Reduced cost of management and administration
McAfee Network User Behavior Analysis User Behavior • Real-time, enterprise-wide visibility of user activities • Intuitive interface instantly pinpoints most relevant user behavior • Out of band deployment gives visibility with no risk • Integrates with existing infrastructure (user directories, network & flow data) for seamless adoption Customer Benefits • Minimize IT and business risks • Unparalleled visibility for compliance • Optimization of security investments
McAfee Web Gateway Web • Next Generation Web 2.0 security proxy • Enables Safe Secure Web access • High Performance: robust, enterprise classproxy cache • Enables Productive use of Web 2.0 applications Customer Benefits • Protects against Web 2.0 blended and targeted malware attacks • Flexible policy and scalable reporting to enable compliance • Flexible and agile deployment to fit any infrastructure
McAfee Email Gateway Email • Inbound Protection against spam, email-borne threats and malware • Outbound Protection – Complete DLP and Advanced Compliance included; integrated encryption • Administrative Empowerment – Flexible policy creation and robust reporting Customer Benefits • Reduce costs associated with spam and email-borne malware • Stop data leakage via email • Comply with regulations requiring email security
McAfee Network Data Loss Protection DLP • Complete Protection for data at rest and in motion • High Performance: 2-3x faster than the competition • Fast Deployment • Low Cost: Appliance form-factor removes need for expensive servers and databases Customer Benefits • Universal DLP protects data everywhere • Easy to own/deploy appliances, no complexity • Integrated incident management and enterprise-wide reporting and monitoring
McAfee Email and Web Gateway Email/ Web • Integrated email and web protection • Enterprise-class security • Inbound and outbound traffic inspection • Packaged for medium to small businesses Customer Benefits • Reduces cost and complexity • Simplifies email and web controls • Removes barriers to improving security
McAfee UTM for SMBs and Branch Offices UTM • Leverage enterprise-class technology packaged for the SMB • No nickel and diming - Includes reporting, and unlimited user and VPN licensing • Only SMB multi-function firewall withglobal reputation • Support: One year 24/7 included Customer Benefits • Consolidated technologies within one interface - simple • Protection for every threat vector • Cost: More value for the customer’s money
Security Management Comparison Unified Management and Threat Intelligence Total Protectionfor Network Total Protectionfor Gateway Partial Best in Class None/inferior
Malware Writers Love Facebook Unique Koobface Binaries Discovered 4,500 4,000 3,500 3,000 2,500 2,000 1,500 1,000 500 0 Jul Aug Sep Oct Dec Nov Jan Feb Mar Apr May Jun 2008 2009 43 Executive Threat Deck
Spam at a New All-Time High Last 2 Years in Messaging B % 18 100 Total Messaging Volume Amount of Spam Amount of Ham Percentage Spam 16 80 14 12 60 10 8 40 6 4 20 2 0 0 Jan Feb Mar Apr May Jun Jul Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jul Aug Sep Oct Nov Dec 2008 2008 2009
Overall and Microsoft Vulnerability Growth MS Vulnerabilities 350 300 250 200 150 100 50 0 1997 1998 1999 2009 2001 2002 2003 2004 2005 2006 2007 2008 2009
Overall and Microsoft Vulnerability Growth Yearly Vulnerability Count 7000 6000 5000 4000 3000 2000 1000 0 1997 1998 1999 2009 2001 2002 2003 2004 2005 2006 2007 2008 2009
Valued Customers fg 47