1 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Our Products Unified Threat Management SSL VPN Data Protection & Encryption Device Management Application Control Asset Management Cyberoam – Endpoint Data Protection The Future Threat Landscape and Next-Generation Security
2 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Agenda of Presentation 2010, a year of significant cyber security events Key questions to ask Cyberoam’s future-ready UTM security
3 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You 2010, a year of significant cyber security events
4 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Stuxnet -Jan 2010: Targets industrial software and equipment Hydraq Trojan -July 2010: Hackers made backdoor entry to corporate Intranets Kama Sutra virus via downloadable ppt -Jan 2011: Downloaded presentation runs malware in the background Current news events driving spam in corporate networks -Wikileaks, Osama Bin Laden death Major recent security incidents
5 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You 2010: Key threat statistics More than 300 million unique malicious programs in 2010 Mobile threat landscape comes into view -Public app stores leveraged for attacks 93% increase in web-based attacks -Attacks emerge using shortened URLs 14 NEW zero-day attacks per day -Including Hydraq, Stuxnet, Kama Sutra etc. 260,000 identities exposed per data breach -Hacking incidents drive identity theft in organizations
6 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Present -Complex networks -Rise in number of incidents due to Wireless technologies Handheld devices (like PDAs, cellphones) Extending networks to partners, customers and more HTTPS / SSL websites Social media Web 2.0 technologies -Future: The threats would grow more serious Cloud-residing data Heterogenous networks (HetNets) The evolution of the threat landscape
7 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Security Executives are in a Middle of a Complex System
8 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Key questions to ask
9 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Applications and More Applications. Am I in control? Who decides which applications are important to business and run on network ?
10 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Managing the 4 elements: Application, user, time and bandwidth Know and classify applications trying to enter the network -Business (White) e.g. Salesforce, CRM, ERP etc. -Non-business (Black) e.g. P2P, iTunes etc. -Socio-business (Grey) e.g. Twitter, Facebook etc. User: Gain visibility and controls on “who is accessing which” applications in the network Time: Schedule access to applications based on business need and time of the day Bandwidth: Committed bandwidth to business-critical applications Guiding factors to enable productive use of applications
11 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You VoIP Bit Torrent CRM ERP IM Application Web mail Internet Medium Quality High Quality Low Quality Application Visibility & Control Prioritizing applications as per business need
12 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Social Media: An increasing risk Individual tidbits of information lying across Twitter, Facebook, LinkedIn etc. when seen together, constitute insider threats -The DNA of the entire organization can be decoded INTANGIBLES -Core values, hierarchy, communication patterns, industry environment, employee morale TANGIBLES -Intellectual property, financial information, trade secrets What we did at Cyberoam -Monitored 20 companies with active social media presence to learn about the disclosures made by employees
13 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Employees not getting salary Cashflow problems in organizationBounced salary checks Employees looking for new jobs Insider threat is represented by unwanted disclosures by employees belonging to a Singapore-based IT company Example in detail
14 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Surprising revelations on social media disclosure
15 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You How vulnerable is my organization to insider threats? 93% employees had betrayed the organization to directly benefit competition (SOURCE – KPMG Data Loss Baramoter, 2009)
16 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Lack of awareness about an organization’s security practices Vulnerable to targeted attacks -Social engineering attacks by ex-employees -Social network exploits -Hackers, phishing Causes and motivations behind insider threats Apathetic employee -Ignores system alerts and IT security policies Angry, disgruntled employee -Sabotages, schemes, teams up with competitors Opportunistic, cunning employee -Motivated by personal and financial gains Ignorant UsersUsers with malicious intent
17 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Greater fluidity of network parameter Employee access to business-critical applications, Web 2.0, social media Traditional security’s inability to identify human role -Victim - User ignorance, surfing patterns, trust, lack of awareness, lax security policy -Attacker - Malicious intent, vengeance, greed Why are insider attacks succeeding?
18 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You How much control I have over users in my network? What are my employees doing in my network all the time -Who is doing what? -Who is the attacker? -Who are the likely targets? -Which devices are being used to connect to the web? Who accesses them? How to combat insider threats? How to increase productivity? Does my existing security solution help me be proactive? Can I get reports on security incidents in real time?
19 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Measure User Threat Quotient (UTQ) Deploy a network security solution -Identity-based approach to control -Who can connect using which device? -What is being accessed over the network and by whom? Security over Wi-Fi Securely extends network to customers, partners, remote workers Visibility into HTTPS /SSL traffic Role based access to resources and social media Guiding factors to mitigate insider threats
20 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Identify deviations from the normal acceptable user behavior Red flag malicious activity based on UTQ Context of activity – repeated wrong password attempts by new vs. old employee Get Intrusion alerts with user identity information Train and educate employees on acceptable Internet use behavior Measuring User Threat Quotient (UTQ) Building patterns of activity profiles - User Threat Quotient (UTQ)
21 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Is my existing network security setup rigid and hard-coded? Can it respond to latest threats without decline in system performance? -E.g. newer AV/AS/IPS signatures to fight zero- hour malware threats, DoS attacks etc Can the architecture grow to accommodate future threats? Does “hardware acceleration” cause drop in performance value? Threat environment is dynamic. Can I keep up with it?
22 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Regulatory compliance is becoming increasingly mandatory for organizations in all verticals -Why? Organizations must follow best practices laid down by industry -Challenges to be addressed by security solution Complicated documentation processes Identifying users and their online behavior Painful audit process Does my security solution facilitate compliance? H I P A A CI P A
23 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Can my existing network security setup process both IPv4 and IPv6 Traffic? The IPv4 meter has stopped rolling (1-Feb, 2011) Any new Internet Addresses allotted will be IPv6 -New Perimeter Devices, Applications, Websites etc Does it have ‘IPv6 Ready’ gold logo Third-party validation -International Testing Program with 3000+ rigorous test cases Am I ready for the new Internet?
24 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Security challenges for distributed networks -Zero hour threats at weakest points of entry, the remote and branch offices -Inadequate controls and visibility into remote network activity leads to poor governance -Possible misuse of remote administrator privileges
25 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Productivity challenges with distributed networks -Higher costs in deploying, upgrading and managing multiple network security devices -Inability to pursue single, uniform security policy across branch offices -Inability to push work profile-based policies to remote locations
26 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Am I spending lesser and smarter? How many security products I have to manage? -Firewall, Routers -Content filters, Bandwidth Managers -Multiple Link Managers, VPN …and more Does my Total Cost of Security Operations increase with multiple solutions? -How much am I spending on licensing and subscription costs? -Do I spend lot of time configuring and managing my network security solution? How effectively am I spending?
27 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam’s future-ready UTM security
28 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam’s Innovation: ‘Layer 8 Technology’ – Building Security around the User Cyberoam’s Innovation: ‘Layer 8 Technology’ – Building Security around the User
29 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You 192.168.3.110 Mona 192.168.3.110 Shiv Internet 192.168.3.110 192.168.3.105 Corporate LAN Administrator Applies security policies based on actual identity of users. User-specific rules for multiple users to share a common IP address What Layer 8 does? Provides Identity-based security
30 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Measure User Threat Quotient (UTQ) -Help build patterns of activity profiles Layer 8 security -Identity-based approach to control -Who is doing what? -Who can connect using which device? -What is being accessed over the network and by whom? -Who are the likely targets? Securely extends network to customers, partners, remote workers Role based access to resources and social media How Cyberoam mitigates insider threats
31 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Layer 8 in Cyberoam UTM
32 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam prioritizes applications as per business need
33 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Know and classify applications trying to enter the network -Business critical -Socio-business -Non critical -Undesirable Allows control over -Who (user) -When (Time) -What (Application) -How (Bandwidth) Essential for Cloud Computing Assures availability of business-critical applications Controls bandwidth costs Cyberoam’s Application Visibility & Control
34 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Anti virus AS IM control Intrusion Prevention Next Gen GUI L7 Firewall Future-ready security with Cyberoam’s Extensible Security Architecture
35 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Extensibility Security Architecture (ESA): -Ability to accommodate additional features and capabilities -Protecting investment: No need to invest in new expensive hardware or additional rackspace Multicore-aware software architecture: -Parallelism – sharing computing load on multiple processors -Quickly deliver new patches and policies online Overcoming latest & unknown threats with Cyberoam
36 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Regulatory compliance is becoming increasingly mandatory for organizations in all verticals -Why? Organizations must follow best practices laid down by industry -Challenges to be addressed by security solution Complicated documentation processes Identifying users and their online behavior Painful audit process Cyberoam facilitates security compliance H I P A A CI P A
37 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You CCC is a centralized, integrated management and monitoring appliance for Cyberoam UTM devices -Offers complete control over distributed networks from head office (H.O.) or Security Operations Center (S.O.C.) of MSSPs Available CCC models -CCC15, CCC50, CCC100, CCC200, CCC500, CCC1000 -Support up to 1000 Cyberoam UTM appliances Cyberoam Central Console (CCC)
38 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Default group can be created for guest users -Group-based Internet access polices applicable -Useful for corporate offices, hotspots, airports, hotels Sending Internet access credentials using SMS for guest users -HTTP protocol-based SMS service -No preexisting Cyberoam account needed Airports Hotels SMS for Guest users Cyberoam provides Secure Access at Public Hotspots
39 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You CCC deployment for Enterprises CCC Cyberoam UTM Appliance Corporate Head Office Branch Offices Boston Mumbai Dubai New York
40 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You CCC Features & Benefits
41 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam iView’s Logging & Reporting Facilitates Security, Compliance, Forensics Logs & Events Identity LoggingReporting Compliance Management Forensic Analysis Data Protection Security Management
42 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam’s Next-Generation Unified Threat Management Gateway Integrated security over single platform -Reduces capital & operational expenses -Freedom from multiple security vendors Continuous Focus on future security needs Right balance of Security, Connectivity, Productivity enabling growth Offers Layer 8 identity-based security based on granular user visibility/controls
43 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Case-study 1: Clermont Ferrand, France
44 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Challenges 1 Maintaining unified security policies across 26 branches with identity 2 Main challenge was to identify the end users at the 26 branches and apply policies on them 3 All traffic from branches should be routed via central site and policies should be applicable to the end users behind the branches 4 Users at the branches would be authenticated at the central site’s AD server and without any agent or login page
45 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Challenges 5 The central site datacenter has several layers of switching and routing running in full redundancy 6 There should be no single point of failure in the network 7 Have a DR central site which is situated 2 KMs from central site and need HA between central site and DR site in multiple layers 8 Need for centralized web filtering solution for all branches 9 Need for centralized reporting solution for all branches including central site with detailed reporting on all end users at the branches and at the central site
46 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You 1 Cyberoam provided them identity based solution with unified security 2 All the branches were connected with VPN to the central site and all traffic from the branches were routed to the central site 3 The users at the branches were authenticated by the central AD with CTAS and the branches were tightly integrated with Central Site’s AD 4 All the policies at the end users at the branches were controlled at the central site Solution
47 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Solution 5 Smooth integration of Cyberoam with multiple layers of high available appliances 6 No single point of failure 7 Central site and DR site HA was configured which provided full redundancy 8 Provided web filtering solution for all the users at the branches and these policies were implemented and controlled at the central site datacenter 9 Provided identity based centralized reporting on granular levels for all the branches with full transparency
48 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You
49 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Case-study 2: Ministry of Interior, Italy
50 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You About Ministero Dell’ Interno: Established in 1861 Responsibility Enforcing laws, protect property and reduce civil disorder in civilian matters. Maintaining the survival of state through the use of economic, military and political power. Immigration including economic, political, family reunification, natural disaster, poverty or the wish to change surroundings voluntarily.
51 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Challenges 1.Centrally managing / controlling / preventing 13,000+ Users with high network uptime with strict authentication policy. 2.Preventing usage of Peer to peer applications running over fully encrypted / dynamic protocols like BitTorrent LimeWire MP3Rocket / Ares / BearShare / Shareazaa / Morpheus. 3.Effective Content Filtering solution which stop employees to do unproductive surfing especially during working hours. 4.Gateway Level Anti Virus / Anti Malware / Anti Spyware solutions which protect network against latest viruses, worms, spyware, etc
52 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Challenges 4.No Centralized Real time logs like traffic discovery for current bandwidth utilization, source/destination IP, User, Source/destination Port to identify the current network activity. 5.Centralized unified authentication with help of distributed Active Directory servers for local as well as remote locations with transparent authentication for local users, and captive portal authentication for non-domain users. 6.Centralized management / monitoring for local and remote users
53 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Network Deployment Diagram:
54 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Solution 1.Users using Cyberoam as Proxy to centralize and control the web access 2.Centralized unified authentication with help of distributed Active Directory servers for local as well as remote locations with transparent authentication for local users, and captive portal authentication for non-domain users. 3.Cyberoam integrated with Active Directory for user authentication of domain workstations, and granularly controlling the user activities based on the policy assign to the user / groups on Cyberoam. 4.To be more user friendly for non I.T users, Cyberoam approached transparent / silent authenticating the user for domain users using SSO concept.
55 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Solution 4.For non-domain users, Cyberoam authenticates the user with captive portal page. 5.Due to the strict authentication policy adopted by Ministry, each users were been monitored and reports generated, based for forensics analysis. 6.For the ease of the administrator for managing 8 appliance, Cyberoam facilitates Central management to push the rules / policies and other network related configuration at on go.
56 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You About Cyberoam
57 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Industry Recognition Recognized as ‘Visionary’ in the Gartner UTM MQ
58 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam is the only Network UTM vendor to receive this recognition in 2010 from SC Magazine SC Magazine Recognized as ‘Network UTM Innovator – Security Innovator’
59 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You “IDC believes that identity-based UTM represents the next generation in the burgeoning UTM marketplace. When enterprises realize the value of having identity as a full component of their UTM solution the increased internal security, protection against insidious and complex attacks, understanding individual network usage patterns, and compliance reporting - Cyberoam will benefit as the innovator.” Source: Unified Threat Management Appliances and Identity- Based Security: The Next Level in Network Security, IDC Vendor Spotlight IDC Review
60 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam Certifications Anti-VirusAnti-SpywareAnti-SpamURL FilteringFirewallVPNIPS/IDP UTM Level 5: Cyberoam holds a unique & complete UTM certification ICSA Certified FirewallVPNC Certified for Basic VPN & AES Interoperability ICSA Certified High-Availability Premium IPv6 Ready Member of Internet Watch Foundation
61 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You SC Magazine Five Star Rating – Seven Times in a Row! April 2009 – Product Review Cyberoam CR200i A lot of functionality, including good integration support, in a single easy-to-use appliance” also includes a solid web content filter and blocking for applications such as IM and P2P“ July 2010 – Product Review Cyberoam CR50ia “A lot of features at a low cost.” “A solid product and the price is right. We give CR50ia our Best Buy this month.” October 2010 – Product Review Cyberoam CR15wi “Remarkably good value, identity-based security, simple deployment, extensive security measures, top quality reporting software.” April 2011 – Product Review Cyberoam CR100ia “Easy to deploy with a lot of granular controls.”
62 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Global Clientele: More than 7000 customers globally
63 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Q&A If any??
64 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Thank you!