Www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Our Products Unified Threat Management SSL VPN Data.

Author: Marlene Smith

0 downloads 10 Views

1 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Our Products Unified Threat Management SSL VPN Data Protection & Encryption Device Management Application Control Asset Management Cyberoam – Endpoint Data Protection The Future Threat Landscape and Next-Generation Security

2 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Agenda of Presentation  2010, a year of significant cyber security events  Key questions to ask  Cyberoam’s future-ready UTM security

4 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Stuxnet -Jan 2010: Targets industrial software and equipment  Hydraq Trojan -July 2010: Hackers made backdoor entry to corporate Intranets  Kama Sutra virus via downloadable ppt -Jan 2011: Downloaded presentation runs malware in the background  Current news events driving spam in corporate networks -Wikileaks, Osama Bin Laden death Major recent security incidents

5 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You 2010: Key threat statistics  More than 300 million unique malicious programs in 2010  Mobile threat landscape comes into view -Public app stores leveraged for attacks  93% increase in web-based attacks -Attacks emerge using shortened URLs  14 NEW zero-day attacks per day -Including Hydraq, Stuxnet, Kama Sutra etc.  260,000 identities exposed per data breach -Hacking incidents drive identity theft in organizations

6 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Present -Complex networks -Rise in number of incidents due to  Wireless technologies  Handheld devices (like PDAs, cellphones)  Extending networks to partners, customers and more  HTTPS / SSL websites  Social media  Web 2.0 technologies -Future: The threats would grow more serious  Cloud-residing data  Heterogenous networks (HetNets) The evolution of the threat landscape

9 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Applications and More Applications. Am I in control?  Who decides which applications are important to business and run on network ?

10 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Managing the 4 elements: Application, user, time and bandwidth  Know and classify applications trying to enter the network -Business (White) e.g. Salesforce, CRM, ERP etc. -Non-business (Black) e.g. P2P, iTunes etc. -Socio-business (Grey) e.g. Twitter, Facebook etc.  User: Gain visibility and controls on “who is accessing which” applications in the network  Time: Schedule access to applications based on business need and time of the day  Bandwidth: Committed bandwidth to business-critical applications Guiding factors to enable productive use of applications

11 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You VoIP Bit Torrent CRM ERP IM Application Web mail Internet Medium Quality High Quality Low Quality Application Visibility & Control Prioritizing applications as per business need

12 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Social Media: An increasing risk  Individual tidbits of information lying across Twitter, Facebook, LinkedIn etc. when seen together, constitute insider threats -The DNA of the entire organization can be decoded  INTANGIBLES -Core values, hierarchy, communication patterns, industry environment, employee morale  TANGIBLES -Intellectual property, financial information, trade secrets  What we did at Cyberoam -Monitored 20 companies with active social media presence to learn about the disclosures made by employees

13 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Employees not getting salary Cashflow problems in organizationBounced salary checks   Employees looking for new jobs  Insider threat is represented by unwanted disclosures by employees belonging to a Singapore-based IT company Example in detail

15 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You How vulnerable is my organization to insider threats? 93% employees had betrayed the organization to directly benefit competition (SOURCE – KPMG Data Loss Baramoter, 2009)

16 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Lack of awareness about an organization’s security practices  Vulnerable to targeted attacks -Social engineering attacks by ex-employees -Social network exploits -Hackers, phishing Causes and motivations behind insider threats  Apathetic employee -Ignores system alerts and IT security policies  Angry, disgruntled employee -Sabotages, schemes, teams up with competitors  Opportunistic, cunning employee -Motivated by personal and financial gains Ignorant UsersUsers with malicious intent

17 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Greater fluidity of network parameter  Employee access to business-critical applications, Web 2.0, social media  Traditional security’s inability to identify human role -Victim - User ignorance, surfing patterns, trust, lack of awareness, lax security policy -Attacker - Malicious intent, vengeance, greed Why are insider attacks succeeding?

18 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You How much control I have over users in my network?  What are my employees doing in my network all the time -Who is doing what? -Who is the attacker? -Who are the likely targets? -Which devices are being used to connect to the web? Who accesses them?  How to combat insider threats?  How to increase productivity?  Does my existing security solution help me be proactive?  Can I get reports on security incidents in real time?

19 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Measure User Threat Quotient (UTQ)  Deploy a network security solution -Identity-based approach to control -Who can connect using which device? -What is being accessed over the network and by whom?  Security over Wi-Fi  Securely extends network to customers, partners, remote workers  Visibility into HTTPS /SSL traffic  Role based access to resources and social media Guiding factors to mitigate insider threats

20 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Identify deviations from the normal acceptable user behavior  Red flag malicious activity based on UTQ  Context of activity – repeated wrong password attempts by new vs. old employee  Get Intrusion alerts with user identity information  Train and educate employees on acceptable Internet use behavior Measuring User Threat Quotient (UTQ) Building patterns of activity profiles - User Threat Quotient (UTQ)

21 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Is my existing network security setup rigid and hard-coded?  Can it respond to latest threats without decline in system performance? -E.g. newer AV/AS/IPS signatures to fight zero- hour malware threats, DoS attacks etc  Can the architecture grow to accommodate future threats?  Does “hardware acceleration” cause drop in performance value? Threat environment is dynamic. Can I keep up with it?

22 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Regulatory compliance is becoming increasingly mandatory for organizations in all verticals -Why?  Organizations must follow best practices laid down by industry -Challenges to be addressed by security solution  Complicated documentation processes  Identifying users and their online behavior  Painful audit process Does my security solution facilitate compliance? H I P A A CI P A

23 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Can my existing network security setup process both IPv4 and IPv6 Traffic?  The IPv4 meter has stopped rolling (1-Feb, 2011)  Any new Internet Addresses allotted will be IPv6 -New Perimeter Devices, Applications, Websites etc  Does it have ‘IPv6 Ready’ gold logo  Third-party validation -International Testing Program with 3000+ rigorous test cases Am I ready for the new Internet?

24 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Security challenges for distributed networks -Zero hour threats at weakest points of entry, the remote and branch offices -Inadequate controls and visibility into remote network activity leads to poor governance -Possible misuse of remote administrator privileges

25 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Productivity challenges with distributed networks -Higher costs in deploying, upgrading and managing multiple network security devices -Inability to pursue single, uniform security policy across branch offices -Inability to push work profile-based policies to remote locations

26 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Am I spending lesser and smarter?  How many security products I have to manage? -Firewall, Routers -Content filters, Bandwidth Managers -Multiple Link Managers, VPN …and more  Does my Total Cost of Security Operations increase with multiple solutions? -How much am I spending on licensing and subscription costs? -Do I spend lot of time configuring and managing my network security solution? How effectively am I spending?

28 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam’s Innovation: ‘Layer 8 Technology’ – Building Security around the User Cyberoam’s Innovation: ‘Layer 8 Technology’ – Building Security around the User

29 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You 192.168.3.110 Mona 192.168.3.110 Shiv Internet 192.168.3.110 192.168.3.105 Corporate LAN Administrator  Applies security policies based on actual identity of users.  User-specific rules for multiple users to share a common IP address What Layer 8 does? Provides Identity-based security

30 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Measure User Threat Quotient (UTQ) -Help build patterns of activity profiles  Layer 8 security -Identity-based approach to control -Who is doing what? -Who can connect using which device? -What is being accessed over the network and by whom? -Who are the likely targets?  Securely extends network to customers, partners, remote workers  Role based access to resources and social media How Cyberoam mitigates insider threats

33 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Know and classify applications trying to enter the network -Business critical -Socio-business -Non critical -Undesirable  Allows control over -Who (user) -When (Time) -What (Application) -How (Bandwidth)  Essential for Cloud Computing  Assures availability of business-critical applications  Controls bandwidth costs Cyberoam’s Application Visibility & Control

34 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Anti virus AS IM control Intrusion Prevention Next Gen GUI L7 Firewall Future-ready security with Cyberoam’s Extensible Security Architecture

35 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Extensibility Security Architecture (ESA): -Ability to accommodate additional features and capabilities -Protecting investment: No need to invest in new expensive hardware or additional rackspace  Multicore-aware software architecture: -Parallelism – sharing computing load on multiple processors -Quickly deliver new patches and policies online Overcoming latest & unknown threats with Cyberoam

36 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Regulatory compliance is becoming increasingly mandatory for organizations in all verticals -Why?  Organizations must follow best practices laid down by industry -Challenges to be addressed by security solution  Complicated documentation processes  Identifying users and their online behavior  Painful audit process Cyberoam facilitates security compliance H I P A A CI P A

37 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  CCC is a centralized, integrated management and monitoring appliance for Cyberoam UTM devices -Offers complete control over distributed networks from head office (H.O.) or Security Operations Center (S.O.C.) of MSSPs  Available CCC models -CCC15, CCC50, CCC100, CCC200, CCC500, CCC1000 -Support up to 1000 Cyberoam UTM appliances Cyberoam Central Console (CCC)

38 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You  Default group can be created for guest users -Group-based Internet access polices applicable -Useful for corporate offices, hotspots, airports, hotels  Sending Internet access credentials using SMS for guest users -HTTP protocol-based SMS service -No preexisting Cyberoam account needed Airports Hotels SMS for Guest users Cyberoam provides Secure Access at Public Hotspots

39 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You CCC deployment for Enterprises CCC Cyberoam UTM Appliance Corporate Head Office Branch Offices Boston Mumbai Dubai New York

41 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam iView’s Logging & Reporting Facilitates Security, Compliance, Forensics Logs & Events Identity LoggingReporting Compliance Management Forensic Analysis Data Protection Security Management

42 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam’s Next-Generation Unified Threat Management  Gateway Integrated security over single platform -Reduces capital & operational expenses -Freedom from multiple security vendors  Continuous Focus on future security needs  Right balance of Security, Connectivity, Productivity enabling growth  Offers Layer 8 identity-based security based on granular user visibility/controls

44 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Challenges 1 Maintaining unified security policies across 26 branches with identity 2 Main challenge was to identify the end users at the 26 branches and apply policies on them 3 All traffic from branches should be routed via central site and policies should be applicable to the end users behind the branches 4 Users at the branches would be authenticated at the central site’s AD server and without any agent or login page

45 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Challenges 5 The central site datacenter has several layers of switching and routing running in full redundancy 6 There should be no single point of failure in the network 7 Have a DR central site which is situated 2 KMs from central site and need HA between central site and DR site in multiple layers 8 Need for centralized web filtering solution for all branches 9 Need for centralized reporting solution for all branches including central site with detailed reporting on all end users at the branches and at the central site

46 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You 1 Cyberoam provided them identity based solution with unified security 2 All the branches were connected with VPN to the central site and all traffic from the branches were routed to the central site 3 The users at the branches were authenticated by the central AD with CTAS and the branches were tightly integrated with Central Site’s AD 4 All the policies at the end users at the branches were controlled at the central site Solution

47 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Solution 5 Smooth integration of Cyberoam with multiple layers of high available appliances 6 No single point of failure 7 Central site and DR site HA was configured which provided full redundancy 8 Provided web filtering solution for all the users at the branches and these policies were implemented and controlled at the central site datacenter 9 Provided identity based centralized reporting on granular levels for all the branches with full transparency

50 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You About Ministero Dell’ Interno: Established in 1861 Responsibility Enforcing laws, protect property and reduce civil disorder in civilian matters. Maintaining the survival of state through the use of economic, military and political power. Immigration including economic, political, family reunification, natural disaster, poverty or the wish to change surroundings voluntarily.

51 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Challenges 1.Centrally managing / controlling / preventing 13,000+ Users with high network uptime with strict authentication policy. 2.Preventing usage of Peer to peer applications running over fully encrypted / dynamic protocols like BitTorrent LimeWire MP3Rocket / Ares / BearShare / Shareazaa / Morpheus. 3.Effective Content Filtering solution which stop employees to do unproductive surfing especially during working hours. 4.Gateway Level Anti Virus / Anti Malware / Anti Spyware solutions which protect network against latest viruses, worms, spyware, etc

52 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Challenges 4.No Centralized Real time logs like traffic discovery for current bandwidth utilization, source/destination IP, User, Source/destination Port to identify the current network activity. 5.Centralized unified authentication with help of distributed Active Directory servers for local as well as remote locations with transparent authentication for local users, and captive portal authentication for non-domain users. 6.Centralized management / monitoring for local and remote users

54 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Solution 1.Users using Cyberoam as Proxy to centralize and control the web access 2.Centralized unified authentication with help of distributed Active Directory servers for local as well as remote locations with transparent authentication for local users, and captive portal authentication for non-domain users. 3.Cyberoam integrated with Active Directory for user authentication of domain workstations, and granularly controlling the user activities based on the policy assign to the user / groups on Cyberoam. 4.To be more user friendly for non I.T users, Cyberoam approached transparent / silent authenticating the user for domain users using SSO concept.

55 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Solution 4.For non-domain users, Cyberoam authenticates the user with captive portal page. 5.Due to the strict authentication policy adopted by Ministry, each users were been monitored and reports generated, based for forensics analysis. 6.For the ease of the administrator for managing 8 appliance, Cyberoam facilitates Central management to push the rules / policies and other network related configuration at on go.

58 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam is the only Network UTM vendor to receive this recognition in 2010 from SC Magazine SC Magazine Recognized as ‘Network UTM Innovator – Security Innovator’

59 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You “IDC believes that identity-based UTM represents the next generation in the burgeoning UTM marketplace. When enterprises realize the value of having identity as a full component of their UTM solution the increased internal security, protection against insidious and complex attacks, understanding individual network usage patterns, and compliance reporting - Cyberoam will benefit as the innovator.” Source: Unified Threat Management Appliances and Identity- Based Security: The Next Level in Network Security, IDC Vendor Spotlight IDC Review

60 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Cyberoam Certifications Anti-VirusAnti-SpywareAnti-SpamURL FilteringFirewallVPNIPS/IDP UTM Level 5: Cyberoam holds a unique & complete UTM certification ICSA Certified FirewallVPNC Certified for Basic VPN & AES Interoperability ICSA Certified High-Availability Premium IPv6 Ready Member of Internet Watch Foundation

61 www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You SC Magazine Five Star Rating – Seven Times in a Row! April 2009 – Product Review Cyberoam CR200i  A lot of functionality, including good integration support, in a single easy-to-use appliance”  also includes a solid web content filter and blocking for applications such as IM and P2P“ July 2010 – Product Review Cyberoam CR50ia  “A lot of features at a low cost.”  “A solid product and the price is right. We give CR50ia our Best Buy this month.” October 2010 – Product Review Cyberoam CR15wi  “Remarkably good value, identity-based security, simple deployment, extensive security measures, top quality reporting software.” April 2011 – Product Review Cyberoam CR100ia  “Easy to deploy with a lot of granular controls.”

Www.cyberoam.com © Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Our Products Unified Threat Management SSL VPN Data.

Recommend Documents