* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Slide 1
Survey
Document related concepts
Deep packet inspection wikipedia , lookup
Cyberwarfare wikipedia , lookup
Mobile device forensics wikipedia , lookup
Computer and network surveillance wikipedia , lookup
Access control wikipedia , lookup
Wireless security wikipedia , lookup
Unix security wikipedia , lookup
Security-focused operating system wikipedia , lookup
Network tap wikipedia , lookup
Distributed firewall wikipedia , lookup
Computer security wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Transcript
Rapid Threat Response From 7 Days to 7 Seconds © 2013 Bradford Networks. All rights reserved. Agenda • • • • • • Changing Threat Landscape Evolution of NAC to Security Automation Intro to Bradford Networks Leveraging Integration and Correlation Rapid Threat Response Business Impact Profile of Today’s Advanced Cyber Threats Phishing Email on End User’s Device User’s Device Compromised Attack surface is now Internal Network Scan Data Consolidation Data Exfiltration 3x what is was just a few years ago. The Enterprise Today … Dynamic, Complex BLIND SPOT SAFE SAFE Network Access Control Assessing the Risk of Every User and Device SAFE SAFE BACK DOOR Visibility Policies Enforcement Network Visibility WHERE LOCATION 1 Real-Time Visibility LOCATION 2 …. Single Network Sentry Appliance LOCATION N VPN WHO WHAT WHEN Flexible Network Access Policies WHO WHAT WHERE WHEN TRUSTED LOCATIONS TRUSTED USERS TRUSTED TIME TRUSTED DEVICES Policy Enforcement Assign Network Access Assess Risk Unrestricted Access Identify Device Identify User Restricted Access Guest Access No Access Endpoint Compliance Device Risk Assessment Safe Configuration Required OS Patch Levels Endpoint Protection Mandatory Applications Minimum Application Version VLAN Assignment Gaining and Removing Network Access Criteria for Criteria for Gaining Removing Network Access Network Access Network Access Control Active Directory Security Information & Event Management Visibility Antivirus Patch Management Mobile Device Management Application Whitelisting Trusted Configurations Network Access Policies Self-Service Onboarding Threat / Device Correlation Endpoint Visibility & Compliance Network Change Automation Connect Reassign Reconfigure Risk Indication Threat Investigation Workflows Control Network Access Rapid Threat Response Isolate Investigate Block Intrusion Detection Systems Advanced Persistent Threat Detection Security Intelligence & Big Data Analytics Evolution of NAC Rapid Threat Response Minimize Threat Think Time NAC 3.0 Threat Investigation Security Automation Simplify Investigation Workflows Consumerization/ BYOD NAC 2.0 Enable Safe Network Provisioning BYOD Endpoint Compliance Ensure Safe Devices NAC 1.0 Safe Onboarding Enable Scalable Onboarding Self-Service Onboarding Rapid Threat Response © 2013 Bradford Networks. All rights reserved. Cyber Threat Lifecycle Attack To Compromise Attack Compromise To Detection Compromise Detection To Containment Detection Cyber Threat Lifecycle Containment Why Detection to Containment Takes 7 Days Escalating Total Cost More Records Breached Theft More Impact on Brand Impact Detection to Containment Time Threats Are Targeted and Complex Fragmented IT Skills Silos of Security Information Too Many Security Events Getting Threat Response Down to 7 Seconds Cyber Security Strategy Visibility Prevention Automation Detection Response Threat Containment Block Device Restrict Access Manual 7 SECONDS Remediate Device Threat Intelligence Determine Motive Trace Method Uncover Mistakes About Bradford Networks Leader in Rapid Threat Response SmartEdge Integration Platform Live Inventory of Network Connections (LINC) Best Buy Rating From SC Magazine Network Analytics and Forensics SmartEdge Platform BYOD SIEM Endpoint Protection Detection Network Firewalls USER TIME DEVICE APPLICATIONS CONNECTION Rapid Threat Response (RTR) Essentials … Live Inventory of Wired, Mobile and VPN Connections Integrated High Fidelity Security Alerts Business-Criticality of User and Endpoints Real-Time and Flexible Control of Network Access Network Sentry/RTR in Action Detection Response 7 SECONDS Threat Containment Block Device IP Address + User Name + Security Group + Device Type + Operating System + Wired Adapters + Wireless Adapters + Installed Applications + Network Location + Connection Port Restrict Access Remediate Device Business Impact with Bradford Networks Reduce Threat Response Time From Days to Seconds Automate Response and Reduce Burden on Security Staff Quickly Contain Threats, Prevent Propagation Minimize Cost , Protect Brand, Protect Assets