1 / 16

AB tufin

sports and fun games

alisonbest
Download Presentation

AB tufin

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Enhancing Security through Policy Orchestration Ingo Schaefer Jan 2014 - Company Confidential -

  2. Click to edit Master title style Myth: Getting state-of-the-art Firewalls will keep the organization Secured from hackers… Tufin Confidential © 2014 2

  3. Click to edit Master title style Introducing Operation “Ke3chang” Tufin Confidential © 2014 3

  4. Click to edit Master title style Operation “Ke3chang” Tufin Confidential © 2014 4

  5. Click to edit Master title style Operation “Ke3chang” Highlights • Operation targeted Government Networks in several European countries • Finance Ministries in Europe attacked before G20 meetings in Russia, Paris and Ireland • Attacks on Ministries of Foreign Affairs in Czech Republic, Portugal, Bulgaria, Latvia, Hungary and more • Attack also targeted private sector industries in Europe (Aerospace, chemical, consulting and high-tech industries) • Started in 2010 until August 2013 • Discovered by FireEye research team • Attack is linked to China… • Additional Information • 22 known CnCs • 3 Zero-Day vulnerabilities • Over 3 years… Tufin Confidential © 2014 5

  6. Click to edit Master title style Anatomy of a Cyber Attack 1 2 3 4 5 Zero-Day Attack Lateral Movement Data Gathering Data Phishing Exfiltration A handful of users are targeted for phishing attacks User opens zero day attack payload and malware is installed Attacker elevates access to important user, service and admin Data is exfiltrated to external site Data is acquired from targeted systems and staged for exfiltration Phishing Phishing Phishing accounts Phishing Phishing Tufin Confidential © 2014 6

  7. Click to edit Master title style How did it happen? 1 2 3 4 5 Zero-Day Attack Lateral Movement Data Gathering Data Phishing Exfiltration Target users receive phishing emails (e.g. about US military intervention in Syria etc.) 3 zero day attacks used to infect computers; Backdoor is installed on infected Attacker gathers information about compromised system & network and steals logon RAR files are uploaded to CnC and local copy deleted Target files are copied and RARed in the network using network shares Phishing Phishing computers Phishing credentials and move laterally in the network Phishing Phishing Tufin Confidential © 2014 7

  8. Click to edit Master title style How did it happen? 1 2 3 4 5 Zero-Day Attack Lateral Movement Data Gathering Data Phishing Exfiltration Target users receive phishing emails (e.g. about US military intervention in Syria etc.) 3 zero day attacks used to infect computers; Backdoor is installed on infected Attacker gathers information about compromised system & network and steals logon RAR files are uploaded to CnC and local copy deleted Target files are copied and RARed in the network using network shares Phishing Phishing computers Phishing credentials and move laterally in the network Phishing Phishing Tufin Confidential © 2014 8

  9. Click to edit Master title style What could have been… 1 2 3 4 5 Zero-Day Attack Lateral Movement Data Gathering Data Phishing Exfiltration Phishing Phishing Phishing Phishing Phishing Better of security management & network segmentation could have contained and limited the attack Tufin Confidential © 2014 9

  10. Click to edit Master title style Myth: Getting state-of-the-art Firewalls will keep the organization Secured from hackers… Tufin Confidential © 2014 10

  11. Why is Security Management & Network Click to edit Master title style Segmentation So Hard? Complexity  Complex networks with hundreds of devices  Complicated Security Policies with hundreds of rules Change  Dozen of changes per week to support new business applications Technology  New technologies (e.g. Virtualization, Cloud, etc.) are a force multiplier for Complexity and Change Tufin Confidential © 2014 11

  12. Click to edit Master title style Tufin Orchestration Suite – Security Benefits Tufin enhances Network Security by automating the change process with “baked-in” security checks Security Checks Automated Process Controlled and automated process increases overall Security Integrated Security- checks increase overall Security Tufin Confidential © 2014 12

  13. Click to edit Master title style Automated Process Controlled and automated change process • Automatic device selection based on topology • Automatic rules & policy recommendations • Automatic provisioning on target devices • Automatic documentation & audit trail More Control Better Security Automation Less Human Errors Fast implementation Tufin Confidential © 2014 13

  14. Click to edit Master title style Security Checks Integrated Security checks as part of change process • Customized Black/White lists capabilities • Real-time monitoring of security policy and best practices violations • Risk validations as part of workflow process • Detailed Security report Security “baked-in” as part of the change process increases overall Security Tufin Confidential © 2014 14

  15. Click to edit Master title style Summary Tufin enables organizations to: • Deliver connectivity solutions at the speed of business • Create an integrated and automated management platform • Collaborate and communicate effectively across teams • Automate the network change process • Enhance overall Network Security with Change Automation & Security Policy Analytics! Tufin Confidential © 2014 15

  16. Thank You!

More Related