1 / 20

IDG Stockholm Optimising Access and Security Matthew Finnie CTO

IDG Stockholm Optimising Access and Security Matthew Finnie CTO. Interoute. Europe’s largest facilities based carrier serving every Global carrier and service provider >3000 international enterprise customers out-tasking critical IT infrastructure.

fola
Download Presentation

IDG Stockholm Optimising Access and Security Matthew Finnie CTO

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IDG Stockholm Optimising Access and Security Matthew Finnie CTO

  2. Interoute • Europe’s largest facilities based carrier serving every Global carrier and service provider • >3000 international enterprise customers out-tasking critical IT infrastructure

  3. Users, geography and legacy necessitates an access agnostic approach to service development Offers scale economics with faster invoice revenue than traditional models for the delivery of converged services Converging on the LAN side of the customer network while not impossible is constrained by layer 2 limitations, invariably expensive and slow Platform-Oriented Delivery of Services Interoute Access Platform GlobalPartners

  4. Interoute out-tasks from within the network • Complete suite of IT infrastructure • The basis of the approach is trial and experience • A different purchasing experience for corporate services • Move from “distributor” to “system integrator” through complete outsourcing of services • Simple migration along the cost management continuum

  5. Interoute and Security • Headed up by Chief Information Security Officer, Mark Osborne ex practice head at KMPG • Secure operations centre in Geneva managing security services for banks, corporations and governments • IDS,IPS, DDOS, firewall (>1000 instances) , virus scanning services

  6. Maximum Security with Maximum Access a next generation paradox

  7. How Much Security • Risk Assessment • Placement • Giving access to the services • Security at a service level

  8. There is no longer a clean well defined and TDM separated definition of private and public Increasingly the user is the definition of secure or insecure The challenge is protecting corporate assets, maintaining performance and increasing user mobility The challenge Interoute Access Platform GlobalPartners

  9. Security Access Trade off vs

  10. Security Risk Assessment • Security is a self-feeding industry with plays on fear, uncertainty and doubt • Too little and you are vulnerable – are you lucky? • Too much you are visibly uncompetitive Ask yourself the following • RISK versus access? Do people really need the freedom they request Don’t listen to anecdotal feelings put hard numbers against policy • Remember users will resist being restricted until something goes wrong – then its your fault

  11. Internet Corporate HQ Data Centres Retail Outlet Regional Office Home workers Placement • Placing the services in an network data centre ensure consistent delivery of service to users across multiple access scenarios • Reduces the number of vulnerabilities and enables policy compliance Platform Mobile Workers

  12. The best place for secure services Layer 2 Access or IPSEC over shared infrastructure Provider Edge CustomerPremises DATA CENTRE • 70% of serious security breaches are internal • The everyday security breaches are DDOS, virus and spam attacks • There is inherently more capacity in the network making it better placed to handle these events • Ensures corporate mobility

  13. Policy management - beware the n2 problem • The more locations the more chances of a breach • Modern regulations (SOX etc) encourage centralisation • GLBA, HIPPA, SOX and DPA – Laws that could cost money or put the CEO behind bars

  14. 134 site pan-European VPN incorporating on-net and off-net sites via leased lines and DSL

  15. A range of access types but with centralised ingress and egress

  16. Additional networked based security Integrated into the access and service platform networked based security enables organisations to develop policy and solutions rather constraining it through budget or geographic constraints

  17. Protecting Services

  18. VOIP services * Unified Communications • Carrier grade revenue assurance and protection through the use of session border controllers – media firewalls • Access agnostic to enable integration • Active directory resource utlised and secured on private side of the network

  19. Next Generation Hosting • Shared and dedicated hosting are polarised models for out-tasking hosting • MPLS changed corporate networking securely virtual hosting will do the same for application delivery • Virtual Hosting creates the flexibility or shared with the predictability and security of a dedicated resource • As network services become the norm, network geography will be more important than physical geography

  20. Summary • Security and access can be optimised successfully • Network delivered services improve policy management and flexibility • Network delivered services also optimise and improve performance • Securing applications on flexible infrastructure is achieved through careful architecting and protection at the higher layers

More Related