Netscreen technologies
This presentation is the property of its rightful owner.
Sponsored Links
1 / 23

NetScreen Technologies PowerPoint PPT Presentation


  • 43 Views
  • Uploaded on
  • Presentation posted in: General

NetScreen Technologies. Security Solutions the NetScreen Way Peter Crowcombe – EMEA Marketing Manager. Agenda. About NetScreen Security Innovation Unique Architectures Threats and Responses VPN leadership Total cost of ownership The future of security. About NetScreen.

Download Presentation

NetScreen Technologies

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Netscreen technologies

NetScreen Technologies

Security Solutions the NetScreen Way

Peter Crowcombe – EMEA Marketing Manager


Agenda

Agenda

  • About NetScreen

  • Security Innovation

  • Unique Architectures

  • Threats and Responses

  • VPN leadership

  • Total cost of ownership

  • The future of security


About netscreen

About NetScreen

  • Leading supplier of network security solutions for large scale and high capacity enterprise and carrier networks

    • Integrated firewall, VPN and traffic management

  • Leading market share

    • #1, #2 or #3 in key VPN and firewall categories*

* Based on data from Dataquest/Gartner Group, Infonetics Research, International Data Corp.


Netscreen innovation

NetScreen Innovation

NetScreen firsts:

  • An integrated Firewall and VPN appliance with ASIC acceleration for FW AND VPN

  • Virtual system architecture

    • With separate policy tables, addressing and management

  • Integrated active-active, full mesh, stateful High Availability

  • Ship Gigabit Firewall & VPN appliance

  • Ship 4 Gigabit Firewall appliance


Resulting in netscreen delivering industry leading growth

Resulting in NetScreen Delivering Industry-Leading Growth

$ Millions

$29.0


Unique solution technology platform

Global PRO

Optimized Security Platform

Optimized Security Platform

ScreenOS

ScreenOS

ScreenOS

GigaScreen ASIC

GigaScreen ASIC

GigaScreen ASIC

Superior Security, Performance and Economics

compared with software/processor based architectures

Unique Solution & Technology Platform

GigaScreen ASIC


Gigascreen ii asic technology

GigaScreen-II ASIC Technology

Management module

  • GigaScreen-II is a security processor

    • Breakthrough performance

      • 2 Gbps firewall; 1 Gbps VPN

    • Massive scalability

      • Linear scalability when connected to a switched backplane

    • Complete security processing

      • Complete packet processing with little to no CPU intervention

    • Programmability

      • Ability to add packet classification and content inspection engines

CPU

Data Exchange (first packet, IKE etc)

Control

GigaScreen-II ASIC / Flow Processor

Flow Traffic


Netscreen 5000 chassis architecture

NetScreen-5000 Chassis Architecture

Back plane

32 bit - Bus 0

  • Dual Bus Architecture

    • Control Traffic between GigaScreen-II and Management Module

    • Data Exchange between the Management Module and the GigaScreen-II via Dual Access High Speed RAM (SRAM)

  • 15 Gigabit switch fabric and Multiple Module Slots (5400)

    • Slots for Multiple Secure Port Modules or additional new modules

    • Packet Flow Traffic between Secure Port Modules or Future modules

64 bit - Bus 1

15 Gbps switch fabric

Secure Port Module

Future Tech. Modules

Secure Port Module

Mgmt Module

Flow

Control

First Packet, IKE, etc


Comprehensive product line

Comprehensive Product Line

Enterprise Telecommuter

Network core

Central Site

Medium Site

Small Office

NetScreen-500

NetScreen-5XT

NetScreen-50

NetScreen-5000 Series

NetScreen-5XP

NetScreen-25

NetScreen-200 Series

NetScreen -Remote

NetScreen-1000

NetScreen-Global PRO

NetScreen-Global PRO Express


Security deployment drivers

Security Deployment Drivers

Source Infonetics 2002


Security threats are growing

Security Threats Are Growing

Security Incidents Reported to CERT

60,000

  • Outside attacks that compromise perimeter security

    • Denial of service, VPN U-turn attacks

    • Trojan horse attacks that penetrate the enterprise

  • New application requirements

    • Segmentation of departmental resources

  • Wireless LANs

2001: 52,000+ incidents

(Code Red, Nimda)

50,000

40,000

30,000

# of incidents

20,000

1988: 6 incidents

(Kevin Mitnick)

10,000

0

Computer Emergency Response Team (CERT) is a federally funded research and development center specializing in Internet security operated by Carnegie Mellon University.


Security threats

Unauthorized Personnel

Unauthorized Wireless User

Compromised Computer

Worms / Compromised Server

Unauthorized Wireless User

Trojans / Disgruntled / Dishonest Employee

Security Threats

Regional Office

Branch Office

VPN

(((

VPN

Internet

Telecommuter

VPN

Firewall

VPN

(((

DMZ

Servers

Finance Servers


Security domains

OR

Security Domains

Integrated FW/VPN with attack blocking and user authentication

Branch Office

Regional Office

Telecommuter

((((

Wireless

VPN - Client

Internet

Notebook & PDA (VPN)

Greater Segmentation & Policy Control

Internal / External threats treated equally

Web

Wireless

((((

Admin

((((

DMZ

VPN - Client

E-mail

Finance

Central Site


Paybacks and benefits of vpns

Paybacks and Benefits of VPNs

Q. On a scale of 1 to 7, where 1 is “not important” and 7 is “extremely important,” please rate the importance of the following expected paybacks and benefits in your decision to implement VPNs:

57%

Increased security

45%

Dial-up or dedicated connection cost savings

Increased bandwidth using VPNs with DSL, cable, or broadband wireless

44%

43%

Reduction of operation and management costs

Ability to quickly add remote access users, sites, or extranet partners

42%

41%

Improved communications with customers

41%

Increased geographic coverage

34%

Any to any connectivity

32%

Increased network uptime

17%

Ability to carry voice over IP

Source Infonetics 2002


Leaders in vpn technology

Mobile VPN

Small site,

Temp site VPN

Intranet VPN

Partner A

Partner B

Partner C

Home GPRS

Internet

Content

GRX

Remote Access

Content Ser

AV Services

IDS Services

Application Ser

Overseas GPRS

Leaders in VPN technology

MPLS

Data Centre

/SP NOC


Frame to ip vpn migration scenarios apples to apples equal bandwidth

Legacy Network

IPNetwork

Change

Scenario A: Direct One-to-One Comparison

Small Site Bandwidth (8 sites)

56-64 Kbps

56-64 Kbps

No Change

Monthly Cost/Site

$280

$75

Save $205

Medium Site Bandwidth (2 sites)

384 Kbps

384 Kbps

No Change

Monthly Cost/Site

$1,150

$190

Save $960

Central Site Bandwidth (1 site)

T-1

T-1

No Change

Monthly Cost/Site

$3,275

$1,570

Save $1,705

Total Annual Costs

$93,780

$30,600

Save $63,180

Time to pay back initial hardware investment ($6,000 to $10,000): 1.1 – 1.9 Months

Frame to IP VPN Migration ScenariosApples to Apples – Equal Bandwidth

The initial hardware purchase is based on average pricing for NetScreen appliances while the bandwidth rates are based on averages derived from multiple carrier offerings. This example does not include network management, installation expense, time to migrate multiple networks, etc.

Source: TeleChoice – Building the business case for IP VPNs


Firewall features

Firewall Features

Source Infonetics 2002


Idp the future of security

Milestones

  • 1st device that detects and prevents attacks by dropping malicious packets (patent pending)

  • 1st to implement Multi-Method Detection to maximize attack detection

  • 1st to utilize Stateful Signature Detection to help reduce false alarms

  • 1st centralized, rule-based management of intrusion detection and prevention

IDP - The future of security

  • Definitive agreement to acquire OneSecure for $40.3 million

  • Innovative intrusion detection and prevention appliance accurately detects attacks, stops attacks and is easy to manage

  • Immediately address IDS market with intrusion prevention products

  • The best technology, architecture and people to accelerate NetScreen’s delivery of next generation integrated security gateway and management


Intrusion prevention onesecure

HR Servers

Users

FinanceServers

WebServer

MailServer

User

CodeRed

Firewall

Intrusion Prevention - OneSecure

  • Innovative intrusion prevention and detection product

    • Improved intrusion detection accuracy, reducing false alarms and detecting more attacks

      • Multi-Method Detection

      • Stateful Signatures

    • True attack prevention to eliminate impact of attack

      • In-line operation


Intrusion detection strategies

Intrusion Detection strategies

Source Infonetics 2002


Netscreen onesecure integration plan

Phase II: 1H03

Phase III

Integrate key IDP features into ScreenOS. New processing blade NS-5000

Develop silicon &

hardware for next-

generation platforms

Enhance IDP

Enhance IDP

Integrate management platforms

Enhance Management Intelligence

NetScreen-OneSecure Integration Plan

Phase I: At Close

Introduce & Re-brand OneSecure IDP. Scale performance to gigabit levels

Introduce &

Re-brand OneSecure IDP Management


Innovation in the security market

Innovation in the Security market

“Gartner believes that the primary security gateway, the firewall, should provide for this in-line inspection and action taking. Thus, we see this move by NetScreen as the first market move toward fulfilling our vision of firewalls that look deeper into packet streams and make higher-level decisions. Enterprises will need this capability to implement strong, application-aware edge security on a variety of security platforms..”

Gartner Group

August 27, 2002


Netscreen scalable security solutions

NetScreenScalable Security Solutions


  • Login