Server security press presentation
Download
1 / 14

Server Security Press Presentation - PowerPoint PPT Presentation


  • 107 Views
  • Uploaded on

Server Security Press Presentation. Harish Agastya, Director Server Security Product Marketing. Deep Security: Securing the New Server. Cloud . Virtualized. Physical. Servers in the open. Servers virtual and in motion . Servers under attack . 2. 8/5/2014. 2. Internal Training.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Server Security Press Presentation' - peers


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Server security press presentation

Server SecurityPress Presentation

Harish Agastya, Director Server Security Product Marketing


Deep security securing the new server
Deep Security: Securing the New Server

Cloud

Virtualized

Physical

Servers in the open

Servers virtual and in motion

  • Servers under attack

2

8/5/2014

2

Internal Training


Threat environment
Threat Environment

More profitable

$100 billion: Estimated profits from global cybercrime

-- Chicago Tribune, 2008

More sophisticated, malicious & stealthy

“95% of 285 million records stolen in 2008, were the

result of highly skillful attacks”

“Breaches go undiscovered and uncontained for

weeks or months in 75% of cases.”

-- Verizon Breach Report, 2009

More frequent

"Harvard and Harvard Medical School are attacked

every 7 seconds, 24 hours a day, 7 days a week.”

-- John Halamka, CIO

More targeted

“27% of respondents had reported targeted attacks”.

-- 2008 CSI Computer Crime & Security Survey


“99.9% of records were compromised from servers and applications”

2009 Data Breach Investigations Report conducted by Verizon Business RISK Team


High profile breaches
High profile breaches

May-2008: Security breach cost $12.6 million so far, including legal costs and fines from MasterCard and Visa. More >>

Dec-2008: DNS hijacking puts 5,000,000 check processing accounts at risk.

More >>

Dec-2008: PII of 1.5M customers& 1.1M Social Security Numbers. More >>

Mar-2009: Hackers hijack PII for 45,000 employees & retirees. More >>

Aug-2007: Hackers placed software on the company’s network, and steal 45 M credit card #’s. Costs soar to $256 M.

More >>

May-2009: Hackers broke into 2 databases over a 6 month period, and exposed the data of 160,000+ students. More >>



Compliance imperative
Compliance Imperative

  • More standards:

  • PCI, SAS70, HIPAA, ISO 27001, FISMA / NIST 800-53, MITS…

  • More specific security requirements

  • Virtualisation, Web applications, EHR, PII…

  • More penalties & fines

  • HITECH, Breach notifications, civil litigation

DMZ consolidation using virtualisation will be a "hot spot” for auditors, given the greater risk of misconfiguration and lower visibility of DMZ policy violation. Through year-end 2011, auditors will challenge virtualized deployments in the DMZ more than nonvirtualized DMZ solutions.

Neil MacDonald, Gartner, June 2009


Virtual machines need specialized protection
Virtual Machines Need Specialized Protection

1. Same threats in virtualized servers as physical:

  • OS & Application vulnerabilities and Configuration errors allow Malware to attack & infect

    2. Plus Dynamics of virtualisation causes some new challenges:

  • Dormant VMs

  • Resource contention

  • VM Sprawl

  • Inter-VM traffic

  • vMotion

8



Trend micro deep security
Trend Micro Deep Security

Advanced Server & application protection for:

VIRTUAL

CLOUD

PHYSICAL

Deep Packet Inspection

Firewall

Integrity

Monitoring

Log

Inspection

Malware Protection

IDS / IPS

Web App.

Protection

Application

Control


Why they buy plays for deep security
Why They Buy: Plays for Deep Security

  • Compliance

    • Reason to do it today

    • Internal compliance, security policy

    • External compliance, like PCI, FISMA, NERC, FDIC, SAS 70…

    • Detailed reporting, audit support

  • Virtualisation Security

    • Reason to revisit security practices

    • Provides security necessary to achieve100% virtualisation

    • Enables mobility and evolution to cloud computing

  • Defense in Depth / Business Continuity

    • Best practice

    • Preventing data breach and business disruption

    • Zero-day protection and virtual patching

    • Detecting suspicious activity

8/5/2014

11

Confidential


Deep security 7 modules

Internal Training

Deep Security 7 Modules

Deep Packet Inspection

Integrity Monitoring

  • Enables IDS / IPS, Web App Protection,

  • Application Control

  • Examines incoming & outgoing traffic for:

  • Protocol deviations

  • Content that signals an attack

  • Policy violations.

  • Monitors critical files, systems and registry for changes

  • Critical OS and application files (files,

  • directories, registry keys and values)

  • Flexible, practical monitoring through includes/excludes

  • Auditable reports

Firewall

Log Inspection

  • Centralized management of server

  • firewall policy

  • Pre-defined templates for common

  • enterprise server types

  • Fine-grained filtering: IP & MAC

  • addresses, Ports

  • Coverage of all IP-based protocols:

  • TCP, UDP, ICMP, IGMP …

  • Collects & analyzes operating system

  • and application logs for security

  • events.

  • Rules optimize the identification of

  • important security events buried in

  • multiple log entries.


Deep security key benefits
Deep Security: Key benefits

  • Shield vulnerabilities in web apps, enterprise apps OSs

  • Detect & block suspicious activity

  • Internal policies

    • PCI & other requirements

      • Detailed reports document prevented attacks & compliance status

Prevents Data Breaches & Business Disruptions

Enables Compliance

Supports Operational Cost Reductions

  • Prioritize secure coding efforts

    • Manage unscheduled patching

  • Provides security necessary to realize virtualisation savings

  • Increased value from SIEM investments


  • Questions

    Questions?

    Laura Maio Harish [email protected][email protected]+1 613-270-5531 +1 408-850-1082


    ad