slide1 n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Securing your Digital Assets Gabriel Tan, District Manager, South Asia Nokia Enterprise Solutions PowerPoint Presentation
Download Presentation
Securing your Digital Assets Gabriel Tan, District Manager, South Asia Nokia Enterprise Solutions

Loading in 2 Seconds...

play fullscreen
1 / 29

Securing your Digital Assets Gabriel Tan, District Manager, South Asia Nokia Enterprise Solutions - PowerPoint PPT Presentation


  • 188 Views
  • Uploaded on

Securing your Digital Assets Gabriel Tan, District Manager, South Asia Nokia Enterprise Solutions. About Nokia. World leader in mobile communications Frontrunner in providing mobile, broadband and IP networks Sixth most valuable brand (Interbrand)

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Securing your Digital Assets Gabriel Tan, District Manager, South Asia Nokia Enterprise Solutions' - chambray


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Securing your Digital Assets

Gabriel Tan,

District Manager, South Asia

Nokia Enterprise Solutions

about nokia
About Nokia
  • World leader in mobile communications
  • Frontrunner in providing mobile, broadband and IP networks
  • Sixth most valuable brand (Interbrand)
  • One of the world’s most respected companies(PriceWaterhouse & Financial Times)
  • As mobility and Internet converge, Nokia is committed to further enrichingthe daily lives of people
nokia organisation
Nokia Organisation

Mobile Phones

Multimedia

Networks

Customer and Market Operations

Technology Platforms

Strategy, Research, Venturing and Business Infrastructure

EnterpriseSolutions

top of mind issues for security
Top of mind issues for security
  • Hardened for security
  • Simple & manageable
  • Reliable
  • Cost
  • Support multiple applications

…and something that adds more complexity …securing wireless

customers still want security appliances

… and they want more from these appliances.

What is the primary driver behind appliance-based security technology?

What Security Function are you likely to deploy on a security appliance?

Customers still want security appliances …

By 2007, 80% of all network security solutions will be delivered viaa dedicated appliance. - IDC

nokia aligned with market preferences
Nokia Aligned With Market Preferences

Gartner (2005)

In-Stat (2005)

  • Set For Explosive Growth

Forrester (2005)

  • 50% of enterprises prefer separate stand alone appliances
    • 14% prefer all-in-one
    • 28% prefer integrated

Source: Gartner (July 2005)

nokia ip security platforms
Nokia IP Security Platforms

Nokia IP2250

DataCenter

Service Providers

Nokia IP1260

Nokia IP1220

Large

Enterprise

Nokia IP710

Price

Nokia IP560

Small to

Mid

Enterprise

Nokia IP380/IP385

Nokia IP350/IP355

Remote Office Branch Office

Check Point VPN-1 Pro or VPN-1 Express

Nokia IP260/IP265

Nokia IP40

Performance & Functionality

the power of two the checkpoint and nokia

300,000+ Installations

Check Point / Nokia Installations

2006

1998

The Power of Two: The CheckPoint and Nokia
  • Overview
    • 8+, year partnership between Nokia and Check Point
    • Nokia and Check Point Provide Security to 92 out of Fortuner 100.

Check Point

    • No. 1 Internet Security Company: Built on Firewall Software Success
    • Award winning GUI
    • Patented Stateful Inspection

Nokia

    • Internet Security Appliance Pioneer
    • Built to secure demanding traffic
    • Fastest performance Platform For Check Point (IPSO)
    • ‘Audit’ Grade HW Build, OS and Management tools Enterprise and Carrier
    • The First and Leading HA Firewall Solution for Check Point
    • Global Support and Service
  • Innovation
    • Patented security technologies
    • Jointly-developed acceleration technologies
    • Several IETF Reference Points (IPv6, VRRP) etc..
    • 600+ security focused engineers
nokia security firewall appliances

Nokia IP26x

Nokia IP40

Nokia Security Firewall Appliances
  • IPSO - Hardened OS designed for security
  • Simple procurement and configuration
  • Single support point for the entire solution
  • Comprehensive quality assurance on complete hardware and software solution
  • Network-centric product architecture
  • First-Call, Final-Resolution support

Nokia IP2250

Nokia IP12xx

Nokia IP710

Nokia IP3xx

nokia ip security appliance platforms
Nokia IP Security Appliance Platforms
  • Hardware
  • Nokia Pioneered The IP Security Appliance, knows more about Security Appliances Than Any other Vendor
  • Nokia Designs and builds Entire Appliance Platform, down To Component Level, including boards etc…
  • Nokia Develops and QA’s all hardware driver software, with specialized toolsets and bench configurations
  • Nokia Provides Redundant hot swap power supplies
  • Nokia Provides Redundant hot swap Network Interface Cards
  • Nokia Provides Solid State and HDD based System Solutions
  • Nokia Delivers High Port Density, High Connectivity Solutions
  • Nokia IP Appliances are Built with Ease of Serviceability in mind
  • All Systems Quality Assured Under Ideal and ‘Real World’ Operational Environments
  • All ‘installed base’ hardware, operating system and application combinations QA’d together
  • Nokia Continues To Invest in Hardware Innovations – ADPs, Solid State Support, 10GigE
nokia ip security operating system
Nokia IP Security Operating System
  • Operating System – IPSecurity Operating System
  • Network Element Operating System, Optimised For Packet Forwarding
  • IPSO High Performance Forwarding based on Patented IP Switching Technology
  • ASIC Firewall Performance From Software Based Firewall, with no Restrictions on Flexibility
  • Built On Carrier Grade, ‘Battle’ Proven, IP Networking BSD IP Stack, used by Operators and ISPs
  • Nokia Hardened* Operating System IPSOTM
  • Early Implementation of Digitally Signed OS
  • Less Than 10 CERTs in 8+ Years of Field Deployments
  • Firewall acceleration pioneer, Nokia Patented IP Firewall Flows
  • The market leader and pioneer in integrated high availability firewall technology VRRP-MC to IP Clustering
  • World Class, well proven, standards adherent routing
  • Well proven IPv6 Implementation, deployed in ISP and Operator Networks for 5yrs+
  • Multiple OS Image Management for rollback and recovery operations
  • Powerful CLI, and Diagnostic Shells
  • Nokia Pioneered Web Interface For Security Appliance Management – Nokia Voyager Element Manager
  • Nokia Pioneered Security Appliance System Level Management – Nokia Horizon Manager
  • Do No Harm patch, upgrade and management technology for Entire Systems including Security Applications
  • Nokia Hardware and Software Asset Auditing tools
  • Nokia Brings F.C.A.P.S Best of Breed NMS to Security Appliance - Nokia Appliance Manager
what is a secure appliance operating system
What is A Secure Appliance Operating System?
  • “Applications cannot be more secure than the kernel functions they call”
  • OS is the right place for security

Operating system security is fundamental to the security of every computing system because operating systems are a critical point of failure for the entire system. Unfortunately, attempts to secure computer systems continue to be based on the flawed assumption that adequate security can be provided in applications with the existing security mechanisms of mainstream operating systems. The reality is that secure applications require secure operating systems, and any effort to provide system security that ignores this premise is doomed to fail. – NSA

slide13

Anatomy of A Secure Appliance Operating System

Enforces the Security Policywith a Security Model implemented by kernel components and by kernel modularity

Programming Techniques

Development Procedures

Security Hardening

Identification and Authentication

User Data Protection including

Access Control

File integrity

Security Audit

Common Criteria

ITSEC

FIPS 140

IS 17799

SAS-70

Secure Delivery

Digitally-Signed Binaries

Secure Lockdown

BuildingSecureSoftware

Security Functions

System

Architecture

Deployment

Processes

Independent

Validation & Certifications

asic based security solution

Hardware Based

(ASICs)

Policy

Packet Processing

ASIC Based Security Solution

Fast but NOT flexible

nokia ip security appliance
Nokia IP Security Appliance

Nokia

Policy

CPU

CPU

CPU

CPU

API

CPU

CPU

CPU

NPU

Packet Processing

Fast + Flexible

nokia unique value proposition

Software Based(Server Appliance)

Packet Processing

Policy

CPU

Hardware Based

(ASICs)

Policy

Packet Processing

Nokia Unique Value Proposition

Nokia

Policy

CPU

CPU

CPU

CPU

API

CPU

CPU

CPU

NPU

Packet Processing

Fast + Flexible

Flexible but NOT fast

Fast but NOT flexible

in other people s words

"As a dedicated hardware platform, the Nokia IP260 offers some ferocious capabilities.“

-Network Computing Magazine

Nokia IP2xx

“This product shows how two companies can work together to create a product better than the sum of its parts”

-Secure Computing Magazine

Nokia IP3xx

“A versatile and flexible solution for the high end of the market”

-Secure Computing Magazine

Nokia IP2250

In Other People’s Words
ip security appliance business
IP Security Appliance Business
  • Business Week, 28 Aug ‘02- Nokia's Security Connection"force to be reckoned with... According to tech researcher IDC, Nokia is quickly grabbing market share in the exploding market for firewall/VPN appliances“
  • 25.6% of Asia Pacific Security Appliance Market Share
  • Nokia with Check Point VPN-1/FireWall-1 has 62% VPN and 41% firewall market share (Infonetics Research, VPN Hardware Market)
  • Frost & Sullivan 2005 Firewall market sharefor Vietnam, Nokia ranked #1
nokia ssl vpn

Executive access

Employees using a non-corporate device at home, a library or a café

Client-server applications like Outlook, & Notes

Nokia SSL VPN

Internet

Web-enabled applications SFA, CRM, ERP

Enterprise Intranet

Employees using a corporate device at a hotel or using Wi-Fi provider

Firewall

Mainframe, SSH, FTP, Telnet

Partners, suppliers & contractors

Linux & Unix users

Nokia SSL VPN

Enables new mobile connectivity applications

Business Continuity

nokia ip vpn gateways
Nokia IP VPN Gateways
  • Fully-integrated, secure IPSec VPN gateways, with multiple options, for fast, easy deployment in high-performance networks
  • Advanced dynamic connectivity to mobile devices and other VPN gateways through robust broadband and routing functionality
  • Extreme system availability using diskless hardware, patented clustering and patent-pending adaptive networking technologies
  • Product targeted for government sales through planned industry certification including FIPS-140-2, EAL4, ICSA and VPN Consortium

Large Office

Nokia 500i *VPN Gateway

Medium

Office

Price

Nokia 100iVPN Gateway

Nokia 50i VPN Gateway

Remote Office Branch Office

Nokia 5i and Nokia 10iVPN Gateways

Performance

* Available in 1H 2005

nokia mobile ip vpn solution

Corporate

Wi-Fi

Wireless Network

(GPRS, 3G)

Nokia Mobile IP VPN Solution

Mobile VPN Client

Native Windows L2TP/IPSec client

Remote Access Connectivity

Headquarters

Internet

Nokia 50i

Nokia 10i

Branch Office

Nokia VPN Mgr(with Nokia SSM)

Nokia MobileVPN Client

Site-to-Site Connectivity

nokia enterprise solutions
Nokia Enterprise Solutions

IT Security Infrastructure

IT Apps / Assets

ANY Mobile Device

Nokia VPN Manager / NHM

Mobile Devices& PDAs

Employees on enterprise device

Nokia Firewall/VPN

Nokia SSL VPN

Access

Network

Internet

Nokia IP VPN

Applications, Files, Authentication, etc.

Employees on non-enterprise device

Authentication & Encryption

Access Control

Intrusion Detection

Anti-Virus

nokia service first call final resolution
Nokia Service – First Call – Final Resolution

Nokia provides integrated single source, and single contract, support for Check Point VPN-1, Nokia IP Security Platforms, interface cards, VPN accelerator cards, HA software and routing protocols.

  • Direct Access To Engineering
    • Support resources have a direct line to hardware engineering, software engineering and QA teams – No company boundaries to span during resolution
  • Three SCP Accredited TAC centers for follow the sun service
  • Comprehensive support offerings available worldwide
    • 8x5 VAR fulfilled or Nokia fulfilled support
    • 8x5 onsite VAR fulfilled or Nokia fulfilled support
    • 24x7 VAR fulfilled or Nokia fulfilled support
    • 24x7 onsite VAR fulfilled or Nokia fulfilled support
global support infrastructure
Global Support Infrastructure

Finland

UK

Hungary

Germany

Italy

Spain

Belgium

Canada

Japan

USA East

China

China

USA West

HK

USA South East

Taiwan

Mexico

Columbia

India

Singapore

Malaysia

Brazil

Argentina

  • Hardware Repair and Replacement Services
  • Networking Equipment
  • Field support in more than 2000 cities
  • Onsite Service Options: NBD, Same Day
  • 4 Hour Response, 2 Hour Response
  • Mobile Devices
  • Advanced Exchange
  • Return and Repair
  • Walk In Service
  • End User help desk support delivered by 19 Customer Care Centers globally
  • Set up assistance
  • Access to device specialists
  • >1000s of repair service points globally
  • Enterprise level technical support delivered by
  • Global Technical Assistance Centers
  • Nokia First Call-Final Resolution
  • Follow The Sun Support
  • Available 365x24x7
global tac field infrastructure

Technical Support:

Global 365x24x7 Nokia Technical Support (First Call – Final Resolution) through Follow the Sun Model.

Three regional Technical Assistance Centers (TACs) & four Product Line Support (PLS) Centers located with R&D.

(TACs) in Kanata, London, Singapore, India and Tokyo. (PLS) in Mountain View, Pittsburgh, India & Helsinki.

Advanced HW Replacement:

5 Global DHL Hosted Spares Depots in Cincinnati, Brussels, Singapore, Tokyo & Shanghai.

Same Day Shipping Globally & Next Day Delivery in the US, EU, Singapore, Japan & China.

Global TAC & Field Infrastructure

On-Site HW Replacement:

Global Field Services Infrastructure for 5x8xNBD / 24x7x4h On-site HW Replacement.

2000 Field Service Locations Globally

nokia uniqueness in unified threat management

Firewall

Network AV

ID/P

ServicesBroad Attack Detection

Deep PacketInspection

Application Control

Real Time Response

ServicesVirus Mitigation

Spyware, Adware, Malware Detection and Control

Malicious MobileCode Mitigation

ServicesAccess Control

Application Control

Protocol Validation

Enforcement

Security Appliances with a “tuned” Operating System(Nokia appliances with IPSO Operating System)

Services

Resiliency, Performance, Policy Control, flow management, Anomaly Detection, Regulatory Compliance, extensibility

Nokia Uniqueness in Unified Threat Management
  • Problem:
    • Multiple discrete services x Multiple Locations = Security Trade-Offs
  • Nokia UTM:
    • Unified secure mobility services x Multiple locations = Limited Trade-Offs
security and mobility unification

Firewall

VPN (IP &/or SSL)

ID/P

Directory Services

Email

VoIP

Directory

DNS

Security and Mobility Unification

Nokia

Unified Threat Management Functions

Email, PIMServer

  • All-in-one secure mobility architecture
    • Ease of management, integration, deployment
    • Consolidated management framework

NokiaManagementCenter(Admin Interface)