1 / 15

Icarus: A Revolution in Distributed Security Management

Icarus is a distributed security management system that automates policy enforcement, mitigates P2P networks and complex malware scenarios, and manages adherence to security policies. Its patented technology features a collaborative grid architecture for efficient network management.

millicenta
Download Presentation

Icarus: A Revolution in Distributed Security Management

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Icarus:A Revolution in Distributed Security Management Rob Bird, University of Florida Gregory Marchwinski, Red Lambda Inc.

  2. Agenda • The Problem • The Solution - Icarus • Icarus System Architecture • Icarus Features • Use Case • Summary

  3. The Problem From the SALSA-Netauth document Strategies for Automating Network Policy Enforcement: “The major security challenge facing university residential networks and other large-scale end-user networks is the thousands of privately owned and unmanaged computers directly connected to an institution's relatively open, high-speed Internet connections. Security policy enforcement is often lax due to a lack of central control over end-user computers and an inability to tie the actions of these computers to particular individuals. A few times a year there are surge events, including the predictable start of each semester and the unpredictable and increasingly frequent reactions to large-scale security incidents, that require massive support intervention.” • Current security products lack the sophistication to control & stop P2P networks & defend against mass infection by malware/malusers. • Highly Fragmented Network Security & Management marketplace – many point solutions, many appliances, no central architecture, little automation • Human intervention is necessary to manage security tasks such as P2P & process vast amounts of data – often overwhelming existing IT Staff members

  4. The Solution - Icarus • Developed at the University of Florida in December 2002 to automate security and policy enforcement • In production on 10,000 user residential network since 2003 • Now on version 2 • Automatically performs policy-based admission control, mitigates P2P networks, complex malware scenarios and manages adherence to university security policy • Distributed framework – enables security and network management via three key elements - Neuron Microkernel, Collaborative Grid, Peer Management Console • Patent Pending –developed as an open standards middleware collaborative grid system to utilize all connected resources to defend / manage the network • Recognized by industry analysts and highlighted in numerous technical publications

  5. Icarus System Architecture

  6. Product Features • Java 5 • XML-based policy and messaging architecture allows complex workflow automation via graphical or text editor • Lightweight microkernel features component-based architecture which allows third party applications, libraries (Java and C/C++) and scripts (Perl and Python/Jython) to be combined and used as elements in the workflow • EG: Existing UF implementation integrates into network registration, security appliances, network hardware, trouble ticketing, billing, judicial management and captive information portal • Allows the easy combination of L2, L3 and L7 detection, isolation, notification and remediation techniques • Equally suited to wired or wireless networks • Drives behavioral change of students by sending a clear and consistent message • Traffic enforcement cameras vs. Citation by policeman

  7. Product Features • Extensible solution to management issues such as: • P2P network abuse • Viral and worm attacks • Spam relays - automatically contains • Spyware • Botnets • Outbound malicious behavior such as port scans, exploit scans, etc.

  8. Product Features • Hierarchical administration levels enables multiple views and span of control via console to reflect organizational boundaries and federated management schemes • Ability to quickly change automatic behavior of system via graphical work flow interface or built-in command editor • Extensive reporting engine helps generate compliance and exception reports for internal and third party use

  9. Product Features

  10. Use Case – Icarus @ UF • In production since 2003 • Automates complete registration, detection, isolation, notification and remediation workflow for P2P, malware and maluser scenarios • P2P policy enforcement • No DMCA complaints since 2003 • 1st Offense: 15 minute campus-only restriction • 2nd Offense: 5 day campus-only restriction • 3rd Offense: Refer to judicial affairs • Automatically generates remediation and education content for captive information portal • Malware/Maluser policy enforcement • Classful isolation system, different isolation types depending on situation • Automatically generates remediation and education content for captive information portal

  11. Use Case – Icarus @ UF

  12. Use Case – P2P @ UF *NOTE: Offender and Recidivism Rates do not include 2005-2006

  13. Case Study – P2P @ UF

  14. Summary • Patent-pending technology features fully-distributed collaborative grid architecture for distributed security and network management • Architecture designed to enable product enhancements and quick addition / distribution of new modules • Easily leverages security tools and methods thereby increasing the value of existing software/system investments • P2P Mitigation being deployed in October to early adopters, GA in December • Pricing per user per year with extensive educational discount structure • In production for over 2.5 years at the University of Florida managing over 10,000 users

  15. Questions? • Rob Bird – conduit@ufl.edu • Greg Marchwinski – greg.marchwinski@redlambda.com • Other information: www.redlambda.com

More Related