Securing the (public) Enterprise Edge Remko Cijffers Solution Architect Network & Security Customer Summit 12 November 2014 Maarssen Enterprise Security § Security top of mind Improve information security 55% Upgrade our network infrastructure 46% § Integrale aanpak over alle domeinen § § § § § Fysiek Netwerk infrastructuur Datacenter / hosting Cloud Application Delivery § Portfolio InformationWeek Outlook 2013 Customer Summit 12 November 2014 Maarssen Security Trends Notoriety Profitability .gov /.com .me / .you Threats Sophistication (Maturity) Attacker Type of Attack APT Botnets Malware DOS Trojans Worms Virus New Devices Target New Applications Internet Information Services ERP Customer Summit 12 November 2014 Maarssen In de media Jailbreak IOS 7.1.1 een feit Nederlandse hackers kraken ICloud Grote bug in Bash-shell OS X en Linux Wachtwoorden van 8 tekens zijn te kort Europese directies: weinig oog voor schade datalekken en hacks 7 miljoen Dropbox wachtwoorden gestolen Ernstig lek in OS X 'Yosemite' blijft nog twee maanden ongepatcht Customer Summit 12 November 2014 Maarssen Telefoon met een SMS-je te hacken Beveiligers: 'Nieuwe dreigingen niet bij te houden' Hotspots blijken achilleshiel internetbankieren NIEUWS Setje krachtig hack-gereedshap kost 5000 dollar Drupal gehackt Computers 24 gemeenten wagenwijd VS zet spyware op open' geexporteerde IT-apparatuur FBI eist toegang tot alle mobieltjes Lekken in SSL Terminologie Identity Availability Breach AttackSurface AntiMalware IDS Perimeter IOS Network Mobility SmartDevices HIPS Customer Summit 12 November 2014 Maarssen AntiVirus Security WhitehatHybridCloud Sandboxing PrivateCloud Cloud Private Ethical Analytics IPS Hacker Spyware Android Rootkits Confidentiality Worms Integrity Virus Reputation BYOD Security Domains ISC2 Domains CSA domains Domain 1: Access Control Domain 12: Identity and Access Management Domain 2: Application Development Security Availability Domain 10: Application Security Domain 3: BC/DR planning Domain 7: Traditional sec. BC & DR Domain 4: Cryptography Domain 11: Encryption and Key Management Domain 5: Governance and Risk Management Domain 2: Governance and Enterprise Risk Mgmt Domain 6: Legal, Reg., Investigations, Compl. Domain 3: Legal and Electronic Discovery Domain 7: Operations Security Domain 8: Data Center Operations Domain 8: Physical and Environmental security Domain 9: Security Architecture and Design Domain 1: Cloud Comp. Architectural Framework Domain 10: Telecom. and Network Security Domain 4: Compliance and Audit Domain 5: Information Lifecycle Management Confidentiality Domain 6: Portability and Interoperability Integrity Domain 9: Incident Resp, Notification, Remediation Domain 13: Virtualization * https://www.isc2.org/, https://cloudsecurityalliance.org/ Customer Summit 12 November 2014 Maarssen Assets Headquarters Branch Office Public Cloud Private Cloud Factory Hybrid Cloud Customer Summit 12 November 2014 Maarssen Zone Model Gebruikers Medewerkers Applicaties NAC Security zones COCD (Beheerd) BYOD (Onbeheerd) Gasten BYOD Name presentation - City, date Extern Telewerkers Internet …. Wired Wireless Policy Gast (Onbeheerd) Partners Toegang to Zone: Network Admission Control (NAC) Comprehensive Secure Access Guest access Profiling Posture Who What Where When How CONTEXT Vicky Sanchez Employee, Marketing Wireline 3 p.m. Security Camera Gateway Agentless Asset Chicago Branch Francois Didier Consultant HQ - Strategy Remote Access 6 p.m. IDENTITY Personal iPad Employee Owned Wireless HQ Frank Lee Guest Wireless 9 a.m. IEEE 802.1X MAB WebAuth Switches, Routers, and Wireless Access Points Identity (IEEE 802.1X)-Enabled Network Name presentation - City, date Inter-Zone: Next-Generation Firewall (NGFW) Partner X Partner Y Partner Z Internet Zone A 12 November 2014 Maarssen Zone B Zone C Het UTM Principe TRADITIONAL SOLUTIONS Cumbersome and costly Name presentation - City, date THE FORTINET SOLUTION Simple and cost-effective Uitgaand vs. Inkomend: Application Delivery Firewall Clients ADC Intelligent Cost of Scale App servers Name presentation - City, date Storage Uitgaand vs. Inkomend: Application Delivery SaaS Firewall Clients Name presentation - City, date More Endpoints More Delivery Options More Applications ADCs Cloud App servers Storage Uitgaand vs. Inkomend: Application Delivery Physical Virtual Clients Anywhere, any service, any device Name presentation - City, date An Intelligent Services Platform connects any user, anywhere, from any device to the best application resources, independent of infrastructure. Intelligent Cloud Dynamic, agile, adaptive Storage Keten aanpak voor End to End beveiliging Cloud Secure Enterprise Mobility Secure Enterprise Border Cloud Secure Virtual Datacenter End-to-End Secure (Mobile) Devices Customer Summit 12 November 2014 Maarssen Eindpoint / BYOD Mobile Device Management Network Admission Control Connectivity / VPN Authentication Inter zone policy points Application Intelligence Next Gen Firewalls Proxy / Gateways Application Delivery Hypervisor Security Cloud Security Business Applications Private Cloud Public Cloud DC Services Collaboration / Video Einde presentatie Imtech ICT Nederland Capelle aan den IJssel Rivium Boulevard 41 - 2909 LK T. +31 10 447 76 00 Zaltbommel Hogeweg 41 - 5301 LJ T. +31 418 57 07 00 www.imtech-ict.nl twitter.com/imtechictnl linkedin.com/company/imtech-ict Remko Cijffers - [email protected] – 088-9889 737 12 November 2014 Maarssen – Remko Cijffers
© Copyright 2025 ExpyDoc