Your SlideShare is downloading. ×
CIS13: Next Generation Privileged Identity Management: A Market Overview
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

CIS13: Next Generation Privileged Identity Management: A Market Overview

620
views

Published on

Patrick McBride, Vice President of Marketing, Xceedium …

Patrick McBride, Vice President of Marketing, Xceedium
Cloud and Virtualization have dramatically altered the landscape for privileged identity management (PIM). In this session we will discuss the impact of these trends and the requirements next generation PIM solutions will need to address.

Published in: Technology, Business

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
620
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
28
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Next  Genera*on  Privileged  Iden*ty   Management:  A  Market  Overview   Patrick  McBride   Vice  President,  Marke0ng  
  • 2. June  2013   ©  Copyright  2013,  Xceedium,  Inc.   2   Patrick  McBride  –  Old  Security  Guy…   PMB Consulting! Presentation Sponsored by:
  • 3. §  Security  soKware  company  providing  Next-­‐ Genera*on  Privileged  Iden*ty  Management   solu*ons   §  Global  Fortune  1000  and  Government   customer  base   §  Headquartered  in  Herndon,  VA   §  XsuiteTM  PlaSorm   June  2013   ©  Copyright  2013,  Xceedium,  Inc.   3   Xceedium   Cool Vendor Best Overall IT Company Top 100 Global Company Hot Company to Watch RSA 2011 Hot New Security Product Best Privileged Access Management Solution
  • 4. June  2013   ©  Copyright  2013,  Xceedium,  Inc.   4   Privileged  Iden;ty  Management  
  • 5. June  2013   ©  Copyright  2013,  Xceedium,  Inc.   5   The  “Two  Man”  Rule…Really?    REALLY?  
  • 6. June  2013   ©  Copyright  2013,  Xceedium,  Inc.   6   Who  Are  Privileged  Users?   On  Premise   Employees/Partners   •  Systems  Admins   •  Network  Admins   •  DB  Admins   •  Applica*on  Admins   Partners   Systems/NW/DB/Application Admins Employees   Systems/NW/DB/ Application Admins Public  Cloud   Apps   Apps   Unauthorized User Hacker (Malware/APT) VMware   Administrator   AWS  Administrator   MicrosoK    Office   365  Administrator   Internet  
  • 7. Ops Automation & DevOps What  Else  is  Privileged?   Let’s  Talk  APIs…   June  2013   7   Public  Cloud  Private  Cloud  Tradi;onal  IT   Home  Grown   Scripts   Infrastructure  Configura*on  APIs  (SDN/SDC)   Business  Applica*on  APIs   ©  Copyright  2013,  Xceedium,  Inc.   APIs   “All APIs are equal, but some APIs are more equal than others.” George Orwell, Animal Farm (1945)
  • 8. June  2013   ©  Copyright  2013,  Xceedium,  Inc.   8   A  Brief  History  of  Privileged  Iden;ty   Management   Do  It  Yourself   •  Jump  Boxes/Bas*on  Hosts   •  SSL/VPN   •  Network  Access  Control  (NAC)   •  Firewall  Rules   •  Router  ACL/Logical  NW  Segmenta*on   •  Physical  NW  Segmenta*on   (Third  Party)  Access   Control  Systems   Password  Vaul*ng   Systems   Logging  &  Recording   Systems   Iden*ty  Bridges  Modern  PIM   (circa  2011)  
  • 9. June  2013   ©  Copyright  2013,  Xceedium,  Inc.   9   What’s  New?   Migra;on  to  the  New  Enterprise   Figure 2. The Virtualization Road Map Through Private Cloud Computing Source: Gartner (February 2012) •  Consolida*on   •  Capital  expense   •  Capital  expense   elimina*on   •  Increased  flexibility   (up  and  down)   •  Flexibility  and  speed   •  Opera*onal  expense   automa*on   •  Less  down*me   •  Self-­‐serve  agility   •  Standardiza*on   •  IT  as  a  business   •  Usage  metering   STAGE 1: Server Virtualization STAGE 5: Public Cloud STAGE 2: Distributed Virtualization STAGE 3: Private Cloud STAGE 4: Hybrid Cloud •  Costs  for  peak  loads   •  Flexibility  for  peak   loads   MANAGEMENT PLANE Business Drivers: §  Cost Reduction §  Speed §  Agility §  New Applications Software Defined IT Infrastructure New IT Operations Model New Risk/Compliance Issues
  • 10. STAGE 1: Server Virtualization STAGE 5: Public Cloud STAGE 2: Distributed Virtualization STAGE 3: Private Cloud STAGE 4: Hybrid Cloud Complexity Cloud Evolution Security & Compliance Risks•  Extended Management Plane & Risk Surface Area •  Shared Security and Audit Model •  On Demand Procurement Paradigm •  Federated Privileged Identity & Attribution •  New Regulatory Mandates & Auditor Scrutiny •  Highly Dynamic, Elastic Environments June  2013   ©  Copyright  2013,  Xceedium,  Inc.   10   New  Enterprise   New  Security,  Risk,  Opera;onal  Challenges  
  • 11. 1.  Comprehensive/Integrated  Control  Set     Table  stakes…point  products  need  not  apply   2.  Protect  Systems/Applica*ons/Consoles   Across  Hybrid-­‐Cloud  Environments   3.  Architected  Specifically  for  Highly  Dynamic  Cloud     No  Cloud  Washing   June  2013   ©  Copyright  2013,  Xceedium,  Inc.   11   Next  Genera;on  PIM  Requirements  
  • 12. Attribute Identity for Shared Accounts (e.g., Root/Admin) Control Access to Target Systems Prevent Leapfrogging Monitor Sessions & Prevent Unauthorized Commands Record Sessions Positively Authenticate Users Before: ID: abc123 PW: Redskins After: ID: abc123 PW:x8km&eie10$ Vault & Manage Credentials Least  Privilege  &  Layering  PIM  Controls  
  • 13. Iden*ty  Integra*on   Enterprise-­‐Class  Core   Hardware Appliance AWS AMIOVF Virtual Appliance Unified  Policy  Management   Control  and  Audit  All  Privileged  Access   •  Vault Credentials •  Centralized Authentication •  Federated Identity •  Privileged Single Sign-on •  Role-Based Access Control •  Prevent Leapfrogging •  Monitor & Record Sessions •  Full Attribution June  2013   ©  Copyright  2013,  Xceedium,  Inc.   13   Xsuite™   Next  Genera*on  Privileged  Iden*ty  Management   New Enterprise Tradi;onal  Data  Center   Mainframe,  Windows,  Linux,  Unix,  Networking   Virtualized  Data  Center   vCenter  Server   SaaS  Applica;ons   Office  365  Admin  Center                    Public  Cloud  -­‐  IaaS   AWS  Management  Console  
  • 14. “I  bet  you  $50.00  that  you  can’t  integrate  all  of  the  following  into  your  Cloud  Iden*ty   Summit  Presenta*on.”     •  Authors  Washington  Irving  &  George  Orwell   •  Where’s  Waldo   •  A  Saturday  Night  Live  Quote   •  Grecian  Formula   •  “A  half  a  bowl  of  fruit  went  out  of  style  100  years  ago.”   -­‐Mo  Rosen,  EVP  Corporate  Development,  Xceedium     Twi]er    “@xceedium:  Next  Gen  PIM  &  a  half  bowl  of  fruit!”    June  2013   ©  Copyright  2013,  Xceedium,  Inc.   14   Now  I  need  your  help…  
  • 15. 2214  Rock  Hill  Road,  Suite  100   Herndon,  VA  20170   Phone:  866-­‐636-­‐5803   June  2013   ©  Copyright  2013,  Xceedium,  Inc.   15   Contact  Us   facebook.com/xceedium   info@xceedium.com @Xceedium @pmcbrideva1