Your SlideShare is downloading. ×
0
Securing the Endpoints in Networks By Govind Rammurthy CEO &  Managing Director
Agenda <ul><li>Business Continuity Demands </li></ul><ul><li>Threat Scenario – Past & Present </li></ul><ul><li>Endpoints ...
Business Continuity Demands <ul><li>Unified Networks for </li></ul><ul><ul><li>Email, Text Chat, Web Browsing, File Sharin...
Business Continuity Demands <ul><li>Increased Access to Sensitive Information </li></ul><ul><li>Mission-critical network <...
File Servers Web or App Servers Email Servers Typical Network Security Scenario Very High High Medium Risks Very Low Low V...
Typical Network Security Scenario Very High High Medium Risks Very Low Low
Business Continuity Vs Security Statistics on Attack Trends that  could  lead to Data/Identity Theft.  54% 28% 13% 4% 1%
Threat Scenario – Past &  Present Threats were indiscriminate, hit everyone Threats are highly targeted, regionalized Thre...
Endpoints & Endpoint Security <ul><li>Key Influencers: </li></ul><ul><li>Devices and Storage Mediums </li></ul><ul><li>Por...
Endpoints & Endpoint Security <ul><li>Loss/leak of confidential information </li></ul><ul><li>Losing valuable employees </...
Endpoints & Endpoint Security <ul><li>IPODs / Portable Entertainment devices </li></ul><ul><li>Bluetooth Cell Phones </li>...
Endpoints & Endpoint Security <ul><li>Data in Motion </li></ul><ul><ul><li>Emails </li></ul></ul><ul><ul><li>Instant Messa...
Endpoints & Endpoint Security Reducing Threat Exposure <ul><li>Information Protection & Control </li></ul><ul><li>Data in ...
Endpoints & Endpoint Security <ul><li>Endpoint management costs are increasing </li></ul><ul><ul><li>Cost of downtime impa...
Layers of Endpoint Security AntiVirus / Antispyware Web Protection Firewall Intrusion Prevention Device Control Network Ac...
Layers of Endpoint Security AntiVirus / Antispyware <ul><li>Real-Time AV Scanning </li></ul><ul><li>Spyware, Adware, Keylo...
Layers of Endpoint Security <ul><li>Web/FTP/CHAT Scanning </li></ul><ul><li>Domain and IP reputation based checker </li></...
Layers of Endpoint Security <ul><li>Real-Time Antispam filter </li></ul><ul><li>Sender reputation checker </li></ul><ul><l...
Layers of Endpoint Security Firewall <ul><li>Managed desktop firewall </li></ul><ul><li>Adaptive policies allowing for loc...
Layers of Endpoint Security Intrusion Prevention <ul><li>Behavior-based prevention </li></ul><ul><li>Network traffic inspe...
Layers of Endpoint Security Device Control <ul><li>Device control to prevent data leakage at the endpoint  </li></ul><ul><...
Layers of Endpoint Security Network Access Control / Network Access Protection <ul><li>Control Access </li></ul><ul><ul><l...
Endpoint Security Best Practices <ul><li>Inventory all IT resources </li></ul><ul><li>Group resources into levels of sensi...
<ul><li>Any Questions and Queries? </li></ul>
<ul><li>THANK YOU!!! </li></ul>
Upcoming SlideShare
Loading in...5
×

Govind Rammurthy - Securing The Endpoints In Networks - Interop Mumbai 2009

1,584

Published on

A few years back, endpoint security entailed the installation of antivirus software to prevent virus infections. Now it encompasses anti-spyware, personal firewall, application control, USB control, etc, to protect the access and movement of confidential information.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,584
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
37
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • A very Typical Corporate Network Scenario with the level of access and the threat perceptions. You will notice that as the network expands the threat perception also varies. Green denotes the safe zone and red denotes the most common means of infections entering the network or data leaving the network.
  • It used to be hacking for glory, Now it is hacking fro money; the next motion picture Ocean 11-12 (13) will be about a bunch of guys working on computers trying to enter a major bank
  • Transcript of "Govind Rammurthy - Securing The Endpoints In Networks - Interop Mumbai 2009"

    1. 1. Securing the Endpoints in Networks By Govind Rammurthy CEO & Managing Director
    2. 2. Agenda <ul><li>Business Continuity Demands </li></ul><ul><li>Threat Scenario – Past & Present </li></ul><ul><li>Endpoints & Endpoint Security </li></ul><ul><li>Layers of Endpoint Security </li></ul><ul><li>Endpoint Security Best Practices </li></ul>
    3. 3. Business Continuity Demands <ul><li>Unified Networks for </li></ul><ul><ul><li>Email, Text Chat, Web Browsing, File Sharing, Games </li></ul></ul><ul><ul><li>Voice, Audio, Video, Tele-presence, Telemedicine </li></ul></ul><ul><ul><li>Web Services, EDI, SCADA, Emergency Services </li></ul></ul><ul><li>Users To Enjoy Mobility </li></ul><ul><ul><li>Any service from any device on any network </li></ul></ul><ul><ul><li>Seamless mobility across devices and networks </li></ul></ul><ul><ul><li>Strong but easy user authentication </li></ul></ul><ul><li>Reliability and Security of Networks. </li></ul>
    4. 4. Business Continuity Demands <ul><li>Increased Access to Sensitive Information </li></ul><ul><li>Mission-critical network </li></ul><ul><li>Mobile and remote devices and users </li></ul><ul><li>Wide variety of endpoints </li></ul><ul><li>Wide variety of users: employees, customers, contractors, guests </li></ul><ul><li>Interoperability </li></ul>
    5. 5. File Servers Web or App Servers Email Servers Typical Network Security Scenario Very High High Medium Risks Very Low Low Vendors Mobile PDA Mobile Laptops Home Computer Local Users Desktops
    6. 6. Typical Network Security Scenario Very High High Medium Risks Very Low Low
    7. 7. Business Continuity Vs Security Statistics on Attack Trends that could lead to Data/Identity Theft. 54% 28% 13% 4% 1%
    8. 8. Threat Scenario – Past & Present Threats were indiscriminate, hit everyone Threats are highly targeted, regionalized Threats were disruptive  impact visible Threats steal data & damage brands  impact unclear Remediation action was technical (“remove”)‏ Remediation more complex, may need to investigate data leak Entry through perimeter and gateway Entry through uneducated network clients and endpoints Threats were noisy & visible to everyone Threats are silent & unnoticed with variants
    9. 9. Endpoints & Endpoint Security <ul><li>Key Influencers: </li></ul><ul><li>Devices and Storage Mediums </li></ul><ul><li>Portability of Data </li></ul><ul><li>Accessibility </li></ul><ul><li>Compliance Laws & Regulations (HIPAA, SOX, etc.) </li></ul><ul><li>Extranet/Intranet Access provided to employees & partners. </li></ul><ul><li>Network Downtime due to infections </li></ul>
    10. 10. Endpoints & Endpoint Security <ul><li>Loss/leak of confidential information </li></ul><ul><li>Losing valuable employees </li></ul><ul><li>Unknown/invisible threats and loss of productivity due to using non-complaint storage mediums </li></ul><ul><li>Unauthorized intrusions – via Web Servers, email Servers, etc. </li></ul><ul><li>Access to internal networks via individual end points </li></ul><ul><li>Loss of Productivity due to Infections </li></ul>
    11. 11. Endpoints & Endpoint Security <ul><li>IPODs / Portable Entertainment devices </li></ul><ul><li>Bluetooth Cell Phones </li></ul><ul><li>Wireless LAN </li></ul><ul><li>USB Devices </li></ul><ul><li>Open Non-authenticated Mail/Proxy Servers </li></ul><ul><li>Lack of defined employee security policies </li></ul><ul><li>Authorized Applications </li></ul>
    12. 12. Endpoints & Endpoint Security <ul><li>Data in Motion </li></ul><ul><ul><li>Emails </li></ul></ul><ul><ul><li>Instant Messaging </li></ul></ul><ul><ul><li>P2P </li></ul></ul><ul><ul><li>File Transfers </li></ul></ul><ul><ul><li>Web Posts </li></ul></ul><ul><ul><li>Blogs </li></ul></ul><ul><li>Data at Rest </li></ul><ul><ul><li>Laptops/Desktops/File Servers </li></ul></ul><ul><ul><li>USB </li></ul></ul>Key Data to be Protected Endpoint Security Is Mission Critical
    13. 13. Endpoints & Endpoint Security Reducing Threat Exposure <ul><li>Information Protection & Control </li></ul><ul><li>Data in Motion </li></ul><ul><li>Data in Rest </li></ul><ul><li>Asset Protection & Control </li></ul><ul><li>Asset management </li></ul><ul><li>Desktop computing support </li></ul><ul><li>Application Control </li></ul><ul><li>Security Incident Alerts/logs </li></ul><ul><li>Policy Implementation & Oversight </li></ul><ul><li>NAC/NAP </li></ul>
    14. 14. Endpoints & Endpoint Security <ul><li>Endpoint management costs are increasing </li></ul><ul><ul><li>Cost of downtime impacts both productivity and revenue </li></ul></ul><ul><ul><li>Costs to acquire, manage and administer point products are increasing, as well as the demand on system resources </li></ul></ul><ul><li>Complexity is increasing as well </li></ul><ul><ul><li>Complexity and man power to manage disparate endpoint protection technologies are inefficient and time consuming </li></ul></ul><ul><li>Growing number of new known and unknown threats </li></ul><ul><ul><li>Stealth-based and silent attacks are increasing, so there is a need for anti-virus to do much more </li></ul></ul><ul><li>The Perfect Endpoint Security system is with a Centrally Managed Client Security Solution. Some of the Major Technology based threats </li></ul><ul><ul><li>Bluesnarfing - Using Bluetooth </li></ul></ul><ul><ul><li>Podslurping – Using iPods </li></ul></ul><ul><ul><li>Thumbsucking – Using Thumb Drives </li></ul></ul><ul><ul><li>Zero-day threats – New and evolving threats </li></ul></ul>
    15. 15. Layers of Endpoint Security AntiVirus / Antispyware Web Protection Firewall Intrusion Prevention Device Control Network Access Control / Network Access Protection Antispam / Antiphising
    16. 16. Layers of Endpoint Security AntiVirus / Antispyware <ul><li>Real-Time AV Scanning </li></ul><ul><li>Spyware, Adware, Keylogger, & Rootkit Blocker </li></ul><ul><li>Suspicious Application Detection </li></ul><ul><li>Registry Monitoring </li></ul><ul><li>Protection against web based threats </li></ul><ul><li>Protection against email based threats </li></ul><ul><li>Spyware and rootkit detection and removal </li></ul><ul><li>Ability to safely remove infections & restore system files effectively </li></ul>Detect, prevent and remove malicious code & Vulnerability-based protection
    17. 17. Layers of Endpoint Security <ul><li>Web/FTP/CHAT Scanning </li></ul><ul><li>Domain and IP reputation based checker </li></ul><ul><li>Block websites with restricted words </li></ul><ul><li>Block web content (Multi-Media & Applications) </li></ul><ul><li>Block web applets, Cookies, Scripts </li></ul><ul><li>Block Pop-Ups </li></ul><ul><li>Browser Cleanup </li></ul>Web Protection
    18. 18. Layers of Endpoint Security <ul><li>Real-Time Antispam filter </li></ul><ul><li>Sender reputation checker </li></ul><ul><li>Antiphising filter </li></ul><ul><li>Attachment Control </li></ul>Antispam / Antiphising
    19. 19. Layers of Endpoint Security Firewall <ul><li>Managed desktop firewall </li></ul><ul><li>Adaptive policies allowing for location awareness </li></ul><ul><li>Network, port, protocol, and application control </li></ul>
    20. 20. Layers of Endpoint Security Intrusion Prevention <ul><li>Behavior-based prevention </li></ul><ul><li>Network traffic inspection </li></ul><ul><li>Application inspection </li></ul>
    21. 21. Layers of Endpoint Security Device Control <ul><li>Device control to prevent data leakage at the endpoint </li></ul><ul><li>Protection against mp3 players, USB drives, etc. </li></ul>
    22. 22. Layers of Endpoint Security Network Access Control / Network Access Protection <ul><li>Control Access </li></ul><ul><ul><li>to critical resources </li></ul></ul><ul><ul><li>to entire network </li></ul></ul><ul><li>Based on </li></ul><ul><ul><li>User identity and role </li></ul></ul><ul><ul><li>Endpoint identity and health </li></ul></ul><ul><ul><li>Other factors </li></ul></ul><ul><li>With </li></ul><ul><ul><li>Remediation </li></ul></ul><ul><ul><li>Management </li></ul></ul>
    23. 23. Endpoint Security Best Practices <ul><li>Inventory all IT resources </li></ul><ul><li>Group resources into levels of sensitivity </li></ul><ul><li>Define end user access scenarios </li></ul><ul><li>Associate end user access scenarios with levels of sensitivity </li></ul><ul><li>Validate the policies with a select group using event logging </li></ul><ul><li>Roll policies into full production </li></ul><ul><li>User must Be authenticated </li></ul><ul><ul><li>With Identity Management System </li></ul></ul><ul><li>Endpoint Must Be Healthy </li></ul><ul><ul><ul><li>Anti-Virus software running and properly configured </li></ul></ul></ul><ul><ul><ul><li>Recent scan shows no malware </li></ul></ul></ul><ul><ul><ul><li>Personal Firewall running and properly configured </li></ul></ul></ul><ul><ul><ul><li>Patches up-to-date </li></ul></ul></ul><ul><li>Behavior Must Be Acceptable </li></ul><ul><ul><ul><li>No port scanning, sending spam </li></ul></ul></ul>
    24. 24. <ul><li>Any Questions and Queries? </li></ul>
    25. 25. <ul><li>THANK YOU!!! </li></ul>
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×