• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Govind Rammurthy - Securing The Endpoints In Networks - Interop Mumbai 2009
 

Govind Rammurthy - Securing The Endpoints In Networks - Interop Mumbai 2009

on

  • 1,122 views

A few years back, endpoint security entailed the installation of antivirus software to prevent virus infections. Now it encompasses anti-spyware, personal firewall, application control, USB control, ...

A few years back, endpoint security entailed the installation of antivirus software to prevent virus infections. Now it encompasses anti-spyware, personal firewall, application control, USB control, etc, to protect the access and movement of confidential information.

Statistics

Views

Total Views
1,122
Views on SlideShare
1,120
Embed Views
2

Actions

Likes
0
Downloads
33
Comments
0

1 Embed 2

http://www.slideshare.net 2

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • A very Typical Corporate Network Scenario with the level of access and the threat perceptions. You will notice that as the network expands the threat perception also varies. Green denotes the safe zone and red denotes the most common means of infections entering the network or data leaving the network.
  • It used to be hacking for glory, Now it is hacking fro money; the next motion picture Ocean 11-12 (13) will be about a bunch of guys working on computers trying to enter a major bank

Govind Rammurthy - Securing The Endpoints In Networks - Interop Mumbai 2009 Govind Rammurthy - Securing The Endpoints In Networks - Interop Mumbai 2009 Presentation Transcript

  • Securing the Endpoints in Networks By Govind Rammurthy CEO & Managing Director
  • Agenda
    • Business Continuity Demands
    • Threat Scenario – Past & Present
    • Endpoints & Endpoint Security
    • Layers of Endpoint Security
    • Endpoint Security Best Practices
  • Business Continuity Demands
    • Unified Networks for
      • Email, Text Chat, Web Browsing, File Sharing, Games
      • Voice, Audio, Video, Tele-presence, Telemedicine
      • Web Services, EDI, SCADA, Emergency Services
    • Users To Enjoy Mobility
      • Any service from any device on any network
      • Seamless mobility across devices and networks
      • Strong but easy user authentication
    • Reliability and Security of Networks.
  • Business Continuity Demands
    • Increased Access to Sensitive Information
    • Mission-critical network
    • Mobile and remote devices and users
    • Wide variety of endpoints
    • Wide variety of users: employees, customers, contractors, guests
    • Interoperability
  • File Servers Web or App Servers Email Servers Typical Network Security Scenario Very High High Medium Risks Very Low Low Vendors Mobile PDA Mobile Laptops Home Computer Local Users Desktops
  • Typical Network Security Scenario Very High High Medium Risks Very Low Low
  • Business Continuity Vs Security Statistics on Attack Trends that could lead to Data/Identity Theft. 54% 28% 13% 4% 1%
  • Threat Scenario – Past & Present Threats were indiscriminate, hit everyone Threats are highly targeted, regionalized Threats were disruptive  impact visible Threats steal data & damage brands  impact unclear Remediation action was technical (“remove”)‏ Remediation more complex, may need to investigate data leak Entry through perimeter and gateway Entry through uneducated network clients and endpoints Threats were noisy & visible to everyone Threats are silent & unnoticed with variants
  • Endpoints & Endpoint Security
    • Key Influencers:
    • Devices and Storage Mediums
    • Portability of Data
    • Accessibility
    • Compliance Laws & Regulations (HIPAA, SOX, etc.)
    • Extranet/Intranet Access provided to employees & partners.
    • Network Downtime due to infections
  • Endpoints & Endpoint Security
    • Loss/leak of confidential information
    • Losing valuable employees
    • Unknown/invisible threats and loss of productivity due to using non-complaint storage mediums
    • Unauthorized intrusions – via Web Servers, email Servers, etc.
    • Access to internal networks via individual end points
    • Loss of Productivity due to Infections
  • Endpoints & Endpoint Security
    • IPODs / Portable Entertainment devices
    • Bluetooth Cell Phones
    • Wireless LAN
    • USB Devices
    • Open Non-authenticated Mail/Proxy Servers
    • Lack of defined employee security policies
    • Authorized Applications
  • Endpoints & Endpoint Security
    • Data in Motion
      • Emails
      • Instant Messaging
      • P2P
      • File Transfers
      • Web Posts
      • Blogs
    • Data at Rest
      • Laptops/Desktops/File Servers
      • USB
    Key Data to be Protected Endpoint Security Is Mission Critical
  • Endpoints & Endpoint Security Reducing Threat Exposure
    • Information Protection & Control
    • Data in Motion
    • Data in Rest
    • Asset Protection & Control
    • Asset management
    • Desktop computing support
    • Application Control
    • Security Incident Alerts/logs
    • Policy Implementation & Oversight
    • NAC/NAP
  • Endpoints & Endpoint Security
    • Endpoint management costs are increasing
      • Cost of downtime impacts both productivity and revenue
      • Costs to acquire, manage and administer point products are increasing, as well as the demand on system resources
    • Complexity is increasing as well
      • Complexity and man power to manage disparate endpoint protection technologies are inefficient and time consuming
    • Growing number of new known and unknown threats
      • Stealth-based and silent attacks are increasing, so there is a need for anti-virus to do much more
    • The Perfect Endpoint Security system is with a Centrally Managed Client Security Solution. Some of the Major Technology based threats
      • Bluesnarfing - Using Bluetooth
      • Podslurping – Using iPods
      • Thumbsucking – Using Thumb Drives
      • Zero-day threats – New and evolving threats
  • Layers of Endpoint Security AntiVirus / Antispyware Web Protection Firewall Intrusion Prevention Device Control Network Access Control / Network Access Protection Antispam / Antiphising
  • Layers of Endpoint Security AntiVirus / Antispyware
    • Real-Time AV Scanning
    • Spyware, Adware, Keylogger, & Rootkit Blocker
    • Suspicious Application Detection
    • Registry Monitoring
    • Protection against web based threats
    • Protection against email based threats
    • Spyware and rootkit detection and removal
    • Ability to safely remove infections & restore system files effectively
    Detect, prevent and remove malicious code & Vulnerability-based protection
  • Layers of Endpoint Security
    • Web/FTP/CHAT Scanning
    • Domain and IP reputation based checker
    • Block websites with restricted words
    • Block web content (Multi-Media & Applications)
    • Block web applets, Cookies, Scripts
    • Block Pop-Ups
    • Browser Cleanup
    Web Protection
  • Layers of Endpoint Security
    • Real-Time Antispam filter
    • Sender reputation checker
    • Antiphising filter
    • Attachment Control
    Antispam / Antiphising
  • Layers of Endpoint Security Firewall
    • Managed desktop firewall
    • Adaptive policies allowing for location awareness
    • Network, port, protocol, and application control
  • Layers of Endpoint Security Intrusion Prevention
    • Behavior-based prevention
    • Network traffic inspection
    • Application inspection
  • Layers of Endpoint Security Device Control
    • Device control to prevent data leakage at the endpoint
    • Protection against mp3 players, USB drives, etc.
  • Layers of Endpoint Security Network Access Control / Network Access Protection
    • Control Access
      • to critical resources
      • to entire network
    • Based on
      • User identity and role
      • Endpoint identity and health
      • Other factors
    • With
      • Remediation
      • Management
  • Endpoint Security Best Practices
    • Inventory all IT resources
    • Group resources into levels of sensitivity
    • Define end user access scenarios
    • Associate end user access scenarios with levels of sensitivity
    • Validate the policies with a select group using event logging
    • Roll policies into full production
    • User must Be authenticated
      • With Identity Management System
    • Endpoint Must Be Healthy
        • Anti-Virus software running and properly configured
        • Recent scan shows no malware
        • Personal Firewall running and properly configured
        • Patches up-to-date
    • Behavior Must Be Acceptable
        • No port scanning, sending spam
    • Any Questions and Queries?
    • THANK YOU!!!