Enfrentando os Desafios das Ameaças Combinadas.
Upcoming SlideShare
Loading in...5
×
 

Enfrentando os Desafios das Ameaças Combinadas.

on

  • 1,564 views

Slides usados no web seminário "Enfrentando os Desafios das Ameaças Combinadas" ministrado por Ricardo Valente da Mcafee para a série de web seminários oferecidos pela ISH Tecnologia. Para ...

Slides usados no web seminário "Enfrentando os Desafios das Ameaças Combinadas" ministrado por Ricardo Valente da Mcafee para a série de web seminários oferecidos pela ISH Tecnologia. Para conhecer mais da ISH visite http://www.ish.com.br ou siga a ISH http://twitter.com/ishtecnologia

Statistics

Views

Total Views
1,564
Views on SlideShare
1,540
Embed Views
24

Actions

Likes
0
Downloads
47
Comments
0

2 Embeds 24

http://www.ish.com.br 19
http://www.slideshare.net 5

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Key Speaking points:But don’t just take our word for it. Gartner agrees as you see, we have market leading products across all of the major network security magic quadrants that they publish. And when you add our integration to the end point, and our global intelligence, the parts are truly greater than the whole and McAfee is the Leader in network security second to none.
  • Play Video or Live Demonstration here
  • If Video is unavailable, describe contents

Enfrentando os Desafios das Ameaças Combinadas. Enfrentando os Desafios das Ameaças Combinadas. Presentation Transcript

  • Enfrentandoosdesafios das ameaçascombinadas
    Ricardo Valente
    Sr System’s Engineer
  • Today’s Environment
    Spammers
    ERP
    Web 2.0
    SaaS
    TargetedAttacks
    twitter
    facebook
    CRM
    Internet
    Bots
  • Today’s Environment
    Spammers
    ERP
    Web 2.0
    SaaS
    TargetedAttacks
    twitter
    facebook
    Salesforce
    Complexity
    Impact
    Fragmented technology management
    Multi-product solutions(NAC, Data Protection)
    Compliance requirements
    Increased operational cost
    Data and productivity risk
    Reduced business agility
    Internet
    Bots
  • McAfee Network Security Portfolio
    Management
    Protection
    Policy
    Platform
    • Comprehensive threat/vulnerability protection
    • Enabled by Global Threat Intelligence
    • User-aware policy controls
    • Flexible policy definition
    • Compliance monitoring
    • Common Management framework
    • Optimized workflow
    • Role-based administration
    • High performance
    • Scalability
    • Enterprise-class reliability
    • Flexible delivery (appliance, blades, virtual)
    Network
  • Total Protection Suites for the Network
    Internet Gateways
    Network
    Defense
    Intrusion
    Prevention
    User
    Behavior
    NAC
    Firewall
    UTM
    DLP
    Email
    Web
  • Global Threat Intelligence Technology Capabilities
    • Protocol definition/behavior/ reputation
    • Network attack definitions
    • Phishing/Malware
    • Protocol definition/behavior/ reputation
    • Network attack definitions
    • IP reputation
    • Anti-Malware
    • Protocol definition/behavior/reputation
    • Vulnerability assessment
    • Anti-malware
    • IP/URL reputation
    • Spam profiles
    • Anti-malware
    • IP/URL reputation
    • Content based malware
    • Exploits
    • IP/URL reputation
    • Spam profiles
    • Network attack profiles
    • Anti-malware
    Intrusion
    Prevention
    User
    Behavior
    NAC
    Firewall
    UTM
    DLP
    Email
    Web
  • Global Threat IntelligenceZero Day Response Environment
    Gotyou.com
    BOTS
    Email Gateway
    Web Gateway
    Firewall - IPS
    Internet
    New phishing email
    on webmail
    2. User clicks
    3. Malware detected
    even without a signature
  • Global Threat IntelligenceZero Day Response Environment
    Gotyou.com
    BOTS
    Email Gateway
    Web Gateway
    Global ThreatIntelligence
    Firewall - IPS
    Internet
    4. Samples Fingerprinted
    5. Attributes analyzed
    in real time
    6. Reputations and
    Signatures Updated
  • Analysts Agree: McAfee Leads
    Leaders
    Challengers
    Leaders
    Current Offering
    Strategy
    Niche Players
    Visionaries
    Completeness of Vision
    Forrester
    Gartner
    Strong Performers
    Web
    E-mail
    DLP
    Web
    IPS
    E-mail
    Firewall
    Ability to Execute
  • December 8, 2009
    User receives email with a short message and a URL, from an IP address with no reputation for SPAM
    1
    User clicks on link and goes to a fake Reuters' video feed web page with malicious content.”
    2
    GLOBAL THREAT
    INTELLIGENCE
    Internet
    McAfee Email Gateway
    Internet
    Real-time feeds update Firewalls and email and web gateways. Artemis protects the endpoint in real-time
    5
    The content coming back is malware, and is blocked at the gateway
    3
    The URL, IP, and the payload - all captured from “an event” is sent Avert Labs
    4
    McAfee Web Gateway
    Artemis
    TrustedSource
    IPS
    Firewall
    UTM
    TrustedSource
    TrustedSource
    McAfee Network Security
    10
    Bomb Attacks Require Coordinated ProtectionResearch Capacity Matters
  • Web
    • Next Generation Web 2.0 security proxy
    • Enables Safe Secure Web access
    • High Performance: robust, enterprise classproxy cache
    • Enables Productive use of Web 2.0 applications
    Customer Benefits
    • Protects against Web 2.0 blended and targeted malware attacks
    • Flexible policy and scalable reporting to enable compliance
    • Flexible and agile deployment to fit any infrastructure
    McAfee Web Gateway
  • Email
    • Inbound Protection against spam, email-borne threats and malware
    • Outbound Protection – Complete DLP and Advanced Compliance included; integrated encryption
    • Administrative Empowerment – Flexible policy creation and robust reporting
    Customer Benefits
    • Reduce costs associated with spam and email-borne malware
    • Stop data leakage via email
    • Comply with regulations requiring email security
    McAfee Email Gateway
  • December 8, 2009
    Hacking Exposed - Web and Email
    13
    Hacking Exposed: Web and Email Security
    Bookseller site walkthrough
    FileInsight examples of deobfuscation
    McAfee® TrustedSource™ technology
    Anonymous proxies
  • Hacme Books
    Cross Site Request Forging
    December 8, 2009
    Title of Presentation
    14
  • Demo
    Visit and logon to a typical online book-seller site.
    Browse selection.
    Check that shopping cart is empty.
    Visit the author's web site for a particular selection.
    Return to book-seller site and check shopping cart.
    Notice that a title has been added without authorization.
    Repeat same process using McAfee Web Gateway.
    Notice that shopping cart does not get populated by the author's site.
    Why?
    Author's site has crafted IFRAME that exploits the book-seller site.
    McAfee Web Gateway strips out offending IFRAME and prevents exploit to book-seller site.
    December 8, 2009
    Title of Presentation
    15
  • Logon to Online Book Site
  • Browse Book Selection
  • Shopping Cart Empty
  • Visit Author's Web Site
  • Unauthorized Addition to Shopping Cart
  • Repeat with McAfee Web Gateway
  • Browse Book Selections Again
  • Check Shopping Cart
  • Visit Author's Web Site Again
  • Return and Check Shopping CartCart Remains Empty
  • What Does McAfee Web Gateway Do?
    December 8, 2009
    Title of Presentation
    26
  • Original Author's Site with IFRAME
  • Site through MWG with IFRAME Removed
  • December 8, 2009
    Hacking Exposed - Web and Email
    29
    additional malware example
    December 8, 2009
    29
  • December 8, 2009
    Hacking Exposed - Web and Email
    30
    December 8, 2009
    30
  • December 8, 2009
    Hacking Exposed - Web and Email
    31
    December 8, 2009
    31
  • December 8, 2009
    Hacking Exposed - Web and Email
    32
    December 8, 2009
    32
  • TrustedSource
    December 8, 2009
    Title of Presentation
    33
  • Organized Cyber
    Crooks
    Malware Zombie
    Botnet C&C
    Botnet
    Zombie Proxies
    Internet Access
    Legacy SecuritySolutions
    Web Apps
    Webapps.yourco.com
    CustomerData
    Email
    Internal
    Network
  • Internet Access
    Organized Cyber
    Crooks
    Malware Zombie
    Compromised Site
    Potential Stolen Data
    2
    Legacy SecuritySolutions
    Botnet C&C
    Botnet
    Zombie Proxies
    Web Apps
    Webapps.yourco.com
    1
    SQL Injection
    Attack
    CustomerData
    Email
    Internal
    Network
  • Internet Access
    Organized Cyber
    Crooks
    Malware Zombie
    3
    Legacy SecuritySolutions
    Botnet C&C
    Botnet
    MalwareDownloaded
    Zombie Proxies
    2
    Web Apps
    Webapps.yourco.com
    User OpensEmail & Goes to
    Compromised Server
    1
    SPAMAttack
    CustomerData
    Email
    Internal
    Network
  • Internet Access
    Organized Cyber
    Crooks
    Malware Zombie
    3
    Legacy SecuritySolutions
    Botnet C&C
    Botnet
    MalwareDownloaded
    Zombie Proxies
    2
    Web Apps
    Webapps.yourco.com
    User OpensEmail & Goes to
    Compromised Server
    1
    SPAMAttack
    CustomerData
    Email
    Internal
    Network
    New ZombiesCreated
    4
  • Organized Cyber
    Crooks
    Malware Zombie
    Botnet C&C
    Botnet
    Zombie Proxies
    208.XXX.XXX.164
    Internet Access
    Web Apps
    Webapps.yourco.com
    CustomerData
    Email
    Internal
    Network
  • Internet Access
    Organized Cyber
    Crooks
    Malware Zombie
    Botnet C&C
    Botnet
    McAfee Firewall Enterprise
    (Sidewinder)
    McAfee Web Gateway
    (formerly Webwasher)
    McAfee Email Gateway
    (formerly IronMail)
    Zombie Proxies
    Web Apps
    Webapps.yourco.com
    CustomerData
    Email
    Internal
    Network
  • Internet Access
    Organized Cyber
    Crooks
    Malware Zombie
    Botnet C&C
    Botnet
    McAfee Firewall Enterprise
    (Sidewinder)
    McAfee Web Gateway
    (formerly Webwasher)
    McAfee Email Gateway
    (formerly IronMail)
    Zombie Proxies
    SPAM
    Attack
    Web Apps
    Webapps.yourco.com
    CustomerData
    Email
    Internal
    Network
  • Internet Access
    Organized Cyber
    Crooks
    Malware Zombie
    89.XXX.XXX.84
    Botnet C&C
    Botnet
    McAfee Firewall Enterprise
    (Sidewinder)
    McAfee Web Gateway
    (formerly Webwasher)
    McAfee Email Gateway
    (formerly IronMail)
    User accesses
    GMail
    NewZombie
    Zombie Proxies
    Web Apps
    2
    Webapps.yourco.com
    SPAMAttack
    1
    CustomerData
    Email
    Internal
    Network
  • Spam Sent to Web Mail Account
  • Obfuscated JavaScript
    December 8, 2009
    Title of Presentation
    43
  • Internet Access
    Organized Cyber
    Crooks
    Malware Zombie
    89.XXX.XXX.84
    Botnet C&C
    1
    Botnet
    MalwareDownloadBLOCKED
    McAfee Firewall Enterprise
    (Sidewinder)
    McAfee Web Gateway
    (formerly Webwasher)
    McAfee Email Gateway
    (formerly IronMail)
    NewZombie
    Zombie Proxies
    2
    Web Apps
    Malware IP& Message Data
    sent to TS
    Webapps.yourco.com
    CustomerData
    Email
    Internal
    Network
  • Internet Access
    Organized Cyber
    Crooks
    Malware Zombie
    Connections Rejected Based on Reputation
    Botnet C&C
    Botnet
    McAfee Firewall Enterprise
    (Sidewinder)
    McAfee Web Gateway
    (formerly Webwasher)
    McAfee Email Gateway
    (formerly IronMail)
    SQL Injection
    Attack
    NewZombie
    Zombie Proxies
    Web Apps
    Webapps.yourco.com
    CustomerData
    Email
    Internal
    Network