Enfrentandoosdesafios das ameaçascombinadas<br />Ricardo Valente<br />Sr System’s Engineer<br />
Today’s Environment<br />Spammers<br />ERP<br />Web 2.0<br />SaaS<br />TargetedAttacks<br />twitter<br />facebook<br />CRM...
Today’s Environment<br />Spammers<br />ERP<br />Web 2.0<br />SaaS<br />TargetedAttacks<br />twitter<br />facebook<br />Sal...
McAfee Network Security Portfolio<br />Management<br />Protection<br />Policy<br />Platform<br /><ul><li>Comprehensive thr...
Enabled by Global Threat Intelligence
User-aware policy  controls
Flexible policy definition
Compliance monitoring
Common Management framework
Optimized workflow
Role-based administration
High performance
Scalability
Enterprise-class reliability
Flexible delivery (appliance, blades, virtual)</li></ul>Network<br />
Total Protection Suites for the Network<br />Internet Gateways<br />Network<br />Defense<br />Intrusion<br />Prevention<br...
Global Threat Intelligence Technology Capabilities<br /><ul><li>Protocol definition/behavior/ reputation
Network attack definitions
Phishing/Malware
Protocol definition/behavior/ reputation
Network attack definitions
IP reputation
Anti-Malware
Protocol definition/behavior/reputation
Vulnerability assessment
Anti-malware
 IP/URL reputation
 Spam profiles
 Anti-malware
 IP/URL reputation
 Content based malware
 Exploits
 IP/URL reputation
 Spam profiles
 Network attack profiles
Anti-malware</li></ul>Intrusion<br />Prevention<br />User<br />Behavior<br />NAC<br />Firewall<br />UTM<br />DLP<br />Emai...
Global Threat IntelligenceZero Day Response Environment<br />Gotyou.com<br />BOTS<br />Email Gateway<br />Web Gateway<br /...
Global Threat IntelligenceZero Day Response Environment<br />Gotyou.com<br />BOTS<br />Email Gateway<br />Web Gateway<br /...
Analysts Agree: McAfee Leads<br />Leaders<br />Challengers<br />Leaders<br />Current Offering<br />Strategy<br />Niche Pla...
December 8, 2009<br />User receives email with a short message and a URL, from an IP address with no reputation for SPAM<b...
Web<br /><ul><li>Next Generation Web 2.0 security proxy
Enables Safe Secure Web access
High Performance: robust, enterprise classproxy cache
Enables Productive use of Web 2.0 applications</li></ul>Customer Benefits<br /><ul><li>Protects against Web 2.0 blended an...
Flexible policy and scalable reporting  to enable compliance
Flexible and agile deployment to fit any infrastructure</li></ul>McAfee Web Gateway<br />
Upcoming SlideShare
Loading in...5
×

Enfrentando os Desafios das Ameaças Combinadas.

977

Published on

Slides usados no web seminário "Enfrentando os Desafios das Ameaças Combinadas" ministrado por Ricardo Valente da Mcafee para a série de web seminários oferecidos pela ISH Tecnologia. Para conhecer mais da ISH visite http://www.ish.com.br ou siga a ISH http://twitter.com/ishtecnologia

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
977
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
49
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Key Speaking points:But don’t just take our word for it. Gartner agrees as you see, we have market leading products across all of the major network security magic quadrants that they publish. And when you add our integration to the end point, and our global intelligence, the parts are truly greater than the whole and McAfee is the Leader in network security second to none.
  • Play Video or Live Demonstration here
  • If Video is unavailable, describe contents
  • Enfrentando os Desafios das Ameaças Combinadas.

    1. 1. Enfrentandoosdesafios das ameaçascombinadas<br />Ricardo Valente<br />Sr System’s Engineer<br />
    2. 2. Today’s Environment<br />Spammers<br />ERP<br />Web 2.0<br />SaaS<br />TargetedAttacks<br />twitter<br />facebook<br />CRM<br />Internet<br />Bots<br />
    3. 3. Today’s Environment<br />Spammers<br />ERP<br />Web 2.0<br />SaaS<br />TargetedAttacks<br />twitter<br />facebook<br />Salesforce<br />Complexity<br />Impact<br />Fragmented technology management<br />Multi-product solutions(NAC, Data Protection)<br />Compliance requirements<br />Increased operational cost<br />Data and productivity risk<br /> Reduced business agility<br />Internet<br />Bots<br />
    4. 4. McAfee Network Security Portfolio<br />Management<br />Protection<br />Policy<br />Platform<br /><ul><li>Comprehensive threat/vulnerability protection
    5. 5. Enabled by Global Threat Intelligence
    6. 6. User-aware policy controls
    7. 7. Flexible policy definition
    8. 8. Compliance monitoring
    9. 9. Common Management framework
    10. 10. Optimized workflow
    11. 11. Role-based administration
    12. 12. High performance
    13. 13. Scalability
    14. 14. Enterprise-class reliability
    15. 15. Flexible delivery (appliance, blades, virtual)</li></ul>Network<br />
    16. 16. Total Protection Suites for the Network<br />Internet Gateways<br />Network<br />Defense<br />Intrusion<br />Prevention<br />User<br />Behavior<br />NAC<br />Firewall<br />UTM<br />DLP<br />Email<br />Web<br />
    17. 17. Global Threat Intelligence Technology Capabilities<br /><ul><li>Protocol definition/behavior/ reputation
    18. 18. Network attack definitions
    19. 19. Phishing/Malware
    20. 20. Protocol definition/behavior/ reputation
    21. 21. Network attack definitions
    22. 22. IP reputation
    23. 23. Anti-Malware
    24. 24. Protocol definition/behavior/reputation
    25. 25. Vulnerability assessment
    26. 26. Anti-malware
    27. 27. IP/URL reputation
    28. 28. Spam profiles
    29. 29. Anti-malware
    30. 30. IP/URL reputation
    31. 31. Content based malware
    32. 32. Exploits
    33. 33. IP/URL reputation
    34. 34. Spam profiles
    35. 35. Network attack profiles
    36. 36. Anti-malware</li></ul>Intrusion<br />Prevention<br />User<br />Behavior<br />NAC<br />Firewall<br />UTM<br />DLP<br />Email<br />Web<br />
    37. 37. Global Threat IntelligenceZero Day Response Environment<br />Gotyou.com<br />BOTS<br />Email Gateway<br />Web Gateway<br />Firewall - IPS<br />Internet<br />New phishing email <br />on webmail<br />2. User clicks<br />3. Malware detected <br />even without a signature<br />
    38. 38. Global Threat IntelligenceZero Day Response Environment<br />Gotyou.com<br />BOTS<br />Email Gateway<br />Web Gateway<br />Global ThreatIntelligence<br />Firewall - IPS<br />Internet<br />4. Samples Fingerprinted<br />5. Attributes analyzed <br />in real time<br />6. Reputations and <br />Signatures Updated<br />
    39. 39. Analysts Agree: McAfee Leads<br />Leaders<br />Challengers<br />Leaders<br />Current Offering<br />Strategy<br />Niche Players<br />Visionaries<br />Completeness of Vision<br />Forrester<br />Gartner<br />Strong Performers<br />Web<br />E-mail<br />DLP<br />Web<br />IPS<br />E-mail<br />Firewall<br />Ability to Execute<br />
    40. 40. December 8, 2009<br />User receives email with a short message and a URL, from an IP address with no reputation for SPAM<br />1<br />User clicks on link and goes to a fake Reuters&apos; video feed web page with malicious content.”<br />2<br />GLOBAL THREAT<br />INTELLIGENCE<br />Internet<br />McAfee Email Gateway<br />Internet<br />Real-time feeds update Firewalls and email and web gateways. Artemis protects the endpoint in real-time<br />5<br />The content coming back is malware, and is blocked at the gateway<br />3<br />The URL, IP, and the payload - all captured from “an event” is sent Avert Labs<br />4<br />McAfee Web Gateway<br />Artemis<br />TrustedSource<br />IPS<br />Firewall <br />UTM<br />TrustedSource<br />TrustedSource<br />McAfee Network Security<br />10<br />Bomb Attacks Require Coordinated ProtectionResearch Capacity Matters<br />
    41. 41. Web<br /><ul><li>Next Generation Web 2.0 security proxy
    42. 42. Enables Safe Secure Web access
    43. 43. High Performance: robust, enterprise classproxy cache
    44. 44. Enables Productive use of Web 2.0 applications</li></ul>Customer Benefits<br /><ul><li>Protects against Web 2.0 blended and targeted malware attacks
    45. 45. Flexible policy and scalable reporting to enable compliance
    46. 46. Flexible and agile deployment to fit any infrastructure</li></ul>McAfee Web Gateway<br />
    47. 47. Email<br /><ul><li>Inbound Protection against spam, email-borne threats and malware
    48. 48. Outbound Protection – Complete DLP and Advanced Compliance included; integrated encryption
    49. 49. Administrative Empowerment – Flexible policy creation and robust reporting</li></ul>Customer Benefits<br /><ul><li>Reduce costs associated with spam and email-borne malware
    50. 50. Stop data leakage via email
    51. 51. Comply with regulations requiring email security</li></ul>McAfee Email Gateway<br />
    52. 52. December 8, 2009<br />Hacking Exposed - Web and Email<br />13<br />Hacking Exposed: Web and Email Security<br />Bookseller site walkthrough<br />FileInsight examples of deobfuscation<br />McAfee® TrustedSource™ technology <br />Anonymous proxies<br />
    53. 53. Hacme Books<br />Cross Site Request Forging<br />December 8, 2009<br />Title of Presentation<br />14<br />
    54. 54. Demo<br />Visit and logon to a typical online book-seller site.<br />Browse selection.<br />Check that shopping cart is empty.<br />Visit the author&apos;s web site for a particular selection.<br />Return to book-seller site and check shopping cart.<br />Notice that a title has been added without authorization.<br />Repeat same process using McAfee Web Gateway.<br />Notice that shopping cart does not get populated by the author&apos;s site.<br />Why?<br />Author&apos;s site has crafted IFRAME that exploits the book-seller site.<br />McAfee Web Gateway strips out offending IFRAME and prevents exploit to book-seller site.<br />December 8, 2009<br />Title of Presentation<br />15<br />
    55. 55. Logon to Online Book Site<br />
    56. 56. Browse Book Selection<br />
    57. 57. Shopping Cart Empty<br />
    58. 58. Visit Author&apos;s Web Site<br />
    59. 59. Unauthorized Addition to Shopping Cart<br />
    60. 60. Repeat with McAfee Web Gateway<br />
    61. 61. Browse Book Selections Again<br />
    62. 62. Check Shopping Cart<br />
    63. 63. Visit Author&apos;s Web Site Again<br />
    64. 64. Return and Check Shopping CartCart Remains Empty<br />
    65. 65. What Does McAfee Web Gateway Do?<br />December 8, 2009<br />Title of Presentation<br />26<br />
    66. 66. Original Author&apos;s Site with IFRAME<br />
    67. 67. Site through MWG with IFRAME Removed<br />
    68. 68. December 8, 2009<br />Hacking Exposed - Web and Email<br />29<br />additional malware example<br />December 8, 2009<br />29<br />
    69. 69. December 8, 2009<br />Hacking Exposed - Web and Email<br />30<br />December 8, 2009<br />30<br />
    70. 70. December 8, 2009<br />Hacking Exposed - Web and Email<br />31<br />December 8, 2009<br />31<br />
    71. 71. December 8, 2009<br />Hacking Exposed - Web and Email<br />32<br />December 8, 2009<br />32<br />
    72. 72. TrustedSource<br />December 8, 2009<br />Title of Presentation<br />33<br />
    73. 73. Organized Cyber<br />Crooks<br />Malware Zombie<br />Botnet C&C<br />Botnet<br />Zombie Proxies<br />Internet Access<br />Legacy SecuritySolutions<br />Web Apps<br />Webapps.yourco.com<br />CustomerData<br />Email<br />Internal<br />Network<br />
    74. 74. Internet Access<br />Organized Cyber<br />Crooks<br />Malware Zombie<br />Compromised Site<br />Potential Stolen Data<br />2<br />Legacy SecuritySolutions<br />Botnet C&C<br />Botnet<br />Zombie Proxies<br />Web Apps<br />Webapps.yourco.com<br />1<br />SQL Injection<br />Attack<br />CustomerData<br />Email<br />Internal<br />Network<br />
    75. 75. Internet Access<br />Organized Cyber<br />Crooks<br />Malware Zombie<br />3<br />Legacy SecuritySolutions<br />Botnet C&C<br />Botnet<br />MalwareDownloaded<br />Zombie Proxies<br />2<br />Web Apps<br />Webapps.yourco.com<br />User OpensEmail & Goes to<br /> Compromised Server<br />1<br />SPAMAttack<br />CustomerData<br />Email<br />Internal<br />Network<br />
    76. 76. Internet Access<br />Organized Cyber<br />Crooks<br />Malware Zombie<br />3<br />Legacy SecuritySolutions<br />Botnet C&C<br />Botnet<br />MalwareDownloaded<br />Zombie Proxies<br />2<br />Web Apps<br />Webapps.yourco.com<br />User OpensEmail & Goes to<br /> Compromised Server<br />1<br />SPAMAttack<br />CustomerData<br />Email<br />Internal<br />Network<br />New ZombiesCreated<br />4<br />
    77. 77. Organized Cyber<br />Crooks<br />Malware Zombie<br />Botnet C&C<br />Botnet<br />Zombie Proxies<br />208.XXX.XXX.164<br />Internet Access<br />Web Apps<br />Webapps.yourco.com<br />CustomerData<br />Email<br />Internal<br />Network<br />
    78. 78. Internet Access<br />Organized Cyber<br />Crooks<br />Malware Zombie<br />Botnet C&C<br />Botnet<br />McAfee Firewall Enterprise<br />(Sidewinder)<br />McAfee Web Gateway<br />(formerly Webwasher)<br />McAfee Email Gateway<br />(formerly IronMail)<br />Zombie Proxies<br />Web Apps<br />Webapps.yourco.com<br />CustomerData<br />Email<br />Internal<br />Network<br />
    79. 79. Internet Access<br />Organized Cyber<br />Crooks<br />Malware Zombie<br />Botnet C&C<br />Botnet<br />McAfee Firewall Enterprise<br />(Sidewinder)<br />McAfee Web Gateway<br />(formerly Webwasher)<br />McAfee Email Gateway<br />(formerly IronMail)<br />Zombie Proxies<br />SPAM<br />Attack<br />Web Apps<br />Webapps.yourco.com<br />CustomerData<br />Email<br />Internal<br />Network<br />
    80. 80. Internet Access<br />Organized Cyber<br />Crooks<br />Malware Zombie<br />89.XXX.XXX.84<br />Botnet C&C<br />Botnet<br />McAfee Firewall Enterprise<br />(Sidewinder)<br />McAfee Web Gateway<br />(formerly Webwasher)<br />McAfee Email Gateway<br />(formerly IronMail)<br />User accesses<br />GMail<br />NewZombie<br />Zombie Proxies<br />Web Apps<br />2<br />Webapps.yourco.com<br />SPAMAttack<br />1<br />CustomerData<br />Email<br />Internal<br />Network<br />
    81. 81. Spam Sent to Web Mail Account<br />
    82. 82. Obfuscated JavaScript<br />December 8, 2009<br />Title of Presentation<br />43<br />
    83. 83. Internet Access<br />Organized Cyber<br />Crooks<br />Malware Zombie<br />89.XXX.XXX.84<br />Botnet C&C<br />1<br />Botnet<br />MalwareDownloadBLOCKED<br />McAfee Firewall Enterprise<br />(Sidewinder)<br />McAfee Web Gateway<br />(formerly Webwasher)<br />McAfee Email Gateway<br />(formerly IronMail)<br />NewZombie<br />Zombie Proxies<br />2<br />Web Apps<br />Malware IP& Message Data<br />sent to TS<br />Webapps.yourco.com<br />CustomerData<br />Email<br />Internal<br />Network<br />
    84. 84. Internet Access<br />Organized Cyber<br />Crooks<br />Malware Zombie<br />Connections Rejected Based on Reputation<br />Botnet C&C<br />Botnet<br />McAfee Firewall Enterprise<br />(Sidewinder)<br />McAfee Web Gateway<br />(formerly Webwasher)<br />McAfee Email Gateway<br />(formerly IronMail)<br />SQL Injection<br />Attack<br />NewZombie<br />Zombie Proxies<br />Web Apps<br />Webapps.yourco.com<br />CustomerData<br />Email<br />Internal<br />Network<br />
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×