Your SlideShare is downloading. ×
Trends In Infrastructure Services
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Trends In Infrastructure Services

4,691
views

Published on

Summit 2012 -Shahar Maor

Summit 2012 -Shahar Maor


0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
4,691
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
83
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Trends In Infrastructure Services Tell me and I’ll forget STKI Summit 2012Show me and I may remember Shahar Geiger Maor,Involve me and I’ll understand VP & Senior Analyst
  • 2. Presentation Visualization MDMNetworking Security ollaboration 2 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 3. End-To-End Security Project Web Security Secure WAF Browsing GatewayApplicationSecurity Information DLP LaunderingDataSecurity Firewalls IPS NACNetworkSecurity Source: Taldor 3 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 4. TEAMS Project (A3) Source: Malam-Team 4Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 5. The New Training Center-IDF Source: Bynet 5Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 6. Presentation Visualization -Networking MDMNetworking Security ollaboration 6 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 7. STKI Index-2011 –Top Networking Queries Data, 29% Collaboration, 27% Market Players, 22% Trends, 9% ADC, 4% Mobile, 4%Misc., 4% 7 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 8. IPv6 8 Source: http://i.imgur.com/l371J.jpgShahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 9. Internet Protocol Version 6 (IPv6) You are here 9Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 10. IPv6 Market Status• Large orgs., cloud service providers, US government –All support IPv6.• IT: All major hardware and software providers support IPv6.• Israel: Sector IPv6 Awareness Service Providers / Telecommunications / Global Organizations / Other Organizations 10 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 11. Almost All Agree: IPv6 Is Criticalhttp://www.computerworld.com.au/slideshow/395230/most_enterprises_will_ipv6_by_2013_survey/ 11Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 12. IPv6 Recommendations1. Awareness, awareness, awareness2. Basic (internal IT) gap analysis3. Executives’ awareness4. Thorough gap analysis (professional services) and migration plan5. POC (taste the flavor of IPv6).6. Future system design and purchase –IPv6 enabled 12 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 13. Presentation Visualization –Data Networking MDMNetworking Security ollaboration 13 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 14. Pressure!!! 14Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 15. Key Drivers For Network Transformation • Server virtualization • Storage Convergence • East-west traffic patterns • Growth of VMs and “server sprawl” managementFabric (ˈfa-brik) n. An integrated data center network that supports servers, storage,appliances and switches on a large scale. It provides a simple way to reach everything inthe data center using location-independent, Layer 2 addressing that creates a flatnetwork among components. It borrows features from routed network includingdynamically selecting the shortest and best route for connections, converges very quicklywhen the network changes, uses all the links in the network and efficiently handlesbroadcast and multicast traffic. It has high reliability with very fast convergence when afailure occurs. It minimizes packet discards or is lossless and has extremely low end-to-end latency. It automatically adjusts and applies the right configuration to whateverdevices connect to it. Also called Ethernet Fabric and Data Center Fabric. -Robin Layland 15 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 16. Changes In Technology Are Making Server-to-server Traffic “The” Network Issue SOA Web Application 2.0 SAAS ClientClient – Server Architecture Service Oriented Architecture 25% 95% Server Server Server Server A B C Server 75% Server D DB Source: Juniper Networks 16 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 17. Today’s Network Architectures Can’t Keep Pace Source: HP Networking 17 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 18. Distributed Intelligence DetailsOptimized Virtual Access Layer• Today, access to the network lives in the virtual hypervisor Physical Virtual • Consumes valuable host resources• Virtual switch is offloaded to the physical Server vNIC vNIC vNIC vNIC switch • Eliminates the software switch; the advantages of a Virtual Switch distributed virtual switch plus Distributed Intelligence • Leverages Virtual Ethernet Port Aggregator (VEPA) technology NIC• Virtual NICs are offloaded to the physical NIC • Leverages Virtual Ethernet Bridging (VEB) technology• Host resources are freed up for applications • Gives 5-20% of host resources back to applications• VMs have direct I/O with the network Switch • Network simplicity; common access across entire VCS; network is managed in the network Source: Brocade 18 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 19. Three-tier Architecture & Server-to-Server Traffic Three-tier Legacy Network N Unnecessary layers add hops and latency Slows performance of W 75% or more of traffic E Federated Apps & VM mobility Up to 50% of ports interconnect switches; S not servers or storage Source: HP Networking 19 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 20. Two-tier Architectures Improve Performance Simplified Two-tier Network A-Series Core N Switches with IRF IRF IRF Removes a Networking Layer to reduce CAPEX A-Series ToRSwitches with IRF, IRF Virtual ConnectHP Virtual Connect IRF enables a single, low W 75% or more of traffic E latency hop between up to nine server racks Virtual Connect provides direct flight connections S within an HP BladeSystem Rack Servers Blade Servers Source: HP Networking 20 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 21. The Fabric Architecture Core Switches All of the TOP of Racks are a single high capacity Fabric!!!Aggregation switches Firewall Access switches Fabric Switches 4 Pod 1 Pod 2 Source: Juniper Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 21
  • 22. Intelligent L2 Domains POD Evolution Inter-POD Connectivity across L3 Shipping OTV Failure Boundary Preservation Failure IP Cloud Boundary CoreL3L3 Aggregation …L2 vPC … FabricPath… … … AccessL2 vPC Servers STP+ vPC/VSS FabricPath STP NIC Teaming 16x ECMP Enhancements Simplified loop- Low Latency / Lossless Bridge free trees MAC Scaling Assurance 2x Multi-pathing Operational Flexibility Shipping Shipping Shipping Source: Cisco Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 22
  • 23. Wireless 23Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 24. Wireless Trends• Welcome, IEEE 802.11ac…• Wireless as a service• Wireless IPS (Intrusion Prevention System)• All vendors must have the following features:1. Support for 802.11a/b/g/n2. Controller-less WiFi network3. A network management application4. Standards-based security with 802.1X through WPA25. Provider can deliver network services (such as voice, video and location). 24 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 25. Positioning Methodology Israeli vendor rating – Market positioning is focused on the enterprise sector (not SMB)  X axis: Market penetration (sales + installed base+ clients perspective)  Y axis: localization, support, Local R&D center, number and quality of SIs, etc.  Worldwide leaders are marked based on global positioningVendors to watch: Israeli market newcomersSTKI positioning represents the current Israeli market and not necessarilywhat we recommend to our clients 25 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 26. xxx- Israeli Market Positioning 1Q12 Vendor B Local Support Player Worldwide Leader Vendor A Market Presence 26Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 27. Data Center Networking- Israeli Market Positioning 1Q12 Local Support Cisco Juniper Player Alcatel-Lucent Worldwide Leader Avaya HP Brocade IBM Market Presence 27 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 28. Campus Networking- Israeli Market Positioning 1Q12 Cisco Local Support Alcatel-Lucent Player Extreme HP Worldwide Leader Avaya Juniper Dell Enterasys Brocade Market Presence 28 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 29. Wireless LAN- Israeli Market Positioning 1Q12 Cisco Local Support Player Motorola Worldwide Leader HP Aruba Alcatel-Lucent Juniper Aerohive Ruckus Enterasys Market Presence 29Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 30. 30 Source: Bent ObjectsShahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 31. Application Delivery ControllersMega trends:•Cloud computing•Virtualization – desktop, storage, network•Mobility• Security•Datacenter consolidation 31 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 32. adcSource: http://www.enterprisemanagement.com/research/asset_download.php?id=2110 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 33. Key Drivers for Data Center Class WAN Optimization• Disaster recoveryProtect more data across longer distances over converged networks• Data center consolidation / cloudData and server placement not impacted by WAN performance• Server and storage centralizationUsers can be farther from resources• Real-time collaborationImprove quality of unified communications (voice/video)• VirtualizationMultisite VDI and VM migration impacted by poor WAN quality 33 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 34. Application Delivery Controllers- Israeli Market Positioning 1Q12 Radware Local Support F5 Player Citrix Worldwide Leader A10 Cisco Barracuda Market Presence 34 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 35. WAN Optimization- Israeli Market Positioning 1Q12 Local Support Player Citrix Riverbed Worldwide Leader F5 Cisco Silver Peak Radware Juniper Bluecoat Market Presence 35 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 36. Presentation Visualization -Collaboration MDMNetworking Security ollaboration 36 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 37. 37Source: http://collaborationbenefits.blogspot.com/2010/04/intersection-of-unified-communications_30.html Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 38. Collaboration Basics Source: CiscoShahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 38
  • 39. Email And Phone Are Still The Most Common Way To Interact With Customers What are the top methods by which your employees communicate with your customers, suppliers and partners? Source: Information Week 39 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 40. Drivers Of Unified Communication Projects1. Improve employee collaboration2. Improve employee efficiency3. Improve communications with customers4. Create a more mobile workforce5. Legacy PBX retirement6. Upgrade technology to meet business needs/stay on par with peers7. Reduce operation expenditures8. Reduce travel expenses9. Decrease sales cycle times 40 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 41. Reasons for Not Using Unified Communications1. Other projects have a higher priority2. No definitive business value3. Lack in-house expertise4. UC technology is too expensive5. Sizeable investment in current communications platform6. Auxiliary costs are too expensive (e.g. WAN bandwidth, infrastructure upgrades)7. Deployments are too complex 41 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 42. Cloud Based UCC –A Very Good Step Forward1. B2B: connect to business partners, customers, and individuals outside corporate network2. Great for small and medium businesses3. Help in reducing security issues (…but raise others)4. Standardization 42 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 43. What’s Wrong?We are still trying to automate Multitude of vendors leads to collaboration…needs to be “non-immersive” experience people centric Insufficient focus on howIT driven without alignment to people collaborate today and business priorities what real pain points areNot treating Collaboration as a Many of the benefits in UCC do CEO Agenda Item not apply locally 43Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 44. How To Do It RightStep 1: Identify Primary Business Imperatives Time-to- Market Innovation Talent Acquisition and Retention Customer Cost Loyalty Quality Control Sales Effectiveness Cultural Productivity Evolution Business Scaling and Growth 44 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 45. How To Do It RightStep 2: Associate Relevant Stakeholders and Processes: Innovation Accelerating the generation and development of new ideas into new or improved products, services and processes 45 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 46. How To Do It RightStep 3: Analyze Existing Collaboration Patterns 46 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 47. How To Do It RightStep 4: Execute Collaboration Programs: online communities blogs and microblogs online shared workspaces “click-to-connect” collaboration spaces comprehensive research repository connecting experts…Did we mention LinkedIn? 47 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 48. The ROI Problem Elements of ROI Calculation Capital Operational Alternative TCOexpenditures expenditures cost Feature Job Employeeadoption Training UC benefit satisfaction productivitytimeline Increased sales due to increased collaboration 48 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 49. 65% Of Orgs Have Implemented UC Capabilities in 50% or Less of Total Users Source: Information Week 49 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 50. Presentation Visualization -Customer Center MDMNetworking Security ollaboration 50 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 51. CRM Maturity ModelBusiness Value Analytical Social CRM Value investment CRM Listening Web Mobile channel channel platforms projects projects IT orientedInvestment in order Projectto optimize costs Business oriented Operational Project CRM/XRM Commodity investment *Size of figure = complexity/ Regulative cost of project investment Using Implementing Future usage Market Maturity Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 52. Accelerating Customer Experience CRM 1.0 CRM 2.0 CRM 3.0 Managing Managing influencers Engaging Individual & ‘tribes’ & Influencing customersCustomerA Customer Customer B C The focus shift: Transactions Interactions Experience Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 52
  • 53. What is Social CRM• Social CRM can be used for 2 purposes:• Listening and Learning: Using the power of personal networks to gain intelligence on customers, their habits, interests • Brand auditing • Awareness of campaigns success/failure • Crowdsourcing (new products, design ideas)• Interacting and Engaging: New channel for customer interactions (sales, service, marketing)• Social CRM projects will be short / simple. Companies will grow into it (by using social CRM modules within CRM apps) or SaaS- based products. The hardest part will be the “people” and “processes” part, change management. 53 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 54. Power To The People – Is It Too Much Power???• Social media criticism makes Gap dumps new logo forces it to revert back to old logo 54 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 55. Social Media Projects Maturity (Source: Altimeter Group) 55Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 56. Customer Care Trends There’s Increasingly no place unpredictable to hide environmental online eventsThe age of self Fromhelp, paranoia ‘push’ to and advice ‘pull’ seeking The rise The agile and of the asset-less any x organization customer (…cloud) 56 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 57. Approaching (Interacting with) Customers(…Too often, digital marketing efforts target only younger customer segments) Source: McKinsey Global Survey 57 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 58. Key Benefits That Can Influence Consumers To Use a New Form of Payment Source: Javelin Strategy & Research 58 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 59. Heavy Duty Phone Systems For Trading Rooms Directional and time indication Call History Modularity of Components Call Directory BackpackExtensibility Deskshare Source: IPC Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 59
  • 60. Unified Communications - Israeli Market Positioning 1Q12 Cisco Local Support Player Avaya Microsoft Worldwide Leader Digium IBM Alcatel-Lucent Siemens EC Interactive Intelligence Market Presence 60 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 61. Customer Center Infrastructure - Israeli Market Positioning 1Q12 Local Support Player Cisco Avaya Worldwide Leader Aspect Alcatel-Lucent Cosmocom Interactive Intelligence Siemens EC Market Presence 61 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 62. IP Telephony - Israeli Market Positioning 1Q12 Local Support Cisco Player Alcatel-Lucent Tadiran Telecom Avaya Worldwide Leader Digium Microsoft Siemens EC Market Presence 62Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 63. Presentation Visualization -Video MDMNetworking Security ollaboration 63 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 64. Global Mobile Data Traffic100% 90% 80% 70% VoIP 60% Gaming 50% File Sharing 40% M2M 30% Data 20% Video 10% 0% 2011 2012 2013 2014 2015 2016 Source: Cisco VNI 2012 64 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 65. Enterprise Video Usage Source: Business VideoShahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 65
  • 66. Israeli Market Status• Videoconferencing –Mature collaboration tool• E-learning –Common in global orgs. Good as an enrichment for existing tools• Video streaming and CDN –Specific for content creators (…Still waiting for enterprise YouTube)• Digital signage –For special purposes• Video Management Systems (storage analytics) – Physicalhomeland security 66 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 67. AudioVideo ConferencingImmersive-To work within projection-based Virtual Reality Systems CXOs (Immersive)Room-The most common Midtool for Video ManagementTeleconferencing Conferencing (Room)Endpoint Employees–”Skype like” (Endpoint) 67 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 68. Video Collaboration in Practice VideoConference CDN http://www.clalit.co.il/HE-IL/Family/parents/video+rofe+online.htm 68 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 69. Video e-Learning –Next Generation Customer Care Routing Choose your next choice on-the-flyVideo evolves according to choices made http://blogs.wsj.com/speakeasy/2010/10/25/andy-grammers-keep-your-head-up-applies-choose-your- own-adventure-logic-to-music-videos/ 69 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 70. Social Video + CDN (Content Delivery Network) Powered by Matrix CDN Powered by NAVIGAYA Source: http://www.shmone.co.il/ 70 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 71. Digital Signage Live streaming Batch streaming On-line Integration Integration to backoffice Source: http://www.diskin.com/he/content/index_b_06.html 71Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 72. Managing Bandwidth For Video1. Buy more bandwidth 2. Implement QOS 3. Use adaptive technologies 4. Call Admission Control (CAC) 72 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 73. Video Optimization -Medianet Deliver the Network Optimized for Video Anytime, Anywhere, Any Device Video, Voice and Data Applications Media Services Interface (end-point and Proxy) APIs Plug & Media Play Multicast NetFlow Monitoring RSVP NBAR Management IPSLA Security SAF Media PfR QoS Media Services Awareness Proxy Media Optimi- zation Source: CiscoShahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 74. The Past, Present, and Future of Enterprise Outward Video Past Present Future Creation One day of shooting with a video production to Empowerment of the (cost?) professional crew. the masses. individual (100K$) (100$) (1$)Management VHS tapes and DVDs Dozens of proprietary Big data, access required physical space… and public Online management, Some early forms of Video Platforms. multiple “instances” searching programs Search still is a of each video challenge Delivery Television; Different format, Videos will still need Mailing out tapes resolution, and to be viewed across bandwidth all devices. requirements Tracking Broadcasts and mails had Views, what devices how effective a video significant tracking are viewing the video, is by sales person, by challenges. where in the world customer, by and more. campaign, etc. Source: http://www.reelseo.com/enterprise-video/ 74 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 75. Video Recommendation 75Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 76. Tele-Conferencing- Israeli Market Positioning 1Q12 Cisco Polycom Local Support Adobe Logitech (LifeZise) Player Radvision Worldwide Avaya Leader Microsoft Emblaze Vidyo Citrix AT&T Google Alcatel-Lucent ooVoo Skype Market Presence 76 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 77. What should be asked before going to the board with a capital request?1. How much impact do our facilities have on the availability ofimportant business applications?2. How much more capacity could we get from existing facilities?3. What does future demand for data center capacity look likeand how can virtualization affect it?4. How can we improve capacity allocation by tier?5. How can we incorporate modular designs into our data centerfootprint?6. What is the complete list of key design decisions and theirfinancial impact? 77 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 78. virtualized platforms: A way to limit data center capacity requirements Source: McKinsey & Company 78Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 79. Reducing Capital Costs by Moving Into Lower-Tier Facilities Source: McKinsey & Company 79 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 80. Israeli Data Center Statistics 350m2 • Average room size (brutto) 67% • Average size used for IT (netto) • Host all servers? (Prod.,Test, Dev.Yes (75%) Backup etc. ) 1.4m2 • Average DC room size per IT staff 0.18m2 • Average DC room size per employee Source: STKI 80 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 81. Data Center Outsourcing Benchmark A research and service providers’ benchmark in the Israeli market. By: Pini Cohen, Shahar Geiger MaorExpected publication: May 2012 Stay posted for more news… 81 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 82. Output Management 82Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 83. Output Trends Digital MailingPrinting independence Interactive forms and multimedia Personalization12 ‫מרץ‬ Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 83
  • 84. Tablets Replace Paper• Businesses and governments are trading paper for tablets, saving money and promoting efficiency• In the U.S., airlines are now allowed to rely on tablets instead of onboard paper manuals, checklists and charts• Amsterdam city council members now get iPads, retrieving documents through a custom app that other Dutch government agencies are set to adopt 84 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 85. Next Generation OutputsInteractive Voice: MP3 Accessible Video Mobile friendly 12 ‫מרץ‬ Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 85
  • 86. Banks ‘Push‘ vs. Customers ‘Pull‘ Model PullPush •Ownership of services & value•Control electronic services to network shifts to customeremployees and customers. •P2P computing & networks•Choose whom to allow into develop —secure, managed,proprietary networks. controlled, powerful•Own the value networks. •Organizations forced to deliver•Set rules, pace and conditions for into consumer computing domainsinteraction with them. •Architecture extends to consumer•Pre-defined, prepackaged services. computing environment —•Establish the parameters for you ―customer centric gets definedto modify or access your •―Delivery models‖ subsumed intoinformation or services. ―consumption models‖ -ambient findability •Building blocks —contentaware, data, Web Services, process models, orchestration services. 86 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 87. Output Management-Israeli Market Positioning 1Q12 Consist Local Support Adobe Autofont Player Worldwide Leader ISIS-Papyrus Aman/Beeri HP Market Presence 87 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 88. Printers-Israeli Market Positioning 1Q12 Samsung HP Lexmark Local Support Brother Player Canon Worldwide Leader Epson Ricoh Xerox Market Presence 88Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 89. Market Data http://xkcd.com/657/large/ 89Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 90. Networking Staffing 25’th percentile 50’th percentile 75’th percentile Average “Active” ports as of total ports (%) 58% 63% 78% 66% Total ports per 1 networking staff 917 1200 2000 2613 member (voice+data) Ports per 1 employee 1.33 1.93 2.82 2.12 Employees per 1 Networking staff 561 775 1125 1119 memberData networking : voice networking staff ratio 1.13:1 1.5:1 2:1 1.7:1 Source: STKI 90 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 91. Networking Budget ~ 10% of IT OpEx Source: The Corporate Executive Board Company 91Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 92. Constant Staffing Mix Within IT Source: The Corporate Executive Board CompanyShahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 92
  • 93. Endpointshttp://www.wired.com/wired/archive/14.07/images/found.jpg graphic Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of 93
  • 94. Presentation Visualization MDMNetworking Security ollaboration 94 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 95. Desktop-PCs are getting old…Say Hello to the Post-PC Era• No platform, form factor or technology will dominate.• BYOD will remain the norm.• Component prices continue downward trend.• Off-Desktop devices consume more of the digital experience• Employees will use many devices, syncing data between them via the cloud. 95 Source: Bent Objects Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 96. 2012 game changers : • Consumerization of IT • Bring your own Device (BYOD) • Changing Client Architectures Tablet computers, smartphones, 4G, social media, gaming, desktop virtualization, and other technology innovations are bringing possibilities and challenges to IT and the workplace like never before 96Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 97. Experience Economy > Age of the Customer• From 1900 to 1960, Age of Manufacturing , if you owned a factory, you owned the market.• From 1960 to 2000, Age of Distribution, if you owned the distribution channels, you owned the market.• From 2000 to 2011, Age of Information, if you owned the information, you owned the market.• From 2011, Age of the Customer, if you engage the customer, you own the market 97 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 98. Why Mobile? Communication Telecom: fire, Mobile Phone Telephone –A basic need letters… Device• Population is spreading all • Starting to close the gap. • Large distances, real-time. • Always with me, cost over the world. Closer to the end-user effective, muti- purpose device, carrier-• Distance is becoming a • Short distances, no real- • Static side infrastructure, communication issue time Anywhere-to-anywhere connection and more… 98 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 99. Mobile Outsourcing Social Trade Fun Tools Pics Gesture TouchCalendarMail Location Ⅱ Δ Voice Video Content Access Search 99 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 100. Using Mobile Apps more then 10 times a day 100Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 101. Using Mobile App to Make a Purchase/ for Client Service 101 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 102. Decision Making in the Digital World Seeking Intelligence, Not Content - Real time60% of purchase decisions being made before theconsumer stepped into the store!!! 102 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 103. Many clients are asking about how to: Set a solid Digital Customer Experience MDM craft mobile policies how to develop manage the devices mobile custom apps? Secure their select mobile devices mobile content 103Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 104. Answers are right here Who is IT or Business? Digital Customer Experience IT higher involvement Owner in enterprisehow to developmobile custom apps? Native or Hybrid Apps select mobile devices People wants: Enterprises wants: 104 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 105. What Do People Want ? 105Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 106. Three OSs, Three Ecosystems? Source: IDC 106Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 107. Internet vs. Mobile Data Traffic Global Internet Traffic Growth (Fixed)300%200%100% 0% 1997 1998 1999 2000 2001 2002 Global Mobile Data Traffic Growth200%150%100%50% 0% 2009 2010 2011 2012 2013 2014 (estimate) Source: Cisco VNI 2012 107 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 108. Mobile Statistics – The number of active mobile broadband subscriptions worldwide in 2011. –The estimated number of mobile subscriptions worldwide in 2011. –Percentage of handsets shipped globally in 2011 that included a web browser. – Apple iPad’s share of global tablet web traffic in December.Source: http://royal.pingdom.com/2012/01/17/internet-2011-in-numbers/ 108Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 109. Different Devices, Different Purpose Work Creation Change Flow Consumption Experience 109Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 110. List of Tablet Use Cases How do you useplan to use your tablet? (Please select all that apply) Surfing the webWriting or reading mail Watching video listening to music social media sites Gaming 0% 10% 20% 30% 40% 50% 60% 70% 80% 90% Source: Yankee Group 110 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 111. Bring Your Own Device Tablets occupy a middle ground where consumption and creation • Easier and more supportable of data has a wide range. • More flexible device capability BYOD needs to be a Virtualization consideration once interest enters this zone.BYOD Full Data Consumption and Creation ContinuumLight BYOC There are two potential paths that can be followed at this point. Integration • Full network- Light data consumption • Harder to support (e.g. local - Heavy data consumption- Minimal data creation rather than centralized apps) - Local data creation • Limited by device capabilities Final steps: - Full BYOD policy created by Past this line, infrastructure, all business groups. security, and operations - TCO calculation in pillars must be considered in conjunction with Finance. order to support advanced data creation. Source: Info-Tech Research Group 111 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 112. BYOD Recommendations1 Measure success against overall objectives of a multi-device strategy. Having a multi-device IT service access strategy should contribute to lowering costs while increasing service regardless of who owns the devices. Given that, how does BYOD further those objectives?2 Consider impact on overall objectives when deciding between passive or aggressive approach. Bring Your Own policies can range from passive (we allow connection from personally-owned devices) to aggressive (we encourage and even subsidize bring your devices).3 Communicate policy requirements and roles and responsibilities for system support. Failure to meet success measures can be a result of communication failures as much as a failure of technical and operational capability.4 Maintain company-owned device options for flexibility and end-user service. Info-Tech sees that even in the case of an aggressive BYODprogram, allowing use of a company-owned device can mitigate a number of the potential pitfalls of BYOD.5 Document your policy position and rationale for the business. In dealing with your internal business customers’ demand for service, there is only one question (with two corollaries) that matters. Can you deliver this service? If yes, how? If no, why? Source: Info-Tech Research Group 112 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 113. The Evolution of Trade Credit Lydian coinsMobile BarterPayment 113 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 114. Mobile Payment That’s like almost Every Cow on the planet getting a smartphone 114Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 115. 4 Types of Mobile Payment• The Mobile Wallet -Paying for things at a store with a mobile device using NFC or "tap and go“.• Every Smartphone is a cash register - Merchants using a mobile device to process credit cards payments.• The “Everything Else” mobile Payment -Consumers send money to merchants, or even each other (sometimes called p2p), using mobile devices (on-saleon-line).• ‘Put it on my bill’ -Consumers buying ringtones or games or digital content by putting the charges on their cellphone account. 115 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 116. What’s In a Mobile Wallet?Secure Element (SE), which holds:One or more payment, mass transit, Mobile Phoneand/or offer applications RF ModemEach application emulates aparticular “card” in the wallet SIM Chip BasebandNear Field Communications (NFC) Processor Secure Elementchip • Payment Applications NFCTwo-way communication with the Controller • Transit Applicationpoint of sale • Offer ApplicationCompatible with existing contactless Proximity Antennapayment standardsThree options for hosting the SE:On the SIM chip (shown here)Elsewhere in the handset Point of SaleOn a MicroSD card Source: GSMA Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 116
  • 117. How Does It Work?– Encrypted credentials are supplied by the card issuing bank to a TSM Card Issuing– The TSM distributes the Bank Trusted credentials to the phone via Payment Service Network Manager the MNO (TSM)– Phones use NFC to present the credentials at the POS Mobile– Transaction proceeds as a Acquiring Bank Network Operator regular card payment (MNO) Point of Mobile Sale Phone Source: IDC Financial Insights 117 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 118. Okay, So What’s the Catch?Lots of unresolved questions:– Who controls the secure element?– How much does it cost to rent space in the wallet?– Who gets to provide the offer application(s)?– What if the merchant doesn’t support contactless cards? 118 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 119. The Digital Customer Expectation People’s opinions matter more than providers opinions Economy and more than in the past Brand Butlers Personalization & attitudes to privacy, ownership, piracy, color & language. Shift from transaction to interaction AlwaysOn Working Practices & Attitudes: Blurring of work and leisure, conflict between new and old attitudes GameOn Many-to-Many Communication -turning the mundane into “fun” Intelligent Knowledge for many regions, languages, currencies & Infosystems attitudes visualized in different waysDynamic Pricing Money, but no time –45 seconds/4 clicks is too long to wait. 119 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 120. What Are The Expectations From a Mobilized World? 120 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 121. Devices that end users prefer (new ?)Ultrabooks (NetNotebooks) will reach just over 15% of total consumer notebooks (IDC)1. Mainstream price must be very attractive2. Lower cost conventional notebooks slowing ultrabook adoption http://www.canalys.com/newsroom/smart-phones-overtake-client-pcs-2011 121 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 122. Apple is Gaining Market Share in the Enterprise Source: Forrester 122 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 123. 1/5 Of Global Info Workers Use Apple Products For Work http://blogs.forrester.com/frank_gillett 123 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 124. “The endpoint not taken” 124Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 125. Israeli Smartphone Market-share in 2011 Motorola Alcatel HTC RIM 5% 4% 1% 5% SamsungSony Ericsson 27% 7% LG 8% Nokia Apple 20% 23% Source: IDC 125 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 126. Israeli Smartphone Market-share in 2011 Operating System Market Share Android 39.39% iOS 36.62% BlackBerry OS 9.48% Symbian 9.00% Other 5.52% Source: IDC 126Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 127. Israel (expected end 2012):Wintel: Q42011 compared to Q42010Desktop PCs: -25% Notebooks: -35% 127 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 128. What is the Current Endpoint-Devices Mix within your enterprise?under IT responsibility 1%8% more endpoints Tablets 7% Smartphones 13% Laptops Desktops 77% Source: STKI Feb. 2012 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 128
  • 129. What will be the Mix 12 Months from now? 6% Tablets 1.6% Notebooks Netbooks 20.5% Laptops Desktops 75% Source: STKI Sep. 2011Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 129
  • 130. Endpoint Contemplations1. DesktopsNotebooks are losing market share2. Desktops = price sensitive3. LaptopsTablets are gaining power4. A tablet (still) can’t replace a laptop5. “By 2015…?” No one really knows what’s going to happen… 130 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 131. Market Data http://xkcd.com/688/ 131Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 132. Israeli Endpoint Statistics1.08 • Number of endpoints per 1 employee 24 • Number of endpoints per 1 IT staff564 • Number of endpoints per 1 service desk staff748 • Number of endpoints per 1 PC staff (field technicians)3231 • Number of endpoints per 1 PC staff (image) 132 Source: STKIShahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 133. Endpoint-Devices Mix (Abroad) Source: InformationWeek 133Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 134. Who Will Be Using Tablets? (Israel) 3% Some of theall Employees 15% Mid-level directors 21% Pilot in one of the units 41% Specific functions (e.g. salesmarketing)44% CXOs Source: STKI, Sep. 2011 134 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 135. Who Will Be Using Tablets? (Abroad) Source: Corporate Executive Board 135Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 136. End-Point Operating Costs Source: InformationWeek 136Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 137. End User Device Replacement Cycle Source: InformationWeek 137Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 138. Desktop PCs- Israeli Market Positioning 1Q12 HP Lenovo Local Support Dell Player Ivory Worldwide Leader Acer Apple Market Presence 138Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 139. Laptops- Israeli Market Positioning 1Q12 Lenovo Local Support Player Acer HP ASUS Dell Worldwide LG Leader Samsung Toshiba Fujitsu Apple Market Presence 139Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 140. Tablets- Israeli Market Positioning 1Q12 Local Support Player Worldwide Leader Others… Apple Samsung Market Presence 140Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 141. Presentation Visualization -Security MDMNetworking Security ollaboration 141 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 142. STKI Index-2011 –Top Security Queries Mobile Sec., 25% Access/Authentication, 13% DB/DC Sec., 11% GRC, 9% Network Sec., 8% Sec. Policy, 6% Data Sec., 6%SIEM/SOC, 4% SIs/Vendors/Products, 4% Endpoint Sec., 4% Fraud, 3% “Cyber”, 2% Market/Trends, 2% Application Sec., 2% Miscellaneous, 1% 142 GW Sec., 1% Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 143. Presentation Visualization-Cyber MDMNetworking Security ollaboration 143 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 144. New Buzz….. 144Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 145. Your Text here Your Text here Shahar Geiger Maor’swork Copyright 2012 @STKI DoDo not remove source or attribution from any graphic orof graphicof graphic Shahar Maor’s work Copyright 2012 @STKI not remove source or attribution from any graphic or portion portion 145
  • 146. The Cyber Triangle Cyber Warfare Cyber Terror Cyber CrimePrivate Information Command & Control Business Information Systems Source: ILITA. STKI modifications 146 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 147. The Cyber Triangle–Regulations Director of Security SOX of the Defense Establishment NationalISOIEC Information 27001 Security Authority Israeli Law,PCI-DSS Information and Technology Authority Bank of Israel Ministry of Finance ISOIEC ISOIEC ISOIEC ISOIEC PCI-DSS SOX PCI-DSS SOX SOX Private Information Command & Control Business Information Systems Source: ILITA. STKI modifications 147 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 148. Generic Cyber Attacks 1. IndividualsGroups 2. CriminalNationalistic background 3. Lots of intervals 4. Lots of targets 5. Common tools 148Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 149. Distributed Denial Of Service (DDOS) 1. Targets websites, internet lines etc. 2. Legitimate traffic 3. Many different sources 4. From all over the world 5. Perfect timing 149Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 150. DDOS Mitigation- Israeli Market Positioning 1Q12 Vendors to watch:Andrisoft, Cloudshield, Correro,GenieNRM, IntruGuard, Narus, RioRey Local Support Player Radware Worldwide Leader Arbor F5 Networks Imperva Foresight Market Presence 150 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 151. Advanced and Persistent Threat (APT) 1. Group/ Org./ State 2. Ideological/ Nationalistic background 3. Multi-layered attack 4. Targeted 5. Variety of tools 6. Impossible to detect in real time(???) 151Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 152. Iranian Intelligence Wants To Be Your Friend on LinkedIn Source: http://www.guym.co.il/ Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 153. Cyber Preparedness??? Country-by-country stress tests4.5 43.5 32.5 21.5 10.5 0 Italy Mexico Spain USA Poland Denmark Estonia India China Sweden Romania Russia France Brazil The Netherlands Austria Japan Germany United Kingdom Israel Finland Australia Canada http://www.securitydefenceagenda.org/ 153 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 154. Your Text here Your Text here Shahar Geiger Maor’swork Copyright 2012 @STKI DoDo not remove source or attribution from any graphic orof graphicof graphic Shahar Maor’s work Copyright 2012 @STKI not remove source or attribution from any graphic or portion portion 154
  • 155. bureaucracies live forever.... Space US Roman the rearShuttle’s standard war ends ofbooster railroad chariots two warrockets gauge horses 155 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 156. Israeli National Cyber Command (INCC)Established: 07.08.2011Goal:• To lead the nation’s cyber strategy• To establish a cyber defense policy• To promote new initiatives and technologies in regards to cyber security domains.Means:• Government budget• Industryacademic knowledge sharing 156 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 157. On the INCC’s Agenda• Mapping the national critical infrastructure• Gap analysis for national critical infrastructure security controls• Certifications: for vendors, for Sis, for consultants• Authorizations: for businesses, institutes and any other entity who keep privatepublic information• Proactive defense by establishing professional forums• Promotion of academic and industry research• Promotion of specific fields of expertise (e.g: SCADA security)• Establishment of national security lab• Education and public awareness 157 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 158. Five Aspects of Government Intervention1. Multi-system and system complexity: Resource pooling and knowledge sharing2. Joint venture: Cyber defense is a “game for large players”3. National as well as International co-operation4. Governmental incentives and programs (e.g: MAGNET, Yozma initiative)5. Regulation …This is the planned State –Level Cyber Security Approach 158 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 159. An Example fo State-Level Cyber Security –IPv6 http://www.ccdcoe.org/publications/books/Strategic_Cyber_Security_K_Geers.PDF 159 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 160. Your Text here Your Text here Shahar Geiger Maor’swork Copyright 2012 @STKI DoDo not remove source or attribution from any graphic orof graphicof graphic Shahar Maor’s work Copyright 2012 @STKI not remove source or attribution from any graphic or portion portion 160
  • 161. Your Text here Your Text here Shahar Geiger Maor’swork Copyright 2012 @STKI DoDo not remove source or attribution from any graphic orof graphicof graphic Shahar Maor’s work Copyright 2012 @STKI not remove source or attribution from any graphic or portion portion 161
  • 162. Spotting the Unknown: Finding the “God Particle” of SecurityOne possible signature of a Higgs boson from Large Hadron Collider (LHC) at CERN http://commons.wikimedia.org/wiki/LHC 162 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 163. Big Data : Information Diet• The modern human animal spends upwards of 11 hours out of every 24 in a state of constant consumption of information from the net: • we have grown obese on sugar, fat, and flour • we become gluttons for texts, instant messages, emails, RSS feeds, downloads, videos, status updates, and tweets.• Just as too much junk food can lead to obesity, too much junk information can lead to cluelessness• Big Data “should” help a company understand this information glut and is essential in order to be smart, productive, and sane. 163 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 164. Spotting the Unknown: Big Data At Your Service SIEM Applications Data Warehouse Business Process Management Business Intelligence Detect, analyze and respond to phenomena based on large volumes of structured and unstructured information Source: IBM164 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 165. Spotting the Unknown: The Sandbox Approach Source: http://www.fireeye.com/ 165 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 166. But…”The Contact Line Will Always be Breached” Maginot Line Bar-Lev Linehttp://en.wikipedia.org/wiki/File:Maginotline_ http://en.wikipedia.org/wiki/File:1973_sinai_worganization.gif ar_maps.jpg 166 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 167. “Real-Time Forensic” -NetWitness http://visualize.netwitness.com/Default.aspx?name=investigationShahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 167
  • 168. “Real-Time Forensic” -HBGary http://hbgary.com/attachments/ad-datasheet.pdf 168Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 169. STKI Cyber Security SurveyThis survey consists of two different parts:• First part –CISOs and Infra managers from dozens leading organizations.• Second part –the insights of 9 leading security consultants who cover most of the IT market in Israel.Important notes:• This survey refers to incidents during 2009-2011.• Unreasonable results were removed.• Results may have been subjected to wrong interpretation by the Respondents and some of the incidents may have been “dropped”. 169 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 170. Thank You Very Much For Your Contribution! 170Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 171. Number Of Security Incidents –Users’ Perspective Average number of significant security incidents* in the past 3 years50% Market 40% Average: 30% 2 20% incidents 10% 0% "Cyber sector"** No 1 "Soft Cyber sector"*** Incidents Incident 2-5 5-10 Incidents More Incidents Than 10 Incidents*"Significant security incident" -One that caused direct loss in working hours andor money**”Cyber sector” –large finance orgs., Infra, Telco, Gov, Defense…***”Soft cyber sector” –All the others 171 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 172. Number Of Security Incidents –Consultants’ Perspective Average number of significant security incidents during 2011 80% 60% 40% 20% Defense & Gov. Finanace 0% Infra & Telecom No 1 Rest of Industry Incidents Incident 2-5 5-10 Incidents More Incidents Than 10 Incidents 172 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 173. What Kind Of Incidents? –Users’ Perspective What was the nature of security incidents in the last 3 years? Cyber sector Soft Cyber sector Inside factor (Malicious, accidental, 64% technical error) 20% Known vulnerabilitiesthreats 41% 55% No answer 40% 13%Vulnerabilitiesthreats were unknown at 39% the time 12% We still don’t know 16% 0% ”Cyber sector” –large finance orgs., Infra, Telco, Gov, Defense… “Soft cyber sector” –All the others 173 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 174. What Kind Of Incidents? –Consultants’ Perspective What was the nature of security incidents in 2011? 6% 8% 5% Known vulnerabilitiesthreats 29% 36% Vulnerabilitiesthreats 32% 32% 35% 47% were unknown at the time 30% 29% Inside factor (Malicious, accidental, technical error) 15% We still don’t know 21% 34% 26% 15% 174 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 175. Once Again, The Human Factor. DLP Justification? Have you encountered any malicious or non-malicious activity by employees in the last 3 years? Cyber sector Soft Cyber sector 17% No 0% 23% Yes, malicious 33% 70%Yes,non-malicious 88% ”Cyber sector” –large finance orgs., Infra, Telco, Gov, Defense… “Soft cyber sector” –All the others 175 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 176. Targeted Attacks –Users’ Perspective Have you witnessed any targeted attacks in the last 3 years? Soft Cyber sector Cyber sector 70% 66% 53% 47% 33%18% 10% 11% 10% 8%DOSDDOS Phishing Appweb attacks Malicious code No ”Cyber sector” –large finance orgs., Infra, Telco, Gov, Defense… “Soft cyber sector” –All the others 176 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 177. Targeted Attacks –Consultants’ Perspective Have you witnessed any targeted attacks toward one of your clients in 2011? (Not including Phishing and DOS attacks) 89% 56% 11%Yes, Appweb attacks Yes, malicious code No 177 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 178. Lost of Working HoursApproximately how many working hours did your organization lose due to significant security incidents in the last 3 years? Cyber sector Soft cyber sector Don’t Less than know 50 12% Don’t 20% know More 30% than 51 Less than More than 33% 50 51 55% 50% ”Cyber sector” –large finance orgs., Infra, Telco, Gov, Defense… “Soft cyber sector” –All the others 178 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 179. Impact on RevenueHow much money (% of total revenue, pre org. on average) has been lost due to security incidents in the last three years? Consultants Users 63% 58% 37% 13% 13% 13% 5% 0% 0% 0% Les than 1% 5%-1% 10%-5% More than 10% Don’t know 179 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 180. Evolving to Combat Advanced Persistent ThreatsTotal Visibility Across the Enterprise:• Host-Based Visibility• Network-Based Visibility• Log Aggregation: Internal DNS Server Logs, DHCP Logs, Enhanced Microsoft Windows Event Audit Logs, Border Firewalls Logs with Ingress/Egress TCP Header• Information, External Webmail Access Logs, Internal Web Proxy Logs, VPN Logs, Netflow Logs, Full Packet Capture Logs• HIDS/HIPSActionable Threat Intelligence:• Indicators of Compromise http://www.mandiant.com/news_events/forms/m-trends_tech2011 180 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 181. Security Fundamentals Come First! EstablishingAfter establishing a rigid and Cyber Security A newcontinuous security policy, Policy componentCheck out this diagram: Security Computer education and Emergency awareness Response Team Internet policy Access policy System policy Standards Access configuration Operating System design management management systems Strong Patch SDLC Mobile devices authentication management system Testing Encryption(?) hardening 181 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 182. Presentation Visualization-MDM MDMNetworking Security ollaboration 182 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 183. Mobile Device Management… 183 Source: Bent ObjectsShahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 184. Critical Capabilities for Mobile Device Management Policy Security andDevice Diversity Containerization Enforcement Compliance Inventory Software Administration IT Service Management Distribution and Reporting Management Network Service Delivery Model Management http://www.gartner.com/technology/streamReprints.do?id=1-16U0UOL&ct=110801&st=sg 184 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 185. The Israeli Point of View In your opinion, what are the Critical Capabilities for a MDM solution?16% 12% 8% 6% 13% Source: STKI Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 185
  • 186. MailCalendar Sync?Does your organization’s policy allow for mobile devices to be synchronized to mailcalendar? Not yet 13% Of course! 87% Source: STKI 186 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 187. (Don’t) Bring Your Own Device (Not yet)Does your organization’s policy allow for private mobile devices to be synchronized to mailcalendar? Yes (to all...) 13% Yes (Policy) No! 33% 54% Source: STKI 187 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 188. MDM StrategyWhat’s your mobile device management and security strategy? 5% Conducting a POCevaluation 8% of solutions Using an existing (non-specific)13% security methodologysolutions Its considered high priority, 53% but no actions were made yet Already implemanting a specific MDMsecurity solution 21% MDMsecurity is considered low priority at the moment Source: STKI 188 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 189. Data Leakage From Mobile Devices How are you planning to tackle data leakage from mobile devices (multiple answers)? 43% 40% 37% 30% Our MDM Were usingwill Higher security We do not dealsolution shoud be using awareness with itbe the answer compensating security controls Source: STKI 189 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 190. Market Status: Waiting For “Something” To Happen ~17,000 MDM licenses have been sold in the Israeli market so far… (STKI estimation, Feb 2012) 190 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 191. MDM Insights -There is no single end-to-end solution -Decision-maker’s position determines type of solution CxOs / Special Purpose Pure Security MDM Employees 191Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 192. Mobile Security CxOs / Special Purpose • AGAT- Active Sync Protector • Checkpoint - Pointsec Mobile Security Pure • Juniper –Junos Security MDM Pulse Mobile Security Suite • LetMobile • Trend Micro – Mobile Security Employees 192Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 193. Mobile Security Management -Israeli Market Positioning 1Q12 Local Support AGAT Player Checkpoint Worldwide Juniper Leader LetMobile Trend Micro Market Presence 193 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 194. Mobile Device Management CxOs /• AirWatch Special Purpose• BoxTone• FancyFone –FAMOC• Fiberlink-MaaS360• Matrix-MMIS• McAfee -Enterprise Pure Mobility Security Management MDM• MobileIron• Symantec - Mobile Management• ZenPrise –Mobile Manager Employees 194 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 195. Mobile Device Management -Israeli Market Positioning 1Q12 Mobile Iron Local Support Player AirWatch Worldwide FancyFone Leader McAfee Fiberlink Matrix Zenprise Symantec BoxTone Market Presence 195 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 196. Mobile Containerization • DME-Excitor • Good Technologies • Sybase-Afaria CxOs / Special Purpose Pure Security MDM Employees 196Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 197. Mobile Container Management -Israeli Market Positioning 1Q12 Local Support Good Player Technologies Worldwide Leader Excitor Sybase Market Presence 197 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 198. Mobile Remote Control CxOs / Special Purpose• Callup-Xcontrol• Communitake• Pure Mformation Security• SOTI MDM Employees 198 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 199. Mobile Remote Control-Israeli Market Positioning 1Q12 Local Support Player Mformation Communitake Worldwide Leader Xcontrol SOTI Market Presence 199 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 200. Presentation Visualization-Cloud Security MDMNetworking Security ollaboration 200 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 201. Cloud Flavors Source: Changewave, a service of 451 Group 201Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 202. Super Hybrid Clouds : can IT handle it ?IT’s challenge becomes:• integration• identity management• data translation between the core and multitenant public cloud• orchestration for processes connecting private and public clouds 202 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 203. Cloud Security is still A Major Concern Source: Changewave, a service of 451 Group 203Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 204. Cloud Standards and Test Bed Groups• Cloud Security Alliance (CSA)• Distributed Management Task Force (DMTF)• Storage Networking Industry Association (SNIA)• Open Grid Forum (OGF)• Open Cloud Consortium (OCC)• Organization for the Advancement of Structured Information Standards (OASIS)• TM Forum• Internet Engineering Task Force (IETF)• International Telecommunications Union (ITU)• European Telecommunications Standards Institute (ETSI)• Object Management Group (OMG) http://cloud-standards.org/wiki/index.php?title=Main_Page 204 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 205. Cloud Security Standards –Current Status ISO 27001 SSAE 16 FedRAMP (SAS 70) Cloud Security FISMA – CSA ATO FIPS 140- 2 205Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 206. Cloud Security Standards –ISO 27001 (2005)There is no particular focus on “cloud computing”.(Reddit, HootSuite, Quora and Foursquare have suffered outageseven though AWS is ISO 27001 certified).ISO 27001 relates to some cloud security issues:• A.6.2.1 -Identification of risks related to external parties• A.6.2.3 -Addressing security in third party agreements• A.10.5.1 -Information back-up• A.11 -Access control• A.7.2.1 -ClassificationSo, what’s the point of being ISO 27001 certified? Lower risk. ISO 27001 certification guarantees that the certified entity has undertaken a comprehensive approach to resolve major risks. 206 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 207. SOC 1/SSAE 16/ISAE 3402 SSAE 16 is an enhancement to the current standard for Reporting on Controls at a Service Organization (SAS70). ISAE 3402 SSAE 16 was built upon the ISAE 3402 framework. SOC 1 A SOC 1 Report (Service Organization Controls Report) is a report on Controls at a Service Organization which are relevant to user entities’ internal control over financial reporting. The SOC1 Report is what you would have previously considered to be the standard SAS70, complete with a Type I and Type II reports, but falls under the SSAE 16 guidance. http://www.ssae-16.com/ 207Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 208. SOC 1/SSAE 16/ISAE 3402Who Needs an SSAE 16 (SOC 1) Audit? If your Company (the ‘Service Organization’) performs outsourced services that affect the financial statements of another Company (the ‘User Organization’), you will more than likely be asked to provide an SSAE16 Type II Report, especially if the User Organization is publicly traded.Some example industries include: * Payroll Processing * Loan Servicing * Data Center/Co-Location/Network Monitoring Services * Software as a Service (SaaS) * Medical Claims Processors http://www.ssae-16.com/ 208 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 209. Federal Information Security Management Act (FISMA, 2002)FISMA ATO for CSP (Low, Moderate, High)• Part of NIST’s Computer Security Division• Issues an authorization to operate for cloud service providers• It doesn’t require certification of products or services. It sets security requirements for federal IT systems.U.S. Government Cloud Computing Technology Roadmap(http://www.nist.gov/itl/cloud/upload/SP_500_293_volumeI-2.pdf)Its aim is: “…to make it substantially easier to buy, sell, interconnect and use cloud environments in the government”. 209 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 210. FIPS 140-2 Certification –For CSP Trust1. Federal Information Processing Standard (FIPS) Publication 140-22. Specifies the security requirements of cryptographic modules used to protect sensitive information3. Notice: There are four levels of encryption under FIPS 140-2 http://www.gore.com/en_xx/products/electronic/anti-tamper/security-standards.html 210 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 211. PCI DSS –Vital For Cloud Service ProvidersPCI DSS was set up by the major credit card companies to try and improve the InformationSecurity of financial transactions related to credit and debit cards. It essentially pushes theresponsibility of looking after card data onto merchants who may store, process and transmitthis type of data. Protect Cardholder Data Implement Strong Access Control Measures Regularly Monitor and Test Networks Maintain an Information Security Policy Maintain a Vulnerability Management Program http://phoenix-consultancy.com/pci_dss.html 211 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 212. Cloud Security Alliance(Join the Israeli chapter here: http://www.linkedin.com/groups?gid=3050440&trk=hb_side_g)• Security Guidance for Critical Areas of Focus in Cloud Computing (Released November 14, 2011)• Innovation Initiative -created to foster secure innovation in information technology. (Released February 24, 2012)• GRC Stack -a toolkit to assess both private and public clouds against industry established best practices, standards and critical compliance requirements.• Consensus Assessments Initiative -Research tools to perform consistent measurements of cloud providers (Released September 1, 2011)• Cloud Controls Matrix (CCM) -Released August 26, 2011• Cloud Metrics - Metrics designed for Cloud Controls Matrix and CSA Guidance.• CloudTrust Protocol (See next slides…) https://cloudsecurityalliance.org/research/ Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 212
  • 213. Digital Trust and Value Creationhttp://assets1.csc.com/financial_services/downloads/DigitalTrustForLifeReport.pdfShahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic 213
  • 214. Cloud Trust Protocol (CTP) Transparency as a Service SAS70, SSAE 16, HIPAA, ITAR, FRCP, HITECH, GLBA, PCI DSS, CFATS, DIACAP, Responding to NIST 800-53, ISO27001, CAG, ENISA, CSA V2.3, … all elements of transparency TaaSEnterprise CSC Trusted Community Cloud Cloud Trust CTP Response Manager (CRM) TaaS Dashboard CTP TaaS CTP Private Trusted Cloud CTP CTPCloud Responding toTrust all elements ofAgent transparency CTP Using reclaimed visibility into the cloud •Downstream to confirm security and create digital •compliance trust CTP •processing Source: http://www.csc.com/cloud/insights/57785-into_the_cloud_with_ctp , & CSA Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 215. Federal Risk and Authorization Management ProgramFedRAMP is the result of close collaboration with cybersecurity and cloud experts from: 215 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 216. Federal Risk and Authorization Management Program (FedRAMP)• established on December 8, 2011• The FedRAMP security controls are based on NIST SP 800-53 R3 / 53 A, controls• Establishes US Federal policy for the protection of Federal information in cloud services• Describes the key components and its operational capabilities• Defines Executive department and agency responsibilities in developing, implementing, operating, and maintaining the program• Defines the requirements for Executive departments and agencies using the program in the acquisition of cloud services 216 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 217. How Will Cloud Services Be Prioritized For FedRAMP Review?• “FedRAMP will prioritize the review of cloud systems withthe objective to assess and authorize cloud systems that canbe leveraged government-wide”.• FedRAMP will prioritize Secure Infrastructure as a Service(IaaS) solutions, contract vehicles for commodity services, andshared services.(1) Cloud systems with existing Federal agency’s authority-to-operates (ATOs) get first priority(2) Cloud systems without an existing Federal agency ATO getsecond priority 217 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 218. FedRAMP – Deliverables For Cloud Computing Service ProvidersA. Develop Plan of Action & Milestones: (POAM)B. Assemble Security authorization Package (SAP)C. Determine RiskD. Determine the Acceptability of RiskE. Obtain Security Authorization Decision (yes/no) 218 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 219. FedRAMP - Third Party Assessment Organizations (3PAOs)• Perform initial and periodic assessment of CSP systems per FedRAMP requirement• provide evidence of compliance, and play an on-going role in ensuring CSPs meet requirements.• FedRAMP provisional authorizations must include an assessment by an accredited 3PAO to ensure a consistent assessment process.• Independent assessors of whether a cloud service provider has met the 297 agreed upon FedRAMP security controls (604 pages) so they can get an authority to operate (ATO).• Companies cannot be 3PAOs and cloud service providers (CSP) at the same time for same contracts (MOU, etc.,) 219 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 220. Cloud Guidelines in Israel By ILITA (Start: 19.5.2012) • Primal check of outsourcing legitimacy1 • Meticulous definition of purpose and use of outsourced data2 • Alignment of security and privacy controls in accordance to existing regulations and3 standards (ISO 27001, 357, 257) • Transparency and obedience to privacy laws4 • Defining the means of privacy enforcement and monitoring5 • Ensuring data deletion upon ending of contract6 http://www.justice.gov.il/MOJHeb/ILITA/News/mikurhuts.htm 220 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 221. Decrease The Risk Of Cloud Computing• Do a thorough check on the potential provider – not only its performance record, but also the background of its management, have they implemented the information security and business continuity policies and procedures, financial stability, legal risks etc.• Write very specific security clauses in your agreement with the provider, where the biggest emphasis will be on issues that have raised the highest concerns during risk assessment.• Keep a backup copy of your information locally – although a cloud computing provider will (probably) do regular backup, it is always a good idea to have direct control of your information. (e.g. banking regulators in some countries have imposed regulations to local banks to keep the backup copy inside the country specifically because of this risk.)• Develop your strategy on how to return the information processing/archiving back to your company (re-insourcing) in case of problems with your cloud computing provider – you should know exactly which steps are needed, as well as which resources.• An exit strategy might also be to have an alternative cloud computing provider standing by, ready to jump in if your existing partner performs badly.• Perform regular checks of your provider to find out whether they are complying with the security clauses in the agreement Source: http://blog.iso27001standard.com/# 221 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 222. Market Data Source: http://xkcd.com/657/large/ 222Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 223. Information Security Staffing1 Security Personnel 25’th percentile 50’th percentile 75’th percentile Average For how many employees? 500 1167 1600 1582For how many IT staff? 33 42 61 55 For how many desktops? 397 750 1172 951 For how many endpoints? 522 1130 1779 1314 For how many WIN servers? 119 200 270 194 Source: STKI 223 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 224. Networking Budget ~ 10% of IT OpEx Source: The Corporate Executive Board Company 224Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 225. Constant Staffing Mix Within IT Source: The Corporate Executive Board Company 225Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 226. Data Leakage Prevention -Israeli Market Positioning 1Q12 Websense Local Support Symantec Player Verdasys Worldwide Fidelis Leader GTB McAfee CA Safend Checkpoint EMC Market Presence 226 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 227. Database Protection -Israeli Market Positioning 1Q12 McAfee Local Support Player GreenSQL Imperva Worldwide Brillix Leader Informatica Oracle IBM Safenet SAP Fortinet Market Presence 227 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 228. Network Encryption -Israeli Market Positioning 1Q12 Safenet Local Support Fortinet Player Thales Worldwide Leader Cisco Market Presence 228 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 229. Enterprise Network Firewall -Israeli Market Positioning 1Q12 Checkpoint PaloAlto Fortinet Local Support Juniper Player Microsoft Cisco Worldwide Leader HP McAfee F5 SonicWall Barracuda Market Presence 229 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 230. Secure Remote Access-Israeli Market Positioning 1Q12 Juniper Checkpoint Cisco Local Support Player F5 Worldwide Leader Citrix Microsoft Fortinet SonicWall Market Presence 230 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 231. Intrusion Prevention Systems -Israeli Market Positioning 1Q12 McAfee IBM Checkpoint Local Support Juniper Radware Player PaloAlto Worldwide Barracuda Leader Fortinet Cisco HP SourceFire SonicWall Market Presence 231 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 232. Network Access Control-Israeli Market Positioning 1Q12 Access Layers Local Support Cisco ForeScout Player Juniper Checkpoint Worldwide McAfee Leader (Insightix) HP Wise-Mon Symantec Microsoft Enterasys Market Presence 232 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 233. Secure Web Gateway-Israeli Market Positioning 1Q12 Websense BlueCoat Local Support Mcafee Cisco Player Symantec Safenet Clear Swift Worldwide Zscaler Leader Fortinet Sonicwall Trend Micro Microsoft PineApp Barracuda Market Presence 233 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 234. Email Security-Israeli Market Positioning 1Q12 Cisco Symantec Safenet Local Support Websense PineApp Trend Micro Player Sonicwall Worldwide Leader Microsoft Mcafee Fortinet Mirapoint Clear Swift Barracuda Market Presence 234 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 235. Application Firewall-Israeli Market Positioning 1Q12 Imperva F5 Local Support Player Sonicwall Radware Worldwide Leader Citrix Microsoft Fortinet Applicure Barracuda Market Presence 235 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 236. SOA SecurityXML FW -Israeli Market Positioning 1Q12 Local Support IBM F5 Player Intel Worldwide Leader Radware Imperva CA Microdasys Layer7 Oracle Market Presence 236 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 237. Server Security -Israeli Market Positioning 1Q12 Trend Micro McAfee Local Support CA Symantec Player Microsoft Worldwide Leader IBM VMware NetIQ Reflex Calcom Kaspersky Sophos Market Presence 237 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 238. Endpoint Security -Israeli Market Positioning 1Q12 McAfee Trend Micro Symantec Local Support Checkpoint Player Promisec CA Microsoft Worldwide Leader Safend Cryptzone Kaspersky IBM Sophos Lumension Market Presence 238 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 239. “Strong” User Authentication -Israeli Market Positioning 1Q12 Vendors to watch (Biometric):ANB, Authentic, L1, Secugen, UPEK And others Safenet Cidway Local Support Player SecurEnvoy RSA Oracle Athena Worldwide Leader Vasco CA Symantec ANB ActivIdentity Quest Gemalto Market Presence 239 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 240. Access Management & Monitoring -Israeli Market Positioning 1Q12 NetIQ (Novell) CyberArk Local Support Oracle CA Player Symantec IBM Worldwide SAP Varonis Leader Quest Xpandion Whitebox Imperva Spatiq Market Presence 240Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 241. Security Information & Event Management (SIEM/SOC) -Israeli Market Positioning 1Q12 Symantec HP Local Support Player EMC IBM (Q1 Labs) McAfee Worldwide Leader (Nitro) NetIQ (Novell) Juniper Splunk Market Presence 241 Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 242. Governance, Risk and Compliance Suites (GRC) -Israeli Market Positioning 1Q12 Local Support SAS Orantech Checkpoint Player IBM (DynaSec) SAP Worldwide (Open Pages) Leader Bwise Oracle WCK KCS SoftwareAG EMC Market Presence 242Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 243. Thank You! Scan Me to Your Contacts… 243Shahar Geiger Maor’s work Copyright 2012 @STKI Do not remove source or attribution from any graphic or portion of graphic