Refense   Security Risk Briefing   July 2009
Upcoming SlideShare
Loading in...5
×
 

Refense Security Risk Briefing July 2009

on

  • 1,639 views

REFENSE Technologies - Security Risk Briefing Presentation

REFENSE Technologies - Security Risk Briefing Presentation

Statistics

Views

Total Views
1,639
Views on SlideShare
1,619
Embed Views
20

Actions

Likes
0
Downloads
0
Comments
0

3 Embeds 20

http://www.linkedin.com 16
http://www.slideshare.net 3
https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Refense   Security Risk Briefing   July 2009 Refense Security Risk Briefing July 2009 Presentation Transcript

  • Security Risk Briefing July 2009 Proprietary & Confidential Not for distribution
  • Security Risk Management Vulnerabilities – Policy Compliance Routers Switches Firewalls Wireless Mission Critical Infrastructure Key Benefits • Audit, Analysis, Prioritize and Mitigate • Superior performance = > Visibility, Speed & Accuracy • Agent less, Proprietary algorithms - Non Intrusive Impact • Comprehensive Security Checks & Policy Management © 2009 Refense All Rights Reserved Confidential
  • Product & Service Refense VMS Refense On-Demand Enterprise Scalable Appliances Fully Managed Service •Turn-Key Appliance •Subscription Based •Software License •Rapid Deployment •Fault Tolerant •Remotely Managed •Service Provider Scalable •No Up-Front Capital •AES 256 Encryption •Annual Contracts •24x7 Support © 2009 Refense All Rights Reserved Confidential
  • Competitive Landscape Compliance Security Orientation Limited capability Vulnerability Scanners Vulnerability & Compliance Qualys, Foundstone Management for Mission Critical Limited capability eEye Retina Infrastructure Configuration Tools EMC Voyence, Alterpoint, nCircle, HP NCM, etc Network Management Platforms HP Openview, IBM Tivoli, BMC Desktops - Servers - Routers – Switches – Firewalls - WAPs Devices © 2009 Refense All Rights Reserved Confidential
  • About Refense Founded in 2003 & HQ in Raleigh, NC Network Security Risk Management Solutions Partnering with Industry Leaders: Notable Customers: © 2009 Refense All Rights Reserved Confidential
  • Evolution of Network Security Networks are increasing in size and complexity Value of network devices as method of attack is increasing & evolving Hackers are now actively targeting Cisco IOS (IOS rootkit, DNS poisoning, BGP hijacking, Phenoelit’s 0-day exploit) Wireless networks still offer easy attack vectors Breaches as a result of compromised network devices are starting to become publicly known Hijacking a network is a very appealing target for large hacking groups or for foreign governments or terrorist organizations Most attacks are financially motivated © 2009 Refense All Rights Reserved Confidential
  • Refense = Security from the inside out Vulnerability | Compliance Management Identify Operating System/Network Vulnerabilities & Non-Compliance to security policies Agent less & non-intrusive, Lightning fast and accurate Largest number of Intelligent Security Checks Service Provider Scalability (10,000 plus devices) Secondary Effects & Mitigation Intelligence Predefined security policies & Regulatory Requirements Wireless Rogue Finder Option Scheduled Scans - Strong in-depth reporting Instant ROI & low operational administration © 2009 Refense All Rights Reserved Confidential
  • Connect to Execute checks Internal analysis remote against collected Storage of of data by VMS devices via SSH data report data only or Telnet for trending and Execute Gather data additional Generation of comparative using Show commands as report analysis © 2009 Refense commands required All Rights Reserved Confidential
  • Refense Differentiators Refense automates manual audits of Cisco IOS. Example: A PSIRT notice states – perform a Show Version to determine if you are running an affected IOS version, then perform a Show Processes | Include SIP or a Show IP Sockets dependent on your version of IOS to determine if your device is processing SIP packets, then check for the presence of a workaround using a Control Plane Policy. Now repeat across your entire network – the result could be many man hours of labor to find the devices that are vulnerable. Refense VMS automates this process with a zero error rate! Refense has more security checks than anyone else. When Cisco Systems wanted to solve a problem for the US Department of Defense they turned to Refense. The DoD has the most complex security policies for networks of any organization. They also have one of the largest private networks in the world. Ensuring compliance to DISA STIG’s was unenforceable until Refense came along. Refense VMS scales to the largest enterprises and has the capability of ensuring compliance against the most complex security policies! Refense VMS is a security focused point solution. Unlike others in the market, we don’t focus on servers and desktops, treating network devices as an afterthought. Refense isn’t a configuration management solution trying to be a security solution. We don’t rely on SNMP for configuration information and we don’t scan IP addresses looking for open ports. Refense VMS is enterprise network security and has been for over 5 years! © 2009 Refense All Rights Reserved Confidential
  • Risk Management Reporting © 2009 Refense All Rights Reserved Confidential
  • Secondary Effects & Mitigation © 2009 Refense All Rights Reserved Confidential
  • Superior Vulnerability & Compliance Management Automated & Non-intrusive In-depth analysis Accurate & Actionable Audit & Mgmt Lightning Fast Independent Intelligence Reporting 6-9 month ROI Automated Risk Management Reduce Costs by Document Control and policy recommendation 1 >65%-90% 8 2 Determine risk Asset identification and evaluation Eliminate Risks 7 & Achieve 3 Determine impact on confidentiality, Threat and Compliance Integrity and vulnerably availability 6 identification 4 Determine 5 Zero False likelihood Control of threat identification Positives 24x7x365 Visibility © 2009 Refense All Rights Reserved Confidential
  • Refense vs Configuration Management Tools Refense is security oriented – Refense has been built from the ground up to do one thing, ensure the security of enterprise networks. Network configuration management tools are not architected to dig deep into networks to discover security weaknesses. Refense replicates manual audits – Refense follows the same process and has the intelligence of a manual human auditor, Refense isn’t limited to regular expression string matching. Network configuration management tools have not been designed to audit the security of networks, they collect configuration information and process it based on regular expression rules. Refense can identify threats other tools cannot – These include: Network devices with fraudulent or compromised operating systems. Vendor published vulnerabilities that cannot be identified by regular expression string matching. Vulnerabilities where insufficient or incorrect mitigation actions have been implemented. Complex analysis requiring data from external sources such as those detailed in US Federal Government standards like DISA STIG’s. REFENSE provides greater visibility to potential vulnerabilities and identifies vulnerabilities other tools overlook or cannot see. REFENSE does this with greater accuracy than any other solution and our ability to conduct network analysis without impact to the network or device allows network protection to be continuous or "always-on" resulting in shorter time to protection from potential threats. © 2009 Refense All Rights Reserved Confidential
  • Refense vs Vulnerability Management Tools Inside vs outside orientation – Refense audits network devices from the inside. This enables greater accuracy and functionality over traditional vulnerability scanners. Vulnerability management tools scan IP blocks and rarely allow authenticated analysis of device configurations. These types of IP/port scans cause high load on the device, are network intensive, slow and inaccurate. Refense focuses on network devices – Refense is focused on WAN and LAN network devices, it was built for that purpose and doesn’t try to use vulnerability identification methods designed for desktops and servers. Vulnerability management tools don’t have the same focus, most are better suited to scanning Windows and Linux than Cisco and Juniper OS. Refense vulnerability checks are smart – Refense ships with over 300 security checks that look for security weaknesses introduced through configuration as well as vulnerabilities caused by OS related flaws. They use advanced logic to verify the security weakness actually exists and understand when workarounds are in place to mitigate the problem. Vulnerability management tools use checks that look at the OS version and then assume your device is vulnerable based on the version of code you are running, not the way your device is configured and network is protected. REFENSE provides greater visibility to potential vulnerabilities and identifies vulnerabilities other tools overlook or cannot see. REFENSE does this with greater accuracy than any other solution and our ability to conduct network analysis without impact to the network or device allows network protection to be continuous or "always-on" resulting in shorter time to protection from potential threats. © 2009 Refense All Rights Reserved Confidential
  • What makes Refense superior ? Focus – Mitigating Risks in Mission Critical Infrastructure – Routers/Switches/Firewalls/Wireless Access Points Visibility & Non-Intrusive – Operating System Vulnerabilities & Compliance to Security Policy Accuracy – Inside Out Architecture eliminates false positives & negatives – reducing time spent on invalid results Speed – Distributed high speed scanning makes Refense the fastest vulnerability solution available Compliance w/Security Orientation – Complex Checks, Secondary Effects & Risk Mitigation Easy to Implement/Maintain – Turn-Key appliance can have you up and running in less than an hour – Low Administration © 2009 Refense All Rights Reserved Confidential