Cutting-Edge Network Behavior Audit Technology from BMST

Advanced Network Behavior Analysis ,
Record and Audit
Last Modified: Dec.8 2009
Introduction of BMST Technologies

Agenda
1. Opportunity and Business Overview
2. Technology and Products
3. Scenarios and Solutions
4. Our Customers
5. About BMST
2
©Copyright, BMST Co. 2009
December 13, 2009

What Gartner Top 10 and NSA Say?
Gartner TOP 10 2010
1 Cloud computing, 2 Advanced analytics, 3 Client computing, 4 IT for Green,5 Reshaping the data center 6 Social computing, 7 Security - activity monitoring. …Information security professionals face the challenge of detecting malicious activity in a constant stream of discrete events that are usually associated with an authorized user and are generated from multiple network, system and application sources. At the same time, security departments are facing increasing demands for ever-greater log analysis and reporting to support audit requirements...
8 Flash memory, 9 Virtualization for availability, 10 Mobile applications.
Security is not just the perimeter; layered defenses must be inside of the network and on the applications and databases if we really want to protect information. We haven’t done nearly enough to protect applications and databases…and the magnitude of loses around insider threats are underreported.
William (Bill) Crowell – former Deputy Director of the NSA
3
December 13, 2009

Cloud Flight Needs Cyber “Black Box”
How to do forensics in case of a security incident?
Are you outsourcing? How to handle potential contractual dispute in case of an IT issue?
Don’t you need compliance? What to show external auditors on complete organization IT operation records?
How to monitor and find the violation of authorized users in real time?
How to guarantee the security policy are followed correctly?
4
December 13, 2009

Answers from BMST
Complete record and replay
Real time monitoring
Smart behavior analysis and Audit
Comprehensive protocol support
Transparent deployment
Intuitive “flight” administration
Tampering-proof authentic “data” management
5
December 13, 2009

Session Auditor System Architecture
Session Auditor is consist of three components: SAS, SAD and SAC
Session Auditor Sensor
Transparent deployment
Bridge-model run
Session based data recording
Complete protocol support
Send recorded data to SAD
Session Auditor Datacenter
Sea-volume storage
Respond to SAC orders
Smart audit and search
Security and maintenance
Session Auditor Console
Centralized operations and audit
Flexible reporting system
Policy-based real-time monitoring, alert and response
6
December 13, 2009

Session-Auditor Deployment
SSH
RDP
Telnet
ICA
Rlogin
VNC
FTP
Oracle
Sybase
……
Administrator
WebApp& Web Services
Enterprise Apps
(ERP/CRM)
SAS
Traffic
IT系统管理员/
兼职安全管理
Recorded
Servers
Unix/Linux
Console
Windows
Network
Security
SAD
Auditor
Mission critical
企业应用
(SAP, Oracle等)

Critical System
Critical System
Critical System
Critical System
SAS
SAS
SAS
SAS
Administrator
SAD
SAD
Administrator
SAC
Auditor
Distributed and Hierarchical Deployment

Unique Value of BMST SA Products
Transparent audit for RDP, SSH, Citrix/ICA, Oracle, DB2...
Complete recording and replay
Transparent bridge deployment
High availability and distributed deployment
It’s a long list and growing…
1
2
GENERAL
HTTPS, HTTP, SMTP, POP3, FTP, Telnet, CIFS, Samba...
REMOTE ADMIN
RDP, SSH, VNC,SFTP/SCP, Rlogin, X11…
DATABASE
MSSQL, Oracle, Sybase, DB2…
INDUSTRY SPECIFIC
Citrix ICA, HP RGS…
3
4
ENCRYPTED?
NO PROBLEM!
Great expandability by open SCRIPTINTERFACE
For more details, please refer to http://bmst.net/product/features/
9
December 13, 2009

Session Auditor Product Family
Session Auditor Lite is one 2-in-1 appliance, integrated SAS and SAD
Storage
SAS and SAD support distributed and hierarchical deployment, bringing users further flexibility
Network Throughput
10
December 13, 2009

Scenarios and Solutions
Cloud Computing and IT Outsourcing
Complete and authentic organization records
Potential contractual dispute in case of security incident and IT issue
Compliance
PCI-DSS, SOX, ISO27001, HIPAA, GLBA, SB1836, …
“Audit”, “Records”, “e-Discovery” are essential to all of them
Virtual Asset Protection for Online Gaming
Internal abuse and theft
Potential lawsuit for virtual assets
11
December 13, 2009

Our Customers
Session Auditor has been widely adopted by industry leading customers from telco, finance, service providers, consulting firms, governments and etc. Please visit http://bmst.net/solution for more details.
12
December 13, 2009

About BMST Co.
Founded at March 2006
BMST, which is located at ZGC High-Tech District, Beijing, China, focuses on innovation and development on network security products and technologies.
The founders have profound experience at network security, telco, finance and various industries.
http://maps.google.com/maps/place?cid=4135994384345121574&q=Bldg%2BA,%2BHuatong%2BMansion
info@bmst.net (General query)
sales@bmst.net (Sales)
partners@bmst.net (Partnership)
@bmstdotnet
13
December 13, 2009

14
December 13, 2009

http://www.bmst.net	422
http://sbin.cn	313
http://bmst.net	101
http://www.slideshare.net	2
http://elbigboss-35.appspot.com	1

Cutting-Edge Network Behavior Audit Technology from BMST

by BMST on Dec 13, 2009

Accessibility

Categories

Tags

Upload Details

Usage Rights

5 Embeds 839

Statistics

Cutting-Edge Network Behavior Audit Technology from BMST — Presentation Transcript