• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Cutting-Edge Network Behavior Audit Technology from BMST
 

Cutting-Edge Network Behavior Audit Technology from BMST

on

  • 2,771 views

Brief introduction of technologies and products from BMST Co. which is the leading company at transparent network behavior audit and forensics.

Brief introduction of technologies and products from BMST Co. which is the leading company at transparent network behavior audit and forensics.

Statistics

Views

Total Views
2,771
Views on SlideShare
1,570
Embed Views
1,201

Actions

Likes
1
Downloads
24
Comments
0

7 Embeds 1,201

http://www.bmst.net 603
http://sbin.cn 483
http://bmst.net 108
http://www.bmst.cn 3
http://www.slideshare.net 2
http://elbigboss-35.appspot.com 1
http://www1.bmst.net 1
More...

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Cutting-Edge Network Behavior Audit Technology from BMST Cutting-Edge Network Behavior Audit Technology from BMST Presentation Transcript

    • Advanced Network Behavior Analysis ,
      Record and Audit
      Last Modified: Dec.8 2009
      Introduction of BMST Technologies
    • Agenda
      1. Opportunity and Business Overview
      2. Technology and Products
      3. Scenarios and Solutions
      4. Our Customers
      5. About BMST
      2
      ©Copyright, BMST Co. 2009
      December 13, 2009
    • What Gartner Top 10 and NSA Say?
      Gartner TOP 10 2010
      1 Cloud computing, 2 Advanced analytics, 3 Client computing, 4 IT for Green,5 Reshaping the data center 6 Social computing, 7 Security - activity monitoring.  …Information security professionals face the challenge of detecting malicious activity in a constant stream of discrete events that are usually associated with an authorized user and are generated from multiple network, system and application sources. At the same time, security departments are facing increasing demands for ever-greater log analysis and reporting to support audit requirements...
      8 Flash memory, 9 Virtualization for availability, 10 Mobile applications.
      Security is not just the perimeter; layered defenses must be inside of the network and on the applications and databases if we really want to protect information. We haven’t done nearly enough to protect applications and databases…and the magnitude of loses around insider threats are underreported.
      William (Bill) Crowell – former Deputy Director of the NSA
      3
      ©Copyright, BMST Co. 2009
      December 13, 2009
    • Cloud Flight Needs Cyber “Black Box”
      • How to do forensics in case of a security incident?
      • Are you outsourcing? How to handle potential contractual dispute in case of an IT issue?
      • Don’t you need compliance? What to show external auditors on complete organization IT operation records?
      • How to monitor and find the violation of authorized users in real time?
      • How to guarantee the security policy are followed correctly?
      4
      ©Copyright, BMST Co. 2009
      December 13, 2009
    • Answers from BMST
      • Complete record and replay
      • Real time monitoring
      • Smart behavior analysis and Audit
      • Comprehensive protocol support
      • Transparent deployment
      • Intuitive “flight” administration
      • Tampering-proof authentic “data” management
      5
      ©Copyright, BMST Co. 2009
      December 13, 2009
    • Session Auditor System Architecture
      Session Auditor is consist of three components: SAS, SAD and SAC
      Session Auditor Sensor
      • Transparent deployment
      • Bridge-model run
      • Session based data recording
      • Complete protocol support
      • Send recorded data to SAD
      Session Auditor Datacenter
      • Sea-volume storage
      • Respond to SAC orders
      • Smart audit and search
      • Security and maintenance
      Session Auditor Console
      • Centralized operations and audit
      • Flexible reporting system
      • Policy-based real-time monitoring, alert and response
      6
      ©Copyright, BMST Co. 2009
      December 13, 2009
    • Session-Auditor Deployment
      SSH
      RDP
      Telnet
      ICA
      Rlogin
      VNC
      FTP
      Oracle
      Sybase
      ……
      Administrator
      WebApp& Web Services
      Enterprise Apps
      (ERP/CRM)
      SAS
      Traffic
      IT系统管理员/
      兼职安全管理
      Recorded
      Servers
      Unix/Linux
      Console
      Windows
      Network
      Security
      SAD
      Auditor
      Mission critical
      企业应用
      (SAP, Oracle等)
    • Critical System
      Critical System
      Critical System
      Critical System
      SAS
      SAS
      SAS
      SAS
      Administrator
      SAD
      SAD
      Administrator
      SAC
      Auditor
      Distributed and Hierarchical Deployment
    • Unique Value of BMST SA Products
      Transparent audit for RDP, SSH, Citrix/ICA, Oracle, DB2...
      Complete recording and replay
      Transparent bridge deployment
      High availability and distributed deployment
      It’s a long list and growing…
      1
      2
      GENERAL
      • HTTPS, HTTP, SMTP, POP3, FTP, Telnet, CIFS, Samba...
      REMOTE ADMIN
      • RDP, SSH, VNC,SFTP/SCP, Rlogin, X11…
      DATABASE
      • MSSQL, Oracle, Sybase, DB2…
      INDUSTRY SPECIFIC
      • Citrix ICA, HP RGS…
      3
      4
      ENCRYPTED?
      NO PROBLEM!
      Great expandability by open SCRIPTINTERFACE
      For more details, please refer to http://bmst.net/product/features/
      9
      ©Copyright, BMST Co. 2009
      December 13, 2009
    • Session Auditor Product Family
      Session Auditor Lite is one 2-in-1 appliance, integrated SAS and SAD
      Storage
      SAS and SAD support distributed and hierarchical deployment, bringing users further flexibility
      Network Throughput
      10
      ©Copyright, BMST Co. 2009
      December 13, 2009
    • Scenarios and Solutions
      Cloud Computing and IT Outsourcing
      Complete and authentic organization records
      Potential contractual dispute in case of security incident and IT issue
      • Compliance
      • PCI-DSS, SOX, ISO27001, HIPAA, GLBA, SB1836, …
      • “Audit”, “Records”, “e-Discovery” are essential to all of them
      • Virtual Asset Protection for Online Gaming
      • Internal abuse and theft
      • Potential lawsuit for virtual assets
      11
      ©Copyright, BMST Co. 2009
      December 13, 2009
    • Our Customers
      Session Auditor has been widely adopted by industry leading customers from telco, finance, service providers, consulting firms, governments and etc. Please visit http://bmst.net/solution for more details.
      12
      ©Copyright, BMST Co. 2009
      December 13, 2009
    • About BMST Co.
      Founded at March 2006
      BMST, which is located at ZGC High-Tech District, Beijing, China, focuses on innovation and development on network security products and technologies.
      The founders have profound experience at network security, telco, finance and various industries.
      http://maps.google.com/maps/place?cid=4135994384345121574&q=Bldg%2BA,%2BHuatong%2BMansion
      • info@bmst.net (General query)
      • sales@bmst.net (Sales)
      • partners@bmst.net (Partnership)
      @bmstdotnet
      13
      ©Copyright, BMST Co. 2009
      December 13, 2009
    • 14
      ©Copyright, BMST Co. 2009
      December 13, 2009