1. Chris Estimated Time: 1. minutes this slide – time should be 10:06:00AM when done Direction: Welcome and Introductions Script: Welcome and good morning to everyone. This is Chris Johnson from Open Access Systems Corporation. We are an IT Solutions Provider headquartered in Northern New Jersey since 1993 and have partnered with Stonesoft to bring Next Generation Network Security solutions to our clients. Stonesoft is a network security market leader focused on providing the highest levels of proactive control, always-on connectivity and compliance at the lowest Total Cost of Ownership. Founded in 1990, they are a global company with corporate headquarters in Helsinki, Finland and America's headquarters is in Atlanta, Georgia. I am ITIL v3 Certified and will start by introducing you to the StoneGate solutions and go through a quick review of the ITIL Service Life Cycles. Then I’ll turn the presentation over to Matt McKinley, a Senior Network Security Analyst at Stonesoft. During the presentation you can type in any questions or comments in the window at the lower right of your screen. We’ll try to address them while presenting and will directly answer them during the question and answer period at the end. We should be done in 45 minutes and will then address any questions and comments.
2. Chris : Estimated Time this slide: 1.5min (running time 10:07:30AM when done) Direction: Introduce the Stonesoft Family of solutions, Call to action – meet us. Script: Here’s the Stonesoft catalog of Next Generation Security products. We have the StoneGate Firewall, Virtual Firewall, Intrusion Protection System, Virtual IPS, and the SSL VPN appliance. StoneGate Management Center or SMC is the unifying element that provides a single interface – or “single pane of glass” to manage all these point solutions. SMC centrally controls these components all which share similar settings. Being able set a rule once based on the security policy, and then applying this setting to multiple systems insures consistency. SMC can be remotely mirrored for increased availability or “follow the sun” operational support. StoneGate is based on ISO 20002 Security which is the same standard used for ITIL’s Security Processes. “Certifications”; Stonesoft has the most Certifications of any Next Gen Security solution out there today. This includes ICSA Labs Certifications, Common Criteria, FIPS, VMware, and VPN Consortium certified Let’s move on to the quick review of the ITIL V3 Life Cycles.
3. Chris : Estimated Time this slide: 2. min (running time 10:09:30AM when done) Direction: Quick review of the 5 core practices in the ITIL Library. Script: Here’s a simplified slide of the ITIL Life Cycles of what a mature IT organization “should do”, but not “how” to do it. The first 4 Life Cycles are shown as vertical stacks of processes and functions that have input and output relationships with other processes. The arrow in the upper left remind us that the business owners, CEO’s and CFO’s want their IT investment to be aligned to meet the goals and objectives of the business. The business owners also define the policies and what regulations and what compliance is required for the business. With this information the CIO and CTO will know what they “should” do. IT is organized and goes through the Life Cycles and the accompanying processes: 1. Starting on the left, the Service Strategy is where we generate the strategy to create maximum value to users of IT. 2. In the Service Design stage we are establishing Supplier, Capacity, Availability, Continuity, and Service Level Agreement management processes. Roles and responsibilities are defined and the information systems are organized into the Service Knowledge Database 3. Next, the Service Transition is where new services or services that are changing go through this cycle that insures the design specifications are tested and validated before being released to Operations. 4 . Service Operations –includes the Help Desk, Access Management, Problem, Event, and Incident Management all of which are developed to provide value to IT’s customers. 5. At the bottom of the chart is the Continual Service Improvement Life Cycle , How we can get better from a before state to an improved state requires a consistent set of reports – then we work through 7 steps– define what we should measure , identify what we can measure , Gather, Process, Analyze, Report, Improve
4. Chris : Estimated Time this slide: 1.5 min (running time 10:11:00AM when done) Direction: Implementing Roles and associated Rules in the real world. Script: This slide is an example of one way of documenting Roles using a RACI Matrix. Across the top are the Life Cycles and Processes and down the left we have Grouped Activities. RACI stands for Responsible, Accountable, Consulted or Informed and an R A C or I is written into the intersection box to identify a process’ role relative to an activity. Let’s focus on the IT Information Security Management Process. Notice that the Security Information Management Process is Accountable to Build and Maintain the Information Systems. In ITIL one and only one person can be Accountable – if not then no one is Accountable. The individual identified as the owner of the Information Security Management Process is Accountable for IT Security. Taking the Overriding Business Security Policy input from the business owners, regulations, legislation, and customers’ needs a security policy is developed. Everyone in the company as well as the contractors gets a copy of the security policy and has to sign in blood. The point here is after all the meetings and negotiating roles and determining who “should do what” that this information gets documented and now needs to be implemented. Think about how do you implement and monitor your security policy? MATT McKinley will show how StoneGate easily implements these established roles.
5. Chris : Estimated Time this slide: 1. min (running time 10:12:00AM when done) Direction: ITIL Library Security Management Process Script: Security Management tasks are identified by 5 key activities. This diagram was taken from the ITIL Library wiki for Security Management – and I’ve summarized it without all the arrows and sub processes. The detailed Meta Diagram is available on the web. From the upper left and then clockwise we see the cyclical processes - PLAN – IMPLEMENT – EVALUATE – MAINTAIN and continue again – at the center is CONTROL. Reporting is required at each task and Control is where all the monitoring and reporting should be collected and responsibilities are allocated. How StoneGate successfully facilitates these tasks and reporting is why it recently won the Information Security Products Award.
Chris then Matt This is the Hand-off Slide (1 minute each here then move on)-10:14 at the end of this slide. 6. Chris : Estimated Time this slide: 1. min (running time 10:13.00AM when done) Direction: ITIL defines what should be done – StoneGate is how Security gets done. Security is a process, not a product or end point and ITIL is a framework of what a mature IT system should do but not how to do it. Centralized always-on security monitoring, reporting and proactive control of overall Network Security is key and again Matt will show how this is done with StoneGate on a live system. I’ll be back at the end to highlight at least 10 Quick Wins while you are implementing ITIL. At this point I turn over control to Matt McKinley, Senior Network Security Analyst at Stonesoft. I believe he is in Atlanta today? Script: Matt will now discuss How this is done with StoneGate – Matt? 6.Matt: Estimated Time this slide: 1. min (running time 10:14.00AM when done) This is a diagram used to illustrate the always-on features of StoneGate with Stonegate Management at the center and follows the ITIL standard.
Matt: Estimated Time: 2 minutes (running time 10:16:00AM when done) Direction: Detailed slide on Proactive Control – One-step Management – High Availability Suggested Script: With Good Practices from ITIL we try and combine and automate repetitive and related activities and develop standardized reporting formats. Let’s take a close look at what we mean when we say one-step management. With other products when it comes to managing your devices, you have to log into different consoles for each device. As you can imagine, this approach is extremely labor intensive and opens the doors to human error. Plus, you can imagine the risks if you are dealing a with a zero-day threat. (click) With the one-step management functionality built in to our StoneGate Management Center, you can create a rule, policy or upgrade once, and it takes care of updating all the appliances…automatically… and in real time. With One-step Management, you can make updates to literally hundreds of devices anywhere in the world as easily as one with a push of a button. Best of all, as you add other types of security appliances, such as IPS, SSL VPN, or our Virtual Security Solutions for Firewall/VPN and IPS, you can manage all of them from the same command center utilizing the same tools. In addition, starting in Q2 the StoneGate Management Center will be able to monitor, alert on and report on third –party device activity within your network. No other vendor in the marketplace can offer this type of holistic visibility and proactive control of your entire network – no matter how complicated or widely dispersed across both physical and virtual environments. one-step management is just one way that we put your IT department in proactive control.
MATT: Estimated Time: 1.5 minutes (then live for 3 min) (running time 10:20:30AM when done) Direction: Detailed slide on Proactive Control – Central Repository Suggested Script: The StoneGate Management Center also has a built-in central repository. Using a common interface and central repository for configuring all StoneGate appliances reduces complexity and error for security system administrators. Common elements such as server, application and network groups created for use in firewall policy can be re-used in all other configurations, such as IPS, alert policies, filters and reports. In addition, by updating an element in the repository it will automatically update all configurations that reference the element. Remember that Gartner said “99% of security breaches are caused by device not configured properly.” Configuring and storing all aspects of the security appliances, from OS settings and routing to security policies, through the StoneGate Management Center results in less manual administrative work, thus reduces configurations errors. If you want to pre-configure devices all the information can be pre-configured and initial configuration saved to a memory stick. If you want to replace a device…no problem since the central repository stores pushes all previous configurations from basic to advanced settings. The Always-on Connectivity technologies built in to the StoneGate solution extends to the central repository, too. Our StoneGate Platform supports up to five management servers running concurrently for implementation across multiple disaster recovery sites. In addition to server synchronization, administration tasks such as backup and log archives can be scheduled. Access management can be set up to best match the business processes of an enterprise IT organization or MSSP environment. In addition, with the introduction of StoneGate 5.0 , organizations can manage different customer environments with a single management server – a major development for large organizations and MSSPs challenged by the administration and cost of managing multiple servers for each domain. Since configurations can be shared across domains, administrators can quickly make configuration changes or reuse configurations.
MATT: Estimated Time: ( 1 minute then live for 3) (running time 10:24:30AM when done) Direction: Remember the RACI Matrix - I’d imagine that the guy/gal that is responsible for a system most likely should have access, and those that need to be consulted or informed can have limited access – STONESOFT ROLE-BASED USER CONFIGURATION EASILY allows you to Implement Role-based Access Controls from a RACI Matrix (or agreed upon list of roles) - and you can deploy this Globally and get logs and reports on attempts to do something outside his/her role ??! WHO CAN DO or SEE WHAT? Let’s talk about who is accountable for the IT Information Security Management and how StoneGate applies to accomplishing these activities. Role based access control and Auditing – who accesses what when. Most security breaches come from privileged inside. Meeting Compliance requirements is important when your name is on the audit.
MATT: Estimated Time: ( 1 minute then live for 2 ) (running time 10:27:30AM when done) Direction: Use audit logs and element meta data to find out WHAT has been changed, WHO has changed it and WHEN has this happened is standard with StoneGate's security platform. Suggested Script: This information is stored in such a manner as to be accessible forever – supports PCI, SOX, HIPPA…
MATT: Estimated Time: ( 1 minute then live for 3 ) (running time 10:31:30AM when done) Direction: The Business Officers or owners establish the Overriding Security Policy and identify regulatory and compliance requirements. The Service Strategy and Design Stages implement an IT Security Policy to meet Service Level Agreements and Operational Level Agreements. Since the rules are established a centralized system is needed to ensure that the rules are consistent across the entire organization the Next Generation Security Policy Management is built to accommodate a consistent rule methodology.
MATT: Estimated Time: ( 1 minute then live for 2 ) (running time 10:34:30AM when done) Direction: An IT Information Security Policy has been accepted and agreed upon – the plan was implemented and now to be monitored and Reported regularly that Policies are enforced….This is an enterprise wide automatic feature Built-in and is capable of collecting logs from 3 rd party devices for correlation…
MATT: Estimated Time: ( 1 minute then live for 2 ) (running time 10:37:30AM when done) Direction: Detailed slide on Proactive Control – Real-time Monitoring & Alerting Suggested Script: Efficiencies govern the entire design of the StoneGate Management Center – from the easy-to-interpret , customizable dashboard views of events occurring in real time, to the drill-down accuracy of selecting a single log entry for scrutiny. The central command center uses the latest technology to provide real-time views of what’s happening in your network compared to other systems that offer a crude snapshot of events at best. In addition, you have the flexibility to set up alert escalation to match your organizations’ processes – whether based on time of day or incident severity, someone needs to be notified through visual alerts, email/SMS messaging or SNMP trapping. (click) With the release of StoneGate 5.0, organizations can also see real-time visual geographical representations of network traffic to quickly spot anomalies and attacks. Coupled with StoneGate’s drill-down and filtering capabilities, administrators can troubleshoot more efficiently. (click) In addition, we’re introducing a Web portal for administrators and MSSPs’ end customers to easily monitor security anytime, anywhere and from any device. In addition, MSSPs can create customized user interfaces for their end-customers.
MATT: Estimated Time: ( 2min ) (running time 10:39:30AM when done) Direction: Detailed slide on Proactive Control – Accelerated Incident Management addresses several processes with a consistent reporting structure that is easy to understand and speeds time to resolve – increases Availability. Suggested Script: Now let’s talk about giving you the tools for accelerated incident management. One of the critical requirements to effectively reduce the ”mean time to repair,” is making sure you have all the pertinent data at your fingertips for event correlation. With the StoneGate Management Center’s log browser, you can view logs and alerts from all StoneGate appliances – firewall/VPN, IPS, SSL VPN, both physical and virtual – in real-time and from a historical perspective. (click) The StoneGate Management Center also comes with a built-in powerful data mining engine so you can quickly find the root cause of incidents by utilizing drag and drop filtering, log event visualization and statistical event analysis. System and security alerts are monitored and acknowledged in this view. In addition, incident responses such as connection blacklisting, policy rule review and incident case creation are available with click drilldowns. (click) In addition, troubleshooting or suspicious activity entries may be exported to incident cases, so administrators can centrally collect and store related data. Journal entries, logs, policy snapshots, and other files may be stored together to help with investigation and investigation process auditing.
MATT: Estimated Time: ( 1 minute then live for 2 ) (running time 10:42:30AM when done) Direction: Less un-available access to/from remotes. .More Reliable..
MATT: Estimated Time: ( 1 minute) (running time 10:43:30AM when done) Direction: ITIL defines the goal of the Availability Management is to ensure availability has been assessed per business needs and that processes and tools are in place to minimize business impact when failures occur. It is a Measure of Vital business Functions - Critical for customer satisfaction and business success. (HA, Always-on) – Reported Metrics: Availability – the ability of a service to perform its function when required. (down because of a virus, flood attack etc..) 99.999%? Reliability – how long a service can perform its function without interruption (MTBSI-Mean Time Between Service Interruptions, MTBF) Serviceability/Maintainability – How quickly a service can be restored after a failure (MTRS-Mean Time to Restore Service) But involves Security to be sure IT is operating and ALWAYS-ON and not debilitated by an attack. *Also call CIAA Confidentiality, Integrity, Authenticity, and Availability- You can Relate how a failure in your security can impact the Availability of IT Less failures - due to failed hardware – Capacity Management
MATT: Estimated Time: ( 1 min) (running time 10:44.30AM when done) Direction: You can see how Stonesoft addresses Availability management with Drop-in Clustering, Multilink, and server load balancing. These features also speak to Capacity Management where you can easily scale by adding to a cluster, adding an additional link or path, or add servers.
MATT: Estimated Time: ( 1 minute then live for 2 ) (running time 10:47:30AM when done) Direction: Detailed slide on Proactive Control – Interactive Reporting & Compliance Suggested Script: Keeping up with the stringent regulatory requirements – whether it’s PCI, Sarbanes-Oxley, HIPAA, FISMA or other standards – can be a challenge. It means you’re under constant pressure to maintain the auditing and reporting necessary to avoid non-compliance fees and damaging your corporate credibility. Without the right tools in place, achieving regulatory compliance can become extremely costly and time-consuming. (click) With the release of StoneGate 5.0, the StoneGate solutions come with enhanced customizable graphical reports, in addition to the reports that are already available. (click) These reports can be set up to be automatically generated and distributed. (click) The StoneGate Management Center gathers the data on all network events and presents them in clear and easy-to-understand auditing reports. (click) You can get detailed inventories about engines and administrators, security settings and system changes, as well as comparative analysis of the security policies that you have in place – all at the press of a button. KIM: Point out key performance metrics and how they are logged and monitored relative to what security needs to see…. Shown in previous slides… Using a 7-step process The CSI manager and the individual Lifecycle and Process Managers are all involved with: Define what you Should Measure – Stonesoft’s/StoneGate’s experience in Security leads to Good Practices Define what you Can Measure – Built in Metric collection…. Gather – Centralized Repository Analyze – Easy correlation of internal Metrics to compare to other metrics Process – Metrics are collected centrally from global devices easing the report crunching function Report – Customizable easy to understand reporting for managers of several processes relative to security Improve – Simple and secure way to change/improve point locations or global security configurations. We have hopefully shown how Stonesoft can provide you with the platform for a successful and streamlined implementation of ITIL Principals – which unifies several activities easing the critical job of security within your organization….
MATT: Estimated Time: ( 1 minute) Handoff slide back to Chris (running time 10:48:30AM when done) Direction: Your are positioning the key differentiators that you want them to remember when you leave the premises. Be clear, and concise. Detail is on following slides. Suggested Script: Another key differentiator is the unmatched level of reliability and support we provide which is becoming increasingly important in an industry filled with vendors that deliver poor customer service. (For instance – within the Service Transition Lifecycle the Security Manager would advise on the specific requirements to maintain compliance with Security Policies and the SLA’s. The output of this process is the Service Package – made up of Service Release Packages to be put into production. Security Policy compliance is met, management and ensures that testing for Confidentiality, Integrity, Availability, and Authenticity. It is easier to BUILD-IN management and audit then to BOLT-ON later. EASY UPGRADES and VALIDATION! STONESOFT PROFESSIONAL SERVICES – FOR BRINGING OVER RULES, SECURITY POLICIES, COMPLIANCE is available….) At Stonesoft we take pride in having remarkably high customer satisfaction and customer retention rates. We attribute this to: No forklift upgrades – phased-in approach Third-party event management Rule-base translation tools Turnkey solutions delivery Direct support vs. tiered support Dedicated engineers, 6+ years of experience Follow the sun – Atlanta and Helsinki Commitment to customer success throughout organization Track record of technology innovation 38 patents & 28 patents pending
Chris : Estimated Time this slide: 2. min (running time 10:50:30AM when done) Script: This is Chris Johnson again – Let’s look at just 10 of the Quick Wins you will achieve by installing StoneGate while implementing ITIL. Matt did a great job of showing how to unify and consolidate tasks using StoneGate Management Center. 1. You will unify and improve your operational tasks for multiple processes under a “single pane of glass” for you Firewalls, IPS’s and VPN’s. 2. You will save time by having a single repository of correlated logs that is automatically stored. 3. Directly implement RACI Roles being able to set it once ensuring that roles and rules are consistent across your entire enterprise. 4. You will quickly provide Audit Reports to go with compliance requirements in many standard formats and customize the reports to automate this process. 5. The time you will save implementing and monitoring the policy across the entire enterprise and reducing the SLA and OLA management tasks are enough in itself to justify moving to StoneGate. 6. The Operations Centers and Help Desks will get alerted from multiple components on single screen and will be able to access correlated information and quickly drill down to remedy problems. 7. Having all the information at their fingertips the responders to alerts and if necessary, the Emergency Change Advisory Board won’t have to run around to get information to reduce the business impact of a security Incident. 8. With High Availability, and multiple links you insure always-on security, Reliability, and Business Continuity, the drop-in features eliminate delay in Demand and Capacity Management. Mirrored SMC’s at disaster recovery sites or follow the sun operations sites ensure management is always-on. 9. Access to reports can be made available to individual regions or consolidate all regions for centralized enterprise wide view. Consistent data provides the information needed for Continual Service Improvement. 10. StoneGate is easily implemented in a phased approach and has a proven track record of Reliability, Maintainability, and Serviceability on a Global basis. These are only a few of the processes that StoneGate features can address. How do you consistently maintain security today with all the dynamics of mergers, acquisitions, and employee turnover? We hope to hear from you to setup an on-site meeting to discuss your goals and objectives and to discuss StoneGate. 10:50? – Now let’s open the floor for Questions and comments.
Matt, Rob, Steve, Atendees : Estimated Time this slide: 10 min – we should prepare additional slides? (running time 11:09.06AM when done) Conclusion: (Call to action……… If there is no time then: Thank you for coming please contact us for more information.) We hope that you have gained a better knowledge of these next generation security tools and how StoneGate can empower you to achieve your ITIL implementation and keep the IT Service Management process breaks to a minimum (unless its for coffee!) These features should be compelling to you and your organization to look further into Stonesoft Network Security Solutions and if you would like a detailed Demonstration or how to deliver additional quick wins under the ITIL Framework contact myself or Stonesoft for a private Webinar or onsite analysis. If you are ITIL knowledgeable we would like to hear from you about how we’ve pointed out ITIL alignment of Stonegate and what you think about this presentation. The OASYS Blog is located at www.oasyscorp.com or http:// oasyscorp.typepad.com/blog/index.html to post any questions or comments and I will personally answer any questions not addressed in today’s Webinar on my blog. Again, thank you for your time today and a link for this Webinar will be sent out in the coming days along with a supporting white paper. Feel free to pass both along. KEEP in mind OASYS is hosting more Webinars surrounding the ITIL V3 Framework over the coming months with such manufacturers as OPNET-an Application Performance Monitoring solution. Network Critical-Intelligent Tap and Span switch and Expand Networks –Virtual application delivery to the branches.
10 Quick Wins with ITIL Webinar “ Documented Common Sense” June 23, 2009 Matt McKinley, Senior Network Security Analyst Stonesoft [email_address] Chris Johnson, President Matt O’Buck, International Account Executive Open Access Systems Corporation [email_address] [email_address]
CONTROL EVALUATE Detect security breaches React to the incidents MAINTAIN Recover your systems IMPLEMENT Protect your assets PLAN Identify the risks Revise processes & protection Security as a Process
Commitment to customer success throughout organization
Track record of technology innovation
38 patents & 28 patents pending
“ The superior level of support provided by Stonesoft is the benchmark we use to measure all of our other vendors.” - National City Bank 2008 Customer Satisfaction Results 95% Overall Satisfaction
10 Quick Wins Stonesoft ITIL Win 1. One-step Security Management Single pane of glass view Improves Security Management across the entire enterprise from core to edge. 2. Central Repository Current, correlated Service Knowledge Database shares information for reporting. 3. Role-based Access Control Centrally managed information access based on roles directly implemented by the SMC. 4. Logs & Auditing Easily accessible and ensures Compliance. 5. Next Generation Policy Management Standardized policies, consistency with less administration , SLA/OLA Management, at perimeter and internal. 6. Real-time Monitoring & Alerting More efficient Service Operations. 7. Accelerated Incident Management Faster Troubleshooting & Resolution; feeds a knowledge error database. 8. Patented Multi-Link Communication, Drop-in Active Clustering, Dynamic Server Load Balancing Guaranteed High Availability at the component and link level for reliability, to ensure Always-on Connectivity; Enhanced and Secure Data Delivery. 9. Interactive Reporting Reports for Continual Service Improvements 10. Stonesoft Reliability Easy Implementation, Reliability, Maintainability & proven long-term Serviceability.
Thank You (866) 869-4075 [email_address] www.stonesoft.com