David Maman Layer7 And Beyond

  • 758 views
Uploaded on

Presentation from a lecture that i gave several times in Israel, South Africa, across Europe and other places about: Layer 7 & Beyond, Challenges security technologies must face. talking about the …

Presentation from a lecture that i gave several times in Israel, South Africa, across Europe and other places about: Layer 7 & Beyond, Challenges security technologies must face. talking about the "Virtual presence", Web 2.0/SAAS, Internal network security, example of daily unsecured activities and some mobile security.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
758
On Slideshare
0
From Embeds
0
Number of Embeds
1

Actions

Shares
Downloads
12
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Layer 7 & Beyond Challenges security technologies must face. David Maman CTO Layer 7 & Beyond - Challenges security technologies must dmaman@moksai.com face
  • 2. Outline - Presence • The virtual identity saga - Web X.0 / HTT-What? / SAAS • Web experience is changing - Internal Security • Internal security – the “Secured” surroundings - Day usage • a simple example of unsecured activities - Mobile • Mobile devices and networking security Layer 7 & Beyond - Challenges security technologies must face 2
  • 3. Presence Layer 7 & Beyond - Challenges security technologies must face 3
  • 4. Cross platform/media users identity • Users identity is roaming across multiple access layers Access where ever(net access, VOIP presents, free mind) Web based access (ssl-vpn, etc.) advanced functionalities • Always available IM and other applications over multiple access layers Mail access in multiple variations of delivery/retrieval • The OS’s Multiple operating systems are part of this experience In The Claude/Network solution is not adequate • The solutions transparency for the user experience is part of this evolutions Layer 7 & Beyond - Challenges security technologies must face 4
  • 5. Web X.0 / HTT-What? / SAAS Layer 7 & Beyond - Challenges security technologies must face 5
  • 6. Web x.0 / HTT? / SAAS challenges • Identity, privacy, reputation and anonymity is changing • Everyone is a content/service provider • Any user is part of the system/experience • Is there End-to-end security architecture? • The content is delivered and shared everywhere • Cross site scripting is required • It’s part of the advantages • HTTP/S as a transport layer (oovoo, rpc, etc) • For years it’s among the only un inspected tunnel’s we’ve allowed, and now it’s almost impossible to validate and control the application level. Layer 7 & Beyond - Challenges security technologies must face 6
  • 7. Web x.0 / HTT? / SAAS challenges • Changing the way Dynamic content is delivered • Asynchronous JavaScript (AJAX) and XML will provide a whole new frontier regarding inspection for incoming and out going traffic. • Dynamic analysis approach for security • Web x.0 public key infrastructure? • Security services over Web x.0 • We all like cookies (Transport layer) • Lately several Trojan horses been using cookies negotiation as a transport layer for data and commands, can we block/inspect this layer? Layer 7 & Beyond - Challenges security technologies must face 7
  • 8. Internal Security Layer 7 & Beyond - Challenges security technologies must face 8
  • 9. Is our network really secured ? Layer 7 & Beyond - Challenges security technologies must face 9
  • 10. Internal traffic understanding • Where is the perimeter? • A network? a segment? a server? a client? • Can we really understand what is passing? • Endless number of stacks and applications • Encrypting what we don’t understand is wrong • Securely tunneling un analyzed/authorized traffic. • Number of applications is exponentially increasing • Any organization in any sector must evolve • Virtualization solutions are already common • Resources are being shared with which security? Layer 7 & Beyond - Challenges security technologies must face 10
  • 11. Internal security enforcement • Security approach Internally is the complete opposed from perimeter security. • What we block instead of what we allow. • Viruses are starting to take advantage of the network “Open Space” • Worms are distributing Viruses/Trojan horses that starts the infection by network mapping, Antivirus and advanced IPS’s are a necessity • Can we process and analyze all this traffic? (Network Accelerated processing and Content Accelerated processing is a must for handling this) Layer 7 & Beyond - Challenges security technologies must face 11
  • 12. Day by day usage Layer 7 & Beyond - Challenges security technologies must face 12
  • 13. Day by day • There are many daily activates during which we don’t think of security consequences.. • The most basic example, Credit Cards: • Which credit card activity is more secured? • Online over the internet purchases? or • In the neighborhood ? • Did you ever think about that ? Let me help you with this one.. Layer 7 & Beyond - Challenges security technologies must face
  • 14. Basic online ordering architecture Investments in the information security has grown, the needs are known and there are many regulations that oversee the solutions.. DMZ Layer 7 & Beyond - Challenges security technologies must face
  • 15. What do you know about these devices? • Which security solutions been implemented in these devices that we all trust with our everyday payment? • Most of the new devices work over mobile access (3G/GPRS) with very basic infrastructure security sometimes running over the same access regular users use. • The operating system has almost none security features or hardening capabilities. (besides plain txt with md5 keys) • There is no alerting system for any penetration tries over the basic operating system over the management/access interfaces. • Which do you think is more secured? Layer 7 & Beyond - Challenges security technologies must face
  • 16. Mobile Layer 7 & Beyond - Challenges security technologies must face 16
  • 17. Explosion of high-value 3G / 3.5G services • Endless new services.. Music Video Mail Mail / IM Gaming Mobile TV VoIP Presence/Push Collaboration Instant Office …that requires a network/security solutions Layer 7 & Beyond - Challenges security technologies must face 17
  • 18. Where are the threats coming from? Backbone Security - Inspecting and managing the BB Internet Access - Web browsing and downloads - VOIP solutions - Dynamic Content updates - Gambling/gaming/etc. services. , IM “Smart” Devices - with alternate network access methods Messaging - Multiple OS’s with various security requirements Email, Instant Messaging, -3G Access provides Internet/Network backup Multimedia Messaging Services access for business - Stores use credit cards clearing house over Inter Carrier Connectivity GPRS/3G. for roaming access - Privet networks For collaborated Data Layer 7 & Beyond - Challenges security technologies must face 18
  • 19. Thank You David Maman dmaman@moksai.com Layer 7 & Beyond - Challenges security technologies must face