S T M  U T M
Upcoming SlideShare
Loading in...5
×
 

S T M U T M

on

  • 902 views

Presentacion de tecnología UTM

Presentacion de tecnología UTM

Statistics

Views

Total Views
902
Views on SlideShare
900
Embed Views
2

Actions

Likes
1
Downloads
11
Comments
0

2 Embeds 2

http://www.slideshare.net 1
http://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Web & e-mail security is the 80% important of threat
  • HTTP: H yper T ext T ransfer P rotocol, is a protocol used to transfer files from a Web server onto a browser in order to view a Web page that is on the Internet FTP: File Transfer Protocol , is a protocol used to upload files from a workstation to a FTP server or download files from a FTP server to a workstation HTTPS: URLs that require an SSL connection start with https: instead of http :. SSL: S ecure S ockets L ayer
  • Benefit of in the cloud service: no need to save code in HD, real time detecting.
  • So that no limit in languages. / Better performance/ effectively stopping an outbreak before it becomes widespread.
  • SPI/IPS/DoS stateful packet inspection (SPI)‏ a stateful firewall (any firewall that performs stateful packet inspection ( SPI ) or stateful inspection ) is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. The firewall is programmed to distinguish legitimate packets for different types of connections. Only packets matching a known connection state will be allowed by the firewall; others will be rejected. Intrusion prevention (IPS), IDS It provides policies and rules for network traffic along with an intrusion detection system for alerting system or network administrators to suspicious traffic, but allows the administrator to provide the action upon being alerted DoS Attack : Short for d enial- o f- s ervice attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic . Anomaly : 異常
  • Probe: 探針
  • VPN: Short for v irtual p rivate n etwork, a network that is constructed by using public wires to connect nodes. For example, there are a number of systems that enable you to create networks using the Internet as the medium for transporting data. These systems use encryption and other security mechanisms to ensure that only authorized users can access the network and that the data cannot be intercepted. SSL: Short for S ecure S ockets L ayer , a protocol developed by Netscape for transmitting private documents via the Internet . IPsec : Short for IP Sec urity, a set of protocols developed by the IETF ( I nternet E ngineering T ask F orce ) to support secure exchange of packets at the IP layer. IPsec has been deployed widely to implement Virtual Private Networks (VPNs) .
  • IM control: Noon time can use MSN, but not during other time.
  • Ref: http://www.prosecure.netgear.com/resources/threat-monitor.php
  • http://www.prosecure.netgear.com/resources/threat-monitor.php

S T M  U T M S T M U T M Presentation Transcript

  • New Product Introduction ProSecure- STM & UTM Series Oscar Castro.18. 09
  • Topics
    • Security & Threat
    • Definition of Threat
    • Netgear Technologies
    • STM
    • UTM
    • Other
  • Balance of Network Security
    • Modern worms and viruses are coming too fast
    • Move towards a security approach
    • Optima control : secure & flexible networking
    • Reference: Prosecure sales training Mod2 security overview v1
    The security minded strategy: Closed systems with incremental services as needed The access minded strategy: Open systems with incremental security as needed
  • Definition of Threat
    • Before: for fun, to show off,
    • Now: financial benefit, Criminal.
    • Threat increase so fast: before 2007, 2M; 2008,15M.
    • Threats:
    Threat Definition Attack from Virus A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. e-mail/ web Worm A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other program web/network Trojan Trojan horse (computing), 木馬程式 web
  • Definition of Threat - Continue Threat Definition Attack from Phishing The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user information e-mail Spam Electronic junk mail or junk newsgroup postings e-mail Keylogger Monitor keyboard, and take your information with out notice. web Malware Short for malicious( 惡意 ) software, software designed specifically to damage or disrupt a system , such as a virus or a Trojan horse web/ E-mail Spyware Any software that covertly gathers user information through the user's Internet connection without his or her knowledge, usually for advertising purposes. Nuisance spyware, which does not cause harm; while Malicious spyware will harm the PC or system. web Rootkit A rootkit is a type of malicious software that is activated each time your system boots up . Rootkits are difficult to detect because they are activated before your system's Operating System has completely booted up. A rootkit often allows the installation of hidden files, processes, hidden user accounts, and more in the systems OS. Rootkits are able to intercept data from terminals, network connections, and the keyboard. network / Web Zombies A zombie is a computer that has been infected by a malicious software application, called a "bot". Once the bot is installed, the zombie computer can be controlled by a remote malicious user without the knowledge or permission of the computer's rightful owner web/network
  • Layered Defense Virus / Malware Scanning (Blended Threats, Productivity Loss, Spyware, worms, rootkits)‏ (File base)‏ Intrusion Prevention ( Protecting Webservers, Application exploits) (packet/stream of packet base. )‏ Email – SPAM Prevention (Nefarious Email, Phishing, Viruses, Malware)‏ Firewall / Connection Screening (Hacking, Intruders, Pings of Death …), (packet base, speed) Content Filtering (Inappropriate websites, Fraud, Phishing)‏ URL. content Application Control (IM, P2P, Network Misuse)‏ Reference: Prosecure sales training Mod4 Layered defence v1.pptx
  • Example of Layered Defense
    • Firewall for first line on the network frontier.
    • STM in second line for web and e-mail security.
    • Anti-virus software in each PC.
    • In the case of UTM, combine Firewall & STM appliance
  • Layered Defense in Netgear Virus / Malware Scanning (Blended Threats, Productivity Loss, Spyware, worms, rootkits)‏ (File base)‏ Intrusion Prevention ( Protecting Webservers, Application exploits) (packet/stream of packet base. )‏ Email – SPAM Prevention (Nefarious Email, Phishing, Viruses, Malware)‏ Firewall / Connection Screening (Hacking, Intruders, Pings of Death …), (packet base, speed) Content Filtering (Inappropriate websites, Fraud, Phishing)‏ URL. content Application Control (IM, P2P, Network Misuse)‏ Reference: Security Webinar -May09.pptx UTM STM
  • Netgear Technology
    • Web Security
    • Mail Security
    • Network Security
    • Remote Access
  • Netgear Technology - Web Security
    • All inbound and outbound content over HTTP, HTTPS (secure HTTP), and FTP is inspected for millions of known threats and unknown threats, proactively discovering and blocking threats to the network.
    • Stream Scanning Technology,
      • scans data streams as they enter the network
  • Netgear Technology - Web Security
    • Netgear Hybrid In the cloud Distributed Web Analysis technology to filter malicious and unwanted URLs
      • Limitless master database (in the cloud)
    Real time In the cloud service
  • Netgear Technology - Email Security
    • The NETGEAR® in-the-cloud Distributed Spam Analysis architecture continuously gathers data from more than 50 million sources from around the world.
    • Detects and blocks outbreaks in real time, based on their rapid and wide distribution behavior, analyzing its distribution patterns, rather than its header information.
    • Benefit:
      • High Detection Rate – blocking upwards of 97% of spam
      • Effectiveness against all spam – including double-byte languages and image-based spam
      • Low False Positives – Less than 1 in 1.5 million reported false positive
  • Netgear Technology - Network Security
    • Protect the network by firewall function.
      • Stateful packet inspection (SPI),
      • Intrusion prevention System (IPS),
      • denial-of-service (DoS) protection
    • The ProSecure UTM's network intrusion prevention and detection system utilizes a rule-driven language , which combines the benefits of signature, protocol and anomaly based inspection methods, preventing hackers from penetrating the network perimeter. IPS is not only important, but a necessity for any network security architecture.
  • Netgear Technology - Network Security
    • The IPS engine performs protocol analysis, content searching/matching, and can also block or passively detect a variety of attacks and probes.
    • Protect from out side threats, also can prevent internal users from pulling in threats due to misuse. Ex: block public IM: Skype, MSN. P2P client: Bit Torrent.
  • Netgear Technology – Remote Access
    • 2 groups of VPN(Virtual private network) tunnel :
      • SSL (Secure Sockets Layer)‏
      • IPsec (IP security)‏
    • ProSecure UTM can provide easy, secure and cost –effective clientless remote access for any employee without complicated installations or PC administrative access. Use VPN channel
    • enabling users
    • to securely and
    • privately transfer
    • information.
  • Topics
    • Security & Threat
    • Definition of Threat
    • Netgear Technologies
    • STM
    • UTM
    • Other
  • Netgear STM series
    • ProSecure™ Web and Email Threat Management Appliance
    • Target in SMB, friendly price but with enterprise quality.
    • Enterprise-class Security (Co-work with Kaspersky)‏
      • Enterprise-class Anti-malware Engine: enterprise level signatures, no compromise in performance.
      • Zero Hour Threat Protection : Malware signatures are automatic update every hour, so that limit the chance for attack.
      • Industry-leading Anti-spam Engine: use “in the cloud” approach to feed global up-to-the-minutes spam outbreak information to the appliance to stop new spam.
      • Enterprise-class URL Filter: The URL filter not only blocks access to unwanted sites, but also blocks sites containing spyware.
      • IM, P2P, Toolbar Application Control: Enforce company network usage policies with the STM’s application control feature .
    • Revolutionary Stream Scanning Platform.
      • Please refer to Netgear technology- web security
    • Simple Setup, Ease of Management
      • No need to configure,
      • No “per user” licensing
    Netgear STM series
  • STM150, STM300, STM600 STM150 STM300 STM600 Customer type Small to Medium Networks Medium-sized Networks Medium-sized Networks Recommended Number of Concurrent Users 20 - 150 Up to 300 Up to 600 Concurrently Scanned HTTP Connections 1,000 2,000 4,000 HTTP Throughput (Mb/s)‏ 43 148 239 SMTP Throughput (emails/hour)‏ 139,000 420,000 960,000
  • List of Skus Bundle
      • Hardware
      • Email Subscription
        • Anti-Malware, Virus, Spyware, Trojans
        • Anti-SPAM Email
      • Web Subscription
        • Anti-Malware, Virus, Spyware, Trojans
        • HTTP, FTP, real HTTPS protection
        • Web Content Filtering
        • Phishing
      • Maintenance Subscription
        • Support & Maintenance
        • Base Firewall and IPS
        • Application Control
  • STM150, STM300, STM600- Skus Take EU sku as example Model SKU Description List Price STM150EW STM150EW-100EUS Bundle ProSecure™ Web and Email Threat Management Appliance STM150  (Hardware including 1-year Web, 1-year Email, and 1-year Software Maintenance & Upgrades)‏ STM150 STM150-100EUS Hardware ProSecure™ Web and Email Threat Management Appliance STM150 (Additional Web and/or Email Subscription Required) STM150E STM150E-10000S 1 Year Email Threat Management Subscription for STM150   STM150E3 STM150E3-10000S 3 Year Email Threat Management Subscription for STM150 STM150M STM150M-10000S 1 Year Support & Maintenance Subscription for STM150 STM150M3 STM150M3-10000S 3 Year Support & Maintenance Subscriptions for STM150 STM150W STM150W-10000S 1 Year Web Threat Management Subscription for STM150 STM150W3 STM150W3-10000S 3 Year Web Threat Management Subscription for STM150
  • Netgear UTM series
    • ProSecure™ Unified Threat Management Appliance
    • Target in SMB, friendly price but with enterprise quality without compromises (in function, performance)
    • Simple Setup, Easy of Management
      • 10-step setup wizard
      • Threat Monitor & Report
      • No “Per user” licensing
  • Netgear UTM series
    • Feature & Highlight:
      • Best-of-Breed Anti-malware Engine : Enterprise-class malware scan engine.
      • NETGEAR Patent Pending Stream Scanning Technology
      • Distributed Spam Analysis Anti-spam Technology : Hybrid in-the-cloud architecture (p10)‏
      • Distributed Web Analysis URL Filtering: Next generation hybrid in-the-cloud URL filtering technology
      • Zero Hour Threat Protection
      • NETGEAR Intrusion Prevention System
      • IM and P2P Application Control
      • SSL & IPsec VPN Remote Access
      • Built-in VPN/Firewall
  • UTM10, UTM25 UTM10 UTM25 Customer type Small Networks Small Networks Recommended Number of Concurrent Users 1 - 15 10 - 30 AV Throughput 31 Mbps 45 Mbps Stateful Packet Inspection Firewall Throughput 133 Mbps 153 Mbps WAN Ports / LAN Ports (Gigabit)‏ WAN 1 / LAN 4 WAN 2 / LAN 4 Concurrent Sessions 8,000 20,000 Web (HTTP, HTTPS, FTP)‏ ● ● Email (SMTP, POP3, IMAP)‏ ● ● Site to Site VPN Tunnel 10 25 SSL VPN for Remote Access 5 13
  • UTM10, UTM25- Skus Model SKU Description List Price UTM10 EW UTM10 EW-100EUS Bundle ProSecure™ Web and Email Threat Management Appliance  UTM10  (Hardware including 1-year Web, 1-year Email, and 1-year Software Maintenance & Upgrades)‏ UTM10 UTM10 -100EUS Hardware ProSecure™ Web and Email Threat Management Appliance UTM10 (Additional Web and/or Email Subscription Required) UTM10 E UTM10 E-10000S 1 Year Email Threat Management Subscription for UTM10   S UTM10 E3 UTM10 E3-10000S 3 Year Email Threat Management Subscription for UTM10 UTM10 M UTM10 M-10000S 1 Year Support & Maintenance Subscription for UTM10 UTM10 M3 UTM10 M3-10000S 3 Year Support & Maintenance Subscriptions for UTM10 UTM10 W UTM10 W-10000S 1 Year Web Threat Management Subscription for UTM10 UTM10 W3 UTM10 W3-10000S 3 Year Web Threat Management Subscription for UTM10
  • More information
    • Threat Monitor
  • Partners – Best of breed Technology Partners brings Enterprise Grade Security to SMB Technology NETGEAR STM NETGEAR UTM Competition Anti-Virus Malware Trojans Phishing Full 1.6 Million Signatures Full 600K Signatures Fortinet : Clam AV open source + their own  60K AV signatures. Watchguard : AVG  40K AV signatures. Sonicwall : Clam AV open source + their own  3.2K (TZ180/190) 27K (TZ210/NSA)‏ Checkpoint : Kaspersky Lite SafeStream  11K Barracuda : Clam AV open source + their own  100K AV signatures. ZyXEL : Kaspersky Lite SafeStream + their own  15K Anti-SPAM Hybrid in-the-cloud 50 Millions sources Hybrid in-the-cloud Fortinet : RBL approach (Public Black Lists)‏ Watchguard : Commtouch Sonicwall : RBL approach (Public Black Lists)‏ Checkpoint : SpamAssassin (Open source)‏ Barracuda : SpamAssassin (Open source)‏ ZyXEL : Mailshell Web Content- Filtering 100 M URLs 64 categories 100 M URLs 64 categories Fortinet : Self + unknown Watchguard : SurfControl (Websense)‏ Sonicwall : Self + unknown Checkpoint : SurfControl (Websense)‏ Barracuda : SpamAssassin (Open source)‏ ZyXEL : Blue Coat
  • Reference:
    • Netgear Product information http://www.prosecure.netgear.com/index.php
    • Detail Competitors information http://netshare/prosecure/ProSecure%20Collateral/Forms/AllItems.aspx
    • Definition of terms : http://www.webopedia.com
    • Prosecure sales training Mod2 security overview v1.pptx
    • Prosecure sales training Mod4 Layered defence v1.pptx
    • Security Webinar -May09.pptx