• Like

Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

ICT Security 2010: Le minacce delle nuove tecnologie

  • 707 views
Uploaded on

Intervento tenuto assieme a SonicWAll per analizzare eventuali rischi presenti nelle reti moderne grazie alle tecnologie più utilizzate, e come mitigarle.

Intervento tenuto assieme a SonicWAll per analizzare eventuali rischi presenti nelle reti moderne grazie alle tecnologie più utilizzate, e come mitigarle.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
707
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
16
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. La tecnologia intorno a me, la sicurezza dentro di me Phone/Fax +39 045 8271202 Cristiano Cafferata Alessio L.R. Pennasilico Via Roveggia 43, Verona Via Doria 3, Milano ccafferata@sonicwall.com mayhem@alba.st http://www.aisgroup.it/ BDM & SE Italia e Grecia twitter: mayhemspp info@aisgroup.it FaceBook: alessio.pennasilico Friday, 29 October, 2010
  • 2. Alessio L.R. Pennasilico Security Evangelist @ Board of Directors: Associazione Informatici Professionisti, CLUSIT Associazione Italiana Professionisti Sicurezza Informatica Italian Linux Society, LUGVR, Sikurezza.org Hacker’s Profiling Project ! Alessio L.R. Pennasilico 2 Friday, 29 October, 2010
  • 3. Rischi della Virtualizzazione accesso all’interfaccia amministrativa test reachability per HA vMotion iSCSI, NFS Alessio L.R. Pennasilico 3 Friday, 29 October, 2010
  • 4. Proteggere le VM Segmentare la rete Applicare filtri IDS Antivirus Alessio L.R. Pennasilico 4 Friday, 29 October, 2010
  • 5. Today’s Network Security Requirements Situational Visibility & Awareness  Application Intelligence, Control with Visualization  Physical and virtualized  Scanning of all out-going and in-coming traffic assets  Distributed networks Protection & Risk Management  Users and Applications  Security effectiveness for maximum catch rates  Mobile devices  Zero-day protection  Embedded sensors Secure Access and Manageability  Flexible, yet granular controls  Multi-vendor interoperability Scalability  Technology and Solutions  Network Performance/ Policy & Administration Compliance  Regulations and Standards  Proof 2 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 6. Malware  propaga+ng  at  Applica+on  Layer Vulnerabilities in the software everyone uses everyday … It’s Human Nature …  Programmers make mistakes  Malware exploits mistakes 7 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 7. VoIP Risks I telefoni IP, per funzionare, possono eseguire diverse azioni preliminari, vulnerabili a diversi attacchi: ✓ottengono l'indirizzo IP da un server DHCP ✓ottengono dal DHCP l'indirizzo di un TFTP server ➡ io sono il server DHCP, ti indirizzo al mio TFTP ✓scaricano il firmware dal TFTP server ➡ io sono il TFTP e ti do il mio firmware/configurazione ✓scaricano la configurazione dal TFTP server ➡ io leggo la configurazione dal server TFTP ✓si autenticano sul server VoIP ➡ sniffo, o mi fingo il PBX e forzo auth plain text Alessio L.R. Pennasilico 7 Friday, 29 October, 2010
  • 8. Attenzione Il VoIP può essere più sicuro della telefonia tradizionale. Questo tuttavia si ottiene attraverso una corretta progettazione, implementazione e verifica, seguendo alcune best practice, sia dal punto di vista tecnico che dal punto di vista della formazione. Alessio L.R. Pennasilico 8 Friday, 29 October, 2010
  • 9. VoIP Segmentare la rete Applicare filtri IDS/Antivirus QoS Managed WiFi Alessio L.R. Pennasilico 9 Friday, 29 October, 2010
  • 10. Challenges in a Web 2.0 Environment  Allow use of Social Networking … but protect it … and control who’s using it  Allow use of Streaming Video … but control its usage  At the same time … Restrict P2P Applications … Restrict File Sharing … Restrict Gaming … Prioritize VoIP 14 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 11. Streaming Video Business Use Recreational Use 12 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 12. Application Chaos IT Controls Challenged Identify, Manage and Control Application Chaos Acceptable Apps Unacceptable Apps 11 CONFIDENTIAL All Rights Reserved Friday, 29 October, 2010
  • 13. Rischi del Wireless Perchè proprio io? ...Wardriving... Alessio L.R. Pennasilico 13 Friday, 29 October, 2010
  • 14. Device Alessio L.R. Pennasilico 14 Friday, 29 October, 2010
  • 15. Antenne Alessio L.R. Pennasilico 15 Friday, 29 October, 2010
  • 16. Mezzi alternativi Alessio L.R. Pennasilico 16 Friday, 29 October, 2010
  • 17. Molto alternativi... Alessio L.R. Pennasilico 17 Friday, 29 October, 2010
  • 18. Personalizzazioni Alessio L.R. Pennasilico 18 Friday, 29 October, 2010
  • 19. Coordinate GPS Alessio L.R. Pennasilico 19 Friday, 29 October, 2010
  • 20. Cracca al Tesoro Caccia al Tesoro “Geek” www.wardriving.it Alessio L.R. Pennasilico 20 Friday, 29 October, 2010
  • 21. Misure Inutili Nascondere il nome della rete non serve Filtrare i mac-address non serve WEP da un falso senso di sicurezza Alessio L.R. Pennasilico 21 Friday, 29 October, 2010
  • 22. Proteggere il WiFi WPA2 a casa è una soluzione adatta In azienda è possibile fare IPSec su WiFi oppure WPA2/Enterprise Alessio L.R. Pennasilico 22 Friday, 29 October, 2010
  • 23. Proteggere le reti SCADA Segmentare la rete Applicare filtri IDS Antivirus Encryption Alessio L.R. Pennasilico 23 Friday, 29 October, 2010
  • 24. Application Intelligence & Control Next Generation Firewall Platform By Application Identify By User/Group By Content Inspection By Application By Application Category Categorize By Destination By Content By User/Group Prioritize Manage Control Block Prevent Malware Prevent Intrusion Attempts 16 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 25. Example: Prioritize Application Bandwidth Goal Prioritize mission critical applications, such as SAP, Salesforce.com and SharePoint. Ensuring these applications have priority to get the network bandwidth they need to operate can improve business productivity. Solution: App: SAP, Sharepoint, SFDC Action: Bandwidth Prioritize Schedule: Always Users: All Application priority can be date based (think end-of-quarter priority for sales applications) 29 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 26. Visualize - Attacks 24 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 27. Visualize - Applications 23 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 28. Minacce “esterne” IDS Antivirus Antispam Alessio L.R. Pennasilico 28 Friday, 29 October, 2010
  • 29. Identify – By Users 19 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 30. Categorize 20 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 31. Malware loves Social Networking Too Set-up: Create bogus celebrity LinkedIn profiles Lure: Place link to celebrity “videos” in profile Attack: Download of “codec” required to view video Infect: Codec is actually Malware Result: System compromised (Gregg Keizer, Computerworld Jan 7, 2009) 8 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 32. Conclusioni http://www.aisgroup.it/ Friday, 29 October, 2010
  • 33. SonicWALL Application Control Appliances NSA 4500 NSA E7500/8500 TZ 210 Series NSA 3500 NSA E6500 NSA 2400MX NSA 2400 NSA E5500 NSA 240 31 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  • 34. SonicWALL Next Generation Firewalls feature:  Multi-Function Security Integration Deep Packet Firewall  Complete Threat Protection with Intrusion Prevention & Anti-Malware/ Virus/Spyware  Content Control & URL Filtering Application Firewall  Full “Enterprise” quality Integrated Anti-SPAM  Protect whole infrastructures such as StoneWare Access Intrusion Prevention Anti-Malware  Application Visibility  Integrated Application Firewall  Policy control over Applications, Application use & File Types Content Filtering Full Anti-SPAM  Ultimate Connectivity  “Clean VPN” Secure IPSec Site-to-Site VPN Connectivity, Clean Wireless, Wireless Switch / Controller Clean Wireless  Exceptional User Policy Control and Access to Resources  Integrated Wireless Switch offer “Clean Wireless” Clean VPN  Reliability, Optimization & Flexibility  Highly Redundant Hardware – Power/Fans Bandwidth Management  Business Application Prioritization & QoS  Integrated Server Load Balancing Feature-set  Flexible Deployments branch office, corporate & department network Applications  Award winning: Deployment & Management Friday, 29 October, 2010
  • 35. Prodotto sviluppato per rispondere integralmente alle esigenze del decreto “amministratori di sistema” Alessio L.R. Pennasilico 35 Friday, 29 October, 2010
  • 36. VoIP Web Interface di gestione Interfaccia utente via web Multisede Integrazione di: fax/sms/skype/device “esotici” Alessio L.R. Pennasilico 36 Friday, 29 October, 2010
  • 37. La sicurezza Non è un prodotto E’ un processo Alessio L.R. Pennasilico 37 Friday, 29 October, 2010
  • 38. Budget? 81% delle intrusioni avvengono su reti che non sodisfano i requirement delle più diffuse norme/best practice / guidelines Gartner Alessio L.R. Pennasilico 38 Friday, 29 October, 2010
  • 39. These slides are written by Alessio L.R. Pennasilico aka mayhem. They are subjected to Creative Commons Attribution- Grazie! ShareAlike-2.5 version; you can copy, modify, or sell them. “Please” cite your source and use the same licence :) Phone/Fax +39 045 8271202 Cristiano Cafferata Alessio L.R. Pennasilico Via Roveggia 43, Verona Via Doria 3, Milano ccafferata@sonicwall.com mayhem@alba.st http://www.aisgroup.it/ BDM & SE Italia e Grecia twitter: mayhemspp info@aisgroup.it FaceBook: alessio.pennasilico Friday, 29 October, 2010