Your SlideShare is downloading. ×
  • Like
  • Save
Stki Summit 2010  Infra Services  V8
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Stki Summit 2010 Infra Services V8

  • 1,730 views
Published

Trends in Networking, Printing, Output Management and Information Security from the STKI 2010 summit

Trends in Networking, Printing, Output Management and Information Security from the STKI 2010 summit

Published in Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,730
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. STKI Summit 2010 Israeli Infrastructure Services Market Shahar Geiger Maor CISSP, Senior Analyst Infrastructure Services (Security, Networking and Green IT) www.shaharmaor.blogspot.com
  • 2. Presentation’s Agenda Networking Printing and Output Management Your Text here Your Text here Information Security Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 2
  • 3. We will present data on products and integrators: STKI Israeli Positioning • Not a technological positioning, refers only to Israeli market • Represents current Israeli market and not our recommendation •Focused on enterprise market (not SMB) Vendor A  Market Presence (X) Vendor B Local Support  Market share - existing and new sales (more emphasis)  Mind share (how user organizations rate vendors) Your Text here Your Text here Worldwide  Local Support (Y) – is influenced by (X) Leader  Experience & technical knowledge, localization, support, number and kind of integrators  Worldwide leaders marked, based on global positioning  Vendors to watch: Are only just entering Israeli market Vendors to Watch: so can’t be positioned but should be watched Vendor C Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 3
  • 4. Networking’s Agenda General trends Mergers and acquisitions Datacenter convergence and infrastructure complexity ApplicationText here Your Delivery Your Text here Voice (IP Telephony, Contact Centers and Unified Communications) Network Monitoring Staffing, Spending and Employee Ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 5
  • 5. Enterprise Networking: Israeli Market Size (M$) 2009 changes 2010 changes 2011 changes 2012 LAN 60.0 8.33% 65.0 15.38% 75.0 20.00% 90.0 equipment WAN 40.0 12.50% 45.0 37.78% 62.0 12.90% 70.0 equipment Text here Your Your Text here VoIP 32.0 9.38% 35.0 14.29% 40.0 12.50% 45.0 equipment VOIP 35.0 28.57% 45.0 22.22% 55.0 27.27% 70.0 Software totals 167.0 13.77% 190.0 22.11% 232.0 18.53% 275.0 Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 6
  • 6. Emerging Technology Roadmap Through 2013 Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 7 Source: Infrastructure Executive Council
  • 7. IP Traffic Growth Your Text here Your Text here Morgan Stanley, 2009 Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 8
  • 8. Video related Traffic Growth Your Text here Your Text here Morgan Stanley, 2009 Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 9
  • 9. Primary Technology Suitability Your Text here Your Text here http://www.dbcde.gov.au/__data/assets/pdf_file/0003/54345/bro Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 10
  • 10. Technologies Categorization 2009 Business Value Investment to make money SAAS/ Cut costs, Increase Cloud IT Project productivity Optimization UC Business Project Billing NGN Your Text here Your Text here Commodity IT VOIP Networking IPv6 Size of figure = Infra. Vir. complexity/ Services Network cost of project Security Investment for regulations Using Implementing Looking Market Maturity Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 11
  • 11. Technologies Categorization 2010 Business Value Investment to make money SAAS/ Cut costs, Increase Cloud IT Project productivity Application UC Delivery Major Changes Billing Networking Text here Your Text here Your Commodity IT Vir. (DC IPv6 Size of figure = Infra. VOIP complexity/ Services Network convergence) cost of project Security Investment for regulations Using Implementing Looking Market Maturity Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 12
  • 12. Networking’s Agenda General trends Mergers and acquisitions Datacenter convergence and infrastructure complexity ApplicationText here Your Delivery Your Text here Voice (IP Telephony, Contact Centers and Unified Communications) Network Monitoring Staffing, Spending and Employee Ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 13
  • 13. Main Theme: Your Text here Cloud infrastructureYour Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 14
  • 14. Interesting M&As in the Networking Market Buyer (For how much?) Acquisition Comments HP (2.7B$) 3Com •Strengthens HP's converged data center product portfolio •To open up opportunities in China, where 3Com has a large presence Avaya (900M$) Nortel (Enterprise Large client base. Will try to leverage this Solutions) acquisition by using the Aura platform. What about Nortel’s data offerings??? Your Text here Your Text here Cisco (3.4B$) Tandberg To Push high-definition imaging systems and videoconferencing Logitech (405M$) LifeSize To offer HD video communications systems for other settings besides the desktop Riverbed (40M$) Expand Excessive demand for video compression and to avoid Cisco from “stealing” Expand Aman Computers (?) ArtNet Experts Small market –interesting changes: 2009’s downturn had had its tolls Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 15
  • 15. Networking “Breaking News” Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 16
  • 16. Networking’s Agenda General trends Mergers and acquisitions Datacenter convergence and infrastructure complexity ApplicationText here Your Delivery Your Text here Voice (IP Telephony, Contact Centers and Unified Communications) Network Monitoring Staffing, Spending and Employee Ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 17
  • 17. Main Theme: Your Text here Complexity! Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 18
  • 18. What have we had in mind? Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 19
  • 19. What actually happened? Complexity! Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 20
  • 20. 10th grade mathematics – reliability chain 99% Your Text here 99% 99% Your Text here 97% Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 21
  • 21. The Converged Datacenter Cisco UCS HP BladeSystem Matrix Data ERP CRM Warehouse Database Mail and Messaging File, Print, Infrastructure Your Text here Your Text here Resource Pool IBM CloudBurst Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 22
  • 22. Future Datacenter Infrastructure Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 23 http://www.sincerelysustainable.com/buildings/google-utilizes-cool-climate-to-cool-its-
  • 23. Giants Face-Off Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 24
  • 24. “Classic” Infrastructure Department: Before Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 25
  • 25. “Classic” Infrastructure Department: After Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 26
  • 26. Infrastructure Department: After DC Convergence Infra. Manager Your Text here Your Text here PC System/Storage/Networking DBA Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 27
  • 27. Local Area Network Vendors - Israeli Market Positioning 1Q10 Cisco Local Support Player Your Text here Your Text here Worldwide Leader Juniper Enterasys HP 3COM Alcatel-Lucent Avaya-Nortel This analysis should be used with its Foundry supporting documents Extreme Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 28
  • 28. Networking’s Agenda General trends Mergers and acquisitions Datacenter convergence and infrastructure complexity ApplicationText here Your Delivery Your Text here Voice (IP Telephony, Contact Centers and Unified Communications) Network Monitoring Staffing, Spending and Employee Ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 29
  • 29. Main Theme: The Business is conquering the infrastructure Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 30
  • 30. Three Pillars of Application Delivery Technology Process People Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 31
  • 31. An ADC Player is Like A Decathlon Athlete Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 32
  • 32. Application Delivery Controllers: What is the Pressure? Globalization: Pushing business process to the network’s edge Centralization / Consolidation: Compliance, control, Cost cutting, Security, Efficiencies / resource utilization Text here Your Your Text here Enterprise & WebMonster Application: Architectures, Increased adoption of browser-based apps, Rich clients (AJAX), Web 2.0 technologies, SOA Service Provider Services Architectures: Next Generation Networks, Video, Messaging Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 33
  • 33. Application Delivery Controllers: What is the Pressure? Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 34
  • 34. Solutions??? Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 35
  • 35. Application Delivery Controllers (ADC) ADC are designed to improve the availability, efficiency, performance and security of web-based or IP-based applications* Your Text here Your Text here L4-L7 Server off- redirection, TCP load (SSL Caching, Network- load- connection termination, NAT compression level security balancing multiplexing TCP and failover connection) * Gartner Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 36
  • 36. Application Delivery Controllers (ADC) - Israeli Market Positioning 1Q10 Solutions to Watch: Array Barracuda Brocade Crescendo Local Support Player Your Text here Your Text here Worldwide F5 Leader Radware Cisco Citrix This analysis should be used with its supporting documents Market Presence *Most CC in the market are Avaya Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 37
  • 37. WAN Optimization - Israeli Market Positioning 1Q10 Local Support Player Your Text here Riverbed Your Text here Worldwide Leader Cisco Blue Coat Citrix Radware F5 This analysis should be used with its supporting documents Juniper Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 38
  • 38. Networking’s Agenda General trends Mergers and acquisitions Datacenter convergence and infrastructure complexity ApplicationText here Your Delivery Your Text here Voice (IP Telephony, Contact Centers and Unified Communications) Network Monitoring Staffing, Spending and Employee Ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 39
  • 39. Corporate Telephony Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 40
  • 40. Main Theme (…again): The Business is conquering the infrastructure Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 41
  • 41. Remember the “Classic” Infrastructure Department? Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 42
  • 42. VOIP and UC -Technology Maturity VOIP Your Text here Your Text here UC Shahar Maor’s work Copyright 2010 @STKI Do not remove source Economics from any graphic or portion of graphic Source: Computer or attribution 43
  • 43. VOIP and UC -Technology Risk/Reward Analysis UC VOIP Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source Economics from any graphic or portion of graphic Source: Computer or attribution 44
  • 44. Why Move to IPTel? upgrading the LAN/ moving to a new office high management costs ROI analysis justifies IPTel Your Text here Your Text here inadequate local support Current solution doesn't meet business requirements other 0% 10% 20% 30% 40% 50% 60% 70% Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 45
  • 45. What is the Importance of VOIP? Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 46
  • 46. Changing the Way Your Business Communicates Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 47
  • 47. Changing the Way Your Business Communicates Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 48
  • 48. Moving-on to Unified Communications Which of the Following Justifies the Implementation of a UC solution? Better Team Work 62% Higher User Experience Your Text here 54% Your Text here Unique Features 54% Long-Term Cost Savings 38% Higher Employ Productivity 23% Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 49
  • 49. Who Should Manage UC? Don't Know 8% CombinedOther 15% Your Text here Networkinghere Your Text Unit 54% Applications Unit 23% Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 50
  • 50. Future Telephony Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 51
  • 51. Contact Centers: Trends SIP (Session Initiation Protocol) age The arrival of web/videoconferencing Going home, literally –Contact center mobility Your Text here Your Text here The live agent –A true skill-based routing Analyzed up the tailbone –More use of performance analytics and workforce optimization tools Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 52
  • 52. New Contact Centers: Focus on IP Signaling Gateways Application Services I N A P / IS U P Your Text here H.248 Your Text here MGCP Speech Services Open Voice System RTP MRCP T D SIP M Media Gateways IP PBXes Source: Genesys Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 53
  • 53. From Marketing-driven Architecture Telephony IVR Prepaid IVR Email Reader A1 Voice Service Call Center City Guide A1 for You Voice Mail Your Text here Your Text here Application Interface Billing, Customer Profile, CRM, Monitoring, Maintenance Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 54
  • 54. To Service-Driven Architecture Telephony VoiceXML Browser A1 Voice Service Call Center Prepaid IVR Ringback Tones Mobile PBX Voice Mail Mobile Campaigning Your Text here Your Text here Standardised Interfaces Billing, Customer Profile, CRM, Monitoring, Maintenance Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 55
  • 55. Contact Centers Preferred Communication Channels-Customers choice Your Text here Your Text here Italy United States http://www.genesyslab.com/system/files/Genesys_US_Survey09_screen.pdf Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 56
  • 56. VOIP (Enterprise IP Telephony) - Israeli Market Positioning 1Q10 Cisco Local Support Player Your Text here Your Text here Worldwide Avaya-Nortel Leader Tadiran 3COM This analysis should be used with its Alcatel-Lucent supporting documents Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 57
  • 57. Contact Center Infrastructure - Israeli Market Positioning 1Q10 Solutions to Watch: Solutions to Watch: Siemens Local Support Player Your Text here Avaya-Nortel Your Text here Worldwide Leader Genesys Aspect Cisco Alcatel-Lucent This analysis should be used with its Cosmocom supporting documents Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 58
  • 58. Unified Communications - Israeli Market Positioning 1Q10 Local Support Player Your Text here Microsoft Your Text here Worldwide Leader Cisco Avaya-Nortel This analysis should be used with its Alcatel-Lucent supporting documents Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 59
  • 59. Networking’s Agenda General trends Mergers and acquisitions Datacenter convergence and infrastructure complexity ApplicationText here Your Delivery Your Text here Voice (IP Telephony, Contact Centers and Unified Communications) Network Monitoring Staffing, Spending and Employee Ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 60
  • 60. Main Theme: Availability and reachable service Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 61
  • 61. Network Operations and Monitoring: What are the Business Needs? Network should be available all the time Highest level of service possible (down goes the “night timeslot”…) Network failures should be located and responded-to ASAP! (money talks) here Your Text Your Text here Future network topology planning must be optimal and consistent with business growth Voice/video monitoring and SLAs by the candidate solution provider must be checked-out, when opting for new solutions Automatic discovery of all network devices: accounted and non- accounted for (who said “NAC”?!) Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 62
  • 62. Network Operations and Monitoring: What is the Pressure? Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 63
  • 63. Network Operation Centers Your Text here Your Text here http://www.netscout.com/docs/thirdparty/NetScout_3pv_Metzler_Application_Delivery_Handbook.pdf Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 64
  • 64. Network Operations and Monitoring: What Kind of Solutions are Available? Basic network monitors (SNMP based) • SNMP-Collectors Usually provide an on-line availability map Mission centric • Usually provide one function: protocol analysis, VOIP monitoring, system Your Text here etc. monitoring Your Text here Combined • systems that provide both basic network monitoring as well as specific functions (mission centric) Super Tools • general purpose, high volume (ESM solutions) Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 65
  • 65. Network Monitoring–Major Players Enterprise System Network Management Monitoring BMC AvalonNet Centerity CA Your Text here EMC Your Text here HP Perform-Net IBM SolarWinds Others… Others… Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 66
  • 66. RSS Alert: Upcoming Round-Table Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 67
  • 67. Networking Integrators - Israeli Market Positioning 1Q10 (Leaders) Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 68
  • 68. Networking’s Agenda General trends Mergers and acquisitions Datacenter convergence and infrastructure complexity ApplicationText here Your Delivery Your Text here Voice (IP Telephony, Contact Centers and Unified Communications) Network Monitoring Staffing, Spending and Employee Ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 69
  • 69. Networking Staffing Ratios-Israel Average IT size: 95 FTE Your Text here Your Text here 0-1 FTE 2-5 FTE >5 FTE Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 70
  • 70. Networking Staffing Ratios Ratios of data/voice Ratios of data/voice networking Personnel networking Personnel (Israel) (Abroad) 6% of IT unit Your Text here 7.7% of ITText here Your unit Shahar Maor’s work Copyright Source for Do not remove source or attributionEconomics or portion of graphic 2010 @STKI abroad figure: Computer from any graphic 71
  • 71. Printing/Output Management’s Agenda Printing Consolidation Your Text here Your Text here Output Management Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 73
  • 72. Main Theme: Your Text here Efficiency & technology Text here Your Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 74
  • 73. Printing: Israeli Market Size (M$) 2009 changes 2010 changes 2011 changes 2012 Departmenta l Printers 82.0 3.66% 85.0 7.06% 91.0 9.89% 100.0 Personal 65.0 -7.69% 60.0 3.33% 62.0 4.84% 65.0 Printers Your Text here Your Text here Output Management 38.0 5.26% 40.0 10.00% 44.0 9.09% 48.0 Printing VAS 30.0 16.67% 35.0 14.29% 40.0 12.50% 45.0 totals 215.0 2.33% 220.0 7.73% 237.0 8.86% 258.0 Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 75
  • 74. STKI Index-2009/2010 Distribution Tools 7% Miscellaneous 11% Output Management Miscellaneous 28% 13% Your Text here Your Text here Fax Services Prices & Cost 18% Reduction 25% Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 76
  • 75. Printing Maturity: Progress Graph The Higher you “climb” –The More efficient You Are Output efficiency 80% Mainly High-tech sector 60% 40% Followers Your Text here Your TextAverage here 20% Leaders 0% Mainly Financial/government sectors Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 77
  • 76. Optimize Infrastructure: The Beginning… Your Text here Your Text here Source: IPG, HP Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 78
  • 77. Optimize Infrastructure: Assessment Your Text here Your Text here Source: IPG, HP Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 79
  • 78. Optimize Infrastructure: Solution Your Text here Your Text here Source: IPG, HP Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 80
  • 79. Manage Environment: The Beginning… Your Text here Your Text here Source: IPG, HP Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 81
  • 80. Manage Environment: Assessment Your Text here Your Text here Source: IPG, HP Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 82
  • 81. Manage Environment: Find a Solution Your Text here Your Text here Improve workflow!! Improve workflow { Before HP } 1 Source: IPG, HP Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 83
  • 82. Manage Environment –Recommendations • Printer consumables are often ad hoc purchases made at Centralize procurement the departmental level • Money can be saved if procurement is coordinated • “Regular” print jobs should use both sides of the “Duplexing” paper Your Text here • Don’t go beyond the printer specifications Your Text here Printer’s Specs • Establish some process controls and assessments In-house vs. Out-sourcing on when an outside vendor should be used • First distribute, then print Think Digital! Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 84
  • 83. Manage Environment –Recommendations • Printer consumables are often ad hoc purchases made at Centralize procurement the departmental level • Money can be saved if procurement is coordinated • “Regular” print jobs should use both sides of the “Duplexing” paper Your Text here • Don’t go beyond the printer specifications Your Text here Printer’s Specs • Establish some process controls and assessments In-house vs. Out-sourcing on when an outside vendor should be used • First distribute, then print Think Digital! Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 85
  • 84. Printing Consolidation in “Real-Life” Your Text here Your Text here Source: MalamTeam, 2009 Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 86
  • 85. Printing Consolidation in “Real-Life” Employees/printers ratio by months (target is 1 output device per 3 employees) Your Text here Your Text here Total output cost: 37% savings Total output cost: 2,634K₪ 1,661K₪ Source: MalamTeam, 2009 Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 87
  • 86. Printing/Output Management’s Agenda Printing Consolidation Your Text here Your Text here Output Management Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 88
  • 87. The Need for Output Management  Each application requires distinct business process definitions • Data Collection, Visual enhancement, Document distribution  Duplicate effort - each separate output channels requires a new design…  Requires significant IT staff involvement  Document and Template design – complex, time consuming, requires expensive IT resources Your Text here Your Text here >20 >10 1-5 Number of different output-generation Platforms in Enterprise organizations >5 Source: Autofont Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 89
  • 88. Output Management Architecture -PrintBOS Your Text here Your Text here Source: Consist Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 90
  • 89. Output Management Architecture - FreeForm App1 App2 App3 FreeForm Data Interactive Data structures generated by enterprise applications Interfaces Data Data Data Interfaces to any application platform, enables gradual implementation Analyzers Others Watched Folder LPR/LPD Web Service Printer Queue Direct API Modular analyzers for treatment of any structured/ unstructured data, open to Others Application Name XSF Offset & Length Column & Row XML proprietary data structures Design Your Text here Your Text here for dynamic output Templates Rich design generation, based on templates, data values and Channels quantity (+scripting) Distribution Modular support for multiple distribution channels (print, view, etc) FreeForm Interactive Interactive and mixed-mode Email data feed into forms Print Display MMS Pint Press Internet Fax Other services Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 91
  • 90. Output Management Round-Table Insights Output management is very “close Output management requires to the business” cross-unit thinking (IT and beyond) Your Text here Your Text here Managing many different output Some organizations in Israel are platforms have become too complex looking for holistic solutions Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 92
  • 91. Output Management - Israeli Market Positioning 1Q10 Solutions to Watch: SAP Oracle EMC Local Support Consist (PrintBos) Player Your Text here Your Text here Autofont Worldwide (FreeForm) Leader InfoPrint Adobe BMC (LifeCycle) Aman (FormIT) ISIS-Papyrus This analysis should be used with its HP supporting documents Bottomline (FormScape) Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 93
  • 92. Output Management –Digital Signature Wiki: a mathematical scheme for demonstrating the authenticity of a digital message or document Your Text here Your Text here Name: ID: Source: Comsign Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 94
  • 93. Output Management –Digital Signature A comparison between digital signature and hand-written signature: Digital signature hand-written signature Court admission? Yes Yes Ease of use “Single click” Signing every Your Text here Your Text here individual page in some cases Archiving Digital –relatively Hard-copy. Storage small storage. consuming. Document can be Changes to the No real protection. forged? original document Much easier to “breaks” the forge than DS. signature Non-repudiation Yes No Shahar Maor’s work Copyright 2010 @STKI Do Source: Comsign not remove source or attribution from any graphic or portion of graphic 95
  • 94. Output Management –Digital Signature Digital signature improve security, workflow and save money! Growing demand for Authentication and integrity in Israel should push (…at last) the use of DS forward Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 96
  • 95. "The security business has no future...The security industry is dead“ (IBM ISS general manager, Val Rahamani 2008) Your Text here Your Text here “spam and other content security issues would be "solved" in a few years” (Bill Gates, 2006) Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 97
  • 96. Security’s Agenda General trends Security Issues for Cloud Computing Virtualization security Mobile security NetworkText here Your security Your Text here Anti-X protection Data protection Security Monitoring & Control Best SU of 2009 Staffing and ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 98
  • 97. Information Security: Israeli Market Size (M$) 2009 changes 2010 changes 2011 changes 2012 Security 85.0 23.53% 105.0 4.76% 110.0 9.09% 120.0 Software GRC & Your Text here 50.0 50.00% 75.0 9.33% 82.0 Your Text here 9.76% 90.0 BCP Security 85.0 11.76% 95.0 8.42% 103.0 6.80% 110.0 VAS totals 220.0 25.00% 275.0 7.27% 295.0 8.47% 320.0 Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 99
  • 98. What’s on the CISO’s Agenda? (STKI Index 2009) Sec Tools SIEM/SOC 5% Miscellaneous 5% 5% NAC Encryption 18% 9% Access/Authenti Market/Trends cation Your Text here Your 15% here Text 10% DB/DC SEC EPS/mobile 10% DLP 15% 10% Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 100
  • 99. Some Interesting M&As in the Security Market Buyer (For how much?) Acquisition Why? IBM (225M$) Guardium •expand its portfolio in this area •Added value ability to provide analytics about IT business processes Trend Micro (?) Third Brigade Trend is making Third Brigade a strategic acquisition to assist in its data-center vision CA (?) Orchestria Adds Orchestria's data leak prevention Your Text here Your Text here technology to CA's identity and access management product suites Oracle (7.3B$) Sun Because of Sun’s IDM solutions  Microsystems Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 101
  • 100. Some Interesting M&As in the Security Market Active Acquirers: IT Security M&A Deals Since 2004 Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 102 http://updataadvisors.com/Advisors_Newsletters/Security/it_security_maupdat
  • 101. Types of Incidents (2000-2010) Your Text here Your Text here http://datalossdb.org/statistics Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 103
  • 102. Incidents by Vector (2000-2010) Your Text here Your Text here http://datalossdb.org/statistics Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 104
  • 103. Incidents by Vector (2009) Your Text here Your Text here http://datalossdb.org/statistics Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 105
  • 104. www.stki.info is in the Trend… Your Text here STKI.INFOhere Your Text HAS BEEN DEFACED 18.12.2009 Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 106
  • 105. “Our” Quick Response…. MODERN WORLD STRIKES BACK!!! 6.1.2010 Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 107
  • 106. RSS Alert: Upcoming Round-Table Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 108
  • 107. Security’s Agenda General trends Security Issues for Cloud Computing Virtualization security Mobile security NetworkText here Your security Your Text here Anti-X protection Data protection Security Monitoring & Control Best SU of 2009 Staffing and ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 109
  • 108. Main Theme: Your Text here Cautiousness Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 110
  • 109. Cloud Computing Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic http://www.powerpoint-search.com/what-is-cloud-computing-ppt.html 111
  • 110. Cloud Characteristics Your Text here Your Text here http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk- Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 112
  • 111. Cloud Security Your Text here Your Text here Source: http://csrc.nist.gov/groups/SNS/cloud-computing/ Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 113
  • 112. Cloud Security Reasons not to adopt SaaS: Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI by IGT,remove source or attribution from any graphic 2010 Source: SaaS survey – Do not Israel SaaS center & STKI, March or portion of graphic 114
  • 113. How Does Cloud Computing Affect the “Security Triad”? Confidentiality Your Text here Your Text here Availability Integrity Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 115
  • 114. Cloud Risk Assessment NETWORK INSECURE OR MANAGEMENT Probability INEFFECTIVE DELETION OF DATA ISOLATION FAILURE CLOUD PROVIDER MALICIOUS INSIDER - ABUSE OF Your Text here HIGH Your Text here PRIVILEGE ROLES MANAGEMENT INTERFACE COMPROMISE (MANIPULATION, AVAILABILITY OF INFRASTRUCTURE) LOSS OF GOVERNANCE COMPLIANCE RISK FROM CHALLENGES CHANGES OF JURISDICTION Impact http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk- Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 116
  • 115. Cloud Regulations & Recommendations No regulations so far…. Some sources of information and recommendations: • Security Guidance for Critical Areas of Focus in Cloud Computing, V2.1 • ENISA Cloud Computing Risk Assessment • OECD -Cloud Computing and Public Policy • World Privacy Forum Privacy In The Clouds ReportYour Text here Your Text here • NIST -Effectively and Securely Using the Cloud • "Cloud Computing Security: Raining On The Trendy New Parade," BlackHat • AWS Security Whitepaper Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 117
  • 116. Security’s Agenda General trends Security Issues for Cloud Computing Virtualization security Mobile security NetworkText here Your security Your Text here Anti-X protection Data protection Security Monitoring & Control Best SU of 2009 Staffing and ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 118
  • 117. Main Theme: Your Text here “Mind the gap” Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 119
  • 118. Bridging the Gap Your Text here Your Text here Virtualization is moving rapidly into production environments Companies concerned about security issues and lack of security products Virtualization opens up gaps in traditional physical network analysis and security Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 120
  • 119. Virtualization attacks Root Partition Guest Partitions Provided by: Ring 3: User Mode Virtualization Stack Windows WMI Provider Guest Applications Virtualization VM Worker VM Processes ISV Service Attackers Your Text here Your Text here Virtualization Service OS Server Core Virtualization Kernel Clients Service (VSCs) Windows Kernel Device Providers Drivers (VSPs) VMBus VMBus Enlightenments Ring 0: Kernel Mode Windows hypervisor Server Hardware Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 121
  • 120. How to Protect? Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 122
  • 121. What to Protect? Both Guests and Host are subjected to attacks Full disk encryption? Some challenges of VM architecture: • separation of duties • Where, exactly, are my VMs located? Your Text here Your Text here • How to manage old VM images? • How to retire Virtual Machines? • Hypervisor vulnerabilities • Lack of solid auditing capabilities • More and more… Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 123
  • 122. Virtualization Security Solutions: Altor Your Text here Your Text here http://altornetworks.com/news-events/rsa-10-most-interesting Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 124
  • 123. Virtualization Security Solutions: CatBird Your Text here Your Text here http://www2.catbird.com/our_services/vmware.php Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 125
  • 124. Virtualization Security Solutions: Reflex Change Control & Configuration Monitoring Virtual Security (FW/IDS/IPS) CPU, Memory, Network & Storage Performance Software Asset Management Your Text here Virtual Infrastructure Discovery & Mapping Your Text here Timeline & Alerts for Audit & Compliance Virtual Infrastructure Alarms & Alerts http://www.reflexsystems.com/Products/VMC Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 126
  • 125. Virtualization Security Recommendations  Follow best practices: • VMWare: http://www.vmware.com/pdf/vi3_301_201_server_config.pdf • Microsoft: http://www.microsoft.com/downloads/details.aspx?displaylang= en&FamilyID=2220624b-a562-4e79-aa69-a7b3dffdd090 Your Text here Your Text here • Citrix: http://support.citrix.com/servlet/KbServlet/download/20639- 102-532852/user_security-1.0-5.5.0-en_gb.pdf • Explore (cautiously!!) third party’s solutions Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 127
  • 126. Security’s Agenda General trends Security Issues for Cloud Computing Virtualization security Mobile security NetworkText here Your security Your Text here Anti-X protection Data protection Security Monitoring & Control Best SU of 2009 Staffing and ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 128
  • 127. Main Theme: Your Text here Fast-growing Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 129
  • 128. Remote Access -Customer Needs Secure Access from Managed and Unmanaged Devices Simplified and Granular Access Control Application Interoperability Outside the Corporate Network Text here Your Your Text here Full Enablement of Mobile Devices 2 factor authentication for all applications Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 130
  • 129. Connectivity Approach Each session is tailored according to its user and the device in use, maximizing security and productivity for that session. Internal & External Managed & Private Users Unmanaged Devices Resources Financial Legacy Apps Partner or Home PC Limited Intranet Financial Agent Field Home PC Custom Financials Partner or Field Agent Your Text here Logistics Your Text here Kiosk Kiosk Limited Webmail: Partner no attachments Web Apps Logistics Partner Client-Server Apps Corporate Full Intranet Supply Chain Project Manager Laptop Legacy Apps Employee Payroll & HR File Access Project Manager Third-Party Apps Employee Corporate Remote Unmanaged Laptop Homegrown Apps Technician Managed Webmail Tech Support App Partner PC EmployeeRemote Unmanaged File Access Technician Partner PC Employee Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic download.microsoft.com/documents/uk/.../IGA2009_UAG_Bill_Orme.pptx 131
  • 130. Solution Architecture (UAG) •Exchange •CRM •SharePoint Mobile •IIS based •IBM, SAP, Home / Friend / Oracle Kiosk Internet HTTPS (443) TS Direct Access Your Text here Your Text here Non web Business Partners / Authentication AD, ADFS, Sub - Contractors End-point health detection RADIUS, LDAP…. Enterprise Readiness Edge Ready Corporate Network Employees Managed Machines Information Leakage Prevention Internet / home / hotel / other company Non-Windows Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic download.microsoft.com/documents/uk/.../IGA2009_UAG_Bill_Orme.pptx 132
  • 131. Secure Remote Access - Israeli Market Positioning 1Q10 Juniper Local Support Player Your Text here Checkpoint Your Text here Microsoft Worldwide Leader Citrix SonicWall Cisco This analysis should be used with its F5 supporting documents Array Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 133
  • 132. “Strong” Authentication - Israeli Market Positioning 1Q10 Solutions to Watch: ANB Local Support Player Your Text here RSA Your Text here Safenet-Aladdin Worldwide Leader Cidway Vasco Fast Movement Atena biometric solutions* This analysis should be used with its supporting documents * Biometric solutions are still Market Presence considered “niche market” in Israel Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 134
  • 133. Mobile Security: What worries CISOs? Internal users: Central management Corporate data on device (encryption, DLP) Devices welfare (AV) ? Your Text here Your Text here External users: Sensitive traffic interception Masquerading Identity theft Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 135
  • 134. Mobile Security: What worries Customers? Your Text here Your Text here Source: Data Innovation, Inc. 2010 Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 136
  • 135. Secure Mobile-Device Control - Israeli Market Positioning 1Q10 Local Support Player Your Text here Your Text here Worldwide Leader Checkpoint Fast Symantec Movement Sybase Sophos (Utimaco) McAfee Microsoft This analysis should be used with its Trend Micro supporting documents Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 137
  • 136. RSS Alert: Upcoming Round-Table Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 138
  • 137. Security’s Agenda General trends Security Issues for Cloud Computing Virtualization security Mobile security NetworkText here Your security Your Text here Anti-X protection Data protection Security Monitoring & Control Best SU of 2009 Staffing and ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 139
  • 138. Applications Have Changed – Firewalls Have Not • The gateway at the trust border is the right place to enforce policy control - Sees all traffic - Defines trust boundary Your Text here Your Text here • BUT…Applications Have Changed - Ports ≠Applications - IP Addresses ≠Users - Packets ≠Content Need to Restore Visibility and Control in the Firewall www.stallion.ee/.../Palo_Alto_Networks_Stallion_Autumn_Seminar.pptx Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 140
  • 139. Sprawl Is Not The Answer Internet Your Text here Your Text here • “More stuff” doesn’t solve the problem • Firewall “helpers” have limited view of traffic • Complex and costly to buy and maintain • Putting all of this in the same box is just slow www.stallion.ee/.../Palo_Alto_Networks_Stallion_Autumn_Seminar.pptx Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 141
  • 140. Paloalto Architecture Policy Engine Data Filtering Content-ID Content-ID Filtering URL Threat Prevention Application Protocol Decoding Your Text Application Protocol Detection and here Decryption Your Text here App-ID Application Signatures Heuristics User-ID L2/L3 Networking, HA, Config Management, Reporting www.stallion.ee/.../Palo_Alto_Networks_Stallion_Autumn_Seminar.pptx Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 142
  • 141. Enterprise Network Firewall - Israeli Market Positioning 1Q10 Solutions to Watch: Checkpoint Palo-Alto Juniper Local Support Player Your Text here Your Text here Worldwide Leader Fortinet Cisco Microsoft This analysis should be used with its supporting documents Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 143
  • 142. Intrusion Prevention/Detection Systems - Israeli Market Positioning 1Q10 Local Support McAfee IBM-ISS Player Your Text here Juniper Your Text here Fortinet Worldwide Leader Checkpoint 3Com (Tipping Cisco Point) This analysis should be used with its Radware Sourcefire supporting documents (Snort) Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 144
  • 143. Application Firewall - Israeli Market Positioning 1Q10 Imperva Local Support F5 Player Your Text here Your Text here IBM* Worldwide Leader Citrix Microsoft Breach Cisco* Radware Protegrity This analysis should be used with its Applicure supporting documents Barracuda Market Presence * More of An XML FW Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 145
  • 144. Network Access Control (NAC) Challenges Vendor lock-in -Proprietary solutions require hardware rip-and-replace Complexity -Too many moving parts, both in your network and in the solution Project scope -Need to secure thousands of endpoints, hundredsText here Your of remote offices, a variety of user here Your Text communities… Disruption of business practices -Confusion, frustration, potential downtime Support costs -User impact = helpdesk impact Uncertain future -Relatively new technology - where is it going? Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 146
  • 145. NAC Insights NAC has not been “fully digested” by Israeli customers in 2008. 2009 was much better. NAC may be deployed less expensively when it is an embedded feature of an existing vendor Israeli NAC Start-ups offer a cost effective Your Text here Your Text here simple solutions –Israeli SUs gain Israeli clients’ trust Israeli customers first priority: network visibility and guest network control Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 147
  • 146. What is Your Organization’s Status Regarding NAC? Adequate solution in place 7% No solution in Inadequate place solution in place Your Text here 36% 21% Your Text here Evlauating options/POCs 36% Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 148
  • 147. Network Access Control - Israeli Market Positioning 1Q10 What’s cooking??? Access Layers Local Support ForeScout Cisco Player Your Text here Symantec Your Text here Worldwide Juniper Leader Check Point Microsoft Insightix Enterasys This analysis should be used with its McAfee supporting documents HP Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 149
  • 148. Security’s Agenda General trends Security Issues for Cloud Computing Virtualization security Mobile security NetworkText here Your security Your Text here Anti-X protection Data protection Security Monitoring & Control Best SU of 2009 Staffing and ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 150
  • 149. Internet Security 87% E-mail Traffic in 2009 Detected as Spam (Symantec) rank of the overall 2009 threat landscape (CA): Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 151
  • 150. Infections of W32.Downadup/Conficker Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_downadup_codex_ed1.pdf 152
  • 151. Pandemic (H1N1) 2009 Epidemiological situation Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic http://www.who.int/immunization/sage/1.Briand_epi_7th_July_2009_(rev_6July_09).pdf 153
  • 152. Top ten W32.Downadup/Conficker countries Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_downadup_codex_ed1. 154
  • 153. Security Protection Suites - Israeli Market Positioning 1Q10 (Enterprise Leaders Only) Server Security Endpoint Security Symantec Symantec McAfee McAfee Local Support Local Support Trend Micro CA* Trend Micro Your Text here Your Text here Checkpoint Microsoft Safend ControlGuard Promisec Calcom* Microsoft Market Presence Market Presence *Mostly server hardening Player Worldwide Leader This analysis should be used with its supporting documents Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 155
  • 154. Spam: Regions of Origin Your Text here Your Text here “Region of origin” represents the percentage of spam messages reported coming from certain regions and countries http://eval.symantec.com/mktginfo/enterprise/other_resources/b-state_of_spam_report_01-2010.en-us.pdf156 Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 155. Spam: Global Categories specifically offering or advertising Internet or computer-related goods Your Text here Your Text here and services named after the section of the Nigerian penal code: email that alerts an end user that they are entitled to a sum of money http://eval.symantec.com/mktginfo/enterprise/other_resources/b-state_of_spam_report_01-2010.en-us.pdf157 Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic
  • 156. Email Security - Israeli Market Positioning 1Q10 Hosted/Cloud Solutions: Microsoft (Forefront) Google (Postini) Symantec (MessageLabs) Cisco (Ironport) Local Support McAfee (MX Logic) Cisco Player Your Text here Your Text here Symantec Worldwide Leader Fast Movement PineApp Microsoft McAfee This analysis should be used with its Mirapoint SafeNet supporting documents Websense Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 158
  • 157. Secure Web-Gateway (SAAS) -Zscaler Your Text here Your Text here http://www.zscaler.com/how-it-works.html# Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 159
  • 158. Secure Web-Gateway - Israeli Market Positioning 1Q10 Solutions to Watch: Zscaler Local Support BlueCoat Websense Player Your Text here Your Text here Worldwide Leader Fortinet Cisco Fast Movement Symantec SafeNet McAfee This analysis should be used with its supporting documents Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 160
  • 159. Security’s Agenda General trends Security Issues for Cloud Computing Virtualization security Mobile security NetworkText here Your security Your Text here Anti-X protection Data protection Security Monitoring & Control Best SU of 2009 Staffing and ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 161
  • 160. Data Loss Database - 2009 yearly report Your Text here Your Text here NAA –Names/Addresses, SSN –Social Security Numbers, CCN –Credit Card Numbers, EMA –Email Addresses, DOB –Date of Birth, MED –Medical, MISC –Miscellaneous, ACC –Account Info (Financial), FIN –Financial Info http://datalossdb.org/yearly_reports/dataloss-2009.pdf Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 162
  • 161. Data Loss Database - 2000 yearly report Your Text here Your Text here (Almost) Fist Reported data loss : http://datalossdb.org/yearly_reports/dataloss-2000.pdf Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 163
  • 162. DLP Scenario in Israel No Data • Problem #1 Classification Poor Your Text here • Problem #2Text here Your Security Policy Project Fails • Outcome Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 164
  • 163. What Should be Done in Order to Succeed? Safeguard employee Automate policy privacy enforcement Monitor all data usage Your Text here Discover and Your Text here protect Classify and confidential data label! wherever it is Look for your stored or used assets! Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 165
  • 164. Data Leak/Loss Prevention - Israeli Market Positioning 1Q10 Solutions to Watch: Microsoft (RMS) Secure Islands Covertix Local Support ANB Player Your Text here Your Text here Worldwide Leader Websense Fast Verdasys Movement Symantec RSA Checkpoint Safend This analysis should be used with its supporting documents McAfee CA Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 166
  • 165. Open Source DB Protection GreenSQL Diagram Your Text here Your Text here http://www.greensql.net/community/docs Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 167
  • 166. Database Protection -Israeli Market Positioning 1Q10 Vendors to Watch: Fortinet Secerno Local Support Player Your Text here Your Text here Worldwide Leader Sentrigo Fast Imperva Movement IBM (Guardium) This analysis should be used with its supporting documents Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 168
  • 167. Security’s Agenda General trends Security Issues for Cloud Computing Virtualization security Mobile security NetworkText here Your security Your Text here Anti-X protection Data protection Security Monitoring & Control Best SU of 2009 Staffing and ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 169
  • 168. SIEMSOC “Round Table” Insights One should know how to “sell” SIEM project to management Knowing when NOT to start a project Reporting Systems, Logging and parsing Your Text here Your Text here “Tracing the events” (real-time?) Who defines what is “risk”? How to translate it to HD? Maintenance and operations: What does it take? Outsourced SOC (must be taken under consideration) Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 170
  • 169. Security Information & Event Management (SIEM/SOC) - Israeli Market Positioning 1Q10 Solutions to Watch: IBM -MSS TriGeo Local Support ArcSight Player Your Text here Your Text here RSA Worldwide Leader Symantec CA Cisco IBM This analysis should be used with its NetIQ supporting documents Novell Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 171
  • 170. Identity & Access Management (IAM) Your Text here Your Text here The Dubai Gang http://www.ynet.co.il/articles/0,7340,L-3850908,00.html “Identity is a philosophical issue” Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 172
  • 171. Identity & Access Management (IAM) The value of IAM is still recognized and IAM is here to stay Governance, Risk and Compliance is the main driver of IAM There are still significant gaps between the expected and realized benefits of IAM Your Text here Your Text here A lack of business buy-in is the main cause of IAM project failure Israeli organizations tend to prefer SSO and gap analysis rather than a whole IAM project Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 173
  • 172. Causes of IAM projects failure Your Text here Your Text here http://www.kpmg.com.sg/publications/Advisory_EuropeanIdenty_AccessMgtSurvey09.pdf Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 174
  • 173. Identity & Access Management - Israeli Market Positioning 1Q09 Local Support IDM Player IBM S SSO Player Your Text here CA Your Text here Worldwide Novell Leader Prominent Oracle-Sun WAM Player Passlogix S Quest BMC Imprivata S This analysis should be used with its supporting documents Microsoft Velo (OS) Market Presence Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 175
  • 174. RSS Alert: Upcoming Round-Table Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 176
  • 175. Security’s Agenda General trends Security Issues for Cloud Computing Virtualization security Mobile security NetworkText here Your security Your Text here Anti-X protection Data protection Security Monitoring & Control Best SU of 2009 Staffing and ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 177
  • 176. Local Security Vendors and CISO’s Decision Making CISO is always 80% chance it will consideringText here Your Is a local solution Your Text here be among last technology, local available? three bidders support and price Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 178
  • 177. Why Israeli CISOs Choose Israeli Info Sec SUs? Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 179
  • 178. Best Security Start-Up of 2009 (Customers’ Choice) Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 180
  • 179. Security Consultants -Israeli Market Positioning 1Q10 (Leaders) Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 181
  • 180. Security System Integrators -Israeli Market Positioning 1Q10 (Leaders) Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 182
  • 181. Security’s Agenda General trends Security Issues for Cloud Computing Virtualization security Mobile security NetworkText here Your security Your Text here Anti-X protection Data protection Security Monitoring & Control Best SU of 2009 Staffing and ratios Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 183
  • 182. Security Echo-System: Key Roles Senior Management CISO Your Text here Custodian here Your Text Data owners Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 184
  • 183. Security Echo-System: Senior Management Roles 1. Define the scope, objectives, priorities and strategies of the company’s Security Program 2. Without management’s support efforts might Your Text here Your Text here be doomed…. 3.Ultimate liability Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 185
  • 184. …..Ultimate liability Your Text here Your Text here CAGEY FELLOWS (from left) Countrywide’s Angelo Mozilo, Bear Stearns’ Jimmy Cayne, Lehman Brothers’ Dick Fuld, and Merrill Lynch’s John Thain Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 186
  • 185. Common Organizational Structures: Financial Sector VP VP Operations Technologies CIO CISO Your Text here Your Text here Dev. Mng. Infra. Mng. New Regulations Access Sec. Dev. technologies Security… Security… Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 187
  • 186. Common Organizational Structures: ISPs CIO/VP VP of Integration Your Text here CISO Your Text hereMng. Infra. Staff Security Security Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 188
  • 187. Common Organizational Structures: Telecom VP VP Operations Technologies CIO Physical Security Your Text here Your Text here Infra. Mng. Security Fraud, DLP… technologies Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 189
  • 188. Common Organizational Structures: Defense CEO Kabbat CIO (CSO) Your Text here Your Text here Infra. Mng. Security Fraud, DLP… technologies Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 190
  • 189. Common Organizational Structures: Industrial Companies Kabbat VP (CSO) CIO Your Text here Your Text here Infra. Mng. CISO/Security System Network Storage Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 191
  • 190. Common Organizational Structures: Services #1 CIO CISO QA Your Text here Your Text here Operations Production ERP, CRM… Infrastructure Security Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 192
  • 191. Common Organizational Structures: Services #2 CIO CISO Your Text here Your Text here Projects DEV ERP, CRM… Infrastructure Security Security Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 193
  • 192. Budget? 1. Usually very “dynamic” 2. In most cases: event/regulation driven instead of policy driven 3. Part of budget may be embedded within other IT units projects Your Text here Your Text here 4. Approximately 2%-7% of IT budget Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 194
  • 193. Security Budgeting Ratios Ratios of Security Ratios of Security Budget (Israel) Budget (abroad) 4.3% of IT operational 4% of IT operational Your Text here Your Text here budget budget Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution Economics or portion of graphic Source for abroad figure: Computer from any graphic 195
  • 194. Security Staffing Ratios Ratios of Security Ratios of Security Personnel (Israel) Personnel (Abroad) 2% of IT unit 1.8% of IT unit Your Text here Your Text here Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution Economics or portion of graphic Source for abroad figure: Computer from any graphic 196
  • 195. Security Staffing Ratios-Israel >10 FTE Average IT size: 160 FTE 6-10 FTE Your Text here Your Text here 2-5 FTE 0-1 FTE 0% 10% 20% 30% 40% 50% 60% Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 197
  • 196. Thank you! shahar@stki.info Shahar Maor’s work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 198