Título presentaciónSoluciones de SeguridadNicolás Pérez de ArenazaNombre y Apellido
Agenda    •   Algunas definiciones    •   IBM Security Framework & Portfolio    •   Personas - Enterprise Single Sign On. ...
Activos Digitales    • Activo es un bien tangible o intangible que tiene una      persona o empresa, mediante el cual se o...
Para pensar .…    • Clasificar los datos (en fx continuidad del negocio).    • Amenazas y Vulnerabilidades.    • Gestión d...
IBM Security Framework5                            © 2012 IBM Corporation
IBM Security Framework                                       Security Governance,                                       Se...
IBMs security portfolio…                             Enterprise Governance, Risk and Compliance Management            IBM ...
TAM ESSO           •   > Seguridad           •   > Cumplimiento           •   < Costos operativos           •   > Producti...
VMware IPS9   9                © 2012 IBM Corporation
Escenario de Red              Firewall/VP              N                        IDS/IP                        S10         ...
Convergencia Servidores y Redes11                                     © 2012 IBM Corporation
Nuevas Amenazas/Riesgos a                                partir de la Virtualización  Amenazas Tradicionales        Las Am...
Desafíos de la Seguridad para                             Entornos VirtualesNuevas Vulnerabilidades259 new virtualization...
Desafío: Proteger el Hypervisor     Vuln     Vuln              vCenter            Admin clients               vCenter     ...
Desafío: Pérdida de visibilidad                         en la red virtual                                                 ...
Desafío: Seguridad Contínua                      luego de Migraciones de VM           Physical Host                    Phy...
Desafío: Dispersión de Virtual                                                      Machines•        Dispersión de VMs: VM...
IBM Security Virtual Server                                Protection for VMwareHelps customers to be more secure, complia...
Desafío: Proteger el Hypervisor                                                                                           ...
Desafío: Pérdida de visibilidad                               en la red virtual                                           ...
Desafío: Seguridad Contínua                                      luego de Migraciones de VM Maintain security posture    ...
Desafío: Dispersión de Virtual                                                 Machines• VM Sprawl: Obsolete or rogue VMs ...
Tres razonables para proteger                            infraestructuras virtualizadas Necesidad                 Cómo ayu...
Aumento del ROI de la                                                infraestructura virtualizada     •        Automated P...
VSP vs Host Based virtualizadas             Host-Based Agent                                   Virtual Server Protection  ...
Novedades en Copias de       Seguridad (Backup)2626                                © 2012 IBM Corporation
Ventanas de Backup27                        © 2012 IBM Corporation
Sitio de Contingencia     Rapid / Disaster Recovery28                               © 2012 IBM Corporation
Respaldo de Oficinas Remotas29                                  © 2012 IBM Corporation
TSM 6.3 Node Replication30                              © 2012 IBM Corporation
TSM Suite for Unified Recovery31                                    © 2012 IBM Corporation
“Generating Higher Value at IBM” includes selected references to certain non-GAAP financial measures that are made to faci...
Upcoming SlideShare
Loading in …5
×

[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux

509 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
509
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

[Chaco] Soluciones de Seguridad – Nicolás Pérez, Giux

  1. 1. Título presentaciónSoluciones de SeguridadNicolás Pérez de ArenazaNombre y Apellido
  2. 2. Agenda • Algunas definiciones • IBM Security Framework & Portfolio • Personas - Enterprise Single Sign On. • Network – VSAFE • Storage – FastBack2 © 2012 IBM Corporation
  3. 3. Activos Digitales • Activo es un bien tangible o intangible que tiene una persona o empresa, mediante el cual se obtienen beneficios económicos. • En todas las organizaciones, en mayor o medida de acuerdo a su actividad, los datos son un activo (activo digital). • La Seguridad Informática y la Seguridad de la Información tienen la misión de proteger este tipo de activos intangibles, a la vez que los mantienen accesibles para quienes deben utilizarlos.3 © 2012 IBM Corporation
  4. 4. Para pensar .… • Clasificar los datos (en fx continuidad del negocio). • Amenazas y Vulnerabilidades. • Gestión de Riesgos: – Evitar (no instalar una fábrica en zona sísmica). – Reducir (construcciones antisísmicas, instalaciones ignífugas, planes de contingencia, generadores de energía). – Retener (muy común – aceptar las consecuencias del riesgo –en gral. por falta de alternativas, o por inconciencia => involuntario). – Transferir (contratar un seguro). • La seguridad es Proceso Continuo. • Los errores se miden por sus consecuencias.4 © 2012 IBM Corporation
  5. 5. IBM Security Framework5 © 2012 IBM Corporation
  6. 6. IBM Security Framework Security Governance, Security Governance, SIEM (Security Intelligence, SIEM (Security Intelligence, Risk & Compliance Risk & Compliance Enterprise Compliance) Enterprise Compliance) Identity and Identity and Identity Management Identity Management Access Management Access Management Access Management Access Management Data Data Loss Prevention Data Loss Prevention Data Security Security Encryption and Key Encryption and Key Messaging Security Messaging Security Lifecycle Management Lifecycle Management E-mail E-mail Database Monitoring and Database Monitoring and Security Security Data Masking Data Masking Protection Protection App Vulnerability Scanning App Vulnerability Scanning Application Security Application Security Web Application Firewall Web Application Firewall App Source Code Scanning App Source Code Scanning Web // URL Web URL Access and Entitlement Access and Entitlement SOA Security SOA Security Filtering Filtering Management Management Vulnerability Vulnerability Infrastructure Security Infrastructure Security Mainframe Security Mainframe Security Assessment Assessment Intrusion Prevention Intrusion Prevention Threat Assessment Threat Assessment Web/URL Filtering Web/URL Filtering System SystemNote: Unlike the IBMheterogeneous security Firewall, IDS/IPS, Security Event Security Event Virtual System Security Virtual System Securityframework, Oracle focuses on MFS, End Point Mgmt. Management Managementthe people level and (partially)the compliance, data, and  IBM Kassel content security teamapplication levels only.  Managed Security Services  2,000+ security engineers in 11 centers 6 © 2012 IBM Corporation
  7. 7. IBMs security portfolio… Enterprise Governance, Risk and Compliance Management IBM OpenPages Algorithmics (recent acquisition) i2 Corporation (recent acquisition) IBM Security Portfolio IBM Security Portfolio IT Security / Compliance Analytics & Reporting QRadar QRadar Log QRadar Risk IBM Privacy, Audit and SIEM Manager Manager Compliance Assessment Services IT Infrastructure – Operational Security Domains Security Consulting People Data Applications Network Infrastructure Endpoint Identity & Access Guardium AppScan Network Endpoint Management Suite Database Security Source Edition Intrusion Prevention Manager (BigFix) Managed zSecure, Server and Federated Optim AppScan DataPower Services Virtualization Identity Manager Data Masking Standard Edition Security Gateway Security Native Server Enterprise Key Lifecycle Security QRadar Anomaly Security (RACF, IBM Single Sign-On Manager Policy Manager Detection / QFlow Systems) X-Force Data Security Application and IBM Identity Assessment, Assessment Service Assessment Service Managed Firewall, Research Unified Threat and Penetration Deployment and AppScan OnDemand Intrusion Prevention Testing Services Hosting Services Encryption and Software as a Services DLP Deployment Service7 © 2012 IBM Corporation
  8. 8. TAM ESSO • > Seguridad • > Cumplimiento • < Costos operativos • > Productividad8 © 2012 IBM Corporation
  9. 9. VMware IPS9 9 © 2012 IBM Corporation
  10. 10. Escenario de Red Firewall/VP N IDS/IP S10 © 2012 IBM Corporation
  11. 11. Convergencia Servidores y Redes11 © 2012 IBM Corporation
  12. 12. Nuevas Amenazas/Riesgos a partir de la Virtualización Amenazas Tradicionales Las Amenazas tradicionales pueden atacar VMs del mismo Nuevas Amenazas a modo que en los sistemas físicos entornos Virtuales Dispersión de VMs —————————— Dynamic relocation ——————————Management Robo de VMsVulnerabilities——————————Secure storage of VMsand the managementDATA—————————— Recursos CompartidosRequires new ——————————skill sets Punto único de falla Stealth rootkits in hardware now possible —————————— Virtual NICs & Virtual Hardware are targets MAS COMPONENTES = MAYOR EXPOSICION1212 © 2012 IBM Corporation
  13. 13. Desafíos de la Seguridad para Entornos VirtualesNuevas Vulnerabilidades259 new virtualization vulnerabilities over the last 5 yearsNew attack types (e.g. Hyperjacking, hypervisor escape, VM attacks)Mayor Superficie de AtaqueVirtual endpoints have same security challenges as their physical counterpartsVirtualization management systems provide new attack vectorHypervisor itself is an attack vectorLa mayor flexibilidad puede aumentar los riesgos de seguridadMigration of VMs for load balancing can make them more difficult to secureEase of addition of VMs increases likelihood that insecure systems will go onlineMalicious insiders can inflict massive damage very quickly13 © 2012 IBM Corporation
  14. 14. Desafío: Proteger el Hypervisor Vuln Vuln vCenter Admin clients vCenter Admin clients Vuln Vuln Vul Vul vCenter vCenter n servers servers Vuln Vuln Service Service Console Console Unprotected VM Vul Vul Virtual Virtual Privileged n n Devices Devices Privileged Access Access Vuln Vuln14 © 2012 IBM Corporation
  15. 15. Desafío: Pérdida de visibilidad en la red virtual Unauthorized communicationAttacks throughauthorizedcommunicationchannels. 15 © 2012 IBM Corporation
  16. 16. Desafío: Seguridad Contínua luego de Migraciones de VM Physical Host Physical Host VM VM VM VM VM VM VM VM VM VM vSwitch vSwitch vSwitch vSwitch vSwitch vSwitch vSwitch vSwitch16 © 2012 IBM Corporation
  17. 17. Desafío: Dispersión de Virtual Machines• Dispersión de VMs: VMs obsoletas o maliciosas, proliferan en los ambientes virtualizados.• Controlar la dispersión de VMs a través de auto-discovery• Detectar nuevas VMs en el momento en que pretender ser activadas VM VM mal VM VM descono- intencio- Conocida Conocida cida nada Hypervisor Hypervisor 17 © 2012 IBM Corporation
  18. 18. IBM Security Virtual Server Protection for VMwareHelps customers to be more secure, compliant and cost-effective by delivering integrated andoptimized security for virtual data centers.  VMsafe Integration  Firewall and Intrusion Prevention  Rootkit Detection/Prevention  Inter-VM Traffic Analysis  Automated Protection for Mobile VMs (VMotion)  Virtual Network Segment Protection  Virtual Network-Level Protection  Virtual Infrastructure Auditing (Privileged User)  Virtual Network Access Control18 © 2012 IBM Corporation
  19. 19. Desafío: Proteger el Hypervisor Hypervisor-Integrated Security Traditional Agent-based Security Vuln Vuln vCenter Admin clients vCenter Admin clients Vuln Vuln Vul Vul VM Mgmt VM Mgmt n n Servers Servers Vuln Vuln Service Service Unprotected VM Console ConsoleEffectively Protect Virtual Virtual Vul Vul Devices n nthe Platform by Privileged Privileged Access Access DevicesSecuring Common VulEntry-Points Against Vul n nAttackers: – Combination of traditional software and physical devices – Central management provides single pane-of- glass for maximum Vul Vul situational awareness n n – Coverage for vulnerabilities arising from software bugs and mis-configuration Network Security19 © 2012 IBM Corporation Appliance
  20. 20. Desafío: Pérdida de visibilidad en la red virtual Unauthorized communication between is prevented Security Virtual Machine – Integrated with the HypervisorAttacks throughauthorizedcommunicationchannels are stopped. 20 © 2012 IBM Corporation
  21. 21. Desafío: Seguridad Contínua luego de Migraciones de VM Maintain security posture  Abstraction from underlying regardless of the VM’s physical physical servers provides host dynamic security optimized for Security Admin Console mobility Physical Host Physical Host SVM SVM VM VM VM VM VM SVM SVM VM VM VM VM VM Network Network Introspection Introspection Network Network API API vSwitch vSwitch vSwitch vSwitch vSwitch vSwitch vSwitch vSwitch Introspection Introspection API API 21 © 2012 IBM Corporation
  22. 22. Desafío: Dispersión de Virtual Machines• VM Sprawl: Obsolete or rogue VMs proliferating in the virtualized environment• Control VM sprawl through Automatically quarantine auto-discovery of assets from network• Detect new VMs as they 1.Detect VMs automatically come on-line 2.Assess security posture Apply relevant security policy Known Known Known Unknown Rogue Rogue SVM Guest Guest SVM Guest Guest VM VM VM VM VM VM Hypervisor Hypervisor • Assess security posture • Ensure only approved VMs gain network access 22 © 2012 IBM Corporation
  23. 23. Tres razonables para proteger infraestructuras virtualizadas Necesidad Cómo ayuda IBM Virtual Server Protection for VMware®Mitigar los nuevos Provee protecciónriesgos y complejidades dinámica para cada capaintroducidas a partir de de la infraestructura virtualla VirtualizaciónMantener cumplimiento Ayuda a mantener cumplimientode regulaciones y aportando seguridad y reportesestándares propios de la infraestructura virtual Aumenta el Retorno de laEdiciencia Operativa Inversión (ROI) de la infraestructura virtual 23 © 2012 IBM Corporation
  24. 24. Aumento del ROI de la infraestructura virtualizada • Automated Protection as each • Less management overhead eliminates VM comes online redundant processing tasks – Automatic Discovery – One Security Virtual Machine (SVM) per – Automated vulnerability assessment physical server – IBM Virtual Patch® technology – 1:many protection-to-VM ratio • Non-intrusive – CPU-intensive processing removed from – No reconfiguration of the virtual network the guest OS and consolidated in SVM • Centralized Management – No presence in the guest OS • Improved stability – IBM Proventia® Management SiteProtector™ system • More CPU/memory available – IBM Tivoli Endpoint Manager for workloads • Decreased attack surface • Protection for any guest OS – Reduction in security agents for multiple OSs 24 © 2012 IBM Corporation24
  25. 25. VSP vs Host Based virtualizadas Host-Based Agent Virtual Server Protection Firewall functions only in the Firewall functions only in the Firewall enforces virtual Firewall enforces virtualIsolation Isolation context of the VM Isolation Isolation network-wide policy context of the VM network-wide policy Secures all virtual machines Secures all virtual machinesAttack Prevention Attack Prevention Requires agent to be present Requires agent to be present Attack Prevention Attack Prevention automatically automatically Security is impacted by VM Security is impacted by VM Security is not impacted by Security is not impacted byVM State VM State state change VM State VM State VM state change state change VM state change Policy is enforced outside of Policy is enforced outside of Policy is enforced only within Policy is enforced only withinSecurity Policies Security Policies the VM Security Policies Security Policies the VM and irrespective of the the VM and irrespective of the the VM VMs location VMs location25 © 2012 IBM Corporation
  26. 26. Novedades en Copias de Seguridad (Backup)2626 © 2012 IBM Corporation
  27. 27. Ventanas de Backup27 © 2012 IBM Corporation
  28. 28. Sitio de Contingencia Rapid / Disaster Recovery28 © 2012 IBM Corporation
  29. 29. Respaldo de Oficinas Remotas29 © 2012 IBM Corporation
  30. 30. TSM 6.3 Node Replication30 © 2012 IBM Corporation
  31. 31. TSM Suite for Unified Recovery31 © 2012 IBM Corporation
  32. 32. “Generating Higher Value at IBM” includes selected references to certain non-GAAP financial measures that are made to facilitate a comparativeview of the companys ongoing operational performance. For information about the companys financial results related to (i) free cash flowexcluding Global Financing Receivables and (ii) operating (non-GAAP) earnings, which are in each case non-GAAP measures, see the companysForm 8-K submitted to the SEC on January 18, 2011(Attachment II-Non-GAAP Supplementary Materials).

×