Enfrentando os Desafios das Ameaças Combinadas.

1. Enfrentandoosdesafios das ameaçascombinadas Ricardo Valente Sr System’s Engineer

2. Today’s Environment Spammers ERP Web 2.0 SaaS TargetedAttacks twitter facebook CRM Internet Bots

3. Today’s Environment Spammers ERP Web 2.0 SaaS TargetedAttacks twitter facebook Salesforce Complexity Impact Fragmented technology management Multi-product solutions(NAC, Data Protection) Compliance requirements Increased operational cost Data and productivity risk Reduced business agility Internet Bots

5. Enabled by Global Threat Intelligence

6. User-aware policy controls

7. Flexible policy definition

8. Compliance monitoring

9. Common Management framework

10. Optimized workflow

11. Role-based administration

12. High performance

13. Scalability

14. Enterprise-class reliability

15. Flexible delivery (appliance, blades, virtual)Network

16. Total Protection Suites for the Network Internet Gateways Network Defense Intrusion Prevention User Behavior NAC Firewall UTM DLP Email Web

18. Network attack definitions

19. Phishing/Malware

20. Protocol definition/behavior/ reputation

21. Network attack definitions

22. IP reputation

23. Anti-Malware

24. Protocol definition/behavior/reputation

25. Vulnerability assessment

26. Anti-malware

27. IP/URL reputation

28. Spam profiles

29. Anti-malware

31. Content based malware

32. Exploits

34. Spam profiles

35. Network attack profiles

36. Anti-malwareIntrusion Prevention User Behavior NAC Firewall UTM DLP Email Web

37. Global Threat IntelligenceZero Day Response Environment Gotyou.com BOTS Email Gateway Web Gateway Firewall - IPS Internet New phishing email on webmail 2. User clicks 3. Malware detected even without a signature

38. Global Threat IntelligenceZero Day Response Environment Gotyou.com BOTS Email Gateway Web Gateway Global ThreatIntelligence Firewall - IPS Internet 4. Samples Fingerprinted 5. Attributes analyzed in real time 6. Reputations and Signatures Updated

39. Analysts Agree: McAfee Leads Leaders Challengers Leaders Current Offering Strategy Niche Players Visionaries Completeness of Vision Forrester Gartner Strong Performers Web E-mail DLP Web IPS E-mail Firewall Ability to Execute

40. December 8, 2009 User receives email with a short message and a URL, from an IP address with no reputation for SPAM 1 User clicks on link and goes to a fake Reuters' video feed web page with malicious content.” 2 GLOBAL THREAT INTELLIGENCE Internet McAfee Email Gateway Internet Real-time feeds update Firewalls and email and web gateways. Artemis protects the endpoint in real-time 5 The content coming back is malware, and is blocked at the gateway 3 The URL, IP, and the payload - all captured from “an event” is sent Avert Labs 4 McAfee Web Gateway Artemis TrustedSource IPS Firewall UTM TrustedSource TrustedSource McAfee Network Security 10 Bomb Attacks Require Coordinated ProtectionResearch Capacity Matters

42. Enables Safe Secure Web access

43. High Performance: robust, enterprise classproxy cache

45. Flexible policy and scalable reporting to enable compliance

46. Flexible and agile deployment to fit any infrastructureMcAfee Web Gateway

48. Outbound Protection – Complete DLP and Advanced Compliance included; integrated encryption

50. Stop data leakage via email

51. Comply with regulations requiring email securityMcAfee Email Gateway

52. December 8, 2009 Hacking Exposed - Web and Email 13 Hacking Exposed: Web and Email Security Bookseller site walkthrough FileInsight examples of deobfuscation McAfee® TrustedSource™ technology Anonymous proxies

53. Hacme Books Cross Site Request Forging December 8, 2009 Title of Presentation 14

54. Demo Visit and logon to a typical online book-seller site. Browse selection. Check that shopping cart is empty. Visit the author's web site for a particular selection. Return to book-seller site and check shopping cart. Notice that a title has been added without authorization. Repeat same process using McAfee Web Gateway. Notice that shopping cart does not get populated by the author's site. Why? Author's site has crafted IFRAME that exploits the book-seller site. McAfee Web Gateway strips out offending IFRAME and prevents exploit to book-seller site. December 8, 2009 Title of Presentation 15

55. Logon to Online Book Site

56. Browse Book Selection

57. Shopping Cart Empty

58. Visit Author's Web Site

59. Unauthorized Addition to Shopping Cart

60. Repeat with McAfee Web Gateway

61. Browse Book Selections Again

62. Check Shopping Cart

63. Visit Author's Web Site Again

64. Return and Check Shopping CartCart Remains Empty

65. What Does McAfee Web Gateway Do? December 8, 2009 Title of Presentation 26

66. Original Author's Site with IFRAME

67. Site through MWG with IFRAME Removed

68. December 8, 2009 Hacking Exposed - Web and Email 29 additional malware example December 8, 2009 29

69. December 8, 2009 Hacking Exposed - Web and Email 30 December 8, 2009 30

72. TrustedSource December 8, 2009 Title of Presentation 33

73. Organized Cyber Crooks Malware Zombie Botnet C&C Botnet Zombie Proxies Internet Access Legacy SecuritySolutions Web Apps Webapps.yourco.com CustomerData Email Internal Network

74. Internet Access Organized Cyber Crooks Malware Zombie Compromised Site Potential Stolen Data 2 Legacy SecuritySolutions Botnet C&C Botnet Zombie Proxies Web Apps Webapps.yourco.com 1 SQL Injection Attack CustomerData Email Internal Network

75. Internet Access Organized Cyber Crooks Malware Zombie 3 Legacy SecuritySolutions Botnet C&C Botnet MalwareDownloaded Zombie Proxies 2 Web Apps Webapps.yourco.com User OpensEmail & Goes to Compromised Server 1 SPAMAttack CustomerData Email Internal Network

76. Internet Access Organized Cyber Crooks Malware Zombie 3 Legacy SecuritySolutions Botnet C&C Botnet MalwareDownloaded Zombie Proxies 2 Web Apps Webapps.yourco.com User OpensEmail & Goes to Compromised Server 1 SPAMAttack CustomerData Email Internal Network New ZombiesCreated 4

77. Organized Cyber Crooks Malware Zombie Botnet C&C Botnet Zombie Proxies 208.XXX.XXX.164 Internet Access Web Apps Webapps.yourco.com CustomerData Email Internal Network

78. Internet Access Organized Cyber Crooks Malware Zombie Botnet C&C Botnet McAfee Firewall Enterprise (Sidewinder) McAfee Web Gateway (formerly Webwasher) McAfee Email Gateway (formerly IronMail) Zombie Proxies Web Apps Webapps.yourco.com CustomerData Email Internal Network

79. Internet Access Organized Cyber Crooks Malware Zombie Botnet C&C Botnet McAfee Firewall Enterprise (Sidewinder) McAfee Web Gateway (formerly Webwasher) McAfee Email Gateway (formerly IronMail) Zombie Proxies SPAM Attack Web Apps Webapps.yourco.com CustomerData Email Internal Network

80. Internet Access Organized Cyber Crooks Malware Zombie 89.XXX.XXX.84 Botnet C&C Botnet McAfee Firewall Enterprise (Sidewinder) McAfee Web Gateway (formerly Webwasher) McAfee Email Gateway (formerly IronMail) User accesses GMail NewZombie Zombie Proxies Web Apps 2 Webapps.yourco.com SPAMAttack 1 CustomerData Email Internal Network

81. Spam Sent to Web Mail Account

82. Obfuscated JavaScript December 8, 2009 Title of Presentation 43

83. Internet Access Organized Cyber Crooks Malware Zombie 89.XXX.XXX.84 Botnet C&C 1 Botnet MalwareDownloadBLOCKED McAfee Firewall Enterprise (Sidewinder) McAfee Web Gateway (formerly Webwasher) McAfee Email Gateway (formerly IronMail) NewZombie Zombie Proxies 2 Web Apps Malware IP& Message Data sent to TS Webapps.yourco.com CustomerData Email Internal Network

84. Internet Access Organized Cyber Crooks Malware Zombie Connections Rejected Based on Reputation Botnet C&C Botnet McAfee Firewall Enterprise (Sidewinder) McAfee Web Gateway (formerly Webwasher) McAfee Email Gateway (formerly IronMail) SQL Injection Attack NewZombie Zombie Proxies Web Apps Webapps.yourco.com CustomerData Email Internal Network

Enfrentando os Desafios das Ameaças Combinadas.

Recommended

Recommended

More Related Content

Viewers also liked

Viewers also liked (8)

Similar to Enfrentando os Desafios das Ameaças Combinadas.

Similar to Enfrentando os Desafios das Ameaças Combinadas. (20)

More from ISH Tecnologia

More from ISH Tecnologia (12)

Recently uploaded

Recently uploaded (20)

Enfrentando os Desafios das Ameaças Combinadas.

Editor's Notes