More Related Content
Similar to Canadian Cyber Cecurity (20)
Canadian Cyber Cecurity
- 4. © F5 Networks, Inc 4
On average, Canadian companies
were attacked 40 times in 2015 (1)
51% of respondents suffered data loss
due to an attack in 2015 (1)
35% of respondents saw one Advanced
Persistent Threat (APT) attack a month (1)
(1) 2015 Scalar Security Study – The Cyber Security Readiness of Canadian Organizations
- 5. © F5 Networks, Inc 5
DDoS is still the most common – an
average of 5 per month! (1)
Web-borne malware presents the
biggest and most common threat (1)
Spear phishing is a common attack
against users (1)(1) 2015 Scalar Security Study – The Cyber Security Readiness of Canadian Organizations
- 6. © F5 Networks, Inc 6
27% of users WOULD SELL THEIR
OWN CREDENTIALS (3)
It takes an average of 205 days to
locate a breach (2)
Only 50% of respondents deploy 0-
Day patches within a week (4)
(2) M-Trends: A View from the Front Lines (Mandiant/FireEye) (3) Passwords Are Failing, Security Pros Say (Lieberman Software) (4) RSA Conference 2016: State of Security Survey (Bromium)
- 7. © F5 Networks, Inc 7
Deploy IDAM
solutions (1)
Implement network
monitoring / sniffing tools (1)
Implement a SIEM (1)
Encrypt data both at
rest and in flight (1)
(1) 2015 Scalar Security Study – The Cyber Security Readiness of Canadian Organizations
- 9. © F5 Networks, Inc 10
FW IPS
LB
Servers
R
Apps
0% 100%SSL
TLS
Typical Architecture – built for little/no Encryption
FW IPS
LB
Servers
R
443
Apps
Zero
Visibility
-------
Key Mgmt
Nightmare
SSL
Pass
Thru
- 10. © F5 Networks, Inc 11
BIG-IP
FW
DLP
FEYE
WAF
SVR
New Architecture for SSL/TLS Visibility
R
IPS
- 11. © F5 Networks, Inc 12
TMOS
FPGA
T
C
P
T
C
P
iRules
CAVIUM
Servers
Why BIG-IP in Front?
Cipher Diversity
- HW implementation
- F5 developed drivers/ciphers
- Bulk Throughput
SSL
TLS
F5 Silverline
DDoS, WAF
SSL
TLS
DDoS Vectors in Hardware
L
T
M
Security Services with Visibility
- Firewalls: Network, WAF, DNS, DDoS
- Access Control, SSO, SAML, SSL VPN
- Forward Proxy, Web Filtering
- Anti-BOT (IPI), Anti-Fraud (Websafe)
- IPS, FireEye, DLP, etc. (external)
#1 Performance/Scale
- Sessions, Connections
- Unmatched anywhere