SlideShare a Scribd company logo
Security Risk
                   Briefing



                                   July 2009
Proprietary & Confidential
Not for distribution
Security Risk Management

       Vulnerabilities – Policy Compliance



                      Routers         Switches         Firewalls       Wireless

           Mission Critical Infrastructure
       Key Benefits




                       • Audit, Analysis, Prioritize and Mitigate
                       • Superior performance = > Visibility, Speed & Accuracy
                       • Agent less, Proprietary algorithms - Non Intrusive Impact
                       • Comprehensive Security Checks & Policy Management

© 2009 Refense
All Rights Reserved Confidential
Product & Service

                      Refense VMS                     Refense
                                                     On-Demand
                     Enterprise Scalable
                         Appliances

                                                      Fully Managed
                                                          Service

                     •Turn-Key Appliance          •Subscription Based
                     •Software License            •Rapid Deployment
                     •Fault Tolerant              •Remotely Managed
                     •Service Provider Scalable   •No Up-Front Capital
                     •AES 256 Encryption          •Annual Contracts
                     •24x7 Support



© 2009 Refense
All Rights Reserved Confidential
Competitive Landscape

                                    Compliance
       Security Orientation




                                                             Limited capability
                                    Vulnerability
                                     Scanners              Vulnerability & Compliance
                                   Qualys, Foundstone     Management for Mission Critical
                                                           Limited capability
                                      eEye Retina                  Infrastructure
                                                 Configuration Tools
                                        EMC Voyence, Alterpoint, nCircle, HP NCM, etc

                                         Network Management Platforms
                                                HP Openview, IBM Tivoli, BMC

                              Desktops - Servers - Routers – Switches – Firewalls - WAPs
                                                        Devices
© 2009 Refense
All Rights Reserved Confidential
About Refense
                                                         Founded in 2003 & HQ in Raleigh, NC


                                   Network Security Risk
                                   Management Solutions
                     Partnering with Industry Leaders:




                     Notable Customers:




© 2009 Refense
All Rights Reserved Confidential
Evolution of Network Security

                    Networks are increasing in size and complexity
                    Value of network devices as method of attack is
                   increasing & evolving
                    Hackers are now actively targeting Cisco IOS
                     (IOS rootkit, DNS poisoning, BGP hijacking, Phenoelit’s 0-day exploit)
                   Wireless networks still offer easy attack vectors
                   Breaches as a result of compromised network devices
                   are starting to become publicly known
                   Hijacking a network is a very appealing target for large
                   hacking groups or for foreign governments or terrorist
                   organizations
                   Most attacks are financially motivated



© 2009 Refense
All Rights Reserved Confidential
Refense                            = Security from the inside out

       Vulnerability | Compliance Management
                    Identify Operating System/Network Vulnerabilities &
                     Non-Compliance to security policies
                     Agent less & non-intrusive, Lightning fast and accurate
                     Largest number of Intelligent Security Checks
                     Service Provider Scalability (10,000 plus devices)
                     Secondary Effects & Mitigation Intelligence
                     Predefined security policies & Regulatory Requirements
                     Wireless Rogue Finder Option
                     Scheduled Scans - Strong in-depth reporting
                     Instant ROI & low operational administration
© 2009 Refense
All Rights Reserved Confidential
Connect to        Execute checks
                                                                         Internal analysis
                                   remote            against collected                       Storage of
                                                                         of data by VMS
                                   devices via SSH   data                                    report data only
                                   or Telnet                                                 for trending and
                                                       Execute
                                   Gather data         additional          Generation of     comparative
                                   using Show          commands as         report            analysis
© 2009 Refense                     commands            required
All Rights Reserved Confidential
Refense Differentiators
                  Refense automates manual audits of Cisco IOS.
                  Example: A PSIRT notice states – perform a Show Version to determine if you are running an affected IOS
                  version, then perform a Show Processes | Include SIP or a Show IP Sockets dependent on your version of
                  IOS to determine if your device is processing SIP packets, then check for the presence of a workaround
                  using a Control Plane Policy.
                  Now repeat across your entire network – the result could be many man hours of labor to find the devices
                  that are vulnerable.

                       Refense VMS automates this process with a zero error rate!

                  Refense has more security checks than anyone else.
                  When Cisco Systems wanted to solve a problem for the US Department of Defense they turned to
                  Refense. The DoD has the most complex security policies for networks of any organization. They also have
                  one of the largest private networks in the world. Ensuring compliance to DISA STIG’s was unenforceable
                  until Refense came along.

                  Refense VMS scales to the largest enterprises and has the capability of
                     ensuring compliance against the most complex security policies!

                  Refense VMS is a security focused point solution.
                  Unlike others in the market, we don’t focus on servers and desktops, treating network devices as an
                  afterthought. Refense isn’t a configuration management solution trying to be a security solution. We don’t
                  rely on SNMP for configuration information and we don’t scan IP addresses looking for open ports.

                        Refense VMS is enterprise network security and has been for over 5 years!

© 2009 Refense
All Rights Reserved Confidential
Risk Management Reporting




© 2009 Refense
All Rights Reserved Confidential
Secondary Effects & Mitigation




© 2009 Refense
All Rights Reserved Confidential
Superior Vulnerability & Compliance Management
       Automated &                 Non-intrusive   In-depth analysis            Accurate &          Actionable                 Audit & Mgmt
       Lightning Fast                                                          Independent          Intelligence                Reporting


      6-9 month ROI                                               Automated Risk Management
      Reduce Costs by
                                                                                                        Document
                                                                                   Control              and policy
                                                                               recommendation
                                                                                                    1


      >65%-90%                                                                            8
                                                                                                                  2
                                                           Determine risk                                                    Asset identification
                                                                                                                               and evaluation


      Eliminate Risks                                                          7



      & Achieve                                                                                                          3
                                                         Determine impact
                                                         on confidentiality,                                                  Threat and

      Compliance
                                                           Integrity and                                                      vulnerably
                                                             availability
                                                                                      6
                                                                                                                             identification
                                                                                                              4

                                                                                   Determine    5


      Zero False                                                                   likelihood              Control
                                                                                    of threat           identification



      Positives                                                                           24x7x365 Visibility

© 2009 Refense
All Rights Reserved Confidential
Refense vs Configuration Management Tools

              Refense is security oriented – Refense has been built from the ground up to
             do one thing, ensure the security of enterprise networks. Network configuration
             management tools are not architected to dig deep into networks to discover security
             weaknesses.
             Refense replicates manual audits – Refense follows the same process and
             has the intelligence of a manual human auditor, Refense isn’t limited to regular
             expression string matching. Network configuration management tools have not been
             designed to audit the security of networks, they collect configuration information and
             process it based on regular expression rules.
             Refense can identify threats other tools cannot – These include:
             Network devices with fraudulent or compromised operating systems.
             Vendor published vulnerabilities that cannot be identified by regular expression string
             matching.
             Vulnerabilities where insufficient or incorrect mitigation actions have been implemented.
             Complex analysis requiring data from external sources such as those detailed in US
             Federal Government standards like DISA STIG’s.

         REFENSE provides greater visibility to potential vulnerabilities and identifies vulnerabilities
         other tools overlook or cannot see. REFENSE does this with greater accuracy than any
         other solution and our ability to conduct network analysis without impact to the network or
         device allows network protection to be continuous or "always-on" resulting in shorter time
         to protection from potential threats.

© 2009 Refense
All Rights Reserved Confidential
Refense vs Vulnerability Management Tools

              Inside vs outside orientation – Refense audits network devices from the
             inside. This enables greater accuracy and functionality over traditional vulnerability
             scanners. Vulnerability management tools scan IP blocks and rarely allow authenticated
             analysis of device configurations. These types of IP/port scans cause high load on the
             device, are network intensive, slow and inaccurate.
              Refense focuses on network devices – Refense is focused on WAN and LAN
             network devices, it was built for that purpose and doesn’t try to use vulnerability
             identification methods designed for desktops and servers. Vulnerability management
             tools don’t have the same focus, most are better suited to scanning Windows and Linux
             than Cisco and Juniper OS.
              Refense vulnerability checks are smart – Refense ships with over 300
             security checks that look for security weaknesses introduced through configuration as
             well as vulnerabilities caused by OS related flaws. They use advanced logic to verify the
             security weakness actually exists and understand when workarounds are in place to
             mitigate the problem. Vulnerability management tools use checks that look at the OS
             version and then assume your device is vulnerable based on the version of code you are
             running, not the way your device is configured and network is protected.
         REFENSE provides greater visibility to potential vulnerabilities and identifies vulnerabilities
         other tools overlook or cannot see. REFENSE does this with greater accuracy than any
         other solution and our ability to conduct network analysis without impact to the network or
         device allows network protection to be continuous or "always-on" resulting in shorter time
         to protection from potential threats.

© 2009 Refense
All Rights Reserved Confidential
What makes Refense superior ?


               Focus – Mitigating Risks in Mission Critical Infrastructure –
              Routers/Switches/Firewalls/Wireless Access Points

               Visibility & Non-Intrusive – Operating System Vulnerabilities & Compliance to
              Security Policy

               Accuracy – Inside Out Architecture eliminates false positives & negatives – reducing
              time spent on invalid results

               Speed – Distributed high speed scanning makes Refense the fastest vulnerability
              solution available

               Compliance w/Security Orientation – Complex Checks, Secondary Effects
              & Risk Mitigation

               Easy to Implement/Maintain – Turn-Key appliance can have you up and
              running in less than an hour – Low Administration



© 2009 Refense
All Rights Reserved Confidential

More Related Content

What's hot

Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center:  Managing Users from the Edge to the ApplicationDefending the Data Center:  Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the Application
Cisco Security
 
Symantec Web Security Solutions
Symantec Web Security SolutionsSymantec Web Security Solutions
Symantec Web Security Solutions
Symantec
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to Cloud
Cisco Security
 
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro
Amazon Web Services
 
Pawaa OCC Presentation
Pawaa OCC PresentationPawaa OCC Presentation
Pawaa OCC Presentation
CloudComputing
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2
JD Sherry
 
Air defense services_platform_8.0_spec_sheet
Air defense services_platform_8.0_spec_sheetAir defense services_platform_8.0_spec_sheet
Air defense services_platform_8.0_spec_sheet
Advantec Distribution
 
Cat6500 Praesentation
Cat6500 PraesentationCat6500 Praesentation
Cat6500 Praesentation
Sophan_Pheng
 
Cloudop security
Cloudop securityCloudop security
Cloudop security
wardspan
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust
 
Take Control of End User Security
Take Control of End User SecurityTake Control of End User Security
Take Control of End User Security
anniebrowny
 
Cloud securityperspectives cmg
Cloud securityperspectives cmgCloud securityperspectives cmg
Cloud securityperspectives cmg
Neha Dhawan
 
Datasheet stonegate ips-allinone
Datasheet stonegate ips-allinoneDatasheet stonegate ips-allinone
Datasheet stonegate ips-allinone
Multibyte Consultoria
 
Mc afee saas web protection-rackaid
Mc afee saas web protection-rackaidMc afee saas web protection-rackaid
Mc afee saas web protection-rackaid
rackAID Support
 
Ensure Software Security already during development
Ensure Software Security already during developmentEnsure Software Security already during development
Ensure Software Security already during development
IT Weekend
 
Datasheet stonegate fw-allinone
Datasheet stonegate fw-allinoneDatasheet stonegate fw-allinone
Datasheet stonegate fw-allinone
Multibyte Consultoria
 
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointVirtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
HyTrust
 
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & SecurityHow Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
Novell
 

What's hot (18)

Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center:  Managing Users from the Edge to the ApplicationDefending the Data Center:  Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the Application
 
Symantec Web Security Solutions
Symantec Web Security SolutionsSymantec Web Security Solutions
Symantec Web Security Solutions
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to Cloud
 
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro
 
Pawaa OCC Presentation
Pawaa OCC PresentationPawaa OCC Presentation
Pawaa OCC Presentation
 
Trend micro v2
Trend micro v2Trend micro v2
Trend micro v2
 
Air defense services_platform_8.0_spec_sheet
Air defense services_platform_8.0_spec_sheetAir defense services_platform_8.0_spec_sheet
Air defense services_platform_8.0_spec_sheet
 
Cat6500 Praesentation
Cat6500 PraesentationCat6500 Praesentation
Cat6500 Praesentation
 
Cloudop security
Cloudop securityCloudop security
Cloudop security
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
 
Take Control of End User Security
Take Control of End User SecurityTake Control of End User Security
Take Control of End User Security
 
Cloud securityperspectives cmg
Cloud securityperspectives cmgCloud securityperspectives cmg
Cloud securityperspectives cmg
 
Datasheet stonegate ips-allinone
Datasheet stonegate ips-allinoneDatasheet stonegate ips-allinone
Datasheet stonegate ips-allinone
 
Mc afee saas web protection-rackaid
Mc afee saas web protection-rackaidMc afee saas web protection-rackaid
Mc afee saas web protection-rackaid
 
Ensure Software Security already during development
Ensure Software Security already during developmentEnsure Software Security already during development
Ensure Software Security already during development
 
Datasheet stonegate fw-allinone
Datasheet stonegate fw-allinoneDatasheet stonegate fw-allinone
Datasheet stonegate fw-allinone
 
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End PointVirtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
 
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & SecurityHow Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
 

Viewers also liked

Personal Safety & Awareness
Personal Safety & AwarenessPersonal Safety & Awareness
Personal Safety & Awareness
debrakalish
 
Question 3
Question 3Question 3
Question 3
Jenny McNulty
 
Context and benefits of the VMPass initiative at Universidad Internacional de...
Context and benefits of the VMPass initiative at Universidad Internacional de...Context and benefits of the VMPass initiative at Universidad Internacional de...
Context and benefits of the VMPass initiative at Universidad Internacional de...
Anne-Christin Tannhäuser
 
Asfs induction guide
Asfs induction guideAsfs induction guide
Asfs induction guide
Jenny McNulty
 
Evaluation of media project 2
Evaluation of media project 2Evaluation of media project 2
Evaluation of media project 2
Jenny McNulty
 
Gundia
GundiaGundia
Security awareness exampletr(rev1)1011.015
Security awareness exampletr(rev1)1011.015Security awareness exampletr(rev1)1011.015
Security awareness exampletr(rev1)1011.015
Wivenhoe Management Group
 

Viewers also liked (7)

Personal Safety & Awareness
Personal Safety & AwarenessPersonal Safety & Awareness
Personal Safety & Awareness
 
Question 3
Question 3Question 3
Question 3
 
Context and benefits of the VMPass initiative at Universidad Internacional de...
Context and benefits of the VMPass initiative at Universidad Internacional de...Context and benefits of the VMPass initiative at Universidad Internacional de...
Context and benefits of the VMPass initiative at Universidad Internacional de...
 
Asfs induction guide
Asfs induction guideAsfs induction guide
Asfs induction guide
 
Evaluation of media project 2
Evaluation of media project 2Evaluation of media project 2
Evaluation of media project 2
 
Gundia
GundiaGundia
Gundia
 
Security awareness exampletr(rev1)1011.015
Security awareness exampletr(rev1)1011.015Security awareness exampletr(rev1)1011.015
Security awareness exampletr(rev1)1011.015
 

Similar to Refense Security Risk Briefing July 2009

VSD Infotech
VSD InfotechVSD Infotech
VSD Infotech
VSD infotech
 
End-point Management
End-point ManagementEnd-point Management
End-point Management
IBM Danmark
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
Novell
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
Novell
 
F5 Networks: architecture and risk management
F5 Networks: architecture and risk managementF5 Networks: architecture and risk management
F5 Networks: architecture and risk management
AEC Networks
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
Anindya Ghosh,
 
S series presentation
S series presentationS series presentation
S series presentation
Sergey Marunich
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
Symantec
 
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Symosis Security (Previously C-Level Security)
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in Cloud
Lenin Aboagye
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
Amazon Web Services
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
 
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Sverige
 
C2MS
C2MSC2MS
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the Cloud
Risk Crew
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
Internap
 
Sccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaSccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estonina
Microsoft Singapore
 
Information Security
Information SecurityInformation Security
Information Security
Mohit8780
 
Managed vs customer presentation
Managed vs customer presentationManaged vs customer presentation
Managed vs customer presentation
hemanth102030
 
Monitoring Principles & z/VSE Monitoring Options
Monitoring Principles & z/VSE Monitoring OptionsMonitoring Principles & z/VSE Monitoring Options
Monitoring Principles & z/VSE Monitoring Options
IBM India Smarter Computing
 

Similar to Refense Security Risk Briefing July 2009 (20)

VSD Infotech
VSD InfotechVSD Infotech
VSD Infotech
 
End-point Management
End-point ManagementEnd-point Management
End-point Management
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
 
Novell ZENworks Overview and Futures
Novell ZENworks Overview and FuturesNovell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
 
F5 Networks: architecture and risk management
F5 Networks: architecture and risk managementF5 Networks: architecture and risk management
F5 Networks: architecture and risk management
 
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
 
S series presentation
S series presentationS series presentation
S series presentation
 
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
 
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
 
Enterprise Security in Cloud
Enterprise Security in CloudEnterprise Security in Cloud
Enterprise Security in Cloud
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
 
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...DSS   ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
 
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
 
C2MS
C2MSC2MS
C2MS
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the Cloud
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
 
Sccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estoninaSccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estonina
 
Information Security
Information SecurityInformation Security
Information Security
 
Managed vs customer presentation
Managed vs customer presentationManaged vs customer presentation
Managed vs customer presentation
 
Monitoring Principles & z/VSE Monitoring Options
Monitoring Principles & z/VSE Monitoring OptionsMonitoring Principles & z/VSE Monitoring Options
Monitoring Principles & z/VSE Monitoring Options
 

Refense Security Risk Briefing July 2009

  • 1. Security Risk Briefing July 2009 Proprietary & Confidential Not for distribution
  • 2. Security Risk Management Vulnerabilities – Policy Compliance Routers Switches Firewalls Wireless Mission Critical Infrastructure Key Benefits • Audit, Analysis, Prioritize and Mitigate • Superior performance = > Visibility, Speed & Accuracy • Agent less, Proprietary algorithms - Non Intrusive Impact • Comprehensive Security Checks & Policy Management © 2009 Refense All Rights Reserved Confidential
  • 3. Product & Service Refense VMS Refense On-Demand Enterprise Scalable Appliances Fully Managed Service •Turn-Key Appliance •Subscription Based •Software License •Rapid Deployment •Fault Tolerant •Remotely Managed •Service Provider Scalable •No Up-Front Capital •AES 256 Encryption •Annual Contracts •24x7 Support © 2009 Refense All Rights Reserved Confidential
  • 4. Competitive Landscape Compliance Security Orientation Limited capability Vulnerability Scanners Vulnerability & Compliance Qualys, Foundstone Management for Mission Critical Limited capability eEye Retina Infrastructure Configuration Tools EMC Voyence, Alterpoint, nCircle, HP NCM, etc Network Management Platforms HP Openview, IBM Tivoli, BMC Desktops - Servers - Routers – Switches – Firewalls - WAPs Devices © 2009 Refense All Rights Reserved Confidential
  • 5. About Refense Founded in 2003 & HQ in Raleigh, NC Network Security Risk Management Solutions Partnering with Industry Leaders: Notable Customers: © 2009 Refense All Rights Reserved Confidential
  • 6. Evolution of Network Security Networks are increasing in size and complexity Value of network devices as method of attack is increasing & evolving Hackers are now actively targeting Cisco IOS (IOS rootkit, DNS poisoning, BGP hijacking, Phenoelit’s 0-day exploit) Wireless networks still offer easy attack vectors Breaches as a result of compromised network devices are starting to become publicly known Hijacking a network is a very appealing target for large hacking groups or for foreign governments or terrorist organizations Most attacks are financially motivated © 2009 Refense All Rights Reserved Confidential
  • 7. Refense = Security from the inside out Vulnerability | Compliance Management Identify Operating System/Network Vulnerabilities & Non-Compliance to security policies Agent less & non-intrusive, Lightning fast and accurate Largest number of Intelligent Security Checks Service Provider Scalability (10,000 plus devices) Secondary Effects & Mitigation Intelligence Predefined security policies & Regulatory Requirements Wireless Rogue Finder Option Scheduled Scans - Strong in-depth reporting Instant ROI & low operational administration © 2009 Refense All Rights Reserved Confidential
  • 8. Connect to Execute checks Internal analysis remote against collected Storage of of data by VMS devices via SSH data report data only or Telnet for trending and Execute Gather data additional Generation of comparative using Show commands as report analysis © 2009 Refense commands required All Rights Reserved Confidential
  • 9. Refense Differentiators Refense automates manual audits of Cisco IOS. Example: A PSIRT notice states – perform a Show Version to determine if you are running an affected IOS version, then perform a Show Processes | Include SIP or a Show IP Sockets dependent on your version of IOS to determine if your device is processing SIP packets, then check for the presence of a workaround using a Control Plane Policy. Now repeat across your entire network – the result could be many man hours of labor to find the devices that are vulnerable. Refense VMS automates this process with a zero error rate! Refense has more security checks than anyone else. When Cisco Systems wanted to solve a problem for the US Department of Defense they turned to Refense. The DoD has the most complex security policies for networks of any organization. They also have one of the largest private networks in the world. Ensuring compliance to DISA STIG’s was unenforceable until Refense came along. Refense VMS scales to the largest enterprises and has the capability of ensuring compliance against the most complex security policies! Refense VMS is a security focused point solution. Unlike others in the market, we don’t focus on servers and desktops, treating network devices as an afterthought. Refense isn’t a configuration management solution trying to be a security solution. We don’t rely on SNMP for configuration information and we don’t scan IP addresses looking for open ports. Refense VMS is enterprise network security and has been for over 5 years! © 2009 Refense All Rights Reserved Confidential
  • 10. Risk Management Reporting © 2009 Refense All Rights Reserved Confidential
  • 11. Secondary Effects & Mitigation © 2009 Refense All Rights Reserved Confidential
  • 12. Superior Vulnerability & Compliance Management Automated & Non-intrusive In-depth analysis Accurate & Actionable Audit & Mgmt Lightning Fast Independent Intelligence Reporting 6-9 month ROI Automated Risk Management Reduce Costs by Document Control and policy recommendation 1 >65%-90% 8 2 Determine risk Asset identification and evaluation Eliminate Risks 7 & Achieve 3 Determine impact on confidentiality, Threat and Compliance Integrity and vulnerably availability 6 identification 4 Determine 5 Zero False likelihood Control of threat identification Positives 24x7x365 Visibility © 2009 Refense All Rights Reserved Confidential
  • 13. Refense vs Configuration Management Tools Refense is security oriented – Refense has been built from the ground up to do one thing, ensure the security of enterprise networks. Network configuration management tools are not architected to dig deep into networks to discover security weaknesses. Refense replicates manual audits – Refense follows the same process and has the intelligence of a manual human auditor, Refense isn’t limited to regular expression string matching. Network configuration management tools have not been designed to audit the security of networks, they collect configuration information and process it based on regular expression rules. Refense can identify threats other tools cannot – These include: Network devices with fraudulent or compromised operating systems. Vendor published vulnerabilities that cannot be identified by regular expression string matching. Vulnerabilities where insufficient or incorrect mitigation actions have been implemented. Complex analysis requiring data from external sources such as those detailed in US Federal Government standards like DISA STIG’s. REFENSE provides greater visibility to potential vulnerabilities and identifies vulnerabilities other tools overlook or cannot see. REFENSE does this with greater accuracy than any other solution and our ability to conduct network analysis without impact to the network or device allows network protection to be continuous or "always-on" resulting in shorter time to protection from potential threats. © 2009 Refense All Rights Reserved Confidential
  • 14. Refense vs Vulnerability Management Tools Inside vs outside orientation – Refense audits network devices from the inside. This enables greater accuracy and functionality over traditional vulnerability scanners. Vulnerability management tools scan IP blocks and rarely allow authenticated analysis of device configurations. These types of IP/port scans cause high load on the device, are network intensive, slow and inaccurate. Refense focuses on network devices – Refense is focused on WAN and LAN network devices, it was built for that purpose and doesn’t try to use vulnerability identification methods designed for desktops and servers. Vulnerability management tools don’t have the same focus, most are better suited to scanning Windows and Linux than Cisco and Juniper OS. Refense vulnerability checks are smart – Refense ships with over 300 security checks that look for security weaknesses introduced through configuration as well as vulnerabilities caused by OS related flaws. They use advanced logic to verify the security weakness actually exists and understand when workarounds are in place to mitigate the problem. Vulnerability management tools use checks that look at the OS version and then assume your device is vulnerable based on the version of code you are running, not the way your device is configured and network is protected. REFENSE provides greater visibility to potential vulnerabilities and identifies vulnerabilities other tools overlook or cannot see. REFENSE does this with greater accuracy than any other solution and our ability to conduct network analysis without impact to the network or device allows network protection to be continuous or "always-on" resulting in shorter time to protection from potential threats. © 2009 Refense All Rights Reserved Confidential
  • 15. What makes Refense superior ? Focus – Mitigating Risks in Mission Critical Infrastructure – Routers/Switches/Firewalls/Wireless Access Points Visibility & Non-Intrusive – Operating System Vulnerabilities & Compliance to Security Policy Accuracy – Inside Out Architecture eliminates false positives & negatives – reducing time spent on invalid results Speed – Distributed high speed scanning makes Refense the fastest vulnerability solution available Compliance w/Security Orientation – Complex Checks, Secondary Effects & Risk Mitigation Easy to Implement/Maintain – Turn-Key appliance can have you up and running in less than an hour – Low Administration © 2009 Refense All Rights Reserved Confidential