Cutting-Edge Network Behavior Audit Technology from BMST

1. Advanced Network Behavior Analysis , Record and Audit Last Modified: Dec.8 2009 Introduction of BMST Technologies

2. Agenda 1. Opportunity and Business Overview 2. Technology and Products 3. Scenarios and Solutions 4. Our Customers 5. About BMST 2 ©Copyright, BMST Co. 2009 December 13, 2009

3. What Gartner Top 10 and NSA Say? Gartner TOP 10 2010 1 Cloud computing, 2 Advanced analytics, 3 Client computing, 4 IT for Green,5 Reshaping the data center 6 Social computing, 7 Security - activity monitoring. …Information security professionals face the challenge of detecting malicious activity in a constant stream of discrete events that are usually associated with an authorized user and are generated from multiple network, system and application sources. At the same time, security departments are facing increasing demands for ever-greater log analysis and reporting to support audit requirements... 8 Flash memory, 9 Virtualization for availability, 10 Mobile applications. Security is not just the perimeter; layered defenses must be inside of the network and on the applications and databases if we really want to protect information. We haven’t done nearly enough to protect applications and databases…and the magnitude of loses around insider threats are underreported. William (Bill) Crowell – former Deputy Director of the NSA 3 ©Copyright, BMST Co. 2009 December 13, 2009

4. Cloud Flight Needs Cyber “Black Box” <ul><li>How to do forensics in case of a security incident?

5. Are you outsourcing? How to handle potential contractual dispute in case of an IT issue?

6. Don’t you need compliance? What to show external auditors on complete organization IT operation records?

7. How to monitor and find the violation of authorized users in real time?

8. How to guarantee the security policy are followed correctly?</li></ul>4 ©Copyright, BMST Co. 2009 December 13, 2009

9. Answers from BMST <ul><li>Complete record and replay

10. Real time monitoring

11. Smart behavior analysis and Audit

12. Comprehensive protocol support

13. Transparent deployment

14. Intuitive “flight” administration

15. Tampering-proof authentic “data” management</li></ul>5 ©Copyright, BMST Co. 2009 December 13, 2009

16. Session Auditor System Architecture Session Auditor is consist of three components: SAS, SAD and SAC Session Auditor Sensor <ul><li>Transparent deployment

17. Bridge-model run

18. Session based data recording

19. Complete protocol support

20. Send recorded data to SAD</li></ul>Session Auditor Datacenter <ul><li>Sea-volume storage

21. Respond to SAC orders

22. Smart audit and search

23. Security and maintenance</li></ul>Session Auditor Console <ul><li>Centralized operations and audit

24. Flexible reporting system

25. Policy-based real-time monitoring, alert and response</li></ul>6 ©Copyright, BMST Co. 2009 December 13, 2009

26. Session-Auditor Deployment SSH RDP Telnet ICA Rlogin VNC FTP Oracle Sybase …… Administrator WebApp& Web Services Enterprise Apps (ERP/CRM) SAS Traffic IT系统管理员/ 兼职安全管理 Recorded Servers Unix/Linux Console Windows Network Security SAD Auditor Mission critical 企业应用 (SAP, Oracle等)

27. Critical System Critical System Critical System Critical System SAS SAS SAS SAS Administrator SAD SAD Administrator SAC Auditor Distributed and Hierarchical Deployment

28. Unique Value of BMST SA Products Transparent audit for RDP, SSH, Citrix/ICA, Oracle, DB2... Complete recording and replay Transparent bridge deployment High availability and distributed deployment It’s a long list and growing… 1 2 GENERAL <ul><li>HTTPS, HTTP, SMTP, POP3, FTP, Telnet, CIFS, Samba...</li></ul>REMOTE ADMIN <ul><li>RDP, SSH, VNC,SFTP/SCP, Rlogin, X11…</li></ul>DATABASE <ul><li>MSSQL, Oracle, Sybase, DB2…</li></ul>INDUSTRY SPECIFIC <ul><li>Citrix ICA, HP RGS…</li></ul>3 4 ENCRYPTED? NO PROBLEM! Great expandability by open SCRIPTINTERFACE For more details, please refer to http://bmst.net/product/features/ 9 ©Copyright, BMST Co. 2009 December 13, 2009

29. Session Auditor Product Family Session Auditor Lite is one 2-in-1 appliance, integrated SAS and SAD Storage SAS and SAD support distributed and hierarchical deployment, bringing users further flexibility Network Throughput 10 ©Copyright, BMST Co. 2009 December 13, 2009

30. Scenarios and Solutions Cloud Computing and IT Outsourcing Complete and authentic organization records Potential contractual dispute in case of security incident and IT issue <ul><li>Compliance

31. PCI-DSS, SOX, ISO27001, HIPAA, GLBA, SB1836, …

32. “Audit”, “Records”, “e-Discovery” are essential to all of them

33. Virtual Asset Protection for Online Gaming

34. Internal abuse and theft

36. Our Customers Session Auditor has been widely adopted by industry leading customers from telco, finance, service providers, consulting firms, governments and etc. Please visit http://bmst.net/solution for more details. 12 ©Copyright, BMST Co. 2009 December 13, 2009

37. About BMST Co. Founded at March 2006 BMST, which is located at ZGC High-Tech District, Beijing, China, focuses on innovation and development on network security products and technologies. The founders have profound experience at network security, telco, finance and various industries. http://maps.google.com/maps/place?cid=4135994384345121574&q=Bldg%2BA,%2BHuatong%2BMansion <ul><li>info@bmst.net (General query)

38. sales@bmst.net (Sales)