Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Oasys Stonesoft Aligned with ITIL

4,210 views

Published on

OASYS Stonesoft StoneGate Aligned with ITIL V3

Published in: Technology, Business
  • Be the first to comment

Oasys Stonesoft Aligned with ITIL

  1. 1. 10 Quick Wins with ITIL Webinar “ Documented Common Sense” June 23, 2009 Matt McKinley, Senior Network Security Analyst Stonesoft [email_address] Chris Johnson, President Matt O’Buck, International Account Executive Open Access Systems Corporation [email_address] [email_address]
  2. 3. http://www.oasyscorp.com/itilv3map.html
  3. 4. RACI Matrix - Focus on Security Activities
  4. 6. CONTROL EVALUATE Detect security breaches React to the incidents MAINTAIN Recover your systems IMPLEMENT Protect your assets PLAN Identify the risks Revise processes & protection Security as a Process
  5. 7. 1. One-step Security Management Disparate consoles Labor intensive Manual device updates Inherent human error Slow threat mitigation Single management console Create once, deploy everywhere Automatic policy/rule execution Real-time accelerated response to threats Virtual FW Virtual FW Virtual FW Virtual FW One-step Management Events Traditional Device Management FW Mgmt IPS Mgmt Incidents
  6. 8. <ul><li>Create once, use everywhere configuration </li></ul><ul><ul><li>Common element database </li></ul></ul><ul><ul><li>Stores all configurations – security policies to OS settings </li></ul></ul><ul><ul><li>Component re-use = less human errors </li></ul></ul><ul><li>Always-on management </li></ul><ul><ul><li>Built-in disaster recovery </li></ul></ul><ul><ul><li>Repository backup & task automation </li></ul></ul><ul><ul><li>Customizable roles, rights and actions </li></ul></ul><ul><ul><li>Simultaneous administration </li></ul></ul>2. Central Repository (Service Knowledge Database)
  7. 9. 3. Role-based Access Control (RACI Matrix) <ul><li>One administrator can have several roles </li></ul><ul><li>Access control lists enable grouping of granted objects </li></ul><ul><li>Support for RADIUS authentication </li></ul>
  8. 10. 4. Logs & Auditing (Reports, Compliance, Access) <ul><li>Use audit logs and element meta data to find out WHAT has been changed, WHO has changed it and WHEN has this happened </li></ul>
  9. 11. 5. Next Generation Policy Management <ul><li>Efficient policy management with template-based rule bases and sub-rule bases </li></ul>
  10. 12. 5. Next Generation Policy Management (cont.) <ul><li>Find unusued rules, undo/redo changes, create new rules from logs </li></ul><ul><li>View rule hit counts (within specified time) in the policy editor </li></ul><ul><li>Undo/redo the changes in the policy editor </li></ul><ul><li>Organize your policy with the help of collapsible rule comment sections </li></ul><ul><li>Create new rules directly from the logs </li></ul><ul><li>Search matching rules quickly </li></ul>
  11. 13. 6. Real-time Monitoring & Alerting (Service Operations) <ul><li>Customizable dashboards & alerting chains </li></ul><ul><li>Geographic pinpointing of IP addresses </li></ul><ul><li>Web portal for monitoring security from any device </li></ul>
  12. 14. 7. Accelerated Incident Management (Service Operations) <ul><li>Correlated view </li></ul><ul><li>Real-time & historical views </li></ul><ul><li>Detailed audit histories </li></ul><ul><li>Powerful data mining engine </li></ul><ul><li>Drag & drop log filtering </li></ul><ul><li>Efficient & accurate data retrieval </li></ul><ul><li>Statistical event analysis </li></ul><ul><li>Incident case management </li></ul><ul><li>Suspect activity centrally collected </li></ul><ul><li>Investigation audit trail </li></ul>
  13. 15. 8. Multi-Link ™ Communication (Availability & Capacity Management) <ul><li>Seamless circuit failover </li></ul><ul><ul><li>Active/active </li></ul></ul><ul><li>Eliminates costly failover systems or BGP management </li></ul><ul><li>Low-cost alternative to Frame Relay, MPLS </li></ul><ul><li>Scalable and secure </li></ul><ul><ul><li>Unlimited number & types of connections </li></ul></ul><ul><li>Support for emerging technologies </li></ul><ul><ul><li>VoIP, video conferencing </li></ul></ul>Remote Office Corporate Headquarters MPLS INTERNET DSL Cable Modem DSL
  14. 16. 8. Drop-in Active Clustering (cont.) (Availability & Capacity Management) <ul><li>Firewall/VPN Cluster </li></ul><ul><li>Uniquely cluster up to 16 devices </li></ul><ul><li>Achieve Five Nines availability </li></ul><ul><li>Zero impact to network re-configuration </li></ul><ul><ul><li>No maintenance window required </li></ul></ul><ul><li>Clusters managed as “single” instance </li></ul><ul><li>Clustered VPN – provides seamless failover </li></ul>Node 1 33% Node 2 33% Node 3 33%
  15. 17. 8. Dynamic Server Load Balancing (cont.) (Availability & Capacity Management) <ul><li>Eliminates the need for external hardware </li></ul><ul><ul><li>Unlimited server load balancing </li></ul></ul><ul><ul><li>Intelligently monitor availability & health </li></ul></ul><ul><ul><li>Optimized traffic </li></ul></ul><ul><ul><li>Automatic corrective actions </li></ul></ul><ul><ul><li>Transparent server maintenance </li></ul></ul><ul><li>Automatically distribute traffic </li></ul><ul><ul><li>No restrictions on number of servers or client connections </li></ul></ul>Server Pool Load Balancing
  16. 18. 9. Interactive Reporting <ul><li>Enhanced customizable graphical reports </li></ul><ul><li>Automated generation & distribution </li></ul><ul><li>System auditing reports & audit trails </li></ul><ul><li>Comparative analysis of security policies </li></ul>
  17. 19. 10. Stonesoft – Powered by Reliability <ul><li>No forklift upgrades – phased-in approach </li></ul><ul><ul><li>Always-on connectivity technologies </li></ul></ul><ul><ul><li>Third-party event management </li></ul></ul><ul><ul><li>Rule-base translation tools </li></ul></ul><ul><ul><li>Turnkey solutions delivery </li></ul></ul><ul><ul><li>Direct support vs. tiered support </li></ul></ul><ul><ul><li>Dedicated engineers, average 6+ years experience </li></ul></ul><ul><ul><li>Follow the sun – Atlanta and Helsinki </li></ul></ul><ul><ul><li>Commitment to customer success throughout organization </li></ul></ul><ul><ul><li>Track record of technology innovation </li></ul></ul><ul><ul><ul><li>38 patents & 28 patents pending </li></ul></ul></ul>“ The superior level of support provided by Stonesoft is the benchmark we use to measure all of our other vendors.” - National City Bank 2008 Customer Satisfaction Results 95% Overall Satisfaction
  18. 20. 10 Quick Wins Stonesoft ITIL Win 1. One-step Security Management Single pane of glass view Improves Security Management across the entire enterprise from core to edge. 2. Central Repository Current, correlated Service Knowledge Database shares information for reporting. 3. Role-based Access Control Centrally managed information access based on roles directly implemented by the SMC. 4. Logs & Auditing Easily accessible and ensures Compliance. 5. Next Generation Policy Management Standardized policies, consistency with less administration , SLA/OLA Management, at perimeter and internal. 6. Real-time Monitoring & Alerting More efficient Service Operations. 7. Accelerated Incident Management Faster Troubleshooting & Resolution; feeds a knowledge error database. 8. Patented Multi-Link Communication, Drop-in Active Clustering, Dynamic Server Load Balancing Guaranteed High Availability at the component and link level for reliability, to ensure Always-on Connectivity; Enhanced and Secure Data Delivery. 9. Interactive Reporting Reports for Continual Service Improvements 10. Stonesoft Reliability Easy Implementation, Reliability, Maintainability & proven long-term Serviceability.
  19. 21. Thank You (866) 869-4075 [email_address] www.stonesoft.com

×