Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Guardicore - Shrink Your Attack Surface with Micro-Segmentation


Published on

CSNP Chicago - presented by Avishag Daniely

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Guardicore - Shrink Your Attack Surface with Micro-Segmentation

  1. 1. Shrink Your Attack Surface with Micro- Segmentation Avishag Daniely Director, Product management @avishugz
  2. 2. 2 // Guardicore Confidential Segmentation: It was never easy. It’s only getting harder. Many enterprise networks are too flat Why? No visibility Tied to infrastructure App changes & downtime required Slow to implement Multiple teams involved Because VLANs are painful and restrictive But segmentation is more important than ever 85% of data center traffic is now east- west1 191 days Average dwell time after a breach is 1Source: Cisco Global Cloud Index 2Source: Ponemon Institute 2018 “Cost of a Data Breach” report 2
  3. 3. 3 // Guardicore The Usual Strategy: Build Walls
  4. 4. 4 // Guardicore Walls Don’t Always Work Spoiler Alert:
  5. 5. 5 // Guardicore A Better Strategy: Build Ships Instead of thinking about walls, we should be thinking about ships
  6. 6. 6 // Guardicore So Why Haven’t We Applied Shipbuilders’ Wisdom to IT Infrastructure?
  7. 7. Because In Today’s Hybrid Data Center Infrastructure… Traditional Security Approaches are Ineffective
  8. 8. VLANs fail to deliver ● Visibility ● Fast Deployment ● Cloud & Container support ● Flexibility
  9. 9. Security Groups are Becoming the New VLANs
  10. 10. Simple to Manage Centralized Management Distributed Enforcement Simple to Deploy One policy approach for all on-premises and cloud environments Completely decoupled from underlying infrastructure Broad ecosystem and OS integration and support Intuitive, human readable visualization and policy creation Software Defined Segmentation Simplifies Hybrid Cloud Security Highly Effective Precise control down to the individual process level
  11. 11. 1. Rules for IT hygiene ▪ Block undesired ports, services like Telnet, internet access to databases, etc 1. Rules for infrastructure services (e.g., Jumpboxes, IoT) 2. Separate environments (e.g., Dev/Lab/Prod) 3. Ring-fence sensitive and/or regulated apps (e.g., SWIFT, PCI, etc.) 4. Micro-segment applications Strive to Make Segmentation Simple
  12. 12. The Business Impact of Effective Segmentation
  13. 13. 13 // Guardicore Confidential13 // Guardicore Confidential How Do I Shrink my Attack Surface?
  14. 14. 14 // Guardicore Confidential Environment Segmentation
  15. 15. 15 // Guardicore Confidential Critical Application Ring-Fencing
  16. 16. 16 // Guardicore Confidential Third-Party Access Control
  17. 17. 17 // Guardicore Confidential Identity-Based Access Control
  18. 18. Real-World Example: Securing Access Based on User Identity Environment: Production Application: Accounting Application: DMS Andy Doug Jumpbox
  19. 19. 19 // Guardicore Confidential ▪ Project target: 10 critical applications ▪ Project scope: 1. Application ring-fencing 2. 3rd party access control 3. Cloud migration readiness ▪ No data center traffic visibility ▪ Complex IT infrastructure ▪ Heavy dependence on infra team Time: 1.5 years with VLANs and FW ▪ Granular east-west traffic visibility ▪ 10 critical applications ring-fenced ▪ 3rd party access restricted ▪ Dependencies mapped for seamless migration ▪ Full process automation with DevOps Time: 2 months People: 1 Architect Legacy Segmentation Software-Defined Segmentation Use Case Protect Your Digital Crown Jewels Top 25 Global Bank
  20. 20. 20 // Guardicore Confidential Use Case Simplify and Accelerate Compliance ▪ Need to ring-fence SWIFT application ▪ Complex environment with bare-metal, VMware and OpenStack servers ▪ Hard to define segments across complex infra ▪ No visibility into applications and dependencies ▪ Requires downtime Time: ~8-12 months People: at least 5 ▪ Completed SWIFT application mapping in hours ▪ Segmentation policies automatically suggested and fine-tuned ▪ No need to purchase and deploy new HW and FWs ▪ No downtime Time: 2 weeks People: 1 architect Legacy Segmentation Software-Defined Segmentation Multinational Commercial Bank
  21. 21. 21 // Guardicore Confidential ▪ Project target: 30 PCI applications ▪ Project scope: 1. Separate PCI and non-PCI apps 2. Unify security controls 3. Multi-cloud support ▪ Compliance blind spots ▪ Difficult to manage security controls across OpenStack, VMware, Azure, Oracle Cloud Five Separate Policy Engines ▪ 30 PCI applications ring-fenced ▪ From 5 security policy engines to 1 ▪ Contextual visibility into PCI related traffic ▪ Integration into DevOps cycles ▪ Breach Detection added value Time: 3 months People: 2 Architects Legacy Segmentation Software-Defined Segmentation Use Case Adopt Cloud and PaaS Securely Global Online Retailer
  22. 22. 22 // Guardicore Confidential Use Case Simplify and Accelerate Compliance ▪ Extremely slow progress ▪ Audit failures, fines and production errors ▪ Production outages due to application downtime Time: 2 Years with VLANs ▪ 10,000 non-compliant assets segmented ▪ Zero application downtime ▪ 10x faster implementation saving compliance costs ▪ Reduced manual effort with DevOps Time: 6 Months People: 3 Architects Legacy Segmentation Software-Defined Segmentation ▪ Project target: Dev/Prod/UAT separation ▪ Project scope: 1. Restrict traffic between production and non- production environments 2. App ring-fencing readiness Top 25 Global Bank
  23. 23. 23 // Guardicore Confidential23 // Guardicore Confidential With Software-Defined Segmentation • Gain as much visibility as possible (real-time, historical, detailed) • Consume large amounts of visibility data simply and clearly • Support any environment – on-premises or cloud • Create flexible policies based on objectives instead of infrastructure • Support multiple use cases simultaneously • Make life simpler for both security teams and application owners
  24. 24. 24 // Guardicore Confidential About Guardicore Top 25 Promising Young Start-ups for 2017 Gartner 2018 Cool Vendor 2018 InfoSec Awards winner for Cloud Security 5/5 Stars Rating - Best Buy Recommendation third year in a row 5/5 Stars rating on Glassdoor Our Mission 250% growth 2018 Customers in 5 Continents 160+ employees $110M in funding (Series C) Chosen to be an AWS Security Hub Partner Guardicore is a data center and cloud security company. We provide the simplest, most intuitive way to protect your organization’s critical assets through micro-segmentation.
  25. 25. 25 // Guardicore Confidential25 // Guardicore Confidential Connect with Us: Twitter: @Guardicore LinkedIn: Email: Critical Assets. Simply Secured. Anywhere.