Next-Gen Security (using Cloud)

1,247 views

Published on

Some thoughts on how to leverage cloud infrastructure to deliver new (next-gen) security as a service.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,247
On SlideShare
0
From Embeds
0
Number of Embeds
7
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Use Cheyenne Mountain to compare the “old vs. the new” in security technology & deployment.Cheyenne Mountain is a mountain located just outside the southwest side of Colorado Springs, Colorado, U.S., and is home to the Cheyenne Mountain Air Force Station[1] and its Cheyenne Mountain Directorate, formerlyknown as the Cheyenne Mountain Operations Center (CMOC).Throughout the Cold War and continuing to this day, the Cheyenne Mountain Operations Center and the Cheyenne Mountain Directorate collect data from a worldwide system of satellites, radar, and other sensors and process that information in real time. Operations are conducted year-round in the Air Warning Center, Missile Correlation Center, Operational Intelligence Watch, Systems Center, Weather Center, and the Command Center.The design of this facility makes it one of the most unusual installations in the world. Apart from the fact that it is housed 2,000 feet (600 m) into the mountain, it is also notable in that it is a joint and binational military organization comprising over 200 men and women from the Army, Navy, Marine Corps, Air Force, Coast Guard, and Canadian Forces.
  • http://www.symantec.com/business/threatreport/topic.jsp?id=threatreport&aid=executive_summary
  • http://venturebeat.com/2011/03/31/ibm-says-it-sees-13-billion-cybersecurity-alerts-every-day/IBM says it monitors 13 billion real-time security events every day for more than 4,000 clients. That’s about 150,000 events per second, which include anything from phishing attacks to false alarms.IBM found that there were 8,000 new web vulnerabilities discovered during 2010, up 27 percent from 2009. The adoption of smartphones within the enterprise posed added risks, raising the need for tighter security on password management and data encryption. Attacks against mobile phones are on the rise.“The numerous, high-profile targeted attacks in 2010 shed light on a crop of highly sophisticated cyber criminals who may be well-funded and operating with knowledge of security vulnerabilities that no one else has,” said Tom Cross, threat intelligence manager at IBM X-Force
  • http://www.cfr.org/technology-and-foreign-policy/confronting-cyber-threat/p15577
  • http://www.pcworld.com/article/170546/is_your_pc_botinfested_heres_how_to_tell.html
  • http://www.gartner.com/it/page.jsp?id=1422314http://www.networkworld.com/news/2011/010411-network-security.htmlThere's some early optimism about the information technology industry as the world steps into 2011. For one thing, the global network security market is expected to be on the rise, according to estimates from IDC, which forecasts a return to the growth of pre-recession levels this year.The global network security market, described as hardware and software with functionality that includes firewalls, VPNs, intrusion prevention and detection, and multi-purpose security known as unified threat management, is expected to show revenues of $8.16 billion in 2011. That's 8.1% more than 2010 revenues, which are reckoned at about $7.54 billion, according to November forecasts by IDC. While final numbers related to 2010 are still being compiled, 2010 is regarded as a year of revenue stabilization for the network security industry after the painful year of 2009, which saw revenues drop almost 1% from the year before to about $7.16 billion.Also read: Network World's 2011 Outlook packageIDC's network security market forecast anticipates that software will grow at a faster rate than hardware and that software-based solutions "will make up over 26% of the market by 2014," when the market is predicted to reach about $9.5 billion. Still, hardware-based appliances are expected to see the lion's share of revenues at $6.58 billion in 2011, growing to an expected $7 billion in 2014.
  • http://www.crn.in/ITChannel-006Apr011-Cloud-SaaS-Security-Creating-Big-Boom-For-MSPs.aspxhttp://it.tmcnet.com/news/2011/04/05/5425432.htmAccording to Infonetics, revenue for managed security services jumped 12 percent in 2010 and that number is expected to grow by several times over the next five years, with the managed security services market expected to hit $17 billion by 2015 on the backs of cloud and SaaS."2010 was a good year for managed security services, which, for the most part, met our expectations for buyer uptake and provider innovations. Revenue grew 12 percent in 2010 and will grow 62 percent over the next five years, driven by cloud-based services and SaaS," Jeff Wilson, analyst for security at Infonetics said in an analyst note. "Our 2010 forecast was 4 percent high, but there was no decrease in fundamental demand for managed security, just a sluggish global economy."According to the report, SaaS and cloud-based security services are expected to make up close to half of the overall managed security services market come 2015. That comes at a time when worldwide SaaS revenue is expected to dramatically increase over the next few years with a compound annual growth rate of 23 percent between last year and 2015.All told, Infonetics Research expects the overall managed security services market, which combines CPE, SaaS and cloud services, to inch close to $17 billion by 2015.And for managed service providers, managed security services offer a location independent offering, Infonetics Research found. According to the research, managed security services have already taken hold in North America and EMEA and massive growth is expected in Asia Pacific and Central and Latin America in coming years.In a second report, Infonetics found that security spending in virtualized environments is on the rise. According to the firm, companies expect to spend an average of 51 percent more on security for virtualized environments in 2012 than they did in 2010.Infonetics found that companies are turning to security for virtualized environments to prevent threats specific to virtual environments, prevent inter-virtual machine threats and to maintain secure server configurations.And as the market grows, the vendor landscape for security for virtualized environment is continuing to shake out."While the market leader in the data center/cloud security space is at this point undecided, at the center of the leadership puzzle is the emerging segment of security solutions for virtualized environments," Wilson wrote in an analyst note. "Microsoft (NSDQ:MSFT), Cisco (NSDQ:CSCO), and VMware lead in brand awareness and strength overall now, but this is only one -- admittedly early -- piece of the virtualization/data center security leadership puzzle. It's possible that when it comes down to who will actually be able to best monetize security solutions for virtualized environments, players with much lower brand presence will do better than some of the players with stronger overall brands, if they deliver a better product."
  • Key Requirements:1.Time to install 2.Time to configure for your environment 3.Out of the box protection - how many vulnerabilities are covered (including evasions)? 4.Ease of use 5.Integration with other network & security devices 6.Management, deployment, and frequency of coverage protection updates 7.Security policy definition and management 8.Security coverage protection with and without evasions while in midst of your network traffic 9.Resistance to false positives while in midst of your network traffic 10.High Availability 11. Reporting 12.Logging (is there enough for forensics?) 13.Level and cost of vendor technical support 14.Availability and cost of vendor product training
  • $75,000/yr (typical managed service cost for 250 users) = $25 / User / Mthx 12 x 250Would require a package of offerings….example service suite (some NewCo, some partnership): network boundary protection, including managed services for firewalls, intrusion detection systems (IDSs), and virtual private networks (VPNs) security monitoring (may be included in network boundary protection) incident management, including emergency response and forensic analysis. (This service may be in addition to security monitoring.) vulnerability assessment and penetration testing anti-virus and content filtering services information security risk assessments data archiving and restoration on-site consulting
  • Top Network Security:CISCOCheckPointJuniperFortinetSonicwall
  • ×