ICT Security 2010: Le minacce delle nuove tecnologie

1,006 views

Published on

Intervento tenuto assieme a SonicWAll per analizzare eventuali rischi presenti nelle reti moderne grazie alle tecnologie più utilizzate, e come mitigarle.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,006
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
18
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

ICT Security 2010: Le minacce delle nuove tecnologie

  1. 1. Alessio L.R. Pennasilico mayhem@alba.st twitter: mayhemspp FaceBook: alessio.pennasilico Phone/Fax +39 045 8271202 Via Roveggia 43, Verona Via Doria 3, Milano http://www.aisgroup.it/ info@aisgroup.it Cristiano Cafferata ccafferata@sonicwall.com BDM & SE Italia e Grecia La tecnologia intorno a me, la sicurezza dentro di me Friday, 29 October, 2010
  2. 2. Alessio L.R. Pennasilico Alessio L.R. Pennasilico Board of Directors: Associazione Informatici Professionisti, CLUSIT Associazione Italiana Professionisti Sicurezza Informatica Italian Linux Society, LUGVR, Sikurezza.org Hacker’s Profiling Project 2 ! Security Evangelist @ Friday, 29 October, 2010
  3. 3. Alessio L.R. Pennasilico Rischi dellaVirtualizzazione accesso all’interfaccia amministrativa test reachability per HA vMotion iSCSI, NFS 3 Friday, 29 October, 2010
  4. 4. Alessio L.R. Pennasilico Proteggere leVM Segmentare la rete Applicare filtri IDS Antivirus 4 Friday, 29 October, 2010
  5. 5. Today’s Network Security Requirements Situational Visibility & Awareness  Application Intelligence, Control with Visualization  Scanning of all out-going and in-coming traffic Protection & Risk Management  Security effectiveness for maximum catch rates  Zero-day protection Secure Access and Manageability Flexible, yet granular controls Multi-vendor interoperability Scalability Technology and Solutions Network Performance/ Policy & Administration Compliance Regulations and Standards Proof  Physical and virtualized assets  Distributed networks  Users and Applications  Mobile devices  Embedded sensors 2 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  6. 6. Vulnerabilities in the software everyone uses everyday … It’s Human Nature … Programmers make mistakes Malware exploits mistakes Malware  propaga+ng  at  Applica+on  Layer 7 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  7. 7. Alessio L.R. Pennasilico VoIP Risks I telefoni IP, per funzionare, possono eseguire diverse azioni preliminari, vulnerabili a diversi attacchi: ✓ottengono l'indirizzo IP da un server DHCP ✓ottengono dal DHCP l'indirizzo di un TFTP server ➡ io sono il server DHCP, ti indirizzo al mio TFTP ✓scaricano il firmware dal TFTP server ➡ io sono il TFTP e ti do il mio firmware/configurazione ✓scaricano la configurazione dal TFTP server ➡ io leggo la configurazione dal server TFTP ✓si autenticano sul serverVoIP ➡ sniffo, o mi fingo il PBX e forzo auth plain text 7 Friday, 29 October, 2010
  8. 8. Alessio L.R. Pennasilico Attenzione IlVoIP può essere più sicuro della telefonia tradizionale. Questo tuttavia si ottiene attraverso una corretta progettazione, implementazione e verifica, seguendo alcune best practice, sia dal punto di vista tecnico che dal punto di vista della formazione. 8 Friday, 29 October, 2010
  9. 9. Alessio L.R. Pennasilico VoIP Segmentare la rete Applicare filtri IDS/Antivirus QoS Managed WiFi 9 Friday, 29 October, 2010
  10. 10. Challenges in a Web 2.0 Environment  Allow use of Social Networking … but protect it … and control who’s using it  Allow use of Streaming Video … but control its usage  At the same time … Restrict P2P Applications … Restrict File Sharing … Restrict Gaming … Prioritize VoIP Copyright 2010 SonicWALL Inc. All Right Reserved.14 Friday, 29 October, 2010
  11. 11. Streaming Video Copyright 2010 SonicWALL Inc. All Right Reserved.12 Recreational UseBusiness Use Friday, 29 October, 2010
  12. 12. Application Chaos IT Controls Challenged Unacceptable AppsAcceptable Apps Identify, Manage and Control Application Chaos CONFIDENTIAL All Rights Reserved11 Friday, 29 October, 2010
  13. 13. Alessio L.R. Pennasilico Rischi del Wireless Perchè proprio io? ...Wardriving... 13 Friday, 29 October, 2010
  14. 14. Alessio L.R. Pennasilico Device 14 Friday, 29 October, 2010
  15. 15. Alessio L.R. Pennasilico Antenne 15 Friday, 29 October, 2010
  16. 16. Alessio L.R. Pennasilico Mezzi alternativi 16 Friday, 29 October, 2010
  17. 17. Alessio L.R. Pennasilico Molto alternativi... 17 Friday, 29 October, 2010
  18. 18. Alessio L.R. Pennasilico Personalizzazioni 18 Friday, 29 October, 2010
  19. 19. Alessio L.R. Pennasilico Coordinate GPS 19 Friday, 29 October, 2010
  20. 20. Alessio L.R. Pennasilico Cracca al Tesoro Caccia al Tesoro “Geek” www.wardriving.it 20 Friday, 29 October, 2010
  21. 21. Alessio L.R. Pennasilico Misure Inutili Nascondere il nome della rete non serve Filtrare i mac-address non serve WEP da un falso senso di sicurezza 21 Friday, 29 October, 2010
  22. 22. Alessio L.R. Pennasilico Proteggere il WiFi WPA2 a casa è una soluzione adatta In azienda è possibile fare IPSec su WiFi oppure WPA2/Enterprise 22 Friday, 29 October, 2010
  23. 23. Alessio L.R. Pennasilico Proteggere le reti SCADA Segmentare la rete Applicare filtri IDS Antivirus Encryption 23 Friday, 29 October, 2010
  24. 24. Application Intelligence & Control Copyright 2010 SonicWALL Inc. All Right Reserved.16 Identify Categorize Control By Application By User/Group By Content Inspection By Application By Application Category By Destination By Content By User/Group Prioritize Manage Block Prevent Malware Prevent Intrusion Attempts Next Generation Firewall Platform Friday, 29 October, 2010
  25. 25. Example: Prioritize Application Bandwidth Goal Prioritize mission critical applications, such as SAP, Salesforce.com and SharePoint. Ensuring these applications have priority to get the network bandwidth they need to operate can improve business productivity. Solution: App: SAP, Sharepoint, SFDC Action: Bandwidth Prioritize Schedule: Always Users: All Application priority can be date based (think end-of-quarter priority for sales applications) Copyright 2010 SonicWALL Inc. All Right Reserved.29 Friday, 29 October, 2010
  26. 26. Visualize - Attacks Copyright 2010 SonicWALL Inc. All Right Reserved.24 Friday, 29 October, 2010
  27. 27. Visualize - Applications Copyright 2010 SonicWALL Inc. All Right Reserved.23 Friday, 29 October, 2010
  28. 28. Alessio L.R. Pennasilico Minacce “esterne” IDS Antivirus Antispam 28 Friday, 29 October, 2010
  29. 29. Identify – By Users Copyright 2010 SonicWALL Inc. All Right Reserved.19 Friday, 29 October, 2010
  30. 30. Categorize Copyright 2010 SonicWALL Inc. All Right Reserved.20 Friday, 29 October, 2010
  31. 31. Malware loves Social Networking Too Set-up: Create bogus celebrity LinkedIn profiles Lure: Place link to celebrity “videos” in profile Attack: Download of “codec” required to view video Infect: Codec is actually Malware Result: System compromised (Gregg Keizer, Computerworld Jan 7, 2009) 8 Copyright 2010 SonicWALL Inc. All Right Reserved. Friday, 29 October, 2010
  32. 32. http://www.aisgroup.it/ Conclusioni Friday, 29 October, 2010
  33. 33. SonicWALL Application Control Appliances Copyright 2010 SonicWALL Inc. All Right Reserved. NSA E7500/8500 NSA E6500 NSA E5500 TZ 210 Series NSA 3500 NSA 2400 NSA 240 NSA 4500 NSA 2400MX 31 Friday, 29 October, 2010
  34. 34. SonicWALL Next Generation Firewalls feature:  Multi-Function Security Integration  Complete Threat Protection with Intrusion Prevention & Anti-Malware/ Virus/Spyware  Content Control & URL Filtering  Full “Enterprise” quality Integrated Anti-SPAM  Protect whole infrastructures such as StoneWare Access  Application Visibility  Integrated Application Firewall  Policy control over Applications, Application use & File Types  Ultimate Connectivity  “Clean VPN” Secure IPSec Site-to-Site VPN Connectivity, Clean Wireless, Wireless Switch / Controller  Exceptional User Policy Control and Access to Resources  Integrated Wireless Switch offer “Clean Wireless”  Reliability, Optimization & Flexibility  Highly Redundant Hardware – Power/Fans  Business Application Prioritization & QoS  Integrated Server Load Balancing Feature-set  Flexible Deployments branch office, corporate & department network Applications  Award winning: Deployment & Management Deep Packet Firewall Clean VPN Intrusion Prevention Anti-Malware Content Filtering Bandwidth Management Application Firewall Full Anti-SPAM Clean Wireless Friday, 29 October, 2010
  35. 35. Alessio L.R. Pennasilico Prodotto sviluppato per rispondere integralmente alle esigenze del decreto “amministratori di sistema” 35 Friday, 29 October, 2010
  36. 36. Alessio L.R. Pennasilico VoIP Web Interface di gestione Interfaccia utente via web Multisede Integrazione di: fax/sms/skype/device “esotici” 36 Friday, 29 October, 2010
  37. 37. Alessio L.R. Pennasilico La sicurezza Non è un prodotto E’ un processo 37 Friday, 29 October, 2010
  38. 38. Alessio L.R. Pennasilico Budget? 81% delle intrusioni avvengono su reti che non sodisfano i requirement delle più diffuse norme/best practice / guidelines Gartner 38 Friday, 29 October, 2010
  39. 39. Alessio L.R. Pennasilico mayhem@alba.st twitter: mayhemspp FaceBook: alessio.pennasilico Phone/Fax +39 045 8271202 Via Roveggia 43, Verona Via Doria 3, Milano http://www.aisgroup.it/ info@aisgroup.it Cristiano Cafferata ccafferata@sonicwall.com BDM & SE Italia e Grecia Grazie!T h e s e s l i d e s a r e written by Alessio L.R. P e n n a s i l i c o a k a mayhem. They are subjected to Creative Commons Attribution- S h a r e A l i k e - 2 . 5 version; you can copy, modify, or sell them. “Please” cite your source and use the same licence :) Friday, 29 October, 2010

×