SlideShare a Scribd company logo
1 of 42
Training on Unified Threat Management Systems & SSL VPN (SaaS) By -  Amarjit Singh & RishabhDangwal Tulip Telecom Ltd.
Objectives Security awareness Latest trends in security Device Awareness Saving the world before bedtime, without worries :P The notion of providing Security as a Service
We as an ISP have a tough enough job already..But.. What about Security threats? How serious are they? Hackers are there..where are We ? What is the most effective and cost efficient way to handle them?
Current Trends Cyber-attacks are increasing in speed and sophistication exponentially Blended threats, hybrid attacks  and APT’s.. Getting automated tools is easy, increase in skid culture Security costs money, Security problems cost money, time and lots of pain.
Intruders Attack Sophistication vs. Intruder Technical Knowledge Courtesy Emil on security Auto Coordinated Cross site scripting “stealth” / advanced scanning techniques High Staged packet spoofing denial of service distributed attack tools sniffers Intruder Knowledge sweepers www attacks automated probes/scans GUI back doors network mgmt. diagnostics disabling audits hijacking  sessions burglaries Attack Sophistication exploiting known vulnerabilities password cracking self-replicating code password guessing Low 2011 1980 1985 1990 1995
Software Vulnerabilities “99% of intrusions result from exploitation of known vulnerabilities” 					Source: 2001 CERT, Carnegie Mellon University Cause: programming bugs, bad testers, short sighted development Threat: lack of patches for the above LizamoonSQLi exploited 1.5 million + hosts
E-mail Viruses Primary medium for distributing threats Trojans – Easy to create, quick to deliver, easy to install HTML viruses on email Innocent sounding Emails having malicious attachments containing:  Macros, VB scripts, java scripts and html scripts
File Based Threats ,[object Object]
Viruses and malicious code infection:
P2P/Torrent
IM applications
Free software/shareware sites
Infected servers
Email
Threats bypass statefulpacket inspection firewalls
Once inside the network, others are easily affected,[object Object]
And we have got Spyware.. Program that uses Internet without the User’s knowledge Approximately 80% of computers have some form of Spyware (including corporate ones) Spread using shareware, pop ups,p2p,shareware..the usual suspects Gathering information: Browsing habits (sites visited, links clicked, etc.) Data entered into forms (including account names, passwords, text of Web forms and Web-based email, etc.) Key stokes and work habits
Spam Unsolicited Email Multiple techniques to send mails Spoof email address Image only mail Random text Text merging Token Manipulation URL hiding HTML Tag corruption Increase False positives Parse corruption Metamorphic Spam Trojans And much much more.. Leads to low productivity and server outages.
Network woes  Label spoofing Core hiding Replay attacks Compromise of LIB Access to LER And other  MPLS security issues..
Router abuse TACACS+ forced session_id collisions Sophisticated Packet body DOS Boot iosmanipulation Improper tcl scripts (if present) External factors SNMP compromise
And its just the Tip of Iceberg…(a.k.a Raising the Attack Standards by a Notch) Sophisticated DOS (Network, application) Advanced Persistent Threats Smartphone Abuse Certificate abuse (DigiNotar - PKIOverheid..) Key abuse (RSA, anyone ?) Kernel Rootkits/Bootkits
Obsolete Defenses Firewalls work on port blocking strategy Reactive approach Stateful Packet Inspection (SPI) : Provides source / destination / state intelligence  Provides NAT Stateful firewalls cannot protect against multilayer threats Is limited in nature
How TULIP can provide security ? SaaS – Security as a Service SSL-VPN Unified Threat Management
What is SSL VPN TECHNOLOGY?  Secure Sockets Layer (SSL) virtual private networks (VPN) provide secure remote access to an organization’s resources. A VPN is a virtual network, built on top of existing physical networks, that can provide a secure communications mechanism for data and other information transmitted between two endpoints. Because a VPN can be used over existing networks such as the Internet, it can facilitate the secure transfer of sensitive data across public networks. Concept - SSL VPN
The Landscape with SSL VPN
Why SSL  VPN        SSL VPN solutions offer a flexible and highly secure way to extend network resources to virtually any remote user with access to the Internet and a web browser. Organizations can customize access and extend the reach of their corporate network to individuals based on their role, including the teleworker, contractor, or business partner.
Business challenge for EMS
The Landscape with Tulip Managed SSL
Complete Client-side Cleanup Cleanup of end users system at end of session. Configurable options of cache cleanup includes.  Cookies  Temporary Internet Files  Browser History  Visited URL’s  Downloaded Program Files Cleanup all traces of users access and data downloaded at the end of session.
Authentication Mechanisms Vast range of Authentication mechanisms to choose from Supported Authentication mechanisms  Local Database  RADIUS  Active Directory (AD)  LDAP  RSA Secure ID  Certificate based Authentication.   Biometrics.  SMS Two-Factor or Multi-Factor Authentication  Support for One Time Password (OTP) and Public Key Infrastructure (PKI) Tokens
End-point compliance SSL VPN End-point security service ,[object Object]
 Ensure device compliance with corporate policy
 Remediate devices when needed
 Cross platform supportVirus ,[object Object]
 No personal firewall
User granted minimal access
 No Anti-Virus Installed
 Personal Firewall enabled
 User remediated  install anti-virus
 Once installed, user granted accessAirport Kiosk Mobile User Home PC User ,[object Object]
 Personal Firewall Enabled
 Virus Definitions Up To Date

More Related Content

What's hot

Ad hoc symatric key destribution
Ad hoc symatric key destributionAd hoc symatric key destribution
Ad hoc symatric key destributionsalehsl
 
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...Rambus
 
gkkSecurity essentials domain 2
gkkSecurity essentials   domain 2gkkSecurity essentials   domain 2
gkkSecurity essentials domain 2Anne Starr
 
Chapter 14 : vlan
Chapter 14 : vlanChapter 14 : vlan
Chapter 14 : vlanteknetir
 
Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010
Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010
Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010Priyanka Aash
 
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)Abdelkhalik Mosa
 
PLNOG16: Kreowanie usług przez operatorów – SP IWAN, Krzysztof Konkowski
PLNOG16: Kreowanie usług przez operatorów – SP IWAN, Krzysztof KonkowskiPLNOG16: Kreowanie usług przez operatorów – SP IWAN, Krzysztof Konkowski
PLNOG16: Kreowanie usług przez operatorów – SP IWAN, Krzysztof KonkowskiPROIDEA
 
VPN (virtual Private Network)
VPN (virtual Private Network)VPN (virtual Private Network)
VPN (virtual Private Network)Chandan Jha
 
IEEE MACSec and NSA ESS: How to Protect Your WAN, LAN and Cloud
IEEE MACSec and NSA ESS: How to  Protect Your WAN, LAN and CloudIEEE MACSec and NSA ESS: How to  Protect Your WAN, LAN and Cloud
IEEE MACSec and NSA ESS: How to Protect Your WAN, LAN and CloudPriyanka Aash
 
ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersNetProtocol Xpert
 
Cisco Router As A Vpn Server
Cisco Router As A Vpn ServerCisco Router As A Vpn Server
Cisco Router As A Vpn Servermmoizuddin
 

What's hot (19)

Pres
PresPres
Pres
 
Ad hoc symatric key destribution
Ad hoc symatric key destributionAd hoc symatric key destribution
Ad hoc symatric key destribution
 
Securityic2
Securityic2Securityic2
Securityic2
 
Topic22
Topic22Topic22
Topic22
 
Gateway and firewall
Gateway and firewallGateway and firewall
Gateway and firewall
 
Firewalls
FirewallsFirewalls
Firewalls
 
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
Protecting Data In Motion with MACsec - Gijs Willemse - Rambus Design Summit ...
 
gkkSecurity essentials domain 2
gkkSecurity essentials   domain 2gkkSecurity essentials   domain 2
gkkSecurity essentials domain 2
 
Chapter 14 : vlan
Chapter 14 : vlanChapter 14 : vlan
Chapter 14 : vlan
 
Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010
Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010
Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010
 
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
LAN Switching and Wireless: Ch4 - VLAN Trunking Protocol (VTP)
 
PLNOG16: Kreowanie usług przez operatorów – SP IWAN, Krzysztof Konkowski
PLNOG16: Kreowanie usług przez operatorów – SP IWAN, Krzysztof KonkowskiPLNOG16: Kreowanie usług przez operatorów – SP IWAN, Krzysztof Konkowski
PLNOG16: Kreowanie usług przez operatorów – SP IWAN, Krzysztof Konkowski
 
VPN (virtual Private Network)
VPN (virtual Private Network)VPN (virtual Private Network)
VPN (virtual Private Network)
 
IEEE MACSec and NSA ESS: How to Protect Your WAN, LAN and Cloud
IEEE MACSec and NSA ESS: How to  Protect Your WAN, LAN and CloudIEEE MACSec and NSA ESS: How to  Protect Your WAN, LAN and Cloud
IEEE MACSec and NSA ESS: How to Protect Your WAN, LAN and Cloud
 
Virtual Private Network
Virtual Private NetworkVirtual Private Network
Virtual Private Network
 
ASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & AnswersASA Firewall Interview- Questions & Answers
ASA Firewall Interview- Questions & Answers
 
Vlans
VlansVlans
Vlans
 
Cisco Router As A Vpn Server
Cisco Router As A Vpn ServerCisco Router As A Vpn Server
Cisco Router As A Vpn Server
 
Vpn presentation
Vpn presentationVpn presentation
Vpn presentation
 

Viewers also liked

Cyber Attack Survival: Are You Ready?
Cyber Attack Survival:  Are You Ready?Cyber Attack Survival:  Are You Ready?
Cyber Attack Survival: Are You Ready?Radware
 
Cyber intelligence for corporate security
Cyber intelligence for corporate securityCyber intelligence for corporate security
Cyber intelligence for corporate securityG3 intelligence Ltd
 
Network security ppt
Network security pptNetwork security ppt
Network security pptshashi712
 
NetworkSecurity.ppt
NetworkSecurity.pptNetworkSecurity.ppt
NetworkSecurity.pptDreamMalar
 
Network Security
Network SecurityNetwork Security
Network SecurityMAJU
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
Management of medical emergencies in the dental practice
Management of medical emergencies in the dental practiceManagement of medical emergencies in the dental practice
Management of medical emergencies in the dental practiceKanika Manral
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
Fracking The Social Web - 2014
Fracking The Social Web - 2014Fracking The Social Web - 2014
Fracking The Social Web - 2014John V Willshire
 

Viewers also liked (14)

Cyber Attack Survival: Are You Ready?
Cyber Attack Survival:  Are You Ready?Cyber Attack Survival:  Are You Ready?
Cyber Attack Survival: Are You Ready?
 
Cyber intelligence for corporate security
Cyber intelligence for corporate securityCyber intelligence for corporate security
Cyber intelligence for corporate security
 
Network security
Network securityNetwork security
Network security
 
Corporate security
Corporate securityCorporate security
Corporate security
 
Corporate security pdf
Corporate security pdfCorporate security pdf
Corporate security pdf
 
Network security ppt
Network security pptNetwork security ppt
Network security ppt
 
NetworkSecurity.ppt
NetworkSecurity.pptNetworkSecurity.ppt
NetworkSecurity.ppt
 
Network security
Network security Network security
Network security
 
Network Security
Network SecurityNetwork Security
Network Security
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
Network security
Network securityNetwork security
Network security
 
Management of medical emergencies in the dental practice
Management of medical emergencies in the dental practiceManagement of medical emergencies in the dental practice
Management of medical emergencies in the dental practice
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
Fracking The Social Web - 2014
Fracking The Social Web - 2014Fracking The Social Web - 2014
Fracking The Social Web - 2014
 

Similar to Corporate Security Issues and countering them using Unified Threat Management Systems and SSL VPN

20070605 Radware
20070605 Radware20070605 Radware
20070605 RadwareINFOTIME
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...NetworkCollaborators
 
Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics NetworkCollaborators
 
Start Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesStart Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesAmazon Web Services
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentationlaonap166
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application SecurityAbdul Wahid
 
network security / information security
network security / information securitynetwork security / information security
network security / information securityRohan Choudhari
 
ShareTech Next-Gen UTM
ShareTech Next-Gen UTMShareTech Next-Gen UTM
ShareTech Next-Gen UTMsharetech
 
IT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_ChannelsIT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_ChannelsPalani Kumar
 
How to Gain Visibility into Encrypted Threats
How to Gain Visibility into Encrypted ThreatsHow to Gain Visibility into Encrypted Threats
How to Gain Visibility into Encrypted ThreatsShain Singh
 
Sreerag cs network security
Sreerag cs network securitySreerag cs network security
Sreerag cs network securitySreerag Gopinath
 
Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Miigaa Mine
 
Computer Systems Security
Computer Systems SecurityComputer Systems Security
Computer Systems Securitydrkelleher
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsHoneywell
 

Similar to Corporate Security Issues and countering them using Unified Threat Management Systems and SSL VPN (20)

Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
 
20070605 Radware
20070605 Radware20070605 Radware
20070605 Radware
 
Information Security
Information SecurityInformation Security
Information Security
 
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
Cisco Connect 2018 Thailand - Security automation and programmability mr. kho...
 
Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics Cisco Connect 2018 Thailand - Telco service provider network analytics
Cisco Connect 2018 Thailand - Telco service provider network analytics
 
Sangfor SSL VPN Datasheet
Sangfor SSL VPN DatasheetSangfor SSL VPN Datasheet
Sangfor SSL VPN Datasheet
 
Day4
Day4Day4
Day4
 
Final ppt ecommerce
Final ppt ecommerceFinal ppt ecommerce
Final ppt ecommerce
 
Start Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best PraticesStart Up Austin 2017: Security Crash Course and Best Pratices
Start Up Austin 2017: Security Crash Course and Best Pratices
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentation
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
network security / information security
network security / information securitynetwork security / information security
network security / information security
 
ShareTech Next-Gen UTM
ShareTech Next-Gen UTMShareTech Next-Gen UTM
ShareTech Next-Gen UTM
 
IT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_ChannelsIT8005_EC_Unit_III_Securing_Communication_Channels
IT8005_EC_Unit_III_Securing_Communication_Channels
 
How to Gain Visibility into Encrypted Threats
How to Gain Visibility into Encrypted ThreatsHow to Gain Visibility into Encrypted Threats
How to Gain Visibility into Encrypted Threats
 
Sreerag cs network security
Sreerag cs network securitySreerag cs network security
Sreerag cs network security
 
RAZORPOINT SECURITY GLOSSARY
RAZORPOINT SECURITY GLOSSARYRAZORPOINT SECURITY GLOSSARY
RAZORPOINT SECURITY GLOSSARY
 
Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01Computersystemssecurity 090529105555-phpapp01
Computersystemssecurity 090529105555-phpapp01
 
Computer Systems Security
Computer Systems SecurityComputer Systems Security
Computer Systems Security
 
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity SolutionsSchneider-Electric & NextNine – Comparing Remote Connectivity Solutions
Schneider-Electric & NextNine – Comparing Remote Connectivity Solutions
 

More from Rishabh Dangwal

Cliffnotes on Blue Teaming
Cliffnotes on Blue TeamingCliffnotes on Blue Teaming
Cliffnotes on Blue TeamingRishabh Dangwal
 
An introduction to SwiftNET
An introduction to SwiftNETAn introduction to SwiftNET
An introduction to SwiftNETRishabh Dangwal
 
Network nags - when security fails
Network nags  - when security failsNetwork nags  - when security fails
Network nags - when security failsRishabh Dangwal
 
Introduction to Wan Acceleration Devices
Introduction to Wan Acceleration DevicesIntroduction to Wan Acceleration Devices
Introduction to Wan Acceleration DevicesRishabh Dangwal
 
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.com
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.comEigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.com
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.comRishabh Dangwal
 
An introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh DangwalAn introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh DangwalRishabh Dangwal
 
A guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
A guide to Unified Threat Management Systems (UTMs) by Rishabh DangwalA guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
A guide to Unified Threat Management Systems (UTMs) by Rishabh DangwalRishabh Dangwal
 

More from Rishabh Dangwal (7)

Cliffnotes on Blue Teaming
Cliffnotes on Blue TeamingCliffnotes on Blue Teaming
Cliffnotes on Blue Teaming
 
An introduction to SwiftNET
An introduction to SwiftNETAn introduction to SwiftNET
An introduction to SwiftNET
 
Network nags - when security fails
Network nags  - when security failsNetwork nags  - when security fails
Network nags - when security fails
 
Introduction to Wan Acceleration Devices
Introduction to Wan Acceleration DevicesIntroduction to Wan Acceleration Devices
Introduction to Wan Acceleration Devices
 
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.com
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.comEigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.com
Eigrp Cheatsheet - EIGRP in 15 min - Rishabh Dangwal - www.theprohack.com
 
An introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh DangwalAn introduction to Digital Security - Rishabh Dangwal
An introduction to Digital Security - Rishabh Dangwal
 
A guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
A guide to Unified Threat Management Systems (UTMs) by Rishabh DangwalA guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
A guide to Unified Threat Management Systems (UTMs) by Rishabh Dangwal
 

Recently uploaded

Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon
 
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPTiSEO AI
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfFIDO Alliance
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...FIDO Alliance
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024Stephanie Beckett
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...CzechDreamin
 
Your enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4jYour enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4jNeo4j
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...FIDO Alliance
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsLeah Henrickson
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe中 央社
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandIES VE
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctBrainSell Technologies
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Patrick Viafore
 
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptx
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptxBT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptx
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptxNeo4j
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimaginedpanagenda
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfSrushith Repakula
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform EngineeringMarcus Vechiato
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfFIDO Alliance
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Hiroshi SHIBATA
 

Recently uploaded (20)

Syngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdfSyngulon - Selection technology May 2024.pdf
Syngulon - Selection technology May 2024.pdf
 
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
1111 ChatGPT Prompts PDF Free Download - Prompts for ChatGPT
 
Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024Enterprise Knowledge Graphs - Data Summit 2024
Enterprise Knowledge Graphs - Data Summit 2024
 
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdfLinux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
Linux Foundation Edge _ Overview of FDO Software Components _ Randy at Intel.pdf
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 
What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024What's New in Teams Calling, Meetings and Devices April 2024
What's New in Teams Calling, Meetings and Devices April 2024
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
Your enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4jYour enemies use GenAI too - staying ahead of fraud with Neo4j
Your enemies use GenAI too - staying ahead of fraud with Neo4j
 
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
Choosing the Right FDO Deployment Model for Your Application _ Geoffrey at In...
 
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on ThanabotsContinuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
Continuing Bonds Through AI: A Hermeneutic Reflection on Thanabots
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
Using IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & IrelandUsing IESVE for Room Loads Analysis - UK & Ireland
Using IESVE for Room Loads Analysis - UK & Ireland
 
ERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage IntacctERP Contender Series: Acumatica vs. Sage Intacct
ERP Contender Series: Acumatica vs. Sage Intacct
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptx
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptxBT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptx
BT & Neo4j _ How Knowledge Graphs help BT deliver Digital Transformation.pptx
 
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties ReimaginedEasier, Faster, and More Powerful – Notes Document Properties Reimagined
Easier, Faster, and More Powerful – Notes Document Properties Reimagined
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
Working together SRE & Platform Engineering
Working together SRE & Platform EngineeringWorking together SRE & Platform Engineering
Working together SRE & Platform Engineering
 
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdfSimplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
Simplified FDO Manufacturing Flow with TPMs _ Liam at Infineon.pdf
 
Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024Long journey of Ruby Standard library at RubyKaigi 2024
Long journey of Ruby Standard library at RubyKaigi 2024
 

Corporate Security Issues and countering them using Unified Threat Management Systems and SSL VPN

  • 1. Training on Unified Threat Management Systems & SSL VPN (SaaS) By - Amarjit Singh & RishabhDangwal Tulip Telecom Ltd.
  • 2. Objectives Security awareness Latest trends in security Device Awareness Saving the world before bedtime, without worries :P The notion of providing Security as a Service
  • 3. We as an ISP have a tough enough job already..But.. What about Security threats? How serious are they? Hackers are there..where are We ? What is the most effective and cost efficient way to handle them?
  • 4. Current Trends Cyber-attacks are increasing in speed and sophistication exponentially Blended threats, hybrid attacks and APT’s.. Getting automated tools is easy, increase in skid culture Security costs money, Security problems cost money, time and lots of pain.
  • 5. Intruders Attack Sophistication vs. Intruder Technical Knowledge Courtesy Emil on security Auto Coordinated Cross site scripting “stealth” / advanced scanning techniques High Staged packet spoofing denial of service distributed attack tools sniffers Intruder Knowledge sweepers www attacks automated probes/scans GUI back doors network mgmt. diagnostics disabling audits hijacking sessions burglaries Attack Sophistication exploiting known vulnerabilities password cracking self-replicating code password guessing Low 2011 1980 1985 1990 1995
  • 6. Software Vulnerabilities “99% of intrusions result from exploitation of known vulnerabilities” Source: 2001 CERT, Carnegie Mellon University Cause: programming bugs, bad testers, short sighted development Threat: lack of patches for the above LizamoonSQLi exploited 1.5 million + hosts
  • 7. E-mail Viruses Primary medium for distributing threats Trojans – Easy to create, quick to deliver, easy to install HTML viruses on email Innocent sounding Emails having malicious attachments containing: Macros, VB scripts, java scripts and html scripts
  • 8.
  • 9. Viruses and malicious code infection:
  • 14. Email
  • 15. Threats bypass statefulpacket inspection firewalls
  • 16.
  • 17. And we have got Spyware.. Program that uses Internet without the User’s knowledge Approximately 80% of computers have some form of Spyware (including corporate ones) Spread using shareware, pop ups,p2p,shareware..the usual suspects Gathering information: Browsing habits (sites visited, links clicked, etc.) Data entered into forms (including account names, passwords, text of Web forms and Web-based email, etc.) Key stokes and work habits
  • 18. Spam Unsolicited Email Multiple techniques to send mails Spoof email address Image only mail Random text Text merging Token Manipulation URL hiding HTML Tag corruption Increase False positives Parse corruption Metamorphic Spam Trojans And much much more.. Leads to low productivity and server outages.
  • 19. Network woes Label spoofing Core hiding Replay attacks Compromise of LIB Access to LER And other MPLS security issues..
  • 20. Router abuse TACACS+ forced session_id collisions Sophisticated Packet body DOS Boot iosmanipulation Improper tcl scripts (if present) External factors SNMP compromise
  • 21. And its just the Tip of Iceberg…(a.k.a Raising the Attack Standards by a Notch) Sophisticated DOS (Network, application) Advanced Persistent Threats Smartphone Abuse Certificate abuse (DigiNotar - PKIOverheid..) Key abuse (RSA, anyone ?) Kernel Rootkits/Bootkits
  • 22. Obsolete Defenses Firewalls work on port blocking strategy Reactive approach Stateful Packet Inspection (SPI) : Provides source / destination / state intelligence Provides NAT Stateful firewalls cannot protect against multilayer threats Is limited in nature
  • 23. How TULIP can provide security ? SaaS – Security as a Service SSL-VPN Unified Threat Management
  • 24. What is SSL VPN TECHNOLOGY? Secure Sockets Layer (SSL) virtual private networks (VPN) provide secure remote access to an organization’s resources. A VPN is a virtual network, built on top of existing physical networks, that can provide a secure communications mechanism for data and other information transmitted between two endpoints. Because a VPN can be used over existing networks such as the Internet, it can facilitate the secure transfer of sensitive data across public networks. Concept - SSL VPN
  • 26. Why SSL VPN SSL VPN solutions offer a flexible and highly secure way to extend network resources to virtually any remote user with access to the Internet and a web browser. Organizations can customize access and extend the reach of their corporate network to individuals based on their role, including the teleworker, contractor, or business partner.
  • 28. The Landscape with Tulip Managed SSL
  • 29. Complete Client-side Cleanup Cleanup of end users system at end of session. Configurable options of cache cleanup includes. Cookies Temporary Internet Files Browser History Visited URL’s Downloaded Program Files Cleanup all traces of users access and data downloaded at the end of session.
  • 30. Authentication Mechanisms Vast range of Authentication mechanisms to choose from Supported Authentication mechanisms Local Database RADIUS Active Directory (AD) LDAP RSA Secure ID Certificate based Authentication. Biometrics. SMS Two-Factor or Multi-Factor Authentication Support for One Time Password (OTP) and Public Key Infrastructure (PKI) Tokens
  • 31.
  • 32. Ensure device compliance with corporate policy
  • 33. Remediate devices when needed
  • 34.
  • 35. No personal firewall
  • 37. No Anti-Virus Installed
  • 39. User remediated  install anti-virus
  • 40.
  • 42. Virus Definitions Up To Date
  • 43. User granted full accessManaged PC User
  • 45. There are Three different access options with SSL VPN PHAT : Private Hyper Access Transport QAT : Quick Access Terminal WAT : Web Access Terminal Access options with SSL VPN
  • 46. What is WAT   Web Access Terminal (WAT) is clientless access modes where user needs just a browser to establish SSL VPN connection. Using WAT user can access web applications such as Outlook Web Access (OWA), Intranet, Share Point, web-based databases, etc from any location like Airport kiosk, Cyber Café, etc.   What is PHAT  Private Hyper Access Transport (PHAT) is one of the modes to access the Virtual Private Network (VPN). It’s small footprint web deployed software that gets installed on user’s machine. PHAT client provide IPSec like functionality to give full access to network.   What is QAT Quick Access Terminal (QAT) is an intermediate client between the PHAT Client and the WAT Client. The users can access TCP based client applications without installing PHAT on their machines. Once configured by the Administrator for a particular group, QAT is started from the web portal. Access options with SSL VPN
  • 47. Tunneling modes Split tunnel: Application traffic targeted specifically for VPN subnets is routed over SSL VPN tunnel to SSL VPN-Plus Gateway. Rest of the traffic flows follows normal LAN path. Full tunnel:All Application traffic is sent to SSL VPN-Plus Gateway over SSL VPN tunnel for routing. In this case, complete data from user’s machine can be monitored on SSL VPN-Plus Gateway. If local subnets are not excluded for user, the user won’t be able to access local LAN also.
  • 48. Scenario 1Alternate Backup Link SSL Server www ADSL Link X Primary Link Tulip IDC Remote Location Tulip Connect MPLS Backbone ERP Servers Central Location
  • 49. Scenario 2Instant Connectivity Remote Customer Location Tulip Connect Not yet Installed Or getting delayed (TNF) SSL Server www ADSL Link Primary Link Tulip IDC Remote Location Tulip Connect MPLS Backbone Customer Location Ready ERP Servers Central Location 30
  • 50. Scenario 3Extranet Connectivity SSL Server www Tulip IDC Dealer Locations Primary Link Tulip Connect MPLS Backbone Remote Location ERP Servers Central Location 31
  • 51. Scenario 4Enterprise Mobility SSL Server www Roaming Executives Tulip IDC User Moves Out Cyber Cafe Primary Link Tulip Connect MPLS Backbone Remote Location User ERP Servers Central Location 32
  • 52. The New Standard - UTM Unified Threat Management / eXtensible Threat Management Integration of Firewall Deep Packet Inspection Intrusion Prevention for blocking network threats Anti-Virus for blocking file based threats Anti-Spyware for blocking Spyware Faster updates to the dynamic changing threat environment and elimination of False Positives Multilayered security Inhouse / Multivendor Approach
  • 53.
  • 54. Application Specific Integrated Circuits (ASIC’s) Network and Coprocessors for dedicated tasks
  • 55.
  • 56. Application awarenessPRO Series as a Prevention Solution PS/GAV Dynamic Updates DPI DPI DPI DPI: Intrusion Prevention /Gateway AV/ Anti-Spy Server Zone Dept Zone User Zone Diagram courtesy Sonicwall
  • 57.
  • 58. Deep Packet Inspection with Intrusion Prevention can find and block, application vulnerabilities, worms or Trojans.Content Inspection Stateful PacketInspection Anti-Virus Content Filtering Service Deep PacketInspection Gateway Anti-Virus Anti-Spyware Firewall Traffic Path Diagram courtesy Sonicwall
  • 59.
  • 61. Unified Threat Management Appliance Content Filtering Reporting & Reverse monitoring Secure Wireless High Availability - Appliance ISP Load Balancing/Failover Central Management Secured MPLS by MSSP (and link termination) Firewall VPN Basic bandwidth Management Gateway AV, Intrusion Prevention and Anti-spyware Modified for Router monitoring by combining with MSSP Trusted Certificate Management
  • 62.
  • 64. Protection from: Viruses, spyware, worms, trojans, app vulnerabilities
  • 67. Scans & decompresses unlimited number of files & file sizes
  • 68. Supports over 80 protocol types including
  • 69. SMTP, IMAP, POP3 Email, HTTP – Web, FTP – File Transfer
  • 70. Peer to Peer Transfers, NetBios – Intra LAN Transfers, any stream-based protocol
  • 71. Updateable database by an expert signature team
  • 72. DOS protection from 22 types of DOS attacks
  • 73. Application DOS prevention using EPS monitoring
  • 74.