STKI Summit 2009 -Infrastructure Services Trends

1,965 views

Published on

A coprehensive version of Israeli market trends in the IT security, Networking and Grenn IT sectors

Published in: Technology
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,965
On SlideShare
0
From Embeds
0
Number of Embeds
90
Actions
Shares
0
Downloads
0
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

STKI Summit 2009 -Infrastructure Services Trends

  1. 1. Your Text here Your Text here Shahar Geiger Maor VP & Senior Analyst shahar@stki.info Visit My Blog: http://shaharmaor.blogspot.com/ 1
  2. 2. Agenda Information 1 Information Security Security 2 Communication Networking Networking Your Text here Your Text here 3 Green IT Green IT Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 2
  3. 3. 2009: Application to-do-list a. Flexible staffing based on good temps vendors b. Contract renegotiations and multisourcing of temps c. Requirement and portfolio management and rationalization d. Maintenance and requirement release management e. Application integration, reuse, atmaa and SOA f. Automating and outsourcing testing Your Text here Your Text here g. ERP instance consolidation h. Application Hosting and SaaS i. New licensing strategies j. Self service software (even e-learning) k. User authentication and password management l. Automated compliance software Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 3
  4. 4. 2009: Infrastructure to-do-list a. Desktop simplification b. End-user help desk c. Green IT and recycling d. Consolidation of servers, storage and end ser platforms e. Demand management Your Text here Your Text here f. Storage management and rationalizing g. Exception oversight h. Bandwidth prioritizing i. Open source software j. Print management k. Hosting and utility computing Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 4
  5. 5. Information Security Information Security GRC and Security market size (Ms of $) Your Text here 2008 2009 Your Text here 2010 Governance & Risk Management (also BCP) 35.0 42% 50.0 50% 75.0 Security (projects) 95.0 -10.53% 85.0 11.76% 95.0 Security (Software) 90.0 -5.56% 85.0 -5.88% 80.0 Total 220 0% 220 14% 250 Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 5
  6. 6. Information Security/Privacy In the News Security -Trends Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 6
  7. 7. Information Security Trends Security -Trends Cloud Outsourcing cyber crime Virtualization computing Sensitive or Inability to properly confidential identify and Your Text here information may Your Text here authenticate users not be properly End-user’s to multiple systems protected organization is External threat of unable to control organized cyber the data criminal syndicates management environment Unauthorized Third parties might parties might be be able to access able to access private files without private files without authorization authorization Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 7
  8. 8. Information Security Trends Security -Trends Data breaches involving Peer-to-peer file Web 2.0 and Mobility personal sharing mesh-ups information Unsupervised Use of P2P monitoring of Your Text here Sensitive or might result in Your Text here confidential the loss of employees’ use Inability to information that sensitive or of Web 2.0 properly ends up in the confidential applications can identify and hands of cyber business result in the loss authenticate of critical remote users criminals and information confidential identity thieves including trade secrets business data on the Internet Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 8
  9. 9. Information Underground Economy Security -Trends Items for sale on underground servers, appearance and price: Your Text here Your Text here Source: Symantec Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 9
  10. 10. Information Underground Economy Security -Trends Items for sale on underground servers, appearance and price: Your Text here Your Text here Source: Symantec Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 10
  11. 11. Information Technologies Categorization 2009 Security -Trends Business Value Investment to make money Remote Access Cut costs, Increase Manage Sec. productivity IAM/IDM Services IT Project Business SSO Cloud Project App. Your Text here Anti Your Text here Sec. DLP Size of figure = Commodity IT X Mobile complexity/ EPS SIEM/SOC Sec. Services cost of project DB Vir. Network NAC Sec. Sec. Security Investment for regulations GRC Using Implementing Looking Market Maturity Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 11
  12. 12. Information STKI Madad 2008-2009 Security -Trends Network DLP Hardening Market Players 5% 4% 3% 5% Access GRC 18% 5% Miscellaneous EPS/Anti x 6% Your Text here Your Text here 14% NAC DB Protection WAF & Apps 6% 7% 11% Management Trends 8% 8% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 12
  13. 13. Information Security Ratios Security -Trends Organization Type Ratios of Security Personnel (Israel) Average Public Sector 0.1% of Total Users Your Text here Your Text here Sensitive Public Sector 0.5% of Total Users Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 13
  14. 14. Information Sophisticated Threat Environment Security -Trends First-Stage Second-Stage Writers Middle Men End Value Abusers Abusers Hacker or Fame Tool Writers Direct Attack Compromised Host and Application Theft Malware Machine Extortionist Writers Harvesting DDoS for Hire Botnet Creation Espionage Worms Spammer Text here Your Text Information here Your Harvesting Botnet Extortion Management Viruses Internal Theft Phisher Abuse of Commercial Privilege Personal Sales Trojans Information Pharmer/DNS Poisoning Fraudulent Sales Information Spyware Brokerage Identity Theft Click Fraud Electronic IP Leakage Financial Fraud Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 14 Source: Cisco Israel
  15. 15. Information Application Security Security -App. Sec STKI observation: Secure development should be an integral part of any new project and therefore should be calculated within the project’s budget. STKI survey shows that spendings on secure development scale from 0% of total project budget (Main-Frame based projects) up to 10% ( core web applications projects) of total project budget. here Your Text Your Text here Average spending on secure development is 5% of total project budget (including: training, code review and penetration tests) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 15
  16. 16. Information Web Applications - Vulnerabilities Security -App. Sec Probability to detect vulnerabilities of different risk degree (results of 32,717 sites and 69,476 vulnerabilities of different degrees of severity) Your Text here Your Text here % Sites (All) % Sites (Scanned) % Sites (Black & Whitebox) Source: http://www.webappsec.org/projects/statistics/ Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 16
  17. 17. Information Web Applications -Vulnerabilities Security -App. Sec Vulnerability frequency by types: 1. Cross-Site Scripting and SQL Injection vulnerabilities usually appears due to system design errors 2. Information Leakage and Predictable Resource Location are often connected with improper system administration (for example, weak access control) Your Text here Your Text here Source: http://www.webappsec.org/projects/statistics/ Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 17
  18. 18. Information Application Security –Dev. LifeCycle Security -App. Sec Security & Privacy Training Security Security Security Security Final Security & Security & & Public Security Security & Security Arch & Privacy & Push Security RTM Privacy Privacy Release Servicing & & Cost Privacy Attack Surface Best Dev Docs Best Privacy Privacy & Or Response Privacy Analysis Design Review Practices and Tools Test Response Review Pen Privacy RTW Execution Kickoff Best Risk For Plans Reviews and Tools Practices Testing Practices Analysis Product Traditional Microsoft Software Product Development Lifecycle Tasks and Processes Your Text here Your Text here Design Code Feature Lists Testing and Verification Product Support Specifications Signing + Quality Guidelines Service Packs/ Checkpoint RTM Arch Docs QFEs Security Development Express Schedules Functional Bug Fixes Signoff Updates Specifications of New Code Support Requirements Design Implementation Verification Release & Servicing Source: MICROSOFT SECURITYremove source or attribution from any graphic or(SDL)ofGUIDE Shahar Maor’s work Copyright 2009 @STKI Do not DEVELOPMENT LIFECYCLE portion graphic 18
  19. 19. Application Security Information Security –Israeli Players and Positioning -1Q09 -App. Sec Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 19
  20. 20. Information Web Application Firewall Security -App. Sec What is it? "An intermediary device, sitting between a web-client and a web server, analyzing OSI Layer-7 messages for violations in the programmed security policy. A web application here Your Text firewall is used as a security Your Text here device protecting the web server from attack.― (WASC) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 20
  21. 21. Web Application Firewall Information Security –Israeli Market Players -App. Sec Solution What Should I Know? Representatives/ Integrators Applicure - dotDefender Host based Israeli WAF provider (On Apache and 2BSecure, (Apache and IIS) IIS web servers). Awarded Frost & Sullivan Award Comtec, for Successful Technology Innovation (Oct 08) Overline, Msecurity, Comda, New age Barracuda - Web Provides single point of protection for inbound Trek-IT, ABnet Application Firewall here Your Text and outbound traffic for all Web applications. Text here Your (fromerly Appliance that has SSL Acceleration and Load NetContinuum) Balancing capabilities. Breach Security - Typically deployed in an out-of-line mode so it Direct sales WebDefend present no latency threat to the network. Can locate indications for poor web applications design. Not quite common in Israel Citrix - Application Strong attack detection and protection, traffic Aman Computers Firewall (Formerly Teros) throttling and blocking. Excellent integration with the NetScaler suite. Weak GUI compare to other solutions. No projects in Israel yet. Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 21
  22. 22. Web Application Firewall Information Security –Israeli Market Players -App. Sec Solution What Should I Know? Representatives/ Integrators Cisco* - ACE XML A key component of the Cisco ACE family. It Bynet, Taldor, Gateway enables efficient deployment of secure, reliable, Bezeq Int., and accelerated XML applications and Web 2BSecure services. Few Deployments in Israel IBM* –Data Power Powerful XML FW with added values of WAF, load Tangram balancing and applications acceleration. Very (Matrix), Elad Your Text here strong presence in Israel as a XML FW solution. Group Your Text here Microsoft –IAG WAF IAG comes with built-in web application firewall Elad, Matrix, for known web applications like: Outlook Web DBNet, HP, Access, Share Point, iNotes, Domino Webmail, M-Security, Microsoft CRM and more. Quite successful in Securenet Israel Protegrity - Defiance Based on KaVaDo, Strong presence worldwide, 012 Smile, Matrix but few Israeli clients Radware - AppXcel WAF Based on Imperva Bynet, Netvision *Both Cisco ACE XML Gateway and IBM Data Power are not pure WAF players, but were added to the list Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 22
  23. 23. Web Application Firewall Information Security –Leading Players -1Q09 -App. Sec Solution What Should I Know? Representatives/ Integrators F5 - Application Security One of the best WAFs around. Features a good Trek-IT (Dis.), Manager (ASM) policy toolset for adaptive learning. Offer strong Artnet, integration to the TMOS family of products. Taldor, Spider, Superb load balancing capabilities. One of two Bezeq Int., One Your Text here leading solutions in Israel. Strong market Your Text here NewAge, Netcom presence Imperva – SecureSphere The first in the Israeli market. Imperva has an Comsec (Dis.), array of out-of-the-box policies and attack Netcom, Bynet, signatures as well as superior learning mode . A Taldor, NewAge, leading DB protection solution. Has a significant 012 Smile market share Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 23
  24. 24. Information Network Security Security -Network Sec Enterprise FWs have long become an essential security foundation FW selection should consider: • Capabilities (especially deep inspection, blocking Capabilities and throughput speed) Your Text here Your Text here • Ease of deployment • Integration with other network infrastructure • Cost The perimeter defense is not dead. Instead it got thickened: Network complexity triggered the use of virtual FWs running over one machine Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 24
  25. 25. Information Network Security Security -Network Sec Business operations and networks have become very complex FW solutions should have strong management and configurations capabilities in order to adjust themselves (Next Generation FW): New versions Text here offer a NGFW Your Text here Your of FWs built in IPS solution. This convergence is logical since both FW and IPS solutions are latency-sensitive and can work together in high speed Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 25
  26. 26. Information Israeli FW Market: Leading Solutions Security -Network Sec Network FW market share as % of total deployments 100% 90% 80% 70% 60% 50% 92% Your Text here Your Text here 40% 30% 20% 10% 22% 0% 20% 14% 30% CheckPoint Cisco Juniper Fortinet Other Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 26
  27. 27. Israeli FW Market: Information Security Leading Solutions and Integrators -Network Sec Checkpoint Juniper Cisco Fortinet Bynet x x x Taldor x x x Bezeq Int. x x x Netvision x x x Netcom x x 012Smile x x 2Bsecure x Your Text here x Your Text here Artnet x x IBM x EDS (HP) x Ness x One x Spider x Matrix x WE x ICT x Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 27
  28. 28. Information Israeli IPS Market: Leading Solutions Security -Network Sec IPS market share as % Of total respondents 40% 35% 30% 25% 20% 38% Your Text here Your Text here 15% 10% 21% 32% 5% 0% 9% McAfee IBM (ISS) Juniper Other/None Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 28
  29. 29. Israeli IDS/IPS Market: Information Security Leading Solutions and Integrators -Network Sec McAfee IBM(ISS) Juniper Tipping point (3COM) Bynet x x x 2BSecure x x Netcom x x Aman x Netvision x Your Text here Your Text here Ness x Taldor x Spider x Calcom x WE x Matrix x One Securenet x Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 29
  30. 30. Information Network Access Control Security -Network Sec Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 30
  31. 31. Information NAC Insights Security -Network Sec NAC has not been ―fully digested‖ by Israeli customers in 2008. There should be more activity in 2009 NAC can be deployed less expensively when it is an embedded feature of an existing vendor and customers take notice of it Some network and security vendors alreadyText here Your Text here Your have solutions that can be part of the NAC process (AC, IPS) – An important starting point for market domination  Israeli customers first priority: implement a guest networking control Network or Security? NAC is a Layer 2 vs. Layer 3 match Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 31
  32. 32. Information NAC –Solutions Security -Network Sec Solution Value for Customer Notes Access Layers – •Multiple switch vendor support Strong Israeli Port Nox (Israeli •Agentless presence. vendor) •Score based authentication Integrators: •No 802.1x authentication Netcom, Netvision, 2BSecure, Trustnet CheckPoint –NAC •Strong personal firewall and VPN client software Strength in NAC (Israeli vendor) Text here Your player Your Text depends on ability here •EPS & NAC functionality in a single endpoint client to compete in the •OPSEC Alliance Endpoint •ease of implementation in remote access applications Protection market! CP is not a first choice Cisco -CNAC •Both Appliance & infrastructure-based approach Few projects and •Support of non-traditional endpoints POCs in Israel. •Large install base in Israel –cost effective solution Natural first choice for many users Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 32
  33. 33. Information NAC –Solutions Security -Network Sec Solution Value for Customer Notes Enterasys -Sentinel •Cross-vendor platform Penetration mainly on •MAC, 802.1x authentication and Enterasys install base in more Israel. Netcom, Artnet •Guest registration module are strong integrators ForeScout -CounterACT (Israeli •Out-of-band NAC appliance No packet filtering vendor) Your Text here •integration with a number of capabilities. Your Text here remediationdirectory solutions Few clients in Israel •Built-in RADIUS proxy for 802.1X support HP Pro-Curve - •Both appliance-based and HP Pro-curve is gaining Endpoint Integrity Agent ground in the Israeli LAN •Strong management system market and therefore (Identity Driven Manager) becoming an important NAC player. Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 33
  34. 34. Information NAC –Solutions Security -Network Sec Solution Value for Customer Notes Insightix –NAC (Israeli •Real-time "state" of all devices connected Few implementations in vendor) to the network Israel and abroad. •Agentless visibility functionality Integrators: Bynet and •Cross-vendor platform Overline Juniper -UAC •Impressive array of enforcement options Some of the features •supports third-party HW via 802.1x require other Juniper Your Text here Your Text here in the components network (FW, IDS…) McAfee -MNAC •comprehensive client security suite Best fit McAfee clients. •One of the better integration strategies Strong EP player with NAC with Microsoft NAP functionality Microsoft -NAP •Has one of the strongest access and Integrate with many other enforcement architectures NAC solutions. contributor •Uses Forefront and AD for superior to the standardization of policy management NAC 34
  35. 35. Information NAC –Solutions Security -Network Sec Solution Value for Customer Notes Nortel -SNA •Cross-platform device support unmanaged •Appliance that collects contextual user and device infrastructure information from multiple support -via NAP network sources Symantec -SNAC •Pure software-based solution Very good solution •Provide strong threat protection solutions for EPS customers Your Text here •One of the most comprehensive reporting Text here Your and auditing frameworks XOR –SWAT •MAC based NAC Dozens of (Israeli •Provides access control for switches and implementations in vendor) devices that don’t support 802.1x Israel •Cost effective 80-20 solution Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 35
  36. 36. Information STKI Israeli Positioning Security -Network Sec Not a technological positioning, refers only to Israeli market• Focused on enterprise market (not SMB)• Vendor A Not an STKI recommendation• Market Presence (X)  Vendor B Local Support Market share - existing and new sales (more emphasis)  Mind share (how user organizations rate vendors)  Local Support (Y) – is influenced by (X)  Worldwide Leader Experience & technical knowledge, localization,  support, number and kind of integrators Worldwide leaders marked, based on global positioning Vendors to watch: Are only just entering israeli market so can’t be positioned but should be watched Vendors to Watch: Vendor C Market Presence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 36
  37. 37. NAC Information Security -Network Sec - Israeli Market Positioning 1Q09 Vendors to Watch: HP Procurve Check Point Microsoft Local Support Cisco Player Symantec Worldwide Juniper XOR SWAT Access Layers Leader Enterasys Leap McAfee ForeScout Insightix Nortel This analysis should be used with its supporting documents Market Presence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 37
  38. 38. Information Endpoint Security Security -EPS Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 38
  39. 39. Information Endpoint Security -Threats Security -EPS Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 39
  40. 40. Information Endpoint Security -Protection Security -EPS Organization Outside Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 40
  41. 41. Information Endpoint Security -Protection Security -EPS Organization Outside Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 41
  42. 42. Information Endpoint Security -Protection Security -EPS Anti X DLP Organization NAC Outside Your Text here Your Text here Manageability Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 42
  43. 43. Anti -X Suites Information Security - Israeli Market Positioning 1Q09 (Enterprise Leaders Only) -EPS Symantec Local Support McAfee Trend Micro Player Worldwide Leader Microsoft This analysis should be used with its supporting documents Market Presence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 43
  44. 44. Data Centric Security Data Centric Security Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 44
  45. 45. Data Centric Data Centric Approach Security Your Text here Your Text here Build a wall – “perimeter “Business of Security” – Security security” is built into the business process Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 45
  46. 46. Data Centric Data Centric Security Arena Security DLP ERM Database Encryption Protection Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 46
  47. 47. Data Centric Data Centric Approach Security Business Efficiency Ubiquitous Regulatory access to Your Text here information Business Compliance here Your Text Goals for Security Today Protection Protection from of Assets Financial from Loss Threats Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 47
  48. 48. Data Centric Data Centric Approach Security Develop practical end–to-end solutions that will protect your information right now with what you Identifying, Defining now have & Assessing your Provide a pure and total Data, Intellectual focus on this complex, Capital and mission-critical area Your Electronic Assets Text here Your Text here Security is Business perspective an End-to-end view and full approach – top down life-cycle security ongoing Process Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 48
  49. 49. Data Centric Data Leak/Loss Prevention Security -DLP Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 49
  50. 50. Data Centric Data Leak /Loss Prevention Security -DLP  DLP is an overall framework into which different elements fit  There are three types of data that may leak: • Data at rest • Data in transit • Data on endpoints Your Text here Your Text here  No single DLP focus area is full proof, an optimal solution should cover all three areas  DLP is a growing area, and vendors react accordingly  It is suggested to use full-suite vendors in order to avoid integration problems Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 50
  51. 51. Data Centric DLP –Market Status Security -DLP DLP Deployments Status -Israel 1Q09 Solution Deployed 20% Your Text here PlanYour Text here to Deploy Not "There" Yet Soon 60% 20% Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 51
  52. 52. Data Centric DLP–World Trends Security -DLP Your Text here Your Text here Source: Aberdeen Research Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 52
  53. 53. Data Centric DLP –Market Status & Players Security -DLP World Leaders (consolidation in progress…): • Symantec (Acquired Vontu, 2007, 350$ M) • Websense (Acquired PortAuthority 2007, 90$ M) • Reconnex (Acquired by McAfee, July 2008, 46$ M) • Tablus Text here Your (Acquired by RSA, 2007, 40$ M) Your Text here • Vericept ? Workshare? Main drivers for DLP are: • Regulations such as Payment Card Industry (PCI), Accountability Act (HIPAA) • e-mail security, instant messaging (IM) and endpoint monitoring solutions Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 53
  54. 54. Data Centric DLP - Israeli Market Positioning 1Q09 Security -DLP Vendors to Watch: ProofPoint Workshare IBM (ISS) Local Support Player Worldwide Leader Websense Fast Movement McAfee Verdasys Symantec This analysis should be used with its supporting documents RSA Market Presence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 54
  55. 55. Data Centric ERM Security (Enterprise Rights Management) -ERM Enterprise Rights Management (ERM) technology—also known as Enterprise DRM or Information Rights Management (IRM) What is it? • ERMYour Text hereencrypting files that contain Your Text hereand only entails content allowing those users or devices that have proper credentials to decrypt the files and access the content Awareness of ERM has increased ERM has been growing steadily since it became a technology category unto itself about five years ago Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 55
  56. 56. Applications and File Formats Data Centric Security Used in ERM Implementations -ERM Your Text here Your Text here Source: Gilbane Group Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 56
  57. 57. Data Centric ERM –How Does it Work? Security -DLP SQL Server Active Directory 1. New user is authorized to use RMS 2. The User defines set of rules and content usage rights for the data he wants to share – He is the data owner RMS Server 3. User distributes data to relevant recipients Your Text here Your Text here 4. When recipient tries to open a file –a 1 4 request is sent to the RMS Server in order to authorize/deny access 5. RMS enforces rules made by the data 2 3 5 owner Data owner Recipient Source: Microsoft Israel Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 57
  58. 58. Data Centric ERM -Israeli Market Players Security -ERM Microsoft -Rights Management Services EMC- EMC Documentum IRM Product Suite Oracle - Oracle Information Rights Management Adobe –Adobe LifeCycle Rights Management SU: IsraeliYour Text here Your Text here Secure Islands -A provider of an advanced information protection and control (IPC) solution Covertix –Develops innovative software technology to track, monitor and control documents and files within and outside the organization Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 58
  59. 59. Data Centric Security DB Protection –Market Status -DB Protections DB Protection Deployments Status -Israel 1Q09 Leading Israeli Players: Not "There" •Sentrigo Yet 49% •Imperva Plan to •Oracle DB Vault Deploy Soon •Guardium Text here Your 30% Solution Your Text here Deployed 20% DB encryption: OtherDo Not Decru –by NetApp Know 1% Ged-i (Israeli SU): offers high-level encryption to Storage Data Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 59
  60. 60. Data Centric Security Masking of Production Data -Data Masking  What is it? • The process of data masking is designed to ―de-identify‖ data, such that the data remains based on real information, but no longer has any practical usage or application  What is the need? • The drive to outsource and offshore application development and Your Text here testing work means that organizations will have little control Your Text here over who gets to see their data • Test environments are not physically as secure as production systems  What can go wrong? • Sensitive data might be downloaded to laptops and stolen • Employees might misuse sensitive information and engage in fraudulent activity Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 60
  61. 61. Data Centric Security Masking of Production Data -Data Masking Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 61
  62. 62. Data Centric Security Masking of Production Data -Data Masking Your Text here Your Text here Source: Securosis.com Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 62
  63. 63. Data Centric Security Masking of Production Data -Data Masking Israeli market players (alphabetize): • Compuware (File-AID) –Few implementations • DataVantage (Global) Your Text here Your Text here • IBM (Optim) –Few POCs • Informatica (PowerCenter) - Few POCs • Oracle (Enterprise Manager Data Masking) – For Oracle DBs only Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 63
  64. 64. SIEM/SOC SIEM/SOC Your Text here Your Text here 64
  65. 65. SIEM/SOC SIEM/SOC  What is SIEM? • Security Information & Event Management  What is SOC? • Security Operation Center • Collects and analyzes all log data and basic event management Your Text here Your Text here • monitors and manages all aspects of enterprise security in real time, from a single, centralized location • The NOC of security  Why do we need it? • Need for real-time awareness of internal/ external threats • Ensure business continuity and comply with regulations Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 65
  66. 66. Silos of Redundant Information SIEM/SOC Management Your Text here Your Text here Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 66
  67. 67. An Enterprise Platform for Compliance SIEM/SOC and Security Your Text here Your Text here SIEM Source: Network Intelligence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 67
  68. 68. SIEM/SOC -Israeli Trends SIEM/SOC CA has been the first to enter the market and gained considerable market share in the high-end market ArcSight was introduced two years later. This solution was easer to deploy and much easer to manage End ofYour Text here 2007: Symantec SSIM and RSA Envision were Your Text here introduced to the market, both easy to deploy, scalable and relatively intuitive CA has lost some of it market share to the other new comers Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 68
  69. 69. SIEM/SOC -Israeli Players SIEM/SOC Solution Leading Integrators ArcSight We (Exclusive representative) CA 1. Netcom 2. TrustNet 3. Ness Cisco 1. Bynet Your Text here 2. Netcom Your Text here RSA 1. TrustNet 2. Xor 3. Bynet IBM Ness NetIQ Calcom (Exclusive representative) Symantec 1. Netcom 2. Bynet Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 69
  70. 70. SIEM/SOC SIEM/SOC - Israeli Market Positioning 1Q09 Vendors to Watch: IBM -MSS TriGeo Local Support ArcSight Player Worldwide Leader RSA Fast Symantec Movement CA IBM Cisco This analysis should be used with its NetIQ supporting documents Market Presence Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 70
  71. 71. Next Generation SIEM/SOC: MSS SIEM/SOC -MSS What does MSS offer? -Comprehensive solution for security management: • Firewall/EP Management Service • Intrusion Detection & Prevention Management Service • Vulnerability Management Service Your Text here Your Text here Why should we go there? • Cost effective! • Use of best-of-breed security Why shouldn’t we? • Who owns my data? • No one else in Israel goes there…yet Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 71
  72. 72. SIEM/SOC MSS Trends in Israel -MSS STKI observation: MSS is well accepted in SMB organizations, but Israeli CISOs in enterprises still strongly oppose this trend The current economic downturn should encourage Your Text here Your Text here some enterprises to reconsider MSS MSS providers addresses the management (CFOs and CEOs) in order to attract new clients Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 72
  73. 73. SIEM/SOC MSS –World Leaders -MSS Delivery Great Potential for: •Current world leaders (IBM, Symantec) • local ISPs •Network integrators •Traditional OS players Market Penetration (Source: Frost and Sullivan) Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 73
  74. 74. Identity & Access Management (IDM/IAM) IDM/IAM Your Text here Your Text here Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 74
  75. 75. IDM Global Mega Trends IDM/IAM  Fraud and identity theft will increase strong authentication use  Strong authentication and SSO will strengthen their ties  Context-based authorization will put risk analysis here Your Text here Your Text into access control decisions  Physical and logical security will continue to converge  Federation will slowly grow Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 75
  76. 76. IDM/IAM Savings IDM/IAM Your Text here Your Text here Source: http://blogs.technet.com/mcs-ireland-infrastructure/default.aspx Shahar Maor’s work Copyright 2009 @STKI Do not remove source or attribution from any graphic or portion of graphic 76

×