SlideShare a Scribd company logo

Forcepoint SD-WAN and NGFW + IPS

Larry Austin
Larry Austin

Rethinking Network Security and Solving for SD-WAN: The intersection of Cloud, Network, and Security.

1 of 31
Download to read offline
RETHINK NETWORK SECURITY Larry Austin Senior Client Executive March 2018
2 DAT A PEOPL E FOCUS ON THE TRUE CONSTANTS PEOPLE DATA Understanding the intersection of people, critical data and IP over networks of different trust levels. THE HUMAN POINT
THE FLOW OF DATA THE RHYTHM OF PEOPLE EACH PRODUCT ELEMENT: ANALYTICS MANAGEMEN ORCHESTRATION Forcepoint UEBA Forcepoint NETSEC Forcepoint Insider Threat Forcepoint Web & Email Security Forcepoint Data Guard Forcepoint DLP Forcepoint CASB  Has best in class capabilities  Can be your starting point  Integrates together as a system with unified management and policy  Works with an existing environment DESIGN TENETS OF THE HUMAN POINT SYSTEM
Copyright © Forcepoint. | 4 NETWORK SECURITY SOLUTIONS THAT ARE TRULY DIFFERENT 100x reduction in malware incidents when deploying Forcepoint. Forcepoint Web & Email Security Forcepoint Data Guard Forcepoint SD-WAN NETSEC Cuts network expenses by 50%, reduces cyberattacks by up to 86%, slashes incident response time as much as 73%. Forcepoint CASB Broadest cloud application support with unique customized risk assessment based on user behavior and data access classification. Forcepoint Insider Threat Forcepoint DLP Forcepoint UEBA Made possible by the Human Point System
Copyright © Forcepoint. | 5 FORCEPOINT – A NEW APPROACH TO CONNECTIVITY & SECURITY Enterprise SD-WAN Distributed connectivity for branches, offices, cloud, data centers High availability and scalability #1 Network Security Distributed protection, encryption, control NGFW + IPS + VPN + Proxies and more Management at Scale Centralized admin of 2000 devices in minutes Immediate deployment, updates, upgradesForcepoint NGFW Enterprise SD-WAN #1 Network Security Management at Scale
Copyright © Forcepoint. | 6 AWS, Azure Cloud Data Centers ONE SECURITY PLATFORM, MANY USES – MANAGED TOGETHER Security Management Center NGFW VPN NGFW VPN VPN VPN App Web interfaces Subcontractors Data Stores, Branches, Remote Offices Headquarters Mobile Users Partners DMZ SD-WAN VPN NGFW Virtualized Data Centers NGFW VPN NGFWIPS IPS IPS IPS Internet Corporate Network
Copyright © Forcepoint. | 7Copyright © 2017 Forcepoint. | 7 #1 Network Security 86% Fewer Cyberattacks 69% Fewer Breaches Source: IDC Research
Copyright © Forcepoint. | 8 FORCEPOINT HAS HIGHEST SECURITY AND EXCELLENT TCO “The security effectiveness of the Forcepoint NGFW 3301 was unsurpassed in the NSS Labs 2017 NGFW test. The Forcepoint NGFW should be on every company’s short list.” Thomas Skybakmoen, Distinguished Research Director NSS Labs NGFW 5th Consecutive Time Forcepoint BEST TCO  STRONGESTSECURITY NGIPS 2nd Consecutive Time NSS Labs 2017 NGFW Test
Copyright © Forcepoint. | 9 FORCEPOINT IS THE TOP-RATED IPS, EVEN OUTPERFORMING IPS-ONLY BOXES NSS Labs 2017 NGIPS Test Forcepoint Evasion defenses are a must- have to prevent Exploits “Providing exploit protection results without fully factoring in evasion can be misleading.” – NSS Labs
Copyright © Forcepoint. | 10 THE EVASION GAP – MOST VENDORS LEAVE NETWORKS EXPOSED Evasions increase the effectiveness of exploits & malware Many NGFW & IPS fail to stop evasions Exploit Kits now make evasions easy Metasploit & Shadow Brokers leaked toolkit Attacks combining techniques to spread Learning from WannaCry  Petya
Copyright © Forcepoint. | 11 SEEING HOW EVASIONS CAN LET RANSOMWARE RUN RAMPANT www.forcepoint.com/evader
Copyright © Forcepoint. | 12 WHAT CUSTOMERS SAY ABOUT SECURITY EFFICACY Senior Security Engineer Major US Enterprise “This is Kick A$$ Technology… It took 60 seconds to bypass our existing platform with well known exploits and the system was oblivious to the attempts. I spent weeks trying to get around the Forcepoint platform and it stopped everything I tried. We don’t want to be the next company in the news over a breach.”
Copyright © Forcepoint. | 13 NETWORK SECURITY POWERED BY THE HUMAN POINT SYSTEM Cloud Services CASB w/ DLPCASB App Risk Threat Intelligence Install Cloud IP & File Reputation URL Filtering Web Security Advanced Malware Detection Security Management Console Unified Policies, Dashboards & Reports Endpoint Context ECA Endpoint Integration Unified Appliance with Deep Security Built-in Physical, Virtual, Cloud SD-WAN NGFW IPS Anti- Evasion Decryption Proxies Virtual Contexts VPN Endpoint Awareness Segmentation Centralized Management • High Availability Insider Threat Data Loss Prevention UEBA DLP IT coming
Copyright © Forcepoint. | 14 Other Vendors Forcepoint NGFW & IPS FORCEPOINT DIFFERENCE: UNIFIED PHYSICAL-VIRTUAL-CLOUD Start from Chips & Hardware mindset Different (slower) code in virtual firewalls Often with different features / much lower performance Even incompatible management consoles Start from SOFTWARE mindset Same FAST software on all platforms High performance in virtual & physical environments Uniform features / management across all deployments Rapid innovation Cloud Virtual Cloud Virtual “Frankenfirewalls” Different code
Copyright © Forcepoint. | 15 FORCEPOINT DIFFERENCE: THE POWER OF THE CLOUD Advanced Malware Detection URL categorization and Threat Intelligence Policy-driven redirection of traffic to Web Security Offloads page inspection Consistent protection across remote/mobile/on-premises CASB Application Risk intelligence Shadow IT risk Report generation from NGFW logs Service chaining – bringing it all together Extending incrementally: Web Security + CASB + DLP WebApps CASB Web Security AMD URL Stores, Branches HQ, Offices, Data Centers
Copyright © Forcepoint. | 16 Feature Transparently forward HTTP/HTTPS traffic to Cloud proxy Restrictions / Requiurements None Clustering Full clustering and multi-link support High Availability Proxy load balancing and high availibility Functionality IPv4 & IPv6 Support NGFW inspection features (DPI, File filtering) Cloud or On-premises REDIRECTION OF HTTP(S) TRAFFIC TO WEB SECURITY CLOUD Simplified redirection of Web traffic (HTTP or HTTPS) from NGFW Engine to Web proxy service in a cloud or on premises Technical Benefits ► Easy Configuration. No longer necessary to use a policy-based VPN to redirect HTTP or HTTPS traffic to Forcepoint Web Cloud. ► Support for link and HA services ► User info delivery to the Cloud if FW aware of User ID ► NGFW features such as DPI, File filtering, etc can be used also for redirected traffic. ► No VPN encryption overhead ► Support for IPv4 & IPv6 Outcome ► Easy to deploy SaaS security from anywhere the branch office workers are ► Forward Web traffic to the nearest Forcepoint Web Security Cloud DC for advanced Web content analysis ► Outsource CPU intensive Web content inspection from local proxies to the Forcepoint Web Security Cloud Internet Forcepoint Web Security Cloud HQ or Remote Office Web Server Internal clients are trying to get access to Web Server.
Copyright © Forcepoint. | 17 AS SIMPLE AS ADDING A SINGLE RULE IN POLICY Capability to inspect redirected traffic locally
Copyright © Forcepoint. | 18 TRUE ENTERPRISE SOLUTION Greater Agility with Lower TCO SD-WAN: WHY ORGANIZATIONS CHOOSE FORCEPOINT CLUSTERING & HIGH AVAILABILITY The best clustering capabilities available on the market place SD-WAN MULTI-LINK™ OPTIMIZATION Unique and praised by end users VPN Mesh technology OPERATIONAL EFFICIENCY Zero-touch deployments and one-click updates/upgrades CENTRALIZED MANAGEMENT Simply the smartest management system in the industry #1 NGFW & IPS SECURITY Top-ranked security on NSS Labs’ NGFW and NGIPS tests
Copyright © Forcepoint. | 19 CHOSEN THROUGHOUT THE WORLD Enterprise SD-WAN #1 Network Security Management at Scale
Copyright © Forcepoint. | 20Copyright © 2017 Forcepoint. | 20 Enterprise SD-WAN 38% Fewer Outages 70% Faster Deployment Source: IDC Research
Copyright © Forcepoint. | 21 FORCEPOINT VISION: SD-WAN WITH CLOUD-BASED SECURITY • ISP multi-homing (HA & LB) • Route Based Multi-Link VPN • QoS and Bandwidth throttling • Cloud-assisted security (AMD, URL, etc..) Multi-Link VPN and cloud-assisted security (Forcepoint NGFW 2017) • Seamless cloud security service chaining (Web & CASB) • Application routing • Dynamic and scalable full-mesh VPN • SD-WAN dashboard SD-WAN & Cloud Service Chaining (Forcepoint NGFW 2018) • NGFW-as-a-service • Same policies across Cloud and on-premises • Mobile users connect to the closest point • Fast-path routing for SaaS apps Integrated Cloud (2019 and forward) Endpoint Site 1 DC Private Virtual SaaS cloud apps DC PaaS Virtual 3rd party router MPLS Internet Multilink Multilink Web SaaS
Copyright © Forcepoint. | 22 BETTER RESILIENCE, FLEXIBILITY & OPERATIONS SAVINGS Business Continuity • Transparent failover • Load-balancing or back-up links Unified connectivity over multiple ISPs • Heterogeneous access technologies • Fast, active-active performance • QoS and bandwidth optimization • High security inspection & encryption Replacing MPLS with broadband • Eliminate ISP lock-in • Add bandwidth easily • Provision quickly (esp. where MPLS takes time) • Manage everything centrally ISP 1 ISP 2 ISP N Multi-Link Optimization Cable 3/4G DSL 1 DSL 2 MPLS Regular Traffic & Back-up links Critical Traffic Up to 90% Savings vs MPLS costs
Copyright © Forcepoint. | 23 Head of IT Production Carglass “We saw an opportunity to combine router and advanced firewall capabilities to strengthen security across every site and accelerate throughput. We needed a solution with centralized administration that could be easily replicated every time we added a new mobile site, easing the management burden on our IT staff.” WHAT CUSTOMERS SAY ABOUT SD-WAN CONNECTIVITY
Copyright © Forcepoint. | 24 Other Vendors Forcepoint NGFW & IPS FORCEPOINT DIFFERENCE: MOST SCALABLE, HIGHEST AVAILABILITY Basic Redundancy bolted on top Often just 2 or 4 nodes of same model Updates are painful – clusters go offline Each firewall updated separately After all done, cluster reassembled and brought online Advanced Clustering built in Up to 16 nodes of mixed models, software versions Updates are seamless – clusters stay running Updates applied progressively Cluster never drops traffic
Copyright © Forcepoint. | 25 WHAT CUSTOMERS SAY ABOUT HIGH AVAILABILITY Hendrik Walter IT Director Avency MSSP & Hosting Provider “With Forcepoint deployed, we have had 6 years with zero downtime. That wasn't possible with Check Point because we had downtime when upgrading or changing hardware. With Forcepoint we don't have any worries with upgrades because we don't experience downtime.”
Copyright © Forcepoint. | 26Copyright © 2017 Forcepoint. | 26 Management at Scale Source: IDC Research 53% Less IT Staff Time 73% Faster Incident Response
Copyright © Forcepoint. | 27 CENTRAL MANAGEABILITY WITH UNPARALLELED VISIBILITY & CONTROL Manage Data Centers • Edge • Branches • Cloud from one console See what’s happening everywhere & interactively drill down Turn sophisticated business processes into automated policies Update hundreds of NGFWs, VPNs & IPSs in minutes, not hours
Copyright © Forcepoint. | 28 Other Vendors Forcepoint NGFW & IPS FORCEPOINT DIFFERENCE: POLICY-CENTRIC MANAGEABILITY Remote, configuration – relatively manual Rolls up individual configurations Often highly redundant, labor-intensive Centralized, policy-based management – automated Pushes down policies to each cluster & device Hierarchical policies automate firewalls & IPS
Copyright © Forcepoint. | 29 WHAT CUSTOMERS SAY ABOUT MANAGEMENT EFFICIENCY Customer Cited in “Quantifying the Operational and Security Results of Switching to Forcepoint NGFW” IDC Research, May 2017 “There are just two of us to manage everything related to network security, so we need central management and to do administrative tasks easily. Forcepoint is one of the best solutions for doing this.”
Copyright © Forcepoint. | 30 FORCEPOINT CUTS THE TOTAL COST OF OWNERSHIP (TCO)  Modular, extensible appliances  Rich capabilities built-in without add-ons  High quality support  Integrated SD-WAN, IPS, VPN, NGFW  Zero-Touch Deployment via the cloud  Centralized One-Click Updates/Upgrades  High Availability at Every Level  Clustering of Multi-ISP Broadband  Upgradable Software, Reusable Appliances  Uniform across Physical, Virtual, Cloud HOW FORCEPOINT CUTS OPERATING COSTS
Copyright © Forcepoint. | 31 CTO Fusion Media Networks “Our experience with Forcepoint Stonesoft NGFW has exceeded our expectations…. By making use of the security management center (SMC) to manage all queries from one centralized system, we have been able to cut costs by 30 percent.” WHAT CUSTOMERS SAY ABOUT EFFICIENCY

Recommended

4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security Solution
Prime Infoserv
 
XG Firewall
XG FirewallXG Firewall
XG Firewall
DeServ - Tecnologia e Servços
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architecture
Hybrid IT Europe
 
Forcepoint Corporate Presentation_Short.pptx
Forcepoint Corporate Presentation_Short.pptxForcepoint Corporate Presentation_Short.pptx
Forcepoint Corporate Presentation_Short.pptx
caesar92
 
Operational Security
Operational SecurityOperational Security
Operational Security
Splunk
 
Institucional proofpoint
Institucional proofpointInstitucional proofpoint
Institucional proofpointvoliverio
 

Recommended

4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 
Cybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architectureCybersecurity roadmap : Global healthcare security architecture
Cybersecurity roadmap : Global healthcare security architecture
Priyanka Aash
 
PaloAlto Enterprise Security Solution
PaloAlto Enterprise Security SolutionPaloAlto Enterprise Security Solution
PaloAlto Enterprise Security Solution
Prime Infoserv
 
XG Firewall
XG FirewallXG Firewall
XG Firewall
DeServ - Tecnologia e Servços
 
Zero trust in a hybrid architecture
Zero trust in a hybrid architectureZero trust in a hybrid architecture
Zero trust in a hybrid architecture
Hybrid IT Europe
 
Forcepoint Corporate Presentation_Short.pptx
Forcepoint Corporate Presentation_Short.pptxForcepoint Corporate Presentation_Short.pptx
Forcepoint Corporate Presentation_Short.pptx
caesar92
 
Operational Security
Operational SecurityOperational Security
Operational Security
Splunk
 
Institucional proofpoint
Institucional proofpointInstitucional proofpoint
Institucional proofpointvoliverio
 
Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
MarketingArrowECS_CZ
 
Siem ppt
Siem pptSiem ppt
Siem ppt
kmehul
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
Zscaler
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
Splunk
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
Devyani Vaidya
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
Laurent Daudré-Vignier
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
Vijilan IT Security solutions
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
Cisco Canada
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
YouAttestSlideshare
 
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk Phantom SOAR Roundtable
Splunk Phantom SOAR Roundtable
Splunk
 
Palo Alto Networks CASB
Palo Alto Networks CASBPalo Alto Networks CASB
Palo Alto Networks CASB
Alberto Rivai
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Priyanka Aash
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
Mahmoud Yassin
 
Security architecture
Security architectureSecurity architecture
Security architecture
Duncan Unwin
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
Er. Ajay Sirsat
 
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Cisco Canada
 
Cissp actual exam
Cissp actual examCissp actual exam
Cissp actual exam
dannykirk1221
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
Simplex
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
Nishanth Kumar Pathi
 
A new way to connect and protect retail networks with secure enterprise SD-WA...
A new way to connect and protect retail networks with secure enterprise SD-WA...A new way to connect and protect retail networks with secure enterprise SD-WA...
A new way to connect and protect retail networks with secure enterprise SD-WA...
National Retail Federation
 
Secure sd wan
Secure sd wanSecure sd wan
Secure sd wan
Dr. (Engr.) OLUGBENGA BABATUNDE(FBCS,CPMP,FCIPM,FIPMA,FIMC,CMC,MNSE)
 

More Related Content

What's hot

Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
MarketingArrowECS_CZ
 
Siem ppt
Siem pptSiem ppt
Siem ppt
kmehul
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
Zscaler
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
Splunk
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
Devyani Vaidya
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
Laurent Daudré-Vignier
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
Vijilan IT Security solutions
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
Cisco Canada
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
YouAttestSlideshare
 
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk Phantom SOAR Roundtable
Splunk Phantom SOAR Roundtable
Splunk
 
Palo Alto Networks CASB
Palo Alto Networks CASBPalo Alto Networks CASB
Palo Alto Networks CASB
Alberto Rivai
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
Amir Hossein Zargaran
 
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Priyanka Aash
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
Mahmoud Yassin
 
Security architecture
Security architectureSecurity architecture
Security architecture
Duncan Unwin
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
Er. Ajay Sirsat
 
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Cisco Canada
 
Cissp actual exam
Cissp actual examCissp actual exam
Cissp actual exam
dannykirk1221
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
Simplex
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
Nishanth Kumar Pathi
 

What's hot (20)

Tenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud SecurityTenable Solutions for Enterprise Cloud Security
Tenable Solutions for Enterprise Cloud Security
 
Siem ppt
Siem pptSiem ppt
Siem ppt
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
 
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
5 BEST PRACTICES FOR A SECURITY OPERATION CENTER (SOC)
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
 
Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...Micro segmentation and zero trust for security and compliance - Guardicore an...
Micro segmentation and zero trust for security and compliance - Guardicore an...
 
Splunk Phantom SOAR Roundtable
Splunk Phantom SOAR RoundtableSplunk Phantom SOAR Roundtable
Splunk Phantom SOAR Roundtable
 
Palo Alto Networks CASB
Palo Alto Networks CASBPalo Alto Networks CASB
Palo Alto Networks CASB
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
Security Strategy and Tactic with Cyber Threat Intelligence (CTI)
 
Bulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat LandscapefinalBulding Soc In Changing Threat Landscapefinal
Bulding Soc In Changing Threat Landscapefinal
 
Security architecture
Security architectureSecurity architecture
Security architecture
 
Zero Trust Network Access
Zero Trust Network Access Zero Trust Network Access
Zero Trust Network Access
 
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
Enterprise Networks - Cisco Digital Network Architecture - Introducing the Ne...
 
Cissp actual exam
Cissp actual examCissp actual exam
Cissp actual exam
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
SIEM Architecture
SIEM ArchitectureSIEM Architecture
SIEM Architecture
 

Similar to Forcepoint SD-WAN and NGFW + IPS

A new way to connect and protect retail networks with secure enterprise SD-WA...
A new way to connect and protect retail networks with secure enterprise SD-WA...A new way to connect and protect retail networks with secure enterprise SD-WA...
A new way to connect and protect retail networks with secure enterprise SD-WA...
National Retail Federation
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
Forcepoint LLC
 
Cisco Connect 2018 Thailand - Cisco SD-WAN next generation wan to power your ...
Cisco Connect 2018 Thailand - Cisco SD-WAN next generation wan to power your ...Cisco Connect 2018 Thailand - Cisco SD-WAN next generation wan to power your ...
Cisco Connect 2018 Thailand - Cisco SD-WAN next generation wan to power your ...
NetworkCollaborators
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the Cloud
NETSCOUT
 
DNA Intelligent WAN Campus Day
DNA Intelligent WAN Campus DayDNA Intelligent WAN Campus Day
DNA Intelligent WAN Campus Day
Cisco Canada
 
Cisco IWAN – Intelligent Connectivity for Today’s Reality
Cisco IWAN – Intelligent Connectivity for Today’s RealityCisco IWAN – Intelligent Connectivity for Today’s Reality
Cisco IWAN – Intelligent Connectivity for Today’s Reality
Cisco Canada
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
Angel Villar Garea
 
SD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivitySD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivity
bayusch
 
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
Cisco Canada
 
Cisco Connect Halifax 2018 Simple IT
Cisco Connect Halifax 2018 Simple ITCisco Connect Halifax 2018 Simple IT
Cisco Connect Halifax 2018 Simple IT
Cisco Canada
 
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009
Zernike College
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion segura
RogerChaucaZea
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
OpenStack Korea Community
 
F5 Networks: architecture and risk management
F5 Networks: architecture and risk managementF5 Networks: architecture and risk management
F5 Networks: architecture and risk management
AEC Networks
 
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos CloudCsa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
CSA Argentina
 
Cisco Meraki Overview | Voyager Networks
Cisco Meraki Overview | Voyager NetworksCisco Meraki Overview | Voyager Networks
Cisco Meraki Overview | Voyager Networks
NTS UK - Part of Capita
 
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01Sergiy Pitel
 
Adopting the Cloud
Adopting the CloudAdopting the Cloud
Adopting the Cloud
Tapio Rautonen
 
Juniper competitive cheatsheet
Juniper competitive cheatsheetJuniper competitive cheatsheet
Juniper competitive cheatsheet
Usman Arif
 

Similar to Forcepoint SD-WAN and NGFW + IPS (20)

A new way to connect and protect retail networks with secure enterprise SD-WA...
A new way to connect and protect retail networks with secure enterprise SD-WA...A new way to connect and protect retail networks with secure enterprise SD-WA...
A new way to connect and protect retail networks with secure enterprise SD-WA...
 
Secure sd wan
Secure sd wanSecure sd wan
Secure sd wan
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
 
Cisco Connect 2018 Thailand - Cisco SD-WAN next generation wan to power your ...
Cisco Connect 2018 Thailand - Cisco SD-WAN next generation wan to power your ...Cisco Connect 2018 Thailand - Cisco SD-WAN next generation wan to power your ...
Cisco Connect 2018 Thailand - Cisco SD-WAN next generation wan to power your ...
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the Cloud
 
DNA Intelligent WAN Campus Day
DNA Intelligent WAN Campus DayDNA Intelligent WAN Campus Day
DNA Intelligent WAN Campus Day
 
Cisco IWAN – Intelligent Connectivity for Today’s Reality
Cisco IWAN – Intelligent Connectivity for Today’s RealityCisco IWAN – Intelligent Connectivity for Today’s Reality
Cisco IWAN – Intelligent Connectivity for Today’s Reality
 
VMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use casesVMware NSX for vSphere - Intro and use cases
VMware NSX for vSphere - Intro and use cases
 
SD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivitySD-WAN_MoD.pptx for SD WAN networks connectivity
SD-WAN_MoD.pptx for SD WAN networks connectivity
 
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
 
Cisco Connect Halifax 2018 Simple IT
Cisco Connect Halifax 2018 Simple ITCisco Connect Halifax 2018 Simple IT
Cisco Connect Halifax 2018 Simple IT
 
Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009Palo Alto Networks Soc Ent Okt2009
Palo Alto Networks Soc Ent Okt2009
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion segura
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
 
F5 Networks: architecture and risk management
F5 Networks: architecture and risk managementF5 Networks: architecture and risk management
F5 Networks: architecture and risk management
 
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos CloudCsa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
 
Cisco Meraki Overview | Voyager Networks
Cisco Meraki Overview | Voyager NetworksCisco Meraki Overview | Voyager Networks
Cisco Meraki Overview | Voyager Networks
 
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
cisco-20meraki-20overview-20-285-29-140501114803-phpapp01
 
Adopting the Cloud
Adopting the CloudAdopting the Cloud
Adopting the Cloud
 
Juniper competitive cheatsheet
Juniper competitive cheatsheetJuniper competitive cheatsheet
Juniper competitive cheatsheet
 

Recently uploaded

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
Product School
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 

Recently uploaded (20)

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 

Forcepoint SD-WAN and NGFW + IPS

  • 1. RETHINK NETWORK SECURITY Larry Austin Senior Client Executive March 2018
  • 2. 2 DAT A PEOPL E FOCUS ON THE TRUE CONSTANTS PEOPLE DATA Understanding the intersection of people, critical data and IP over networks of different trust levels. THE HUMAN POINT
  • 3. THE FLOW OF DATA THE RHYTHM OF PEOPLE EACH PRODUCT ELEMENT: ANALYTICS MANAGEMEN ORCHESTRATION Forcepoint UEBA Forcepoint NETSEC Forcepoint Insider Threat Forcepoint Web & Email Security Forcepoint Data Guard Forcepoint DLP Forcepoint CASB  Has best in class capabilities  Can be your starting point  Integrates together as a system with unified management and policy  Works with an existing environment DESIGN TENETS OF THE HUMAN POINT SYSTEM
  • 4. Copyright © Forcepoint. | 4 NETWORK SECURITY SOLUTIONS THAT ARE TRULY DIFFERENT 100x reduction in malware incidents when deploying Forcepoint. Forcepoint Web & Email Security Forcepoint Data Guard Forcepoint SD-WAN NETSEC Cuts network expenses by 50%, reduces cyberattacks by up to 86%, slashes incident response time as much as 73%. Forcepoint CASB Broadest cloud application support with unique customized risk assessment based on user behavior and data access classification. Forcepoint Insider Threat Forcepoint DLP Forcepoint UEBA Made possible by the Human Point System
  • 5. Copyright © Forcepoint. | 5 FORCEPOINT – A NEW APPROACH TO CONNECTIVITY & SECURITY Enterprise SD-WAN Distributed connectivity for branches, offices, cloud, data centers High availability and scalability #1 Network Security Distributed protection, encryption, control NGFW + IPS + VPN + Proxies and more Management at Scale Centralized admin of 2000 devices in minutes Immediate deployment, updates, upgradesForcepoint NGFW Enterprise SD-WAN #1 Network Security Management at Scale
  • 6. Copyright © Forcepoint. | 6 AWS, Azure Cloud Data Centers ONE SECURITY PLATFORM, MANY USES – MANAGED TOGETHER Security Management Center NGFW VPN NGFW VPN VPN VPN App Web interfaces Subcontractors Data Stores, Branches, Remote Offices Headquarters Mobile Users Partners DMZ SD-WAN VPN NGFW Virtualized Data Centers NGFW VPN NGFWIPS IPS IPS IPS Internet Corporate Network
  • 7. Copyright © Forcepoint. | 7Copyright © 2017 Forcepoint. | 7 #1 Network Security 86% Fewer Cyberattacks 69% Fewer Breaches Source: IDC Research
  • 8. Copyright © Forcepoint. | 8 FORCEPOINT HAS HIGHEST SECURITY AND EXCELLENT TCO “The security effectiveness of the Forcepoint NGFW 3301 was unsurpassed in the NSS Labs 2017 NGFW test. The Forcepoint NGFW should be on every company’s short list.” Thomas Skybakmoen, Distinguished Research Director NSS Labs NGFW 5th Consecutive Time Forcepoint BEST TCO  STRONGESTSECURITY NGIPS 2nd Consecutive Time NSS Labs 2017 NGFW Test
  • 9. Copyright © Forcepoint. | 9 FORCEPOINT IS THE TOP-RATED IPS, EVEN OUTPERFORMING IPS-ONLY BOXES NSS Labs 2017 NGIPS Test Forcepoint Evasion defenses are a must- have to prevent Exploits “Providing exploit protection results without fully factoring in evasion can be misleading.” – NSS Labs
  • 10. Copyright © Forcepoint. | 10 THE EVASION GAP – MOST VENDORS LEAVE NETWORKS EXPOSED Evasions increase the effectiveness of exploits & malware Many NGFW & IPS fail to stop evasions Exploit Kits now make evasions easy Metasploit & Shadow Brokers leaked toolkit Attacks combining techniques to spread Learning from WannaCry  Petya
  • 11. Copyright © Forcepoint. | 11 SEEING HOW EVASIONS CAN LET RANSOMWARE RUN RAMPANT www.forcepoint.com/evader
  • 12. Copyright © Forcepoint. | 12 WHAT CUSTOMERS SAY ABOUT SECURITY EFFICACY Senior Security Engineer Major US Enterprise “This is Kick A$$ Technology… It took 60 seconds to bypass our existing platform with well known exploits and the system was oblivious to the attempts. I spent weeks trying to get around the Forcepoint platform and it stopped everything I tried. We don’t want to be the next company in the news over a breach.”
  • 13. Copyright © Forcepoint. | 13 NETWORK SECURITY POWERED BY THE HUMAN POINT SYSTEM Cloud Services CASB w/ DLPCASB App Risk Threat Intelligence Install Cloud IP & File Reputation URL Filtering Web Security Advanced Malware Detection Security Management Console Unified Policies, Dashboards & Reports Endpoint Context ECA Endpoint Integration Unified Appliance with Deep Security Built-in Physical, Virtual, Cloud SD-WAN NGFW IPS Anti- Evasion Decryption Proxies Virtual Contexts VPN Endpoint Awareness Segmentation Centralized Management • High Availability Insider Threat Data Loss Prevention UEBA DLP IT coming
  • 14. Copyright © Forcepoint. | 14 Other Vendors Forcepoint NGFW & IPS FORCEPOINT DIFFERENCE: UNIFIED PHYSICAL-VIRTUAL-CLOUD Start from Chips & Hardware mindset Different (slower) code in virtual firewalls Often with different features / much lower performance Even incompatible management consoles Start from SOFTWARE mindset Same FAST software on all platforms High performance in virtual & physical environments Uniform features / management across all deployments Rapid innovation Cloud Virtual Cloud Virtual “Frankenfirewalls” Different code
  • 15. Copyright © Forcepoint. | 15 FORCEPOINT DIFFERENCE: THE POWER OF THE CLOUD Advanced Malware Detection URL categorization and Threat Intelligence Policy-driven redirection of traffic to Web Security Offloads page inspection Consistent protection across remote/mobile/on-premises CASB Application Risk intelligence Shadow IT risk Report generation from NGFW logs Service chaining – bringing it all together Extending incrementally: Web Security + CASB + DLP WebApps CASB Web Security AMD URL Stores, Branches HQ, Offices, Data Centers
  • 16. Copyright © Forcepoint. | 16 Feature Transparently forward HTTP/HTTPS traffic to Cloud proxy Restrictions / Requiurements None Clustering Full clustering and multi-link support High Availability Proxy load balancing and high availibility Functionality IPv4 & IPv6 Support NGFW inspection features (DPI, File filtering) Cloud or On-premises REDIRECTION OF HTTP(S) TRAFFIC TO WEB SECURITY CLOUD Simplified redirection of Web traffic (HTTP or HTTPS) from NGFW Engine to Web proxy service in a cloud or on premises Technical Benefits ► Easy Configuration. No longer necessary to use a policy-based VPN to redirect HTTP or HTTPS traffic to Forcepoint Web Cloud. ► Support for link and HA services ► User info delivery to the Cloud if FW aware of User ID ► NGFW features such as DPI, File filtering, etc can be used also for redirected traffic. ► No VPN encryption overhead ► Support for IPv4 & IPv6 Outcome ► Easy to deploy SaaS security from anywhere the branch office workers are ► Forward Web traffic to the nearest Forcepoint Web Security Cloud DC for advanced Web content analysis ► Outsource CPU intensive Web content inspection from local proxies to the Forcepoint Web Security Cloud Internet Forcepoint Web Security Cloud HQ or Remote Office Web Server Internal clients are trying to get access to Web Server.
  • 17. Copyright © Forcepoint. | 17 AS SIMPLE AS ADDING A SINGLE RULE IN POLICY Capability to inspect redirected traffic locally
  • 18. Copyright © Forcepoint. | 18 TRUE ENTERPRISE SOLUTION Greater Agility with Lower TCO SD-WAN: WHY ORGANIZATIONS CHOOSE FORCEPOINT CLUSTERING & HIGH AVAILABILITY The best clustering capabilities available on the market place SD-WAN MULTI-LINK™ OPTIMIZATION Unique and praised by end users VPN Mesh technology OPERATIONAL EFFICIENCY Zero-touch deployments and one-click updates/upgrades CENTRALIZED MANAGEMENT Simply the smartest management system in the industry #1 NGFW & IPS SECURITY Top-ranked security on NSS Labs’ NGFW and NGIPS tests
  • 19. Copyright © Forcepoint. | 19 CHOSEN THROUGHOUT THE WORLD Enterprise SD-WAN #1 Network Security Management at Scale
  • 20. Copyright © Forcepoint. | 20Copyright © 2017 Forcepoint. | 20 Enterprise SD-WAN 38% Fewer Outages 70% Faster Deployment Source: IDC Research
  • 21. Copyright © Forcepoint. | 21 FORCEPOINT VISION: SD-WAN WITH CLOUD-BASED SECURITY • ISP multi-homing (HA & LB) • Route Based Multi-Link VPN • QoS and Bandwidth throttling • Cloud-assisted security (AMD, URL, etc..) Multi-Link VPN and cloud-assisted security (Forcepoint NGFW 2017) • Seamless cloud security service chaining (Web & CASB) • Application routing • Dynamic and scalable full-mesh VPN • SD-WAN dashboard SD-WAN & Cloud Service Chaining (Forcepoint NGFW 2018) • NGFW-as-a-service • Same policies across Cloud and on-premises • Mobile users connect to the closest point • Fast-path routing for SaaS apps Integrated Cloud (2019 and forward) Endpoint Site 1 DC Private Virtual SaaS cloud apps DC PaaS Virtual 3rd party router MPLS Internet Multilink Multilink Web SaaS
  • 22. Copyright © Forcepoint. | 22 BETTER RESILIENCE, FLEXIBILITY & OPERATIONS SAVINGS Business Continuity • Transparent failover • Load-balancing or back-up links Unified connectivity over multiple ISPs • Heterogeneous access technologies • Fast, active-active performance • QoS and bandwidth optimization • High security inspection & encryption Replacing MPLS with broadband • Eliminate ISP lock-in • Add bandwidth easily • Provision quickly (esp. where MPLS takes time) • Manage everything centrally ISP 1 ISP 2 ISP N Multi-Link Optimization Cable 3/4G DSL 1 DSL 2 MPLS Regular Traffic & Back-up links Critical Traffic Up to 90% Savings vs MPLS costs
  • 23. Copyright © Forcepoint. | 23 Head of IT Production Carglass “We saw an opportunity to combine router and advanced firewall capabilities to strengthen security across every site and accelerate throughput. We needed a solution with centralized administration that could be easily replicated every time we added a new mobile site, easing the management burden on our IT staff.” WHAT CUSTOMERS SAY ABOUT SD-WAN CONNECTIVITY
  • 24. Copyright © Forcepoint. | 24 Other Vendors Forcepoint NGFW & IPS FORCEPOINT DIFFERENCE: MOST SCALABLE, HIGHEST AVAILABILITY Basic Redundancy bolted on top Often just 2 or 4 nodes of same model Updates are painful – clusters go offline Each firewall updated separately After all done, cluster reassembled and brought online Advanced Clustering built in Up to 16 nodes of mixed models, software versions Updates are seamless – clusters stay running Updates applied progressively Cluster never drops traffic
  • 25. Copyright © Forcepoint. | 25 WHAT CUSTOMERS SAY ABOUT HIGH AVAILABILITY Hendrik Walter IT Director Avency MSSP & Hosting Provider “With Forcepoint deployed, we have had 6 years with zero downtime. That wasn't possible with Check Point because we had downtime when upgrading or changing hardware. With Forcepoint we don't have any worries with upgrades because we don't experience downtime.”
  • 26. Copyright © Forcepoint. | 26Copyright © 2017 Forcepoint. | 26 Management at Scale Source: IDC Research 53% Less IT Staff Time 73% Faster Incident Response
  • 27. Copyright © Forcepoint. | 27 CENTRAL MANAGEABILITY WITH UNPARALLELED VISIBILITY & CONTROL Manage Data Centers • Edge • Branches • Cloud from one console See what’s happening everywhere & interactively drill down Turn sophisticated business processes into automated policies Update hundreds of NGFWs, VPNs & IPSs in minutes, not hours
  • 28. Copyright © Forcepoint. | 28 Other Vendors Forcepoint NGFW & IPS FORCEPOINT DIFFERENCE: POLICY-CENTRIC MANAGEABILITY Remote, configuration – relatively manual Rolls up individual configurations Often highly redundant, labor-intensive Centralized, policy-based management – automated Pushes down policies to each cluster & device Hierarchical policies automate firewalls & IPS
  • 29. Copyright © Forcepoint. | 29 WHAT CUSTOMERS SAY ABOUT MANAGEMENT EFFICIENCY Customer Cited in “Quantifying the Operational and Security Results of Switching to Forcepoint NGFW” IDC Research, May 2017 “There are just two of us to manage everything related to network security, so we need central management and to do administrative tasks easily. Forcepoint is one of the best solutions for doing this.”
  • 30. Copyright © Forcepoint. | 30 FORCEPOINT CUTS THE TOTAL COST OF OWNERSHIP (TCO)  Modular, extensible appliances  Rich capabilities built-in without add-ons  High quality support  Integrated SD-WAN, IPS, VPN, NGFW  Zero-Touch Deployment via the cloud  Centralized One-Click Updates/Upgrades  High Availability at Every Level  Clustering of Multi-ISP Broadband  Upgradable Software, Reusable Appliances  Uniform across Physical, Virtual, Cloud HOW FORCEPOINT CUTS OPERATING COSTS
  • 31. Copyright © Forcepoint. | 31 CTO Fusion Media Networks “Our experience with Forcepoint Stonesoft NGFW has exceeded our expectations…. By making use of the security management center (SMC) to manage all queries from one centralized system, we have been able to cut costs by 30 percent.” WHAT CUSTOMERS SAY ABOUT EFFICIENCY