SlideShare a Scribd company logo

Network Automation in Support of Cyber Defense

Download as PPTX, PDF
Ken Flott
Ken Flott

Cyber Defense Challenges -Real-time network visibility -Limited network automation -Making sense of the data Adaptive Network Automation Applied to Cyber Defense -Visualize -Automate -Integrate

Technology
1 of 18
NetBrain Technologies 15 Network Drive Burlington, MA 01803 NetBrain Technologies 15 Network Drive Burlington, MA 01803 NetBrain Technologies 15 Network Drive Burlington, MA 01803 +1 800.605.7964 info@netbraintech.com www.netbraintech.com Network Automation in Support of Cyber Defense Rick Larkin Senior Network Engineer NetBrain Technologies, Inc 27 June 2017
2 | © Copyright NetBrain® Internal Confidential Agenda o Cyber Defense Challenges  Real-time network visibility  Limited network automation  Making sense of the data o Adaptive Network Automation Applied to Cyber Defense  Visualize  Automate  Integrate
NetBrain Technologies 15 Network Drive Burlington, MA 01803 Internal Confidential Cyber Defense Challenges Need for visualization, automation and integration
4 | © Copyright NetBrain® Internal Confidential Cyber Defense Challenges “We do not have great situational awareness holistically over the battlespace, over the networks – we just don’t. It does not exist. That’s a critical gap” - VADM Gilday, Defensesystems.com, May 12th 2016 “We will ruthlessly automate. As we automate more things, we will free up labor to move into those higher-level functions where the computer isn’t smart enough to figure out yet. We will automate everything but leadership.” Dr. Travis, DISA Signal Magazine, April 1, 2017
5 | © Copyright NetBrain® Internal Confidential Three Critical Challenges o Lack of Real-Time Network Visibility » Traditional methods don’t work. Example: Static Network Maps. » Need “real-time” network visualization, end to end, to the IP/port level o Limited Network Automation » Current network automation has limited functional scope, needs to be o Data-driven o Simplified and Dynamically created o Making sense of the data » Cyber Ops Teams struggle with Too Much Information » Need better data visualization and “sense making” capabilities to create Actionable Intelligence
NetBrain Technologies 15 Network Drive Burlington, MA 01803 Internal Confidential Adaptive Network Automation Use Cases
7 | © Copyright NetBrain® Internal Confidential Solution: Adaptive Network Automation Platform Network – Physical, Virtual & SDN Executable Applications & Runbooks: Automate network management and manual tasksAutomate Dynamic Map: See what’s happening to the network through end-to-end network visibility – port/IP level Visualize Visualize Rich API framework: Increase collaboration by integrating security and troubleshooting workflows Integrate
8 | © Copyright NetBrain® Internal Confidential Visualize: Dynamic Map » Dynamic Map o Data driven network map based on relevant information for the task at hand o Additional data layers can be added from historical information, real-time or 3rd party applications
9 | © Copyright NetBrain® Internal Confidential Use Case - Visualize: Application Flow across the Network
10 | © Copyright NetBrain® Internal Confidential Automate: Executable Intelligence Download Executable Intelligence Run Adaptive Network Automation Comprehensive Data Model • Topology • Design • History Define Automation Task via Dynamic Map • NetOps • CyberOps • CPTs • SOC/NOC • IA/ISSM • Architecture • Design • IDS • IPS • Firewall • NetFlow Data • SIEM • Big Data Analytics
11 | © Copyright NetBrain® Internal Confidential Use Case - Automate: Compliance o Automated Compliance validation & verification » NIST RMF, DISA/NSA STIGs, IAVAs, CC/S/A specific o Proactive NetOps & CyberOps » Automation technology can help CPTs, as well as on-site Network & IA staff » Validation on a live network, in real-time, to detect “compliance drift”
12 | © Copyright NetBrain® Internal Confidential Integrate: Map as a Single Pane Of Glass » Automated Analysis – Fully Customizable » Execute manual tasks in seconds » Initiated by operators or automatically from integrated systems like IDS/IPS, Trouble Tickets, SIEM or CMDB.
13 | © Copyright NetBrain® Internal Confidential Use Case - Integrate: Automate Workflows A SIEM event or trouble ticket triggers a diagnosis A Help Desk Engineers reviews the diagnostic data Engineer performs additional (pre-built) diagnoses Help Desk Escalates to CyberOps with custom notes and data CyberOps and NetOps work together from a single map After the problem is resolved, a CyberOps engineer enhances the knowledge library with lessons-learned 1 2 3 4 5 6
14 | © Copyright NetBrain® Internal Confidential Use Case - Integrate: Triggered Diagnosis
NetBrain Technologies 15 Network Drive Burlington, MA 01803 Internal Confidential Summary Adaptive Network Automation Improves Collaboration
16 | © Copyright NetBrain® Internal Confidential Recent Event from DHS CERT https://www.us-cert.gov/ncas/alerts/TA17-117A
17 | © Copyright NetBrain® Internal Confidential o Cyber Event Management – Automation can significantly reduce response time o Allows for collaboration between NetOps & CyberOps, as well as Tiered Teams. o Runbooks automate Playbooks in response to Asymmetric Cyber threats. NetOps CyberOps Vendor Management Summary“If you can't understand [your networks], you can't defend them - it's as simple as that,“ Vice Adm. Michael Gilday, Commander, US Fleet Cyber Command & US 10th Fleet, at AFCEA NOVA’s Naval IT Day on May 12, 2016. Summary
18 | © Copyright NetBrain® Internal Confidential NetBrain Overview Sample Customers One-third of Fortune 100 enterprises are powered by NetBrain Cool Vendor IT Operations Management Best in Network Management Innovations in Network Management History • Founded in 2004 • Headquartered outside Boston, MA with offices worldwide • Powering 1,600+ of the world’s largest customers Awards

Recommended

Cloud Computing
Cloud ComputingCloud Computing
Cloud Computingrajesh626
 
Data Science for Effective Network Operations
Data Science for Effective Network OperationsData Science for Effective Network Operations
Data Science for Effective Network OperationsKiran Inampudi
 
Improving Web Siste Performance Using Edge Services in Fog Computing Architec...
Improving Web Siste Performance Using Edge Services in Fog Computing Architec...Improving Web Siste Performance Using Edge Services in Fog Computing Architec...
Improving Web Siste Performance Using Edge Services in Fog Computing Architec...Jiang Zhu
 
"System of Systems" and their impact on EAM Maturity
"System of Systems" and their impact on EAM Maturity"System of Systems" and their impact on EAM Maturity
"System of Systems" and their impact on EAM MaturityCyrus Sorab
 
Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...
Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...
Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...LiveAction Next Generation Network Management Software
 
Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...Cyrus Sorab
 
Edge computing -by ChandraShekhar
Edge computing -by ChandraShekharEdge computing -by ChandraShekhar
Edge computing -by ChandraShekharChandraShekhar Patel
 
Edge Computing for the Industry
Edge Computing for the IndustryEdge Computing for the Industry
Edge Computing for the IndustryWilliam Liang
 

Recommended

Cloud Computing
Cloud ComputingCloud Computing
Cloud Computingrajesh626
 
Data Science for Effective Network Operations
Data Science for Effective Network OperationsData Science for Effective Network Operations
Data Science for Effective Network OperationsKiran Inampudi
 
Improving Web Siste Performance Using Edge Services in Fog Computing Architec...
Improving Web Siste Performance Using Edge Services in Fog Computing Architec...Improving Web Siste Performance Using Edge Services in Fog Computing Architec...
Improving Web Siste Performance Using Edge Services in Fog Computing Architec...Jiang Zhu
 
"System of Systems" and their impact on EAM Maturity
"System of Systems" and their impact on EAM Maturity"System of Systems" and their impact on EAM Maturity
"System of Systems" and their impact on EAM MaturityCyrus Sorab
 
Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...
Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...
Sharon’ Besser, Net Optics VP of Technology, Net Optics, discusses Lawful Int...LiveAction Next Generation Network Management Software
 
Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...Unlocking the value of the cloud - The benefits of deploying asset and facili...
Unlocking the value of the cloud - The benefits of deploying asset and facili...Cyrus Sorab
 
Edge computing -by ChandraShekhar
Edge computing -by ChandraShekharEdge computing -by ChandraShekhar
Edge computing -by ChandraShekharChandraShekhar Patel
 
Edge Computing for the Industry
Edge Computing for the IndustryEdge Computing for the Industry
Edge Computing for the IndustryWilliam Liang
 
Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...shira koper
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud ComputingAhsan Abbasi
 
JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...
JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...
JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...Joseph Kuo
 
Internet of Things = More Big Data: How Will Cloud Computing Evolve?
Internet of Things = More Big Data: How Will Cloud Computing Evolve?Internet of Things = More Big Data: How Will Cloud Computing Evolve?
Internet of Things = More Big Data: How Will Cloud Computing Evolve?Codero
 
Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...
Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...
Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...Ramon Ray
 
Introduction to Edge Computing using Google IoT
Introduction to Edge Computing using Google IoTIntroduction to Edge Computing using Google IoT
Introduction to Edge Computing using Google IoTVolodymyr Rudyi
 
Data Segregation
Data SegregationData Segregation
Data SegregationGaurang Sawhney
 
Edge computing
Edge computingEdge computing
Edge computingBiddut Hossain
 
IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...
IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...
IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...Ryft
 
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...AlgoSec
 
5 pillars of private cloud
5 pillars of private cloud5 pillars of private cloud
5 pillars of private cloudTyrone Systems
 
2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...AlgoSec
 
Cloud security v2
Cloud security v2Cloud security v2
Cloud security v2Shahar Geiger Maor
 
The Benefits of Digitizing Manufacturing
The Benefits of Digitizing ManufacturingThe Benefits of Digitizing Manufacturing
The Benefits of Digitizing ManufacturingChristopher Kelley
 
Edge intelligence
Edge intelligenceEdge intelligence
Edge intelligenceRakuten Group, Inc.
 
Connections Cloud Talk
Connections Cloud TalkConnections Cloud Talk
Connections Cloud TalkBrian Schaeffer
 
"Проблемы в IoT и их решение.", Артем Сорокин, DataArt
"Проблемы в IoT и их решение.", Артем Сорокин, DataArt"Проблемы в IoT и их решение.", Артем Сорокин, DataArt
"Проблемы в IoT и их решение.", Артем Сорокин, DataArtDataArt
 
Offloading Computation to the Edge
Offloading Computation to the EdgeOffloading Computation to the Edge
Offloading Computation to the EdgeVittorio Scarano
 
An emulation framework for IoT, Fog, and Edge Applications
An emulation framework for IoT, Fog, and Edge ApplicationsAn emulation framework for IoT, Fog, and Edge Applications
An emulation framework for IoT, Fog, and Edge ApplicationsMoysisSymeonides
 
Making Actionable Decisions at the Network's Edge
Making Actionable Decisions at the Network's EdgeMaking Actionable Decisions at the Network's Edge
Making Actionable Decisions at the Network's EdgeCognizant
 
SplunkLive! Munich 2018: Siemens Security Use Case
SplunkLive! Munich 2018: Siemens Security Use CaseSplunkLive! Munich 2018: Siemens Security Use Case
SplunkLive! Munich 2018: Siemens Security Use CaseSplunk
 
Grid computing Seminar PPT
Grid computing Seminar PPTGrid computing Seminar PPT
Grid computing Seminar PPTUpender Upr
 

More Related Content

What's hot

Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...shira koper
 
JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...
JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...
JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...Joseph Kuo
 
Internet of Things = More Big Data: How Will Cloud Computing Evolve?
Internet of Things = More Big Data: How Will Cloud Computing Evolve?Internet of Things = More Big Data: How Will Cloud Computing Evolve?
Internet of Things = More Big Data: How Will Cloud Computing Evolve?Codero
 
Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...
Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...
Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...Ramon Ray
 
Introduction to Edge Computing using Google IoT
Introduction to Edge Computing using Google IoTIntroduction to Edge Computing using Google IoT
Introduction to Edge Computing using Google IoTVolodymyr Rudyi
 
IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...
IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...
IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...Ryft
 
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...AlgoSec
 
5 pillars of private cloud
5 pillars of private cloud5 pillars of private cloud
5 pillars of private cloudTyrone Systems
 
2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...AlgoSec
 
The Benefits of Digitizing Manufacturing
The Benefits of Digitizing ManufacturingThe Benefits of Digitizing Manufacturing
The Benefits of Digitizing ManufacturingChristopher Kelley
 
"Проблемы в IoT и их решение.", Артем Сорокин, DataArt
"Проблемы в IoT и их решение.", Артем Сорокин, DataArt"Проблемы в IoT и их решение.", Артем Сорокин, DataArt
"Проблемы в IoT и их решение.", Артем Сорокин, DataArtDataArt
 
Offloading Computation to the Edge
Offloading Computation to the EdgeOffloading Computation to the Edge
Offloading Computation to the EdgeVittorio Scarano
 

What's hot (18)

Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...
JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...
JCConf 2017 - Next Generation of Cloud Computing: Edge Computing and Apache E...
 
Internet of Things = More Big Data: How Will Cloud Computing Evolve?
Internet of Things = More Big Data: How Will Cloud Computing Evolve?Internet of Things = More Big Data: How Will Cloud Computing Evolve?
Internet of Things = More Big Data: How Will Cloud Computing Evolve?
 
Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...
Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...
Renee Schmidt - Madison Technology - Cloud Computing (Part 2) For Growing Bus...
 
Introduction to Edge Computing using Google IoT
Introduction to Edge Computing using Google IoTIntroduction to Edge Computing using Google IoT
Introduction to Edge Computing using Google IoT
 
Data Segregation
Data SegregationData Segregation
Data Segregation
 
Edge computing
Edge computingEdge computing
Edge computing
 
IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...
IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...
IoT Slam Keynote: Harnessing the Flood of Data with Heterogeneous Computing a...
 
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
2021 02-17 v mware-algo-sec securely accelerate your digital transformation w...
 
5 pillars of private cloud
5 pillars of private cloud5 pillars of private cloud
5 pillars of private cloud
 
2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...2018 10-11 automating network security policy management allows financial ins...
2018 10-11 automating network security policy management allows financial ins...
 
Cloud security v2
Cloud security v2Cloud security v2
Cloud security v2
 
The Benefits of Digitizing Manufacturing
The Benefits of Digitizing ManufacturingThe Benefits of Digitizing Manufacturing
The Benefits of Digitizing Manufacturing
 
Edge intelligence
Edge intelligenceEdge intelligence
Edge intelligence
 
Connections Cloud Talk
Connections Cloud TalkConnections Cloud Talk
Connections Cloud Talk
 
"Проблемы в IoT и их решение.", Артем Сорокин, DataArt
"Проблемы в IoT и их решение.", Артем Сорокин, DataArt"Проблемы в IoT и их решение.", Артем Сорокин, DataArt
"Проблемы в IoT и их решение.", Артем Сорокин, DataArt
 
Offloading Computation to the Edge
Offloading Computation to the EdgeOffloading Computation to the Edge
Offloading Computation to the Edge
 

Similar to Network Automation in Support of Cyber Defense

An emulation framework for IoT, Fog, and Edge Applications
An emulation framework for IoT, Fog, and Edge ApplicationsAn emulation framework for IoT, Fog, and Edge Applications
An emulation framework for IoT, Fog, and Edge ApplicationsMoysisSymeonides
 
Making Actionable Decisions at the Network's Edge
Making Actionable Decisions at the Network's EdgeMaking Actionable Decisions at the Network's Edge
Making Actionable Decisions at the Network's EdgeCognizant
 
SplunkLive! Munich 2018: Siemens Security Use Case
SplunkLive! Munich 2018: Siemens Security Use CaseSplunkLive! Munich 2018: Siemens Security Use Case
SplunkLive! Munich 2018: Siemens Security Use CaseSplunk
 
Grid computing Seminar PPT
Grid computing Seminar PPTGrid computing Seminar PPT
Grid computing Seminar PPTUpender Upr
 
Benefits of Operating an On-Premises Infrastructure
Benefits of Operating an On-Premises InfrastructureBenefits of Operating an On-Premises Infrastructure
Benefits of Operating an On-Premises InfrastructureRebekah Rodriguez
 
SP Network Automation: Automated Operations Overview
SP Network Automation: Automated Operations Overview SP Network Automation: Automated Operations Overview
SP Network Automation: Automated Operations Overview Cisco Service Provider
 
Oracle Open World 2018 - Cloud Lift Accelerator Suite
Oracle Open World 2018 - Cloud Lift Accelerator SuiteOracle Open World 2018 - Cloud Lift Accelerator Suite
Oracle Open World 2018 - Cloud Lift Accelerator SuiteIke Aniagoh
 
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdf
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdfSwisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdf
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdfThomasGraf40
 
ING CoreIntel - collect and process network logs across data centers in near ...
ING CoreIntel - collect and process network logs across data centers in near ...ING CoreIntel - collect and process network logs across data centers in near ...
ING CoreIntel - collect and process network logs across data centers in near ...Evention
 
S104875 nightmares-dreams-spectrum-control-jburg-v1809h
S104875 nightmares-dreams-spectrum-control-jburg-v1809hS104875 nightmares-dreams-spectrum-control-jburg-v1809h
S104875 nightmares-dreams-spectrum-control-jburg-v1809hTony Pearson
 
Segurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantecSegurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantecCSA Argentina
 
Edge UPDATED.pptx
Edge UPDATED.pptxEdge UPDATED.pptx
Edge UPDATED.pptxandre241421
 
AWS O&G Day - Ambyint and AWS
AWS O&G Day - Ambyint and AWSAWS O&G Day - Ambyint and AWS
AWS O&G Day - Ambyint and AWSAWS Summits
 
Apply big data and data lake for processing security data collections
Apply big data and data lake for processing security data collectionsApply big data and data lake for processing security data collections
Apply big data and data lake for processing security data collectionsGregory Shlyuger
 
Chmura nieuchronnym elementem Twojego IT w (nie)dalekiej przyszłości. Śmierte...
Chmura nieuchronnym elementem Twojego IT w (nie)dalekiej przyszłości. Śmierte...Chmura nieuchronnym elementem Twojego IT w (nie)dalekiej przyszłości. Śmierte...
Chmura nieuchronnym elementem Twojego IT w (nie)dalekiej przyszłości. Śmierte...3camp
 

Similar to Network Automation in Support of Cyber Defense (20)

An emulation framework for IoT, Fog, and Edge Applications
An emulation framework for IoT, Fog, and Edge ApplicationsAn emulation framework for IoT, Fog, and Edge Applications
An emulation framework for IoT, Fog, and Edge Applications
 
Making Actionable Decisions at the Network's Edge
Making Actionable Decisions at the Network's EdgeMaking Actionable Decisions at the Network's Edge
Making Actionable Decisions at the Network's Edge
 
SplunkLive! Munich 2018: Siemens Security Use Case
SplunkLive! Munich 2018: Siemens Security Use CaseSplunkLive! Munich 2018: Siemens Security Use Case
SplunkLive! Munich 2018: Siemens Security Use Case
 
Grid computing Seminar PPT
Grid computing Seminar PPTGrid computing Seminar PPT
Grid computing Seminar PPT
 
Benefits of Operating an On-Premises Infrastructure
Benefits of Operating an On-Premises InfrastructureBenefits of Operating an On-Premises Infrastructure
Benefits of Operating an On-Premises Infrastructure
 
SP Network Automation: Automated Operations Overview
SP Network Automation: Automated Operations Overview SP Network Automation: Automated Operations Overview
SP Network Automation: Automated Operations Overview
 
Shaping a Digital Vision
Shaping a Digital VisionShaping a Digital Vision
Shaping a Digital Vision
 
Oracle Open World 2018 - Cloud Lift Accelerator Suite
Oracle Open World 2018 - Cloud Lift Accelerator SuiteOracle Open World 2018 - Cloud Lift Accelerator Suite
Oracle Open World 2018 - Cloud Lift Accelerator Suite
 
Core intel
Core intelCore intel
Core intel
 
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdf
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdfSwisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdf
Swisscom Network Analytics Data Mesh Architecture - ETH Viscon - 10-2022.pdf
 
ING CoreIntel - collect and process network logs across data centers in near ...
ING CoreIntel - collect and process network logs across data centers in near ...ING CoreIntel - collect and process network logs across data centers in near ...
ING CoreIntel - collect and process network logs across data centers in near ...
 
S104875 nightmares-dreams-spectrum-control-jburg-v1809h
S104875 nightmares-dreams-spectrum-control-jburg-v1809hS104875 nightmares-dreams-spectrum-control-jburg-v1809h
S104875 nightmares-dreams-spectrum-control-jburg-v1809h
 
42 grid computing
42 grid computing42 grid computing
42 grid computing
 
42 grid computing
42 grid computing42 grid computing
42 grid computing
 
Segurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantecSegurdad de red para la generacion de la nube symantec
Segurdad de red para la generacion de la nube symantec
 
Grid computing
Grid computingGrid computing
Grid computing
 
Edge UPDATED.pptx
Edge UPDATED.pptxEdge UPDATED.pptx
Edge UPDATED.pptx
 
AWS O&G Day - Ambyint and AWS
AWS O&G Day - Ambyint and AWSAWS O&G Day - Ambyint and AWS
AWS O&G Day - Ambyint and AWS
 
Apply big data and data lake for processing security data collections
Apply big data and data lake for processing security data collectionsApply big data and data lake for processing security data collections
Apply big data and data lake for processing security data collections
 
Chmura nieuchronnym elementem Twojego IT w (nie)dalekiej przyszłości. Śmierte...
Chmura nieuchronnym elementem Twojego IT w (nie)dalekiej przyszłości. Śmierte...Chmura nieuchronnym elementem Twojego IT w (nie)dalekiej przyszłości. Śmierte...
Chmura nieuchronnym elementem Twojego IT w (nie)dalekiej przyszłości. Śmierte...
 

Recently uploaded

Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 

Recently uploaded (20)

E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 

Network Automation in Support of Cyber Defense

  • 1. NetBrain Technologies 15 Network Drive Burlington, MA 01803 NetBrain Technologies 15 Network Drive Burlington, MA 01803 NetBrain Technologies 15 Network Drive Burlington, MA 01803 +1 800.605.7964 info@netbraintech.com www.netbraintech.com Network Automation in Support of Cyber Defense Rick Larkin Senior Network Engineer NetBrain Technologies, Inc 27 June 2017
  • 2. 2 | © Copyright NetBrain® Internal Confidential Agenda o Cyber Defense Challenges  Real-time network visibility  Limited network automation  Making sense of the data o Adaptive Network Automation Applied to Cyber Defense  Visualize  Automate  Integrate
  • 3. NetBrain Technologies 15 Network Drive Burlington, MA 01803 Internal Confidential Cyber Defense Challenges Need for visualization, automation and integration
  • 4. 4 | © Copyright NetBrain® Internal Confidential Cyber Defense Challenges “We do not have great situational awareness holistically over the battlespace, over the networks – we just don’t. It does not exist. That’s a critical gap” - VADM Gilday, Defensesystems.com, May 12th 2016 “We will ruthlessly automate. As we automate more things, we will free up labor to move into those higher-level functions where the computer isn’t smart enough to figure out yet. We will automate everything but leadership.” Dr. Travis, DISA Signal Magazine, April 1, 2017
  • 5. 5 | © Copyright NetBrain® Internal Confidential Three Critical Challenges o Lack of Real-Time Network Visibility » Traditional methods don’t work. Example: Static Network Maps. » Need “real-time” network visualization, end to end, to the IP/port level o Limited Network Automation » Current network automation has limited functional scope, needs to be o Data-driven o Simplified and Dynamically created o Making sense of the data » Cyber Ops Teams struggle with Too Much Information » Need better data visualization and “sense making” capabilities to create Actionable Intelligence
  • 6. NetBrain Technologies 15 Network Drive Burlington, MA 01803 Internal Confidential Adaptive Network Automation Use Cases
  • 7. 7 | © Copyright NetBrain® Internal Confidential Solution: Adaptive Network Automation Platform Network – Physical, Virtual & SDN Executable Applications & Runbooks: Automate network management and manual tasksAutomate Dynamic Map: See what’s happening to the network through end-to-end network visibility – port/IP level Visualize Visualize Rich API framework: Increase collaboration by integrating security and troubleshooting workflows Integrate
  • 8. 8 | © Copyright NetBrain® Internal Confidential Visualize: Dynamic Map » Dynamic Map o Data driven network map based on relevant information for the task at hand o Additional data layers can be added from historical information, real-time or 3rd party applications
  • 9. 9 | © Copyright NetBrain® Internal Confidential Use Case - Visualize: Application Flow across the Network
  • 10. 10 | © Copyright NetBrain® Internal Confidential Automate: Executable Intelligence Download Executable Intelligence Run Adaptive Network Automation Comprehensive Data Model • Topology • Design • History Define Automation Task via Dynamic Map • NetOps • CyberOps • CPTs • SOC/NOC • IA/ISSM • Architecture • Design • IDS • IPS • Firewall • NetFlow Data • SIEM • Big Data Analytics
  • 11. 11 | © Copyright NetBrain® Internal Confidential Use Case - Automate: Compliance o Automated Compliance validation & verification » NIST RMF, DISA/NSA STIGs, IAVAs, CC/S/A specific o Proactive NetOps & CyberOps » Automation technology can help CPTs, as well as on-site Network & IA staff » Validation on a live network, in real-time, to detect “compliance drift”
  • 12. 12 | © Copyright NetBrain® Internal Confidential Integrate: Map as a Single Pane Of Glass » Automated Analysis – Fully Customizable » Execute manual tasks in seconds » Initiated by operators or automatically from integrated systems like IDS/IPS, Trouble Tickets, SIEM or CMDB.
  • 13. 13 | © Copyright NetBrain® Internal Confidential Use Case - Integrate: Automate Workflows A SIEM event or trouble ticket triggers a diagnosis A Help Desk Engineers reviews the diagnostic data Engineer performs additional (pre-built) diagnoses Help Desk Escalates to CyberOps with custom notes and data CyberOps and NetOps work together from a single map After the problem is resolved, a CyberOps engineer enhances the knowledge library with lessons-learned 1 2 3 4 5 6
  • 14. 14 | © Copyright NetBrain® Internal Confidential Use Case - Integrate: Triggered Diagnosis
  • 15. NetBrain Technologies 15 Network Drive Burlington, MA 01803 Internal Confidential Summary Adaptive Network Automation Improves Collaboration
  • 16. 16 | © Copyright NetBrain® Internal Confidential Recent Event from DHS CERT https://www.us-cert.gov/ncas/alerts/TA17-117A
  • 17. 17 | © Copyright NetBrain® Internal Confidential o Cyber Event Management – Automation can significantly reduce response time o Allows for collaboration between NetOps & CyberOps, as well as Tiered Teams. o Runbooks automate Playbooks in response to Asymmetric Cyber threats. NetOps CyberOps Vendor Management Summary“If you can't understand [your networks], you can't defend them - it's as simple as that,“ Vice Adm. Michael Gilday, Commander, US Fleet Cyber Command & US 10th Fleet, at AFCEA NOVA’s Naval IT Day on May 12, 2016. Summary
  • 18. 18 | © Copyright NetBrain® Internal Confidential NetBrain Overview Sample Customers One-third of Fortune 100 enterprises are powered by NetBrain Cool Vendor IT Operations Management Best in Network Management Innovations in Network Management History • Founded in 2004 • Headquartered outside Boston, MA with offices worldwide • Powering 1,600+ of the world’s largest customers Awards