Enviar pesquisa
Carregar
Refense Security Risk Briefing July 2009
•
0 gostou
•
473 visualizações
A
apompliano
Seguir
REFENSE Technologies - Security Risk Briefing Presentation
Leia menos
Leia mais
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 15
Baixar agora
Baixar para ler offline
Recomendados
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfee
IntelAPAC
Hp Fortify Pillar
Hp Fortify Pillar
Ed Wong
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...
Novell
Nebezpecny Internet Novejsi Verze
Nebezpecny Internet Novejsi Verze
TUESDAY Business Network
Symantec Brightmail Gateway 9
Symantec Brightmail Gateway 9
Symantec
Trend micro deep security
Trend micro deep security
Trend Micro
Guard Era Corp Brochure 2008
Guard Era Corp Brochure 2008
GuardEra Access Solutions, Inc.
It's 2012 and My Network Got Hacked - Omar Santos
It's 2012 and My Network Got Hacked - Omar Santos
santosomar
Mais conteúdo relacionado
Mais procurados
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the Application
Cisco Security
Symantec Web Security Solutions
Symantec Web Security Solutions
Symantec
From Physical to Virtual to Cloud
From Physical to Virtual to Cloud
Cisco Security
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro
Amazon Web Services
Pawaa OCC Presentation
Pawaa OCC Presentation
CloudComputing
Trend micro v2
Trend micro v2
JD Sherry
Air defense services_platform_8.0_spec_sheet
Air defense services_platform_8.0_spec_sheet
Advantec Distribution
Cat6500 Praesentation
Cat6500 Praesentation
Sophan_Pheng
Cloudop security
Cloudop security
wardspan
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust
Take Control of End User Security
Take Control of End User Security
anniebrowny
Cloud securityperspectives cmg
Cloud securityperspectives cmg
Neha Dhawan
Datasheet stonegate ips-allinone
Datasheet stonegate ips-allinone
Multibyte Consultoria
Mc afee saas web protection-rackaid
Mc afee saas web protection-rackaid
rackAID Support
Ensure Software Security already during development
Ensure Software Security already during development
IT Weekend
Datasheet stonegate fw-allinone
Datasheet stonegate fw-allinone
Multibyte Consultoria
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
HyTrust
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
Novell
Mais procurados
(18)
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the Application
Symantec Web Security Solutions
Symantec Web Security Solutions
From Physical to Virtual to Cloud
From Physical to Virtual to Cloud
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro
Pawaa OCC Presentation
Pawaa OCC Presentation
Trend micro v2
Trend micro v2
Air defense services_platform_8.0_spec_sheet
Air defense services_platform_8.0_spec_sheet
Cat6500 Praesentation
Cat6500 Praesentation
Cloudop security
Cloudop security
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
Take Control of End User Security
Take Control of End User Security
Cloud securityperspectives cmg
Cloud securityperspectives cmg
Datasheet stonegate ips-allinone
Datasheet stonegate ips-allinone
Mc afee saas web protection-rackaid
Mc afee saas web protection-rackaid
Ensure Software Security already during development
Ensure Software Security already during development
Datasheet stonegate fw-allinone
Datasheet stonegate fw-allinone
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
Virtualizing More While Improving Risk Posture – From Bare Metal to End Point
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
How Cloud Providers' Business Needs Drive Enterprise Identity & Security
Destaque
Personal Safety & Awareness
Personal Safety & Awareness
debrakalish
Question 3
Question 3
Jenny McNulty
Context and benefits of the VMPass initiative at Universidad Internacional de...
Context and benefits of the VMPass initiative at Universidad Internacional de...
Anne-Christin Tannhäuser
Asfs induction guide
Asfs induction guide
Jenny McNulty
Evaluation of media project 2
Evaluation of media project 2
Jenny McNulty
Gundia
Gundia
Hari Somashekar
Security awareness exampletr(rev1)1011.015
Security awareness exampletr(rev1)1011.015
Wivenhoe Management Group
Destaque
(7)
Personal Safety & Awareness
Personal Safety & Awareness
Question 3
Question 3
Context and benefits of the VMPass initiative at Universidad Internacional de...
Context and benefits of the VMPass initiative at Universidad Internacional de...
Asfs induction guide
Asfs induction guide
Evaluation of media project 2
Evaluation of media project 2
Gundia
Gundia
Security awareness exampletr(rev1)1011.015
Security awareness exampletr(rev1)1011.015
Semelhante a Refense Security Risk Briefing July 2009
VSD Infotech
VSD Infotech
VSD infotech
End-point Management
End-point Management
IBM Danmark
Novell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
Novell
Novell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
Novell
F5 Networks: architecture and risk management
F5 Networks: architecture and risk management
AEC Networks
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
Anindya Ghosh,
S series presentation
S series presentation
Sergey Marunich
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
Symantec
Enterprise Security in Cloud
Enterprise Security in Cloud
Lenin Aboagye
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Symosis Security (Previously C-Level Security)
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
Amazon Web Services
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
Andris Soroka
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Sverige
C2MS
C2MS
hemanth102030
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the Cloud
Risk Crew
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
Internap
Sccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estonina
Microsoft Singapore
Information Security
Information Security
Mohit8780
Managed vs customer presentation
Managed vs customer presentation
hemanth102030
Monitoring Principles & z/VSE Monitoring Options
Monitoring Principles & z/VSE Monitoring Options
IBM India Smarter Computing
Semelhante a Refense Security Risk Briefing July 2009
(20)
VSD Infotech
VSD Infotech
End-point Management
End-point Management
Novell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
Novell ZENworks Overview and Futures
F5 Networks: architecture and risk management
F5 Networks: architecture and risk management
Cio ciso security_strategyv1.1
Cio ciso security_strategyv1.1
S series presentation
S series presentation
RSA 2012 Virtualization Security February 2012
RSA 2012 Virtualization Security February 2012
Enterprise Security in Cloud
Enterprise Security in Cloud
Enterprise Security in Hybrid Cloud ISACA-SV 2012
Enterprise Security in Hybrid Cloud ISACA-SV 2012
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
DSS ITSEC CONFERENCE - Q1 Labs - Intelligent network security - next genera...
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
IBM Smarter Business 2012 - BYOD: "So what?" – Enabling mobile and mixed endp...
C2MS
C2MS
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the Cloud
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
Sccm 2012 overview - chris_estonina
Sccm 2012 overview - chris_estonina
Information Security
Information Security
Managed vs customer presentation
Managed vs customer presentation
Monitoring Principles & z/VSE Monitoring Options
Monitoring Principles & z/VSE Monitoring Options
Refense Security Risk Briefing July 2009
1.
Security Risk
Briefing July 2009 Proprietary & Confidential Not for distribution
2.
Security Risk Management
Vulnerabilities – Policy Compliance Routers Switches Firewalls Wireless Mission Critical Infrastructure Key Benefits • Audit, Analysis, Prioritize and Mitigate • Superior performance = > Visibility, Speed & Accuracy • Agent less, Proprietary algorithms - Non Intrusive Impact • Comprehensive Security Checks & Policy Management © 2009 Refense All Rights Reserved Confidential
3.
Product & Service
Refense VMS Refense On-Demand Enterprise Scalable Appliances Fully Managed Service •Turn-Key Appliance •Subscription Based •Software License •Rapid Deployment •Fault Tolerant •Remotely Managed •Service Provider Scalable •No Up-Front Capital •AES 256 Encryption •Annual Contracts •24x7 Support © 2009 Refense All Rights Reserved Confidential
4.
Competitive Landscape
Compliance Security Orientation Limited capability Vulnerability Scanners Vulnerability & Compliance Qualys, Foundstone Management for Mission Critical Limited capability eEye Retina Infrastructure Configuration Tools EMC Voyence, Alterpoint, nCircle, HP NCM, etc Network Management Platforms HP Openview, IBM Tivoli, BMC Desktops - Servers - Routers – Switches – Firewalls - WAPs Devices © 2009 Refense All Rights Reserved Confidential
5.
About Refense
Founded in 2003 & HQ in Raleigh, NC Network Security Risk Management Solutions Partnering with Industry Leaders: Notable Customers: © 2009 Refense All Rights Reserved Confidential
6.
Evolution of Network
Security Networks are increasing in size and complexity Value of network devices as method of attack is increasing & evolving Hackers are now actively targeting Cisco IOS (IOS rootkit, DNS poisoning, BGP hijacking, Phenoelit’s 0-day exploit) Wireless networks still offer easy attack vectors Breaches as a result of compromised network devices are starting to become publicly known Hijacking a network is a very appealing target for large hacking groups or for foreign governments or terrorist organizations Most attacks are financially motivated © 2009 Refense All Rights Reserved Confidential
7.
Refense
= Security from the inside out Vulnerability | Compliance Management Identify Operating System/Network Vulnerabilities & Non-Compliance to security policies Agent less & non-intrusive, Lightning fast and accurate Largest number of Intelligent Security Checks Service Provider Scalability (10,000 plus devices) Secondary Effects & Mitigation Intelligence Predefined security policies & Regulatory Requirements Wireless Rogue Finder Option Scheduled Scans - Strong in-depth reporting Instant ROI & low operational administration © 2009 Refense All Rights Reserved Confidential
8.
Connect to
Execute checks Internal analysis remote against collected Storage of of data by VMS devices via SSH data report data only or Telnet for trending and Execute Gather data additional Generation of comparative using Show commands as report analysis © 2009 Refense commands required All Rights Reserved Confidential
9.
Refense Differentiators
Refense automates manual audits of Cisco IOS. Example: A PSIRT notice states – perform a Show Version to determine if you are running an affected IOS version, then perform a Show Processes | Include SIP or a Show IP Sockets dependent on your version of IOS to determine if your device is processing SIP packets, then check for the presence of a workaround using a Control Plane Policy. Now repeat across your entire network – the result could be many man hours of labor to find the devices that are vulnerable. Refense VMS automates this process with a zero error rate! Refense has more security checks than anyone else. When Cisco Systems wanted to solve a problem for the US Department of Defense they turned to Refense. The DoD has the most complex security policies for networks of any organization. They also have one of the largest private networks in the world. Ensuring compliance to DISA STIG’s was unenforceable until Refense came along. Refense VMS scales to the largest enterprises and has the capability of ensuring compliance against the most complex security policies! Refense VMS is a security focused point solution. Unlike others in the market, we don’t focus on servers and desktops, treating network devices as an afterthought. Refense isn’t a configuration management solution trying to be a security solution. We don’t rely on SNMP for configuration information and we don’t scan IP addresses looking for open ports. Refense VMS is enterprise network security and has been for over 5 years! © 2009 Refense All Rights Reserved Confidential
10.
Risk Management Reporting ©
2009 Refense All Rights Reserved Confidential
11.
Secondary Effects &
Mitigation © 2009 Refense All Rights Reserved Confidential
12.
Superior Vulnerability &
Compliance Management Automated & Non-intrusive In-depth analysis Accurate & Actionable Audit & Mgmt Lightning Fast Independent Intelligence Reporting 6-9 month ROI Automated Risk Management Reduce Costs by Document Control and policy recommendation 1 >65%-90% 8 2 Determine risk Asset identification and evaluation Eliminate Risks 7 & Achieve 3 Determine impact on confidentiality, Threat and Compliance Integrity and vulnerably availability 6 identification 4 Determine 5 Zero False likelihood Control of threat identification Positives 24x7x365 Visibility © 2009 Refense All Rights Reserved Confidential
13.
Refense vs Configuration
Management Tools Refense is security oriented – Refense has been built from the ground up to do one thing, ensure the security of enterprise networks. Network configuration management tools are not architected to dig deep into networks to discover security weaknesses. Refense replicates manual audits – Refense follows the same process and has the intelligence of a manual human auditor, Refense isn’t limited to regular expression string matching. Network configuration management tools have not been designed to audit the security of networks, they collect configuration information and process it based on regular expression rules. Refense can identify threats other tools cannot – These include: Network devices with fraudulent or compromised operating systems. Vendor published vulnerabilities that cannot be identified by regular expression string matching. Vulnerabilities where insufficient or incorrect mitigation actions have been implemented. Complex analysis requiring data from external sources such as those detailed in US Federal Government standards like DISA STIG’s. REFENSE provides greater visibility to potential vulnerabilities and identifies vulnerabilities other tools overlook or cannot see. REFENSE does this with greater accuracy than any other solution and our ability to conduct network analysis without impact to the network or device allows network protection to be continuous or "always-on" resulting in shorter time to protection from potential threats. © 2009 Refense All Rights Reserved Confidential
14.
Refense vs Vulnerability
Management Tools Inside vs outside orientation – Refense audits network devices from the inside. This enables greater accuracy and functionality over traditional vulnerability scanners. Vulnerability management tools scan IP blocks and rarely allow authenticated analysis of device configurations. These types of IP/port scans cause high load on the device, are network intensive, slow and inaccurate. Refense focuses on network devices – Refense is focused on WAN and LAN network devices, it was built for that purpose and doesn’t try to use vulnerability identification methods designed for desktops and servers. Vulnerability management tools don’t have the same focus, most are better suited to scanning Windows and Linux than Cisco and Juniper OS. Refense vulnerability checks are smart – Refense ships with over 300 security checks that look for security weaknesses introduced through configuration as well as vulnerabilities caused by OS related flaws. They use advanced logic to verify the security weakness actually exists and understand when workarounds are in place to mitigate the problem. Vulnerability management tools use checks that look at the OS version and then assume your device is vulnerable based on the version of code you are running, not the way your device is configured and network is protected. REFENSE provides greater visibility to potential vulnerabilities and identifies vulnerabilities other tools overlook or cannot see. REFENSE does this with greater accuracy than any other solution and our ability to conduct network analysis without impact to the network or device allows network protection to be continuous or "always-on" resulting in shorter time to protection from potential threats. © 2009 Refense All Rights Reserved Confidential
15.
What makes Refense
superior ? Focus – Mitigating Risks in Mission Critical Infrastructure – Routers/Switches/Firewalls/Wireless Access Points Visibility & Non-Intrusive – Operating System Vulnerabilities & Compliance to Security Policy Accuracy – Inside Out Architecture eliminates false positives & negatives – reducing time spent on invalid results Speed – Distributed high speed scanning makes Refense the fastest vulnerability solution available Compliance w/Security Orientation – Complex Checks, Secondary Effects & Risk Mitigation Easy to Implement/Maintain – Turn-Key appliance can have you up and running in less than an hour – Low Administration © 2009 Refense All Rights Reserved Confidential
Baixar agora