Tech Talk: Securing Hybrid Infrastructures

  • View
    810

  • Download
    1

Embed Size (px)

Transcript

  • .

    Intel Security Confidential1

    Securing Hybrid Infrastructures

  • .

    Intel Security Confidential2

    Todays businesses have to deliver more and deliver it faster than ever before

    The Data Center Is Transforming

    1. IDC, Worldwide Public Cloud Services Spending Forecast to Double by 2019, January 20162. IDC, The Digital Universe in 2020: Big Data, Bigger Digital Shadows, and Biggest Growth in Far East. Dec. 2012

    3. Cisco Global Cloud Index: Forecast and Methodology, 2013-2018.

    4. SNS Research, 2015-2020, Dec.2015

    200%Public Cloud Services spending to double from 2015 to 20201

    40%of data will be stored or processed by the cloud by 20202

    54%CAGR of SDN* and NFV** investments by 20204

    78%of workloads will be processed in cloud by 20183

    1

    0

    0

    1

    1

    0

    0

    1

    1

    1

    0

    0

    0

    1

    0

    1

    1

    0

    1

    1

    0

    0

    0

    1

    0

    0

    1

    1

    0

    1

    $

    *Software-Defined Network**Network Function Virtualization

  • .

    Intel Security Confidential3

    Increased attack surface leads to more breaches

    Security for the Data Center is also Transforming

    Sources:

    1. Verizon 2015 Data Breach Investigations Report

    2. Cloud Adoption Practices & Priorities Survey, January 2015.

    3. Verizon 2013 State of the Enterprise Cloud Report

    4. Arbor Networks Application-Layer Attacks report, 2014

    5. Ponemon Institute, 2015 Cost of Data Breach Study: Global Analysis, 2015

    Mean cost of data breach: $3.79M up 23% since 20135

    of companies dont know scope of shadow IT at their organization2

    of attacks target servers3of breaches lead to organizations being compromised within minutes1

    of service providers saw app-layer attacks targeting HTTP and DNS4

    60% 40%

    82%+ 75%

  • .

    Intel Security Confidential4

    Time to Recover

    Months -Weeks

    Time to Discover

    Years - Months

    Current ThreatScape Realities

    4

    $$$ Catastrophic Impact $$$

    Overwhelmed Security Teams

    Minimal Adversarial Effort

    Time to Compromise

    Minutes

  • .

    Intel Security Confidential5

    Time to Recover

    Minutes

    Time to Discover

    HoursHours

    Business and Security Outcomes

    5

    $ Minimized Impact $

    Optimized Security Teams

    Significant Adversarial Effort

    Time to Compromise

    Months

  • .

    Intel Security Confidential6

    ITs Top Objectives for Security

    Visibility to security posture across the infrastructure Full visibility to workloads and data, both inside the enterprise data center and in the public cloud

    Ensure the business is protected from advanced targeted attacks and stays compliant

    Detect breaches to keep the business safe Ability to detect even advanced targeted attacks

    Successfully manage the threat landscape and find threats sooner and stop them faster

    Remediate any damage that may have occurred Respond fast and fully, limiting damage

    Security is now a boardroom discussion

    CIOs and CISOs are getting more scrutiny than ever

  • .

    Intel Security Confidential7

    Intel Security - Hybrid Infrastructure Solution

    McAfee Network Security Platform (IPS)

    Finds and blocks malware and advanced targeted attacks on the network

    McAfee Server Security Suites

    Protects servers from malware for physical, virtual, and cloud deployments

    Database Security

    Protects against external, internal, and intra-database threats

    Threat Intelligence Exchange

    Enables adaptive threat detection and response by operationalizing intelligence across your

    endpoint, gateway, network, and data center security solutions in real time

  • .

    Intel Security Confidential8

    PRIVATE / PUBLIC CLOUD & SDDC

    Comprehensive Security PortfolioThe whole is greater than the sum of its parts to secure hybrid infrastructures

    IaaS Discovery & Monitoring

    DC Discovery & Monitoring

    (Data Center Connectors)

    Data Center Optimized

    Security

    MOVE-AV

    Network Security

    Platform (IPS)

    Additional Server Security

    VirusScanEnterprise

    Host IPS

    Application Control

    Change Control

    Software Defined Network Security

    Virtual NSP + Intel Security

    Controller

    Database

    Security

    Data Center Security Suite for Databases

    McAfee ePolicy Orchestrator + Network Security Manager

    Threat Intelligence Exchange & DXL

    PHYSICAL DATA CENTER

  • .

    Intel Security Confidential9

    Network Security Platform (IPS)

  • .

    Intel Security Confidential10

    Leading the Way in Network Security

    consecutive times ranked in the Leaders Quadrant because:9

    2015 IPS Magic Quadrant

    Multiple signature-less inspection techniques give it an advantage over more-signatured-based IPS technologies.

    Clients rate manageability and ease of use extremely well.

    Regarded as a top competitor by its rivals.

    CHALLENGERS

    VISIONARIES

    IBMHewlett Packard Enterprise

    Huawei

    NSFOCUS

    Wins

    Cisco

    Intel Security (McAfee)

    NICHE PLAYERS

    LEADERS

    Completeness of Vision

    Ab

    ilit

    y t

    o E

    xe

    cu

    te

  • .

    Intel Security Confidential11

    11

    Data Center IPS Comparative Analysis 2016 NSS Labs

    NSS Labs Data Center IPS 2016 Test

    Five times Recommended for security from NSS Labs

    Delivered almost twice our claimed throughputwhile blocking 99.4% of attacks

    Strongest vendor tested across performance, blocking and TCO

    Enable security features with confidence even in the most demanding networks

    SECURITY EFFECTIVENESS

    TCO PER PROTECTED-MBPS

    McAfee NS-9100

  • .

    Intel Security Confidential12

    12

    Signature-less Network Inspection

    UnderstandAttack

    Behavior

    FindAttack Traffic

    LearnAttack

    Reputation Leverage shared intelligenceRespond smarter by learning new threat information in real-time

    threat horizon

    File and Emulation Analysis Understand malicious file behavior without signature requirements

    Intelligently identify callbacks and compromised endpoints

    Traffic behavior learning

  • .

    Intel Security Confidential13

    13

    Understand Attack BehaviorSignature-less Technologies

    Analyze

    ATD - Sandboxing

    Static Code Analysis

    ATD - Sandboxing

    Dynamic Analysis

    Analyze

    Unpacking

    Disassembly of Code

    Calculate Latent Code

    Familial Resemblance

    Run Time DLLs

    Network Operations

    File Operations

    Process Operations

    Delayed Execution

    NSP - Emulation andDeep File Analysis

    GAM (Browser)

    JavaScript

    Adobe PDF

    Adobe Flash

  • .

    Intel Security Confidential14

    14

    Find Stealthy Attack TrafficSignature-less Technologies

    Endpoint Intelligence

    Advanced BotnetDetection

    Network Threat Behavior Analysis

    Malicious Processes

    Malware Callbacks

    Traffic Patterns

    Command and Control

    EndpointNetwork Security Platform (IPS)

  • .

    Intel Security Confidential15

    Virtual Machine

    OS

    App

    Virtual Machine

    OS

    App

    Virtual Machine

    OS

    App

    15

    Uncompromising Virtual Security

    VIRTUAL NETWORK SECURITY PLATFORM

    Industry Proven IPS inspectionGartner Leader and NSS recommended

    East-West Network Traffic

    Next Generation FeaturesApplication Control, DDoS, Callback Detection, ATD, Endpoint and Threat Intelligence

    Multiple Deployment ModesSupport for SDN Controller (NSX) or dedicated installations.

  • .

    Intel Security Confidential16

    Safeguard for the SDDC

    16

    DistributedVirtual Appliances

    SecurityFunctions

    Catalog

    Intel Open Security Controller

    SDDC Security Solutions

    VMware vCenter VMware NSX

    McAfee Network Security Platform

    Security Controller

    Network ControllerDynamically deploy, manage, protect and remediate virtual security at scale

    McAfee MOVEAntiVirus

    Quickly scale security across the SDDC with a controller based approach

    Optimized protection for Virtual ServersOffload scanning for improved performance

    Private Cloud aware IPS inspectionCertified integration with NSX

    Automate IPS policy and orchestration

  • .

    Intel Security Confidential17

    17

    Discover Breaches Quicker

    TraditionalPerspective Increased Noise and User Error

    Intelligent Approach SteamlinedInvestigations and Visibility

    Chasing Alerts

    Actionable Events

    ALERT

    1ALERT

    2ALERT

    3

    ALERT

    4ALERT

    5ALERT

    6

    EVENT 1

    ALERT 2

    ALERT 3

    ALERT 5

    ALERT 6

    Actionable Workflows

  • .

    Intel Security Confidential18

    Perimeter Security Alone Doesnt Prevent Breaches

    Strong perimeter defense is typical

    Sophistical threats reach low-priority servers

    Threats spread from server to server

    Internal controls are often weak

    Low PriorityServers

    High PriorityServers

  • .

    Intel Security Confidential19

    Server Security

  • .

    Intel Security Confidential20

    Server Security Suites

    ePolicy Orchestrator

    VirusScan Enterprise (VSE)

    VirusScan Enterprise for L