Upload
oriana
View
69
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Foundstone Enterprise 4.0 Detailed Product Presentation. Agenda. Foundstone Solutions Truly Enterprise-Class Asset-based Vulnerability Management Unmatched Assessment Horsepower Life-cycle Threat Management Stream-lined Remediation Measurement & Benchmarking - PowerPoint PPT Presentation
Citation preview
Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
» Foundstone Enterprise 4.0Detailed Product Presentation
2Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Agenda
» Foundstone Solutions» Truly Enterprise-Class » Asset-based Vulnerability Management» Unmatched Assessment Horsepower» Life-cycle Threat Management » Stream-lined Remediation» Measurement & Benchmarking» Interoperability: Foundstone Link» Total Cost of Ownership» Competitive Comparison
3Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Foundstone Product Family
» Foundstone Enterprise v4.0– Enterprise-class, award-winning vulnerability management system– Options include:
– Remediation Module – Threat Correlation Module
– Appliance-based– Feature-rich and the most scalable risk management system available– Low cost of ownership: automated download and installation– All updates Foundstone tested & approved
» Foundstone On-Demand Service– Hosted system engineered to manage and mitigate risk– Integrated threat intelligence alerts and correlation– Zero-deployment; no administration or maintenance
» Foundstone Professional TL– Designed for consultants and auditors– Enterprise-class functionality and scalability
4Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
The Foundstone Vulnerability Management (VM) Lifecycle
Risk = A x V x TC C
Risk = A x V x TC C
5Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Enterprise-Class
» Web-based, centralized management» Hierarchical user account system supports even the most
complex organizations» Flexible role-based access control for scanning & remediation» Unprecedented performance & reliability: unique scanning architecture
6Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Enterprise-Class
Features & BenefitsFeatures & BenefitsWeb-based, centralized managementAutomated vulnerability, threat and knowledgebase updates from Foundstone Safe and lightweight: built-in scan traffic load balancingGraceful handling of latency issues and network disruptions
7Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Enterprise-Class
Features & BenefitsFeatures & BenefitsHierarchical model supports even the most complex organizationsEasy, delegated administration using Workgroups for offices, regions, etc. Flexible role-based access control for users Granular permissions for scans, remediation
8Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Enterprise-ClassFeatures & BenefitsFeatures & BenefitsUnique parallel architecture allows many scans to execute at once on a single engineA single scan is automatically distributed into multiple subscans for enhanced scan performanceScan recovery with no data loss due to batch-based design
9Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Asset-Based Vulnerability Management
» Driven by agent-less asset discovery» Classify using detailed, flexible criteria» Scan by business function, geographic region, etc.» Tickets can be automatically assigned to
group asset owners» Asset criticality can be used to focus
remediation tasks on the most important systems
10Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Asset ClassificationFeatures & BenefitsFeatures & BenefitsDriven by agent-less asset discoveryClassify using detailed, flexible
criteriaAssign group properties such as asset owners & criticality values
11Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Asset-Based Scanning
Features & BenefitsFeatures & BenefitsCreate scans by asset value or ownerEasily include/exclude hosts based on OS, name, and other propertiesScan by business function, geographic region, etc.
12Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Asset-Based Remediation
Features & BenefitsFeatures & BenefitsTickets can be automatically assigned to group asset ownersAsset criticality can be used to focus remediation tasks on the most important systems
13Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Assessment Horsepower
» Deep, agent-less assessment across all layers of infrastructure
» Discovers and analyzes every system on the network, from database to router
» Uses patent-pending OS identification and vulnerability analysis techniques
» Based on the customizable Foundstone Scripting Language (FSL)
» Unprecedented ease of use:– One-click quick scans– One-click scan performance / bandwidth
optimization
14Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Assessment HorsepowerBeyond Traditional Vulnerabilities:Specialty Assessment Modules» Windows Module
– Patch & policy testing– Trojan & spyware detection
» Wireless Module– Discovery of access points
& clients– Mapping & vulnerability analysis
» Web Application Module– “Unknown” vulnerabilities within custom web apps.– Crawls, inventories & then intelligently analyzes– Examples: source code disclosure, SQL error handling, weak
usernames and passwords, “hidden” sensitive files and archives
15Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Life-Cycle Threat Management
» Intelligence alerts on critical breaking threat events such as worms and exploits
» Faster than a check– shows threat impact immediately without running another scan
» Risk-ranking of assets prioritizes threat response so that the most important hosts are protected first
» Threat response benchmarking by business unit
» Measures response efforts vs. an established remediation goal
16Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Threat Monitoring Features & BenefitsFeatures & BenefitsIntelligence alerts on critical breaking threat events such as worms and exploitsAutomatically updated on a daily basisAlert correlation rules show how a threat event will impact your networks
17Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Threat AnalysisFeatures & BenefitsFeatures & BenefitsFaster than a check– shows threat impact immediately without running another scan5-factor correlation displays results by likelihood of a successful attackRisk-ranking of assets prioritizes threat response so that the most important hosts are protected first
18Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Threat ScanningFeatures & BenefitsFeatures & BenefitsCorrelation results feed rapid threat scans or remediation activitiesThreat scans easily created for a single or several vulnerabilitiesThreat scans complete quickly, even for large Class B and A networksAlerts can be sent directly to staff pagers via email
19Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Threat BenchmarkingFeatures & BenefitsFeatures & BenefitsThreat response benchmarking by business unit (e.g. geographic region, workgroup, office) or operating systemProgress automatically updated based on enterprise remediation efforts Effective comparison model: set up by administrator, seen by all users to gauge status versus peers
20Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Threat Compliance Tracking Features & BenefitsFeatures & BenefitsMeasures response efforts versus an established remediation goalProgress measured in % of compliance-- based on # of vulnerable hosts for one or many threat eventsGraphs easily downloaded or modified for on-the-fly reporting
21Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Stream-Lined Remediation Workflow
» VM Pioneers: Introduced integrated remediation workflow in early 2002
» Vulnerabilities automatically turn into easily managed tickets» Rules-based automatic ticket assignment using multiple,
flexible criteria» “Ignore” vulnerability feature allows for
creation of policy exceptions» Closes tickets for fixed
vulnerabilities with no manual intervention
22Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Automatic Ticket Creation Features & BenefitsFeatures & BenefitsVM Pioneers: Introduced integrated remediation workflow in early 2002Vulnerabilities automatically turn into easily managed ticketsComprehensive control over ticket creation by scan / vulnerability severityEstablishes accountability: the key to getting vulnerabilities fixed
23Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Automatic Ticket Assignment Features & BenefitsFeatures & BenefitsRules-based automatic ticket assignment using multiple, flexible criteriaAutomated export of tickets to 3rd party helpdesk systems (e.g. Remedy)“Ignore” vulnerability feature allows for creation of policy exceptions
24Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Automatic Ticket Closure Features & BenefitsFeatures & BenefitsCloses tickets for fixed vulnerabilities with no manual interventionOne-click verify scans to confirm fixesComprehensive searching feature enables for simple remediation progress analysis and tasking
25Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Measure and Benchmark
» FoundScore: intuitive 0-100 security scoring system based on vulnerabilities and asset criticality
» MyFoundScore: customizable scoring that matches your policy» Risk Score: immediately visible statement of overall enterprise risk level
– Considers impact of breaking threat events on assets and existing vulnerabilities
» Interactive, executive dashboard for comparing business units/regions, platforms and tracking key statistics
26Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Interoperability: Foundstone Link
» Open architecture leverages current technology investments– Seamlessly integrates with existing database, network &
system management solutions– Open database design works with 3rd party reporting tools
& custom SQL queries– Web services-based
» API set to allow external applications to leverage the power of FoundScan engines
– Scan creation, scan management, scan results access» Authentication API for use with Netegrity Siteminder,
RSA SecurID, LDAP and other technologies » Support for standards such as CVE, IAVA, & SANS/FBI Top 20
27Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Total Cost of Ownership
» Focus on interoperability and management results in overall low TCO– Vulnerabilities, threats and system can be automatically updated– No appliance patches to test or install– Does not require additional staff or skill sets
» Comparison of TCO against competing vulnerability management services results in significant savings over a 5-year periodYearYear FoundstoneFoundstone CompetitorCompetitor DifferenceDifference1st year $187,747 $140,079 $58,8452nd year $240,494 $275,646 ($37,698)3rd year $293,240 $411,213 ($134,241)4th year $345,987 $546,780 ($230,784)5th year $398,734 $682,347 ($327,327)
Numbers based on projected pricing for a 10,000 system environment, HW/SW/Services included
28Confidential and Proprietary Copyright ©2004 Foundstone, Inc. All Rights Reserved
Capability FStone nCircle Qualy
sTenab
le eEye ISS
Enterprise-ClassAssess. Quality/DepthFlexible, Open Arch.Threat Corr. ModuleRisk Mgmt. / MetricsFull, Flexible ReportingRobust Remed. ModuleFull User System / RBACCompliance Reporting
Competitive Comparison
- Full capability - Some capability (blank) – No capability