HP Next-Generation Network Security Solutionsidg.bg/.../2014/...Security_Solutions_25.09.2014.pdf · HP Next-Generation Network Security Solutions Radoslav Georgiev Technical Consultant

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.

HP Next-GenerationNetwork SecuritySolutionsRadoslav GeorgievTechnical Consultant HP [email protected]

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.2

The Network Infrastructure Has Revolutionized

Mainframe Client/Server Web Computing

Mobile & Cloud Computing


The Network Security Industry Is Falling Short

Mainframe Client/Server Web Computing

Mobile & Cloud Computing


Your User Is the Biggest Risk for Infiltration


Historically, TippingPoint Has Protected yourApps and Data

…in your Data Center …in your Campus Network …in your Branch Office


Now, TippingPoint Protects Users, Apps and Data


What is a NGFW?


NGFW

2001 Today

NGIPS & NGFWUTM

Stateful Firewalls

HP TippingPoint NGIPS

Why HP TippingPoint NGFWEvolution of the Firewall


What is Next-Generation Firewall?

IntegratedIntegratedPolicyPolicy

Next Gen IPS Enterprise Firewall

DVLabs researchand feeds User and app

policy


Why the HP TippingPointNext-Generation Firewall?


The Value HP TippingPoint Provides

Simple

Easy-to-use,configure and

install withcentralized

management

Reliable

NGIPS with99.99999%

network uptimetrack record

Effective

Industry leadingsecurity

intelligence withweekly DVLabs

updates


Simplicity Matters• Deploys in minutes• Easy-to-manage graphical user

interface• Single enterprise management

solution for NGIPS and NGFWdevices

• Set and forget security

“60% of customers deploy withrecommended settings.” – Frost & Sullivan


Effectiveness Matters

DVLabs Research & QA

2,000+ customers participating

~3,000+ independent researchers

• Over 8,100 filters of networkprotection right out of the box

• Over 3,000 securityresearchers focused onemerging threats

• Proven accuracy with no falsepositives

• Optimize network performanceand protect business criticalapplications

Note: All figures are rounded. The base year is 2012. Source: Frost & Sullivan

“0 false positives since being enabled 15 months ago.”– Sr. Network Security Engineer from Financial

Services


Term Definition

Vulnerability Security flaw in a software program

Exploit Attack on a vulnerability to:•Gain unauthorized access•Create a denial of service

Exploit Filter Stops a single exploit•Easy to produce•Typically produced due to IPS engineperformance limitations•Results in missed attacks and falsepositives

Vulnerability Filter Stops all exploits attacking thevulnerability

HP TippingPoint Vulnerability Filter

Exploit of Vulnerable Application

VulnerabilityFalse Positives

Standard IPS ExploitFilter for Exploit A

Exploit AExploit B(missed by Exploit Filter A)

HP TippingPointVulnerability

Filter


Our Zero-day Coverage Compared to Competition

Compiled from publicly verifiable data at http://www.microsoft.com/technet/security/current.aspx


Reliability Matters• 99.99999% highly reliable

NGIPS engine• Inline deployment without

affecting network performance• 2 reliable modes of deployment• Routing Active-Passive high

availability• Transparent with bypass• Resilient hardware


Thank you

Documents

HP Next-Generation Network Security Solutionsidg.bg/.../2014/...Security_Solutions_25.09.2014.pdf · HP Next-Generation Network Security Solutions Radoslav Georgiev Technical Consultant