Upload
norman-bryan
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
CONFIDENTIAL All Rights Reserved2
The Business Impact
Most of your network traffic will be coming from outside the private network you are trying to secure
2001: Network Perimeter 2008: Resource Perimeter
Internal Users
Traveling Executives
Day Extenders
Employee at a Kiosk
Customer or Supplier Behind a Firewall
VOIP Users
Employee Using a Wireless Hotspot
Employee PDA User
Corporate Data Centers
Customers or Suppliers
Remote Access
External UsersCorporate Data
Centers
CONFIDENTIAL All Rights Reserved3
Fundamental Changes in Technology
Ubiquity of broadband
Proliferation of mobile devices
Rise in IP telephony
Increased teleworking
CONFIDENTIAL All Rights Reserved4
Enterprise-class Networking Drivers & Trends
4
Technology Trends
Growth in real-time applications
SaaS / Web 2.0
Virtualization of services
Data Center consolidation
Infrastructure Demands
Business DriversBusiness Drivers
Reduction in operating costs
Focus on TCO
Mobilization of the workforce
Compliance
Outsourcing growth
Gaining competitive advantage Growth in bandwidth; thirst for
unimpeded traffic routing
Integration concerns
Handling latency sensitive traffic becomes challenging – voip, collab.
De-perimeterization
The Communications Landscape Is Rapidly Evolving
CONFIDENTIAL All Rights Reserved5
Your Users are Increasingly Out of Your Control
Network Applications and Resources
Internal Users External Users
Users
Devices
Network environments
Mobility
Remote access
Home OfficeUsers
Traveling Executives
Day Extenders
Kiosks/Public Machine Users
Business Partners/ Extranet Users
VOIP Users
Wireless LAN Users
PDA & Smart Phone Users
CONFIDENTIAL All Rights Reserved6
Current Solutions Present Challenges
Lack of integration and correlation between solutions increases management overhead, complexity and cost
Lowered performance and higher false positive rate; inability to handle real-time traffic increases risk
Policy focuses on blocking ports rather than widespread inspection of applications and application threats
Solutions
Traditional Firewall
Traffic
Legacy System Access
IDS/IDPBasic Applications
Worms
Application Access
Application Layer ThreatsProxySoftware Vulnerabilities
1
2
3
CONFIDENTIAL All Rights Reserved7 CONFIDENTIAL All Rights Reserved7
Global ManagementSecure Wireless
SonicPoint GlobalManagementSystem
Content SecurityNetwork Security
Email Security & CSM
Business Continuity
Continous Data Protection
Remote Access
SSL-VPN
SonicWALL Solution Suite
CONFIDENTIAL All Rights Reserved8 CONFIDENTIAL All Rights Reserved8
worldwide customer
more than 1 million appliances
CONFIDENTIAL All Rights Reserved9 CONFIDENTIAL All Rights Reserved9
Enterprise-Products: SonicWALL E-Class
GMS (Global Management System)
Network Security Appliance E5500Network Security Appliance E6500Network Security Appliance E7500
SonicWALL Aventail EX -750SonicWALL Aventail EX-1600SonicWALL Aventail EX-2500
Email Security ES 6000Email Security ES 8000
CONFIDENTIAL All Rights Reserved10
Enterprise-class Deep Packet Inspection and Application Firewall
Revolutionary Multi-Core Performance
Threat Protection over both External and Internal Networks
Integrated Business Continuity & High Availability Features
SonicWALL NSA E-Class Series
RTDPI Engine ArchitectureRTDPI Engine ArchitectureRTDPI Engine Architecture
Re-Assembly Free Design
++Multi-Core
++Unified Threat Protection
E7500E7500 E6500E6500 E5500E5500
The SonicWALL® Network Security Appliance (NSA) Series - the first multi-core Unified Threat Management (UTM) platform that delivers enterprise-
class deep packet inspection without compromising performance
CONFIDENTIAL All Rights Reserved11
Next Generation E-Class Architecture
11
SonicWALLSolution
1. Consolidated & Integrated Security Technology
2. Inspection of Real-time & Latency Sensitive Applications/Traffic
3. Scalable & High Performing Enough to Protect Against Perimeter and Internal Network Challenges
Multi-Tiered Protection TechnologyMulti-Tiered Protection Technology
Enterprise-classRequirements
Patented Re-Assembly Free InspectionPatented Re-Assembly Free Inspection
Multi-Core High Perf. ArchitectureMulti-Core High Perf. Architecture
CONFIDENTIAL All Rights Reserved12
E-Class Features/Benefits
12
2. Ultimate Connectivity Secure IPSec Site-to-Site VPN Connectivity Exceptional User Policy Control and Access to Resources Wireless Mobility Network Availability
1. Security Integration Complete UTM Protection with Gateway Anti-Virus, Anti-Spyware and IDP Next Generation Application Firewall Content & Application Filtering “Clean VPN” Protection
3. Reliability & Optimization Highly Redundant Hardware – Power/Fans One Point of Network Control Business Application Prioritization & QoS Integrated Server Load Balancing Feature-set
4. Flexible Deployments Data Center, Campus & Department Network ApplicationsTransparent L2 Bridge Mode Integrated Wireless Switch Deployment Ease of Deployment & Management
CONFIDENTIAL All Rights Reserved13
NSA E-Class Series Overview
NSA E7500
The Ultimate in UTM, FW and VPN performance
5GB FW / 1GB UTM / 1.2 GB IPS
CPU: 16 Core 600Mhz – 9.6 Ghz of Processing Power
Interfaces: 4 Gig auto-sensing copper; 4 Gig SFP
Features: Information Center; Dual Power Supplies; Dual Redundant Fans
The NSA E Class is offered at three price points
NSA E7500
NSA E5500
NSA E6500
NSA E5500
Mid-Enterprise Performance & Value
2 GB FW / 400Mbps UTM / 550Mbps IPS
CPU: 8 Core 550Mhz – 4.4 Ghz of Processing Power
Interfaces: 8 Gig auto-sensing copper
Features: Information Center; Dual Redundant Fans
NSA E6500
Best in Class UTM, FW and VPN performance
3GB FW / 750Mbps UTM / 850Mbps IPS
CPU: 16 Core 550Mhz – 8.8 Ghz of Processing Power
Interfaces: 8 Gig auto-sensing copper
Features: Information Center: Dual Redundant Fans
NSA Feature: Application Visibility
Traditional Firewalls can only determine port and protocol
SonicWALL’s Patented RFDPI Technology provides Application Classification and Inspection
Control, Block or bandwidth limit what applications are used on a per user basis
Business RelatedBusiness RelatedNon-Business RelatedNon-Business Related
Corporate Network HTTPHTTP
TCPTCP
IMIM
EmailEmail
Permit Business Related ApplicationsPermit Business Related Applications
Block or Bandwidth limitNon-Business Related Applications
Block or Bandwidth limitNon-Business Related Applications
Internet
CONFIDENTIAL All Rights Reserved15
SonicWALL Deep Intelligence
SonicWALLUTM Appliance IT Actionable Info
Threat Information
Top VPN Users
Application Usage
BandwidthMisuse
Network TrafficEnd User Activities
HTTPFTPIM/P2PMail
VPNThreatsProtocolsAttacks
Potential Threats
Bandwidth Intelligence
VPN Reporting
Employee Net Usage
Deep Intelligence
Pro-Active Alerting
No Intelligence
Alert Your Staff
Net
wo
rk V
isib
ilit
y
SonicWALL UTM & ViewPoint Delivers Deeper Business Intelligence
Best-of-Breed Performance
“This box offers 1.3Gbps of UTM performance, which is nearly triple the speed of the fastest product in our comparative UTM test last November “
“Overall, the E7500 provides a dramatic boost in speed that makes UTM possible in enterprises needing gigabit speeds.” Joel Snyder
SonicWALL’s Performance AdvantagePatented Re-Assemble Free Deep Packet Inspection Engine (RFDPI)Multi-core architecture offers parallel processing for increased scalabilityOn-chip security co-processing and hardware acceleration
SonicWALL’s Performance AdvantagePatented Re-Assemble Free Deep Packet Inspection Engine (RFDPI)Multi-core architecture offers parallel processing for increased scalabilityOn-chip security co-processing and hardware acceleration
**Competitive data obtained from vendor datasheet.**Competitive data obtained from vendor datasheet.
CONFIDENTIAL All Rights Reserved18
IT Security Concerns
Top 5: Virus, Spyware, SPAM, Intrusion & TheftTop 5: Virus, Spyware, SPAM, Intrusion & Theft
CONFIDENTIAL All Rights Reserved19
Spam
Many messages are obviously spamMany messages are obviously spam
CONFIDENTIAL All Rights Reserved20
Is it Spam?
Other messages will be disagreed uponOther messages will be disagreed upon
CONFIDENTIAL All Rights Reserved21
Phishing
Some emails are easy to determine as phishSome emails are easy to determine as phish
CONFIDENTIAL All Rights Reserved22
Phishing?
Sometimes it is hard to tellSometimes it is hard to tell
CONFIDENTIAL All Rights Reserved23
Outbound Risks and Compliance
•U.S. Federal: HIPAA, GLBA, SOX, Sec 17a-4, NASD3010, PATRIOT Act Section 326•European: Safe Harbor, EU Data Protection Directive 95/46 •Organization: VISA CISP, MasterCard Site Data Protection Program, FERPA•State: CA SB 1386 & AB 1950 / NY Bill A04254 / IL H.B. 1633•Corporate: Prevent offensive language, add disclaimers, block files•Many more…
All organizations need to be address compliance requirementsAll organizations need to be address compliance requirements
CONFIDENTIAL All Rights Reserved24
Inbound and Outbound Threats
Threats Require Inbound and Outbound ProtectionThreats Require Inbound and Outbound Protection
CONFIDENTIAL All Rights Reserved25
Proliferation of Systems
Typical Mail Data Center
Management of Multiple Systems Becomes ComplexManagement of Multiple Systems Becomes Complex
CONFIDENTIAL All Rights Reserved27
Analyze for Bad/Good Email Patterns
Likely Virus
Bad Pattern Good Pattern50 people
… in 6 different countries
… receive a new attachment
…that has never been seen before
… within 30 minutes
40 million emails
… sent by [email protected]
… from 3 IP addresses
… in Seattle
… and never junked
Good Email
SonicWALL Analyzes Patterns
CONFIDENTIAL All Rights Reserved28
Cross Analyze Patterns with Content Evaluation and Reputation
SonicWALL Determines a Definitive Judgment – Not Just a ScoreSonicWALL Determines a Definitive Judgment – Not Just a Score
CONFIDENTIAL All Rights Reserved29
SonicWALL Email Security Stops Today’s and Tomorrow’s Threats
Threats Evolve – SonicWALL ProtectsThreats Evolve – SonicWALL Protects
CONFIDENTIAL All Rights Reserved30
SonicWALL Email Security Anti-Spam, Anti-Phishing, Anti-Virus Compliance and Policy Management Appliance and Software options Works with any email system (SMTP) Unified inbound and outbound protection Installs in < 1 Hour…managed in < 10 minutes/week For businesses from Less than 50 users to Over 5000 Users
CONFIDENTIAL All Rights Reserved31
Quick Configuration
5 Steps to Configure
Full install in < 1 hour
High availability options
CONFIDENTIAL All Rights Reserved32
Anti-Spam, Anti-Phishing, Anti-Virus
Complete protection Inbound/Outbound Spam, Virus, Phishing Zombies, DHA, DoS
Automatic updates No rules to write
Complete flexibility Per-user and per-group
CONFIDENTIAL All Rights Reserved33
Administrative and End-User Junk Box
Web-based Junk Box Search, sort, preview View all threats
1-click UnJunk Retrieves Adds to allowed list Provides feedback
Administrative, End-User
CONFIDENTIAL All Rights Reserved34
Junk Box Summary
Easy quarantine view Email summary
Configurable Frequency Specific time and day 11 languages All or just questionable
Preview and UnJunk 1-click
CONFIDENTIAL All Rights Reserved35
Email Policy & Compliance Approach
Robust tools to Identify, Monitor, and EnforceRobust tools to Identify, Monitor, and Enforce
CONFIDENTIAL All Rights Reserved36
Policy and Compliance Management
Powerful filters Search any message part Scan within attachments Check for disguised text Match against dictionaries Judgment-based policies
15 action options Bounce, quarantine, log Add disclaimers Strip attachments Etc.
Apply to specific groups LDAP-based
CONFIDENTIAL All Rights Reserved37
Email Auditing
Full email audit All good mail All bad mail Inbound Outbound
Searchable From, To, Subject Today or multi-day
Detailed information Per-recipient data Full audit trail
CONFIDENTIAL All Rights Reserved38
Reporting and Monitoring
25+ Web-based reports Dashboard, System Status Spam, Phishing, Virus Policy and Compliance Return-on-Investment
Custom reports
Emailed reports
Schedulable reports