• Home

  • Documents

  • Next Generation IT Security Synchronized Security vs. Best...
30
Next Generation IT Security Synchronized Security vs. Best-of-Breed Christoph Riese Manager Sales Engineering

Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

  • Upload
    others

  • View
    10

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Next Generation IT SecuritySynchronized Security

vs. Best-of-Breed

Christoph RieseManager Sales Engineering

Page 2: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Sophos – mehr als 30 Jahre Erfahrung

• Akquisition u.a. von Utimaco 2009, Astaro 2011, Dialogs 2012, Cyberoam 2014, Mojave 2014, Reflexion 2015, SurfRight 2015, Barricade 2016, Invincea 2017

• Gartner: Marktführer in den Bereichen Endpoint, Verschlüsselung & UTM

1985GRÜNDUNGOXFORD, UK

534.9UMSATZ(FY16)

3.000MITARBEITER

200,000+KUNDEN

100M+ANWENDER

HQABINGDON, UK

20,000+CHANNEL PARTNER

45%Enduser

50%Network

5%Other

400in DACH

Page 3: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Warum waren die Krypto-Trojanerso erfolgreich?

Page 4: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Gründe für Infektionen trotz Best-of-Breed Security

•Office-Dokumente und PDFs in E-Mails oft zugelassen

•Technologisch fortgeschrittene Schädlinge

•Hochprofessionelle Angreifer

•Geschicktes Social Engineering

• Sicherheitssysteme fehlen oderfalsch konfiguriert

• Sicherheitssysteme agierennicht als System

Page 5: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Neue Sicherheitskonzeptesind notwendig

Page 6: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Verteidigungslinie 1Gateway

Page 7: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Sicherheitsmaßnahmen am Gateway

Webfilterung

Heuristiken

Signaturbasierter Anti-Virus

Echtzeit-Signaturabgleich

Intrusion Prevention

Next Generation Sandbox

Netzwerksegmentierung

Page 8: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Verteidigungslinie 2Endpoint Protection

Page 9: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

80% 10% 5%

Angriffsfläche reduzieren

URL-Filterung

Download Reputation

Device Control

Analyse vorAusführung

Heuristiken

Regelbasiert

Signaturen

Bekannte Malware-Familien

3% 2%

Laufzeit

Verhaltens-erkennung

Exploit Erkennung

Identifizierung von Techniken

Traditionelle Malware Moderne Bedrohungen

Wo Malware am Endpoint aufgehalten wird

Page 10: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Finale VerteidigungslinieSicherheit als System

Synchronized Security

Page 11: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Synchronized Security – Teamplay statt Best-of-Breed

Analyse

Next-Gen Firewall

Wireless

Web

Email

Festplattenverschlüsselung

UTM

Dateiverschlüsselung

Endpoint

Next-Gen Endpoint

Mobile

Server

Sophos Central

Page 12: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Security Heartbeat

Synchronized Security

Page 13: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Security Heartbeat – Beispiel Vireninfektion (1)

Virus gefunden

1. Sophos Endpoint Protection oder Intercept X erkennt eine Bedrohung2. Der Sicherheitsstatus des Clients ändert sich auf rot – der Endpoint ist

momentan nicht sicher

Page 14: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Security Heartbeat – Beispiel Vireninfektion (2)

Schlüsselentfernen

3. Über den internen SecurityHeartbeat wird der Verschlüsselungsclient informiert, dass der Endpoint momentan nicht sicher ist

4. Die Schlüssel werden entfernt, damit keine Daten gestohlen werden können

Page 15: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Security Heartbeat – Beispiel Vireninfektion (3)

Client in Netzwerkquarantäne

5. Über den SecurityHeartbeat erfährt die NextGen-Firewall, dass der Endpoint nicht sicher ist6. Die NextGent-Firewall nimmt den Endpoint solange in Netzwerkquarantäne, bis die

Bedrohung beseitigt ist

Page 16: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Security Heartbeat – Botnet C&C-Verkehr erkannt

C&C Kommunikation

Schlüsselentfernen

Client in NetzwerkquarantäneProzessbeenden

Page 17: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Security Heartbeat – fehlender Heartbeat

Client in Netzwerkquarantäne

?

Page 18: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Virus gefunden

Security Heartbeat – Server Heartbeat

Server in Netzwerkquarantäne

Server

Clients

Page 19: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

1. Verdächtiger/unbekannter Traffic?

VerdächtigerEndpoint Firewall

2. Abfrage des Kontext vom Endpoint

3. Information über Applikation

Admin kann gezielte Maßnahmenergreifen (block, shape, throttle)

Security Heartbeat – ApplikationskontextInformationen und Kontrolle über unbekannte Apps

Page 20: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Synchronized Encryption

Synchronized Security

Page 21: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

SafeGuard Enterprise – Verschlüsselung überall

Zentrale

Unterwegs und zu Hause Niederlassung

Daten überall

Page 22: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Darf der User auf diese Datenzugreifen?

Ist derProzess

genau jetztvertrauens-

würdig?

Ist das Gerätgenau jetztvertrauens-

würdig?

Ablauf beim Zugriff auf verschlüsselte Daten

Page 23: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed
Page 24: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed
Page 25: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed
Page 26: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed
Page 27: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed
Page 28: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Synchronized Security – Teamplay statt Best-of-Breed

Analyse

Next-GenFirewall

Wireless

Web

Email

Festplattenverschlüsselung

UTM

Dateiverschlüsselung

Endpoint

Next-Gen Endpoint

Mobile

Server

Sophos Central

Page 29: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Synchronized Security von Sophos

• Best-of-Breed wird ersetzt durch Security als System

• Kommunikation von Netzwerk-, Endpoint-, Server-und Verschlüsselungslösungen

• Erkennung hochentwickelter Bedrohungen

• Identifizierung kompromittierter Systeme

• Automatische Reaktion auf Vorfälle

• Analyse der Infektions- und Verbreitungswege

• Kommend: Security Heartbeat Überprüfung auf WLAN-APs Security Heartbeat auf Smartphones & Tablets...

Page 30: Next Generation IT Security Synchronized Security vs. Best ...files.messe.de/abstracts/74855_HODI14_30_SophosRiese.pdf · Next Generation IT Security Synchronized Security vs. Best-of-Breed

Next-Generation Networking and Advanced Cyber Security ... · Next-Generation Networking and Advanced Cyber Security GOAL: ZERO VULNERABILITY INFRASTRUCTURE. ... Next-Generation Networking

Next-Generation Networking and Advanced Cyber Security ... · Next-Generation Networking and Advanced Cyber Security GOAL: ZERO VULNERABILITY INFRASTRUCTURE. ... Next-Generation Networking

Documents
AUTOMATING CONTENT SECURITY POLICY GENERATION

AUTOMATING CONTENT SECURITY POLICY GENERATION

Documents
Next generation security analytics

Next generation security analytics

Technology
Next Generation Security

Next Generation Security

Technology
CIO Vision: Next Generation Security - Corporate … Vision: Next Generation Security ... Coleman told the meeting this means accepting a security ... understanding what’s really

CIO Vision: Next Generation Security - Corporate … Vision: Next Generation Security ... Coleman told the meeting this means accepting a security ... understanding what’s really

Documents
Theory Generation for Security Protocols

Theory Generation for Security Protocols

Documents
Synchronized Security - ジェイズ・コミュニケー …...Sophos Security Heartbeat ウィ ジェット ソフォス ホワイトペーパー2017年 5月 6 Synchronized Security:巧妙な攻撃に先手を打つベスト・オブ・ブリードの防御システム

Synchronized Security - ジェイズ・コミュニケー …...Sophos Security Heartbeat ウィ ジェット ソフォス ホワイトペーパー2017年 5月 6 Synchronized Security:巧妙な攻撃に先手を打つベスト・オブ・ブリードの防御システム

Documents
Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Next Generation Endpoint Protection INFO... · Next-Generation Endpoint Security NEXT-GENERATION ENDPOINT SECURITY Desktop Laptop Mobile Server Virtual Embedded Data Center NEXT-GENERATION

Documents
Dell Security Next-Generation Firewalls

Dell Security Next-Generation Firewalls

Documents
Next Generation Security Solutions Next Generation Controllers January 2013

Next Generation Security Solutions Next Generation Controllers January 2013

Documents
Next Generation Managed Security Service

Next Generation Managed Security Service

Business
Next Generation Endpoint Protection · Endpoint Security NEXT GENERATION ENDPOINT PROTECTION AS AN ANTIVIRUS REPLACEMENT If you’re evaluating next-generation endpoint security solutions,

Next Generation Endpoint Protection · Endpoint Security NEXT GENERATION ENDPOINT PROTECTION AS AN ANTIVIRUS REPLACEMENT If you’re evaluating next-generation endpoint security solutions,

Documents
A Column Generation Algorithm to Solve a Synchronized Log ... · IntroductionMathematical Formulation MethodologyResultsConclusions A Column Generation Algorithm to Solve a Synchronized

A Column Generation Algorithm to Solve a Synchronized Log ... · IntroductionMathematical Formulation MethodologyResultsConclusions A Column Generation Algorithm to Solve a Synchronized

Documents
2nd Generation Car Security System.pdf

2nd Generation Car Security System.pdf

Documents
Digital Generation: Security Infographic

Digital Generation: Security Infographic

Technology
Next-Gen Synchronized Security · 2017. 12. 1. · Synchronized App Control in Action Security Heartbeat™ Synchronized App Control Unknown Application XG Firewall sees app traffic

Next-Gen Synchronized Security · 2017. 12. 1. · Synchronized App Control in Action Security Heartbeat™ Synchronized App Control Unknown Application XG Firewall sees app traffic

Documents
Cybersecurity made simple with Sophos: a comprehensive ...Security made simple. Innovative, simple, and highly - effective security solutions. Synchronized security. Security components

Cybersecurity made simple with Sophos: a comprehensive ...Security made simple. Innovative, simple, and highly - effective security solutions. Synchronized security. Security components

Documents
Anti-Virus Comparative Comparison of “Next-Generation ... of “Next-Generation” Security Products 2016 ... WildFire activation set ... Comparison of “Next-Generation” Security

Anti-Virus Comparative Comparison of “Next-Generation ... of “Next-Generation” Security Products 2016 ... WildFire activation set ... Comparison of “Next-Generation” Security

Documents
Synchronized and Business-Ready Microgrid - … · Synchronized and Business-Ready Microgrid IIC:WHT:IN22:V1.0:PB:20180426 - 3 - generation plant as necessary, and even longer for

Synchronized and Business-Ready Microgrid - … · Synchronized and Business-Ready Microgrid IIC:WHT:IN22:V1.0:PB:20180426 - 3 - generation plant as necessary, and even longer for

Documents
Next Generation Security - Cisco€¦ · Next Generation Security • Overview,page1 • NextGenerationSecurityOverHTTPSInterface,page2 • NextGenerationSecurityOverSIPInterface,page3

Next Generation Security - Cisco€¦ · Next Generation Security • Overview,page1 • NextGenerationSecurityOverHTTPSInterface,page2 • NextGenerationSecurityOverSIPInterface,page3

Documents
Next generation security by Fortinet - AVADavad.ba/.../2018/10/Fortinet-Next-generation-security.pdf · 2018-11-05 · Next generation security by Fortinet Ivan Ščavničar ±Presales

Next generation security by Fortinet - AVADavad.ba/.../2018/10/Fortinet-Next-generation-security.pdf · 2018-11-05 · Next generation security by Fortinet Ivan Ščavničar ±Presales

Documents
Cyberoam Next-Generation Security for Enterprises · PDF fileCyberoam Next-Generation Security for Enterprises ... Generation Firewall appliances for security in ... Security Appliances

Cyberoam Next-Generation Security for Enterprises · PDF fileCyberoam Next-Generation Security for Enterprises ... Generation Firewall appliances for security in ... Security Appliances

Documents
1 Name des Vortragenden Funktion des Vortragenden Synchronized Security Advanced Threat Protection neu definiert

1 Name des Vortragenden Funktion des Vortragenden Synchronized Security Advanced Threat Protection neu definiert

Documents
Discover Synchronized Security - Sophos Day Netherlands

Discover Synchronized Security - Sophos Day Netherlands

Education
Next-Generation Mobile Security

Next-Generation Mobile Security

Technology
Next Generation Security - Cisco€¦ · Next Generation Security John Tzortzakakis jtzortza@cisco.com Security Solutions Architect ... - The rest of the industry has followed due

Next Generation Security - Cisco€¦ · Next Generation Security John Tzortzakakis [email protected] Security Solutions Architect ... - The rest of the industry has followed due

Documents
Ensure outstanding visibility and synchronized remediation with … · 2020-05-15 · SYNCHRONIZED RESPONSE Built on top of existing ESET endpoint security offering, it creates a

Ensure outstanding visibility and synchronized remediation with … · 2020-05-15 · SYNCHRONIZED RESPONSE Built on top of existing ESET endpoint security offering, it creates a

Documents
Security Services for Next Generation Healthcareattdircontracts.com/Security Services/Tab10k SEC... · Security Services for Next Generation Healthcare Introduction With the passage

Security Services for Next Generation Healthcareattdircontracts.com/Security Services/Tab10k SEC... · Security Services for Next Generation Healthcare Introduction With the passage

Documents
1 Lars Putteneers Sales Engineer Synchronized Security Revolutionizing Advanced Threat Protection

1 Lars Putteneers Sales Engineer Synchronized Security Revolutionizing Advanced Threat Protection

Documents
Next Generation .NET - Security Assessment

Next Generation .NET - Security Assessment

Documents