-
7/28/2019 Rangarajan P
1/15
Evolving Security Architecture in
Banks
Appnomic Managed Security Services
P Rangarajan (Ranga), Appnomic Systems
April, 20101
-
7/28/2019 Rangarajan P
2/15
Copyright 2009 Appnomic Systems Pvt. Ltd. I Confidential |
www.appnomic.com
COMPUTE
PRINT
DELETE
2
-
7/28/2019 Rangarajan P
3/15
Copyright 2009 Appnomic Systems Pvt. Ltd. I Confidential |
www.appnomic.com
Evolving Security trends
Four main pillars of most organizations:
Firewall;
Network Intrusion Prevention
Anti-Virus
Web Gateway Security Devices
New Threats; New requirements
Malware protection
Control of Privileged users
Data Leak Prevention
3
-
7/28/2019 Rangarajan P
4/15
Copyright 2009 Appnomic Systems Pvt. Ltd. I Confidential |
www.appnomic.com
Appnomic
Managed
Security
Malware &
Botnet Protection
Appnomics Managed Security Services
4
-
7/28/2019 Rangarajan P
5/15
Malware Protection
5
-
7/28/2019 Rangarajan P
6/15
Copyright 2009 Appnomic Systems Pvt. Ltd. I Confidential |
www.appnomic.com
Malware Protection Systemwhy is it important?
Antivirus, URL filters, intrusion prevention have all
been circumvented by todays threats
Microsoft Security Advisory (979352)
http://www.microsoft.com/technet/security/advisory/979352.mspx
Vulnerability in Internet Explorer Could Allow Remote Code
ExecutionPublished: January 14, 2010 | Updated: January 21,
2010
Sophisticated and
Targeted Zero-day attack
'Operation Aurora' was able to breach dozens ofmajor corporate
networks using sophisticated
techniques, such as code obfuscation and a zero-day application
vulnerability
Heartland finds malware in bank
Card payment system
Jan. 20, 2009Hannaford says malware on its servers
stole card data
Mar. 28, 2008
6
http://www.microsoft.com/technet/security/advisory/979352.mspxhttp://www.microsoft.com/technet/security/advisory/979352.mspx
-
7/28/2019 Rangarajan P
7/15 Copyright 2009 Appnomic Systems Pvt. Ltd. I Confidential |
www.appnomic.com
Malware Protection SystemReal Time solution
Zero-day, stealth malware detection
Extreme accuracy
Inbound malware forensics
Outbound callback fingerprinting MAX Network ready
Out-of-band, sideline deployment
Protects data against theft,exploitation and abuse
Enables infection analysis &remediation
Identification of previouslyinfected PCs calling out tomalicious
parties
Global malware intelligencefor more efficient analysis
7
-
7/28/2019 Rangarajan P
8/15
Privileged Password & Secure
Access Management
8
-
7/28/2019 Rangarajan P
9/15 Copyright 2009 Appnomic Systems Pvt. Ltd. I Confidential |
www.appnomic.com
Privileged UsersSecurity Issues?
LOW
MEDIUM
HIGH
PRIVILEGE RISK - ACCESS
Unlike Basic User accounts,Privileged users have no
individualassociation
Privileged Accounts have extensiveACCESS and CONTROL
Hard coded accounts and passwords
Administrative Accounts
Unix Root, Windows Admin, DBA
Accounts, Cisco Enable, Windows Domain,
etc.
Application/Service Accounts
Windows Service Accounts, Schedule Tasks,Application IDs, Batch
Jobs, Scripts, etc.
Local Admin Accounts
Desktop, Laptop, Embedded
User
Accounts
Audit & Compliance requirementsrelated to privilege
accounts
9
-
7/28/2019 Rangarajan P
10/15 Copyright 2009 Appnomic Systems Pvt. Ltd. I Confidential |
www.appnomic.com
Privileged Password & Secure Access
Management
One-point management of privileged access (ability to
control,
monitor and record user sessions of privileged accounts)
Enhanced security - elimination of hard-coded passwords
Full session capture, every mouse movement, keystroke,
recorded - VCR-like session log reply
Audit of all activities and actions compliance to SOX, PCI,
HIPAA, Basel II10
-
7/28/2019 Rangarajan P
11/15
User Behavior Monitoring & Data Leak
Prevention
11
-
7/28/2019 Rangarajan P
12/15 Copyright 2009 Appnomic Systems Pvt. Ltd. I Confidential |
www.appnomic.com
User Behavior Monitoring & Data Leak Prevention
Is your business critical data safe ?
12
-
7/28/2019 Rangarajan P
13/15 Copyright 2009 Appnomic Systems Pvt. Ltd. I Confidential |
www.appnomic.com
User Behavior Monitoring & Data Leak Prevention
Pawaa Security
Framework
Storage
DeviceEmailWeb mail
ApplicationsScreen
ShotsHTTPSPrint
CD/DVDIMFTP
WEB
USB
Scan
Encrypt
Alert
Track
Monitor
Block
Endpoint
PawaaAgent
Policy
Enforce
ment
Prevent accidental or malicious loss of business critical data
by
insiders or hackers
Real time monitoring of data transmission as per company
policies
Compliance with legal and regulatory rules
Reduced cost of investigating data loss and the cost of
rebuilding
organization's reputation
13
-
7/28/2019 Rangarajan P
14/15 Copyright 2009 Appnomic Systems Pvt. Ltd. I Confidential |
www.appnomic.com
Appnomic Systems Simplifying & Automating IT
Management
14
A specialist IT Infrastructure Management andApplication
Performance Services Provider
Certifications ISO 9001, ISO 20000-1 and ISO 27001;
follow ITIL processes
400 people strong with Core leadership team & top
executives from Tier-1 Global IT service providers
Financially strong; backed by Norwest Venture
Partners, a leading VC firm from the Bay area, CA
-
7/28/2019 Rangarajan P
15/15
Thank You
Contact us at [email protected]
www.appnomic.com
15
mailto:[email protected]:[email protected]
