10 Quick Wins with ITIL Webinar
“Documented Common Sense”
June 23, 2009
Matt McKinley, Senior Network Security AnalystStonesoft
Chris Johnson, PresidentMatt O’Buck, International Account Executive
Open Access Systems Corporation [email protected]@oasyscorp.com
http://www.oasyscorp.com/itilv3map.html
RACI Matrix - Focus on Security Activities
CONTROL
EVALUATEDetect security breaches
React to the incidents
MAINTAINRecover your systems
IMPLEMENT Protect your assets
PLANIdentify the risksRevise processes & protection
Security as a Process
Virtual FWVirtual FWVirtual FWVirtual FW
1. One-step Security Management
One-step Management
Events
Traditional Device ManagementFW Mgmt IPS Mgmt Incidents
Disparate consolesLabor intensive
Manual device updatesInherent human errorSlow threat mitigation
Single management consoleCreate once, deploy everywhereAutomatic policy/rule executionReal-time accelerated response
to threats
• Create once, use everywhere configuration• Common element database
• Stores all configurations – security policies to OS settings
• Component re-use = less human errors
• Always-on management• Built-in disaster recovery
• Repository backup & task automation
• Customizable roles, rights and actions
• Simultaneous administration
2. Central Repository (Service Knowledge Database)
3. Role-based Access Control (RACI Matrix)
• One administrator can have several roles• Access control lists enable grouping of
granted objects• Support for RADIUS authentication
4. Logs & Auditing (Reports, Compliance, Access)
• Use audit logs and element meta data to find out WHAT has been changed, WHO has changed it and WHEN has this happened
5. Next Generation Policy Management
• Efficient policy management with template-based rule bases and sub-rule bases
5. Next Generation Policy Management (cont.)
• Find unusued rules, undo/redo changes, create new rules from logs• View rule hit counts (within specified time) in the policy editor• Undo/redo the changes in the policy editor• Organize your policy with the help of collapsible rule comment sections• Create new rules directly from the logs • Search matching rules quickly
• Customizable dashboards & alerting chains
• Geographic pinpointing of IP addresses
• Web portal for monitoring security from any device
6. Real-time Monitoring & Alerting(Service Operations)
7. Accelerated Incident Management(Service Operations)
• Correlated view• Real-time & historical
views• Detailed audit histories
• Powerful data mining engine
• Drag & drop log filtering• Efficient & accurate data
retrieval• Statistical event analysis
• Incident case management
• Suspect activity centrally collected
• Investigation audit trail
8. Multi-Link™ Communication (Availability & Capacity Management)
• Seamless circuit failover• Active/active
• Eliminates costly failover systems or BGP management
• Low-cost alternative to Frame Relay, MPLS
• Scalable and secure • Unlimited number & types
of connections
• Support for emerging technologies • VoIP, video conferencing
Remote Office
Corporate Headquarters
MPLSINTERNET
DSLCable Modem
DSL
8. Drop-in Active Clustering (cont.) (Availability & Capacity Management)
Firewall/VPN Cluster
• Uniquely cluster up to 16 devices
• Achieve Five Nines availability
• Zero impact to network re-configuration• No maintenance window required
• Clusters managed as “single” instance
• Clustered VPN – provides seamless failover
Node 1
33%
Node 2
33%
Node 3
33%
8. Dynamic Server Load Balancing (cont.) (Availability & Capacity Management)
• Eliminates the need for external hardware• Unlimited server load balancing
• Intelligently monitor availability & health
• Optimized traffic
• Automatic corrective actions
• Transparent server maintenance
• Automatically distribute traffic• No restrictions on number of servers or
client connections
Server Pool
Load Balancing
9. Interactive Reporting
• Enhanced customizable graphical reports • Automated generation & distribution• System auditing reports & audit trails• Comparative analysis of security policies
• No forklift upgrades – phased-in approach• Always-on connectivity technologies
• Third-party event management
• Rule-base translation tools
• Turnkey solutions delivery
• Direct support vs. tiered support• Dedicated engineers, average 6+ years
experience
• Follow the sun – Atlanta and Helsinki
• Commitment to customer success throughout organization
• Track record of technology innovation• 38 patents & 28 patents pending
10. Stonesoft – Powered by Reliability
2008 Customer Satisfaction
Results
95% OverallSatisfaction
“The superior level of support provided by Stonesoft is the benchmark we use to measure all of our other vendors.”
- National City Bank
10 Quick WinsStonesoft ITIL Win
1. One-step Security Management Single pane of glass view Improves Security Management across the entire enterprise from core to edge.
2. Central Repository Current, correlated Service Knowledge Database shares information for reporting.
3. Role-based Access Control Centrally managed information access based on roles directly implemented by the SMC.
4. Logs & Auditing Easily accessible and ensures Compliance.
5. Next Generation Policy Management Standardized policies, consistency with less administration , SLA/OLA Management, at perimeter and internal.6. Real-time Monitoring & Alerting More efficient Service Operations.
7. Accelerated Incident Management Faster Troubleshooting & Resolution; feeds a knowledge error database.
8. Patented Multi-Link Communication,
Drop-in Active Clustering, Dynamic Server Load Balancing
Guaranteed High Availability at the component and link level for reliability, to ensure Always-on Connectivity; Enhanced and Secure Data Delivery.
9. Interactive Reporting Reports for Continual Service Improvements
10. Stonesoft Reliability Easy Implementation, Reliability, Maintainability & proven long-term Serviceability.
Recommended
