Upload
ploynatcha-akkaraputtipat
View
226
Download
0
Embed Size (px)
Citation preview
Powerful & ProfessionalNext Generation Protection
SANGFOR NGFW (Next Generation Firewall)
Security Cases in the Initial Years
Disk that contains the source code of Morris Worm is still held in Boston Museum of Science.
Robert Morris
Born November 8, 1965 (age 47)
Known for Morris Worm, Via web
Alias(es) RTM
Motive "to demonstrate the inadequacies of current security measures on computer networks by exploiting the security defects that Morris had discovered."
Conviction(s) United States Code: Title 18 (18 U.S.C. § 1030, the Computer Fraud and Abuse Act, March 7, 1991.
Penalty three years of probation, 400 hours of community service, a fine of $10,050, and the costs of his supervision
Conviction status
fulfilled
Occupation Professor, Massachusetts Institute of Technology,Partner, Y Combinatory
Parents Robert Morris
Residence United States
mainly focus on network layer and attack network structures.
But now, the situation is quite different.
Here are some security cases in recent years.
Security Cases in Recent Years
Security Cases in Recent Years
Have you ever read about these news
Security Cases in Recent Years
Largest data security breaches in history!
Sony PlayStation Outage
Google Gmail Attack
Attacks from the 3rd - 7th Layers
Attacks from the 3rd - 7th Layers
Traditional Approach A: FW+IPS+AV+WAF
How to defend threats from network level to application level for an enterprise?
Users
Traditional Approach A: FW+IPS+AV+WAF
FW IPS AV WAF
Applications
Data
Viruses
Trojans
Worms
High TCO Network is
too complex to manage
Unstable and not reliable
Low performance
Hackers
Weakness of UTM
• No WAF function• Low Performance• Lack of integration
“Jack of all trades, master of none”
Traditional Approach B: UTM
URLIPSAVFW
FW URL IPS AV
100%
50%
0%
Gartner’s Report about NGFW
NGFW defined by Gartner
Basic FW function
Integrated IPS
Application visibility
Intelligence FW
High performance
Gartner believes that less than 10% of Internet connections today are secured using NGFWs . We believe that by year-end 2014 this will rise to 35% of the installed base, with 60% of new purchases being NGFWs.
—— Gartner VP Greg Young
SANGFOR Released NGFW in 2009
• Contains traditional security
• Modules intelligent interaction
• Anti application layer attacks
• Bidirectional contents inspection
• Application layer high performance
Contains Traditional Security
OSI model Security Appliances
L2-L4
L5-L7
L7&
above
FW IPS
WAF
NGFW
Modules Intelligent Interaction
FW IPS WAF
Generate FW rules dynamically &Prevent all attacks from the same SourceIP.
SQL injection defense
Vulnerability defense
Attacks&
Threats
Anti Application Layer AttacksApplication Identification User Identification
Intranet
Internet
R&D Marketing
Finance 3rd party
Bidirectional Contents Inspection
Hackers
Web application server
DestroyProcess
AttackingProcess
Scanning Process
Sensitive informationinspection
Triggerthreshold
Blocking and protecting
Application Layer High Performance
Performance
1 2 3 CPU
CPU1
CPU2
CPU3
Networking Hardware I/O
FW IPS WAF
Policy layer
Network layer
Parallel Processing
Long Term Collaboration with Microsoft
http://www.microsoft.com/security/msrc/collaboration/mapppartners.aspx
Inform the vulnerability information in advance
SANGFOR generates the feature library to ensure safety
Worms or attack methods based on the Vulnerabilities
• MAPP aims to integrate global security resources by
informing the vulnerability information to
authentication security vendors, ensuring the safety
for customers.
• MAPP authentication ensure SANGFOR can provide
Proactive security protection before attacks
Vulnerabilities are discovered and published
Perfect CVE CompatibilityCommon Vulnerabilities and Exposures (CVE®) is a dictionary of common names (i.e., CVE Identifiers) for publicly known information security vulnerabilities.
CVE’s common identifiers make it easier to share data across separate network security databases and tools, and provide a baseline for evaluating the coverage of an organization’s security tools. If a report from one of your security tools incorporates CVE Identifiers, you may then quickly and accurately access fix information in one or more separate CVE-compatible databases to remediate the problem.
4-star Appraisal from OWASP
OWASP Certificate (Chinese Version)
OWASP: Open Web Application Security Project
Thank You for taking your timeto learn about SANGFOR NGFW.
For more information, please kindly visit our official website at www.sangfor.comcall our toll free number at800-830-9565or contact your local SANGFOR office in Mainland China, Hong Kong, US, UK, Singapore, Indonesia, Malaysia & Thailand.
SANGFOR: For Your Bandwidth!