View
80
Download
3
Tags:
Embed Size (px)
Citation preview
Becoming more effective: Are you getting right alerts? Reduce false positives Reduce time to investigate Increase headcount Reduce time “maintaining tools”
Example: 40 alerts requiring investigation per day X .5 hrs/investigation / 8 hrs/day = 2.5 headcount
4
Ongoing90%
10% Software/Hardware Costs
The 90%• Apply fixes, patches,
upgrades• Downtime• Performance Tuning• Rewrite customizations• Rewrite integrations• Maintain/upgrade hardware• Power, cooling, rackspace
Microsoft's cloud-based Office 365 is the company's fastest growing commercial product ever, and adoption shows no sign of stalling. The company's cloud revenue (which included Azure and Dynamics CRM as well as Office 365) grew 128 percent in the most recent quarter compared to the same period last year, and the number of Office 365 commercial seats in use nearly doubled.
"Pretty much everyone is considering Office 365 now," says Jeffrey Mann, a research vice president at Gartner. "They are at least thinking about it, even if they don't end up adopting it. Adoption was going in fits and starts but now it is really starting to take off, and bigger companies are implementing it."
10© 2014 Critical Start LLC
The Magic Quadrant That Doesn’t Exist
Ongoing90%
• Dynamic Malware Prevention• Anti-Virus (known bad)• Data Loss Prevention• SSL Inspection• File Type Control• Browser Control
• Authentication Proxy• URL Filtering• Caching• Bandwidth Controls
11© 2014 Critical Start LLC
Flow management
Load balancers Edge firewall
SSL
Server – side SSL tunnel
Aggregation firewall
SSL
PAC File
1
2
3
28
27
26
14, 1710
15, 16Client - side SSL tunnel
SSLSandbox
6, 18
7, 12, 19, 22 2313
9, 2
18, 20
4, 5
SSL
24, 25
Web Filter
SSL
SSLSSL
11
Log files
Content Inspection
Best of Breed is Best
14© 2014 Critical Start LLC
Eliminate the Need to Backhaul Internet Traffic
VPN
Gateway(s)
MPLS
HQ
Unprotected !
MOBILE – 3G, 4G
Unprotected !
PRIVATE CLOUD | MOBILE APPS | CONSUMER CLOUDCOMMERCIAL CLOUD | PUBLIC CLOUD
BRANCH
REGIONAL HUB
BRANCH BRANCH
ON-THE-GO
HOME/HOTSPOT
15© 2014 Critical Start LLC
Close Visibility Gaps
Ongoing90%
“Less than 20% of organizations with a firewall, an intrusion prevention system (IPS) or a unified threat management (UTM) appliance decrypt inbound or outbound SSL traffic.”
Gartner
The Advent of 2048 Bit SSL Certificates
Some proxy vendors typically bypass SSL – performance overhead
Customers using SSL decryption are buying new hardware
SSL Perfo
rmance
Requirement
Banking
Enterprise
Webmail
Social Networking
SearchSS
L on
Inte
rnet
Login Transactions All
App Coverage
Perf
orm
ance
Security
1024bit
2048bit
80% Performance Drop
17© 2014 Critical Start LLC
The Future of SSL Attacks
Ongoing90%
“Gartner believes that by 2017 more than 50% of the network attacks targeting enterprises will use SSL encryption. For this majority of organizations that do not decrypt data, most lack the ability to decrypt and inspect encrypted communications to assess these threats.”
Gartner
18© 2014 Critical Start LLC
Anti-Virus and Dynamic Malware Analysis
Ongoing90%
• Dynamic Malware Prevention• Anti-Virus (known bad)• SSL Inspection• File Type Control
EXE, encrypted archive• Protection for remote laptops
19© 2014 Critical Start LLC
Tight Budgets and Few Resources
OR
Multiple appliances at everyInternet gateway All Cloud Delivered
20© 2014 Critical Start LLC
Best of Breed Requires the Expertise on Each Point Product
©2013 Zscaler, Inc. All rights reserved.
SecCon05
SecCon04
SecCon03
SecCon02
SecCon01
Operational
Operational security – minimal resources and
budget allocated
Industry Average
Use security practices that are typical for a given peer group and industry. Higher risk
tolerance.
Industry Best Practice
Use security practices that are best practice
for their industry. Lower risk tolerance.
Advanced
Goal is to detect and effectively respond to
sophisticated, targeted cyber attacks
Compliance
Security is an outcome of compliance
The real face of shadow IT is you, me and even IT. We’re being asked to solve this and to be strategic. It’s a new dynamic that we need to embrace. (big picture/words)
Business Risk is the real shadow
Balancing people, budget, and risk
tolerance
Ultimately, this is simply another business decision.
• Complex data loss prevention use cases
• Multi-vector dynamic malware• Complex proxy requirements• Regulatory constraints• Bandwidth shaping between sites• Very old NW equipment (tunnels)• I can do it better
Security budget to afford People and expertise to operate
When To Avoid Cloud Only
25© 2014 Critical Start LLC
Example Cloud ArchitectureMobile AppsConsumer Cloud
Private Cloud
Commercial Cloud
Public Cloud
On-the-go Home officeHQ Regional offices Factories Internet of things
Branches / stores Mobile