EBPremisesFirewallPi..

advertisement
Premises Firewall
Common IT Security Challenges
• Does my network security protect my IT environment and
sensitive data and meet regulatory compliance?
• How do I keep my cloud based servers,
IT assets and MPLS network protected
from malicious intruders and malware?
• How can I lower or eliminate the CAPEX
and OPEX of deploying and managing
multiple firewall devices at all my
locations?
• How do I get my limited IT staff refocused on strategic revenue
generating initiatives?
2
Security & Compliance Issues are Critical
and Growing
Approximately 80 percent of
small businesses that
experience a data breach go
bankrupt or suffer severe
financial losses within two
years of a security breach.
- Small Business Computing Magazine
93% of companies that have
lost their data center for 10
days or more have filed for
bankruptcy within one year.
- U.S. National Archives and Records
Administration
3
Number of Breaches by Threat Type
Source: Verizon 2014 Data Breach Investigations Report
These Headlines Are All-Too-Common
4
April 2014:
Heartbleed
January 2014: vulnerability in
Michaels Stores Open SSL publicly
loses data on
disclosed; left more
100M
than 2M servers
December
customers (NY vulnerable to
2013: Target Times)
unencrypted data
hacked for
leaks (IBM X-Force
info on more
Threat Intelligence
than 100M
Quarterly 2014)
customers
(NY Times)
September 2014:
Home Depot
announces data
breach; 54M
credit cards were
breached (Krebs
Onsecurity blog)
September
2014: Apple
iCloud accounts
hacked for
celebrity photos
(CNN)
Cost of Security Compromises
• $5.85M - average cost of data breach in US, growing 15% over last year
(IBM/Ponemon Institute 2014)
– Average US lost business cost: $3.3M in customer turnover, increased customer
acquisition activities, reputation losses and diminished goodwill
• $148M – cost of Target breach and ousted CEO (Forbes)
• 10 hours of unplanned downtime has potential cost from $125,000 for
an SMB to as much as $17M for an enterprise firm (IDC)
$
5
How much can you afford to lose?
Concerned about protecting critical assets?
If so, consider these questions:
•
•
•
•
•
•
•
•
•
6
?
Do you have a firewall? How old is it?
Do you have VoIP traffic passing through the firewall?
Who monitors your firewall?
Do you have the time and expertise to ensure that your firewall policies
are tested to ensure effectiveness?
How are you protecting against new threats from the Internet?
How and when do you implement vulnerability and system patches?
Do you know if you any PC’s have unlicensed or unapproved software,
and how do you monitor this?
What regulatory requirements apply to your company’s handling of
data? How do you ensure compliance?
Has your company ever experienced any security breaches? What was
the impact of the breach?
Managed Security Services Benefits
Peace of Mind
– Minimize risk and protect your business’ mission-critical information
Save Money
– Lower operational costs and upfront capital expense associated with
managing, monitoring and securing your infrastructure
Make Your Life Easier
– Comply with government and industry regulations through proactive
security monitoring, documented security policies and procedures
Save Time
– Shift the burden of security management to EarthLink
– On-demand reporting provides easy access and visibility to your critical
business assets
7
Premises Firewall
Provides Unified Threat Management (UTM)
• Improves network performance by blocking data from non-approved
sites, applications and content
• Protects against theft
• Eliminates maintenance and management of customer-owned firewall
Security experts on EarthLink staff to support your business
• Protects your key business information assets 24/7
• EarthLink proactively maintains latest security patches
• Reduces need for security experts on staff
Select Premises Firewall Package to
Meet Your Needs
Managed Premises Firewall
Firewall with
Stateful Inspection
Number of Sites
Configuration backup and
restore
A firewall blocks attacks by inspecting traffic, keeping track of valid sessions across the
network and filtering traffic that looks suspect so that it cannot pass into the network.
A site can be a company location or it can be services located within a data center.
EarthLink MPLS not required.
The configuration of your security device is backed up, so that in the event of hardware
failure, the original configuration can be restored to a new device.
Basic
Package
Premium
Package
x
x
Any number
of locations
x
Any number
of locations
x
URL Filtering uses a method called Whitelist and Blacklist for filtering. A whitelist is a list of
URLs that are allowed. Conversely, a blacklist is a list of URLs that are denied.
x
Content Filtering
Allows you to choose categories of websites to block at the firewall. This feature can be
used to block or allow access to common Internet categories like Social Networking (e.g.,
Facebook, Google and MySpace)
x
Intrusion Detection
System (IDS)
IDS monitors network and/or system activities for malicious activities or policy violations
and reports them, but does not stop them.
x
Antivirus/Malware/
Spyware
Antivirus is used to prevent, detect and remove malware. Malware is software designed to
secretly access a computer system without the owner’s consent. Spyware is a type of
malware that can be installed on computers to collect small pieces of information about
users without their knowledge.
x
x
Application Control
Uses dynamic application identification engines that recognize applications based on their
behavior. By coupling application control policies with sophisticated security features, you
can achieve a more granular level of security at the individual application level or by
managing categories of applications.
URL Filtering
Premises Firewall
Basic Package
Includes:
• Firewall with stateful inspection
• NAT & PAT
Benefits:
• Keeps track of the state of network connections
• Has the ability to identify legitimate packets for different types of
connections
• Only packets matching a known active connection will be allowed
to pass through the firewall
• Rejects all other packets
• Can be customized to allow or block ports and protocols
10
Premises Firewall
Premium Package
Includes:
•
•
•
•
•
Basic Package plus…
URL Filtering (whitelist & blacklist)
Web Content Filtering
Intrusion Detection Service (IDS) and Intrusion Prevention Service (IPS)
Anti-Virus, Anti-Malware, Anti-Spyware via scanning of data streams
Benefits:
•
•
•
•
•
•
11
Specify which websites should be accessible (whitelisted) or blocked (blacklisted) at the firewall
using URL Filtering
Choose categories of websites to block or allow at the firewall such as pornography, racism & hate,
and arts & entertainment using Web Content Filtering. May also be set at category/sub-category
level allowing for more granular security control
Application Control to manage the type of applications that can access data outside the firewall.
Permit or block non-approved application categories such as chat or peer-to-peer clients to improve
productivity and protect valuable company information.
Allow specific applications to operate through the firewall using Application Control even though the
application category itself may be blocked
The ability to identify malicious content within a data stream to both log and block via IPS
The system detects, logs and blocks harmful software (malware, viruses & tracking software) from
entering network
Why EarthLink?
• Security experts to help you mitigate risks, achieve and
maintain industry compliance requirements while driving
down the total cost of securing and managing your IT
systems
• Advanced features including Application Control,
Antivirus/Malware/Spyware, Intrusion Detection System
• Personalized support from EarthLink’s IT consultants - an
extension of your IT staff
• Online portal will consistently monitor your network and
automatically open trouble tickets
12
EarthLink Managed Security Solutions
• Managed Security provides a comprehensive suite of
security services to manage and protect your network
assets
– Managed Firewall
• Managed Premises Firewall
• Data Center Firewall
– Secure Remote Access
– PCI Solutions
• PCI Protect
• PCI Assist
• PCI Certify
– Cloud Disaster Recovery
13
Download