Intelisys: Security, The Network, The Cloud

advertisement
Security
The Network
The Cloud
Cloud University – 12/03/14
Intelisys Confidential – Do Not Distribute to Third Parties
Schedule for Today
Welcome & Start (12 – 12:10 EST)
Polycom Update (12:10 – 12:25 EST)
Keynote: What is security? What are the typical components? What are your customers asking? (12:25 – 12:50 EST)
The news promises to get worse before it gets better. We hear about the denial-of-service attacks, security breaches, intrusion detection and
network access control when talking about cloud and network security. Every day there’s a security breach at another major retailer. Every day
companies are being probed for security vulnerabilities and weaknesses. Ray Nelson will summarize these problems and other topics to give
you a better understanding of how security can fit into your solutions sale.
Panel 1: How to Secure your Network (12:50 – 1:50 EST)
Listen to industry experts discuss how to craft and deploy a multi-layered security approach to your customers’ network design. A good security
plan is no longer just a firewall. It includes multiple layers of services to prevent and deter security breaches. Our panelists will talk about best
practices around network security, intrusion prevention, DDoS, multi-site security and other factors that go into designing a highly secured
network.
Break (1:50 – 2:00 EST)
Panel 2: Cloud Solutions: Are they more or less secure than a premise-based design? (2:00 – 3:00 EST)
Listen to our Cloud providers talk about how a Cloud solution can enhance your end-user with security benefits. Typically people think that the
Cloud is not secure. Leveraging Desktop-as-a-Service, hardened data centers, managed services and various other industry best practices, a
Cloud solution will most likely be more secure than what a customer has deployed themselves. We will discuss various Cloud solutions,
including supporting home-based workers, road warriors and wireless solutions.
Conclusion (3 – 3:15)
Intelisys Confidential – Do Not Distribute to Third Parties
Goals for Today
• Describe security and its many
components
• Understand the threats
• Understand the complexity
• Discuss how we can help your customers
Intelisys Confidential – Do Not Distribute to Third Parties
SCARY TIMES
$1.5M Monitored cyber attacks in the
US in 2013… 16856 times as year a
company is attacked.
- IBM Security Services April 2014
SMBs collectively made up more than
half of all targeted attacks at 61 percent
– up from 50 percent in 2012 – with
medium-sized (2,500+ employees)
businesses seeing the largest increase.
- Symantec Internet Security Threat Report April 2014
Intelisys Confidential – Do Not Distribute to Third Parties
THE BLOB
Intelisys Confidential – Do Not Distribute to Third Parties
M&M ‘S NO MORE
"We want our
network to be
like an M&M,
with a hard
crunchy outside
and a soft
chewy center.“
Intelisys Confidential – Do Not Distribute to Third Parties
Close-in Attack
Exploit
Active
Attacks
Passive Attacks
Phishing
Attack
Hijack Attack
Distributed
Attack
Spoof
Attack
Password
Attack
TOP 10 SECURITY THREATS – PRESENT AND FUTURE
1.
2.
3.
4.
5.
6.
7.
8.
9.
Insider Threat – Edward Snowden
Cyber attacks – Foreign Governments
Social Media – Facebook, Fantasy Football
DDOS and Botnets – Xbox Live
Consumer products – Android/iPhones
Malware
Outdated Systems – XP
Data gone AWOL – The lost laptop
Unsecure Wireless Networks – Really
The internet of things – securing the cloud
10.
Intelisys Confidential – Do Not Distribute to Third Parties
Active
Attacks
Close-in Attack
Distributed
Attack
Phishing
Attack
Password Attack
Passive Attacks
Exploit
Hijack Attack
Spoof Attack
ANATOMY OF AN ATTACK
Intelisys Confidential – Do Not Distribute to Third Parties
ANATOMY OF AN ATTACK
Intelisys Confidential – Do Not Distribute to Third Parties
ANATOMY OF AN ATTACK
Intelisys Confidential – Do Not Distribute to Third Parties
PERSONAL EXPERIENCE
• Security Breach – Poor Password policy allowed for a VPN
access issue.
•
•
•
No password policy
Senior members of organization were the worst offenders
Allowed access to all of the corporate information
• Email Spam Server – Found 2 separate customers with
issues
•
•
Poor password policy allowed for a relay server
Poor security allowed for SPAM servers on network choking is
Internet performance
•
Asked for bigger circuits, but discovered he did not need them
• Wireless Security – No security key
•
Allowed competition access to network
Intelisys Confidential – Do Not Distribute to Third Parties
HISTORY OF ACRONYMS
•
•
•
•
•
•
•
•
•
Firewall and VPN – FW/VPN
Anti-Virus and Spam Control – AV/SPAM
Intrusion Detection System - IDS
Intrusion Prevention System - IPS
Unified Threat Management - UTM
Network Admission Control – NAC
Application Control and Next Generation Firewalls – NGFW
Security Intelligence
Security as a Service - SECaaS
Intelisys Confidential – Do Not Distribute to Third Parties
AREAS WE NEED TO SECURE
•
Network
•
•
•
•
System
•
•
•
•
•
Mobile Phones
MDM
Application Control
Wireless Devices
•
•
•
Servers
Desktops
Applications
End Users – Knowledgeable Users
Mobility
•
•
•
•
Firewalls(Access Control, DDOS, UTM)
Direct Connections
VPN(Users & site-site)
Monitor
Secure
End Users
•
Behavioral – Physical surroundings, logical thought
process
Intelisys Confidential – Do Not Distribute to Third Parties
"Mobile security breaches are — and will
continue to be — the result of misconfiguration
and misuse on an app level, rather than the
outcome of deeply technical attacks on mobile
devices," said Dionisio Zumerle, principal
research analyst at Gartner. "A classic example
of misconfiguration is the misuse of personal
cloud services through apps residing on
smartphones and tablets. When used to convey
enterprise data, these apps lead to data leaks
that the organization remains unaware of for
the majority of devices." - Gartner May 2014
SECURITY AS A SERVICE
Security as a service (SECaaS) is a business model in which a large
service provider integrates their security services into a corporate
infrastructure on a subscription basis more cost effectively than most
individuals or corporations can provide on their own, when total cost of
ownership is considered. In this scenario, security is delivered as a service
from the cloud, without requiring on-premises hardware avoiding substantial
capital outlays. These security services often include authentication, antivirus, anti-malware/spyware, intrusion detection, and security event
management, among others.
Security-as-a-Service offers a number of benefits, including:
• Constant virus definition updates that are not reliant on user compliance.
• Greater security expertise than is typically available within an
organization.
• Faster user provisioning.
• Outsourcing of administrative tasks, such as log management, to save
time and money and allow an organization to devote more time to its
core competencies.
• A Web interface that allows in-house administration of some tasks as
well as a view of the security environment and on-going activities.
Intelisys Confidential – Do Not Distribute to Third Parties
THE CLOUD AND ITS MANY
BENEFITS
•
•
•
•
•
Highly secure data centers
Inherent security benefits due to multi-tenancy
Leverage the “as a Service” Model
Migration to the cloud can be a redo
Desktop as a Service and its benefits
Intelisys Confidential – Do Not Distribute to Third Parties
CONCLUSION
Questions
Intelisys Confidential – Do Not Distribute to Third Parties
Download