Guidance to Improved Information Security Sonic WALL Solutions

Скачать презентацию Guidance to Improved Information Security Sonic WALL Solutions

8d873c86715ae70a61e135a693a45501.ppt

Количество слайдов: 34

Guidance to Improved Information Security Sonic. WALL Solutions for Federal Government 8. 5. 08

Need for Internet Security Changing Nature of Attacks § § Critical infrastructures reliant on Internet § § Exploitation of application vulnerabilities Full-blown cyber “shadow” war: Systematic probing and attacks by hostile entities Dramatic increase in the speed and sophistication of blended threats § New threats, Spyware, Phishing, Wireless threats § Compounded by human factors and social engineering

NIST Guidance* Risk-Based Protection Strategies Defense-in-breadth considerations include: § Diversification of the portfolio of information technology assets within the organization; § Management of the complexity of the information systems within the organization; § Application of a balanced set of management, operational, and technical safeguards and countermeasures to organizational information systems to achieve defense-in-depth; § Detection and response to breaches of information system boundaries; Restrictions on the use of information technologies based on the risks incurred by the deployment of such technologies § * NIST Special Publication 800 -39, Oct. 2007

NIST Guidance* Diversification of Information Technology Assets § Homogeneity in hardware and software components can increase risk § Diversifying the portfolio of information technology products translates into greater difficulty in completing attacks § The degree of information technology asset diversification should be commensurate with organizational risk * NIST Special Publication 800 -39, Oct. 2007

NIST Guidance* Continuous Monitoring § § Effective information security programs should include an aggressive continuous monitoring program An effective organization-wide continuous monitoring program includes: § Configuration management and control processes for organizational information systems; § Security impact analyses of changes to the organization’s information systems § Assessment of selected security controls in the information systems § Security status reporting to appropriate organizational officials. * NIST Special Publication 800 -39, Oct. 2007

Our Solutions Address Key Security Concerns Network Security UTM Secure Content Management Secures and protects networks from viruses, Trojans, worms and other malware Prevents webbased and email-based malware from entering your network Secure Operational Continuity The ultimate back up for digital and natural disasters Global Management System An easy way to monitor, manage and report on your network

Sonic. WALL Advantages § § § Lower costs of acquisition and implementation § Company coordinates with NIST Lower total cost of ownership (TCO) Lower energy consumption appliances Reduced thermal footprint/lower temperature operations Solutions FIPS Certified or on certification track with Common Criteria

Sonic. WALL Broad Solution Suite

A Heterogeneous Security Environment Sonic. OS firmware § § Purpose-built and hardened § § § Competes with Cisco and Juniper Common Criteria certified (v 5. 0. 1 on Network Security Appliance [NSA] Series) A proven platform with 13+ years in the field and over 1 MM installations A dynamic platform with constant adaptation and refinement achieving Evaluation Assurance Level (EAL) 4+ Inclusion of devices utilizing Sonic. OS is in alignment with NIST guidance on creating a heterogeneous security environment.

Guidance to Solutions – Intrusion Prevention NIST Guidance* – § § § Signature-Based Detection Security Capabilities Information Gathering Capabilities NSA** UTM Firewalls § § 25 K signature capability § § Content Filtering Service (CFS) Unified Threat Management: Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention (GAV/IPS) GMS management and View. Point reporting § § Logging Capabilities Detection and Prevention Capabilities § § Management Multi-core specialized security microprocessors for industry-leading throughput with Load Balancing § § § FIPS 140 -2 Level 2 Encryption Application Layer Wireless IDPS * NIST Special Publication 800 -94, Feb. 2007 ** NSA = Network Security Appliance Application Layer Inspection Optional 802. 11 b/g Wireless LAN

Intrusion Prevention: Sonic. WALL Approach Hidden threats Typical User Activity Typical Network Traffic: Email Our World View Firewall View 3 2 1 Traffic = multiple packets of information DATA One Packet = Header info and Data Firewall Traffic Path HEA DER Network communication, like email, file transfers and web sessions are packetized 4

Typical Firewalls Stateful is limited Version | Service Total Sourceinspection that |can Length UDP Port only ID | Flagsports block on | Fragment Source Stateful Packet Inspection Sequence 80 Sequence 28474 2821 Syn state IP Option SYN Firewall Traffic Path Dest Port 823747 Packets go through unchecked! 65. 26. 42. 17 Source Port | Destination 212. 56. 32. 49 Protocol | IP Checksum Source IP Address Data Inspection! Destination IP Address IP Options TTL Destination No UDP Port INSPECT none

Sonic. WALL – Deep Packet Sonic. WALL Signatures Source UDP Port | | | Destination UDP Port INSPECT ATTACK-RESPONSES 14 BACKDOOR 58 BAD-TRAFFIC 15 DDOS 33 DNS 19 DOS 18 EXPLOIT >35 FINGER 13 FTP 50 ICMP 115 Instant Version 25 IMAP 16 INFO Service Total Length Messenger 7 Miscellaneous 44 MS-SQL 24 MSID Flags Fragment SQL/SMB 19 MULTIMEDIA 6 MYSQL 2 NETBIOS 25 NNTP 2 ORACLE TTL 51 POLICY 21 POP 2 4 POP 3 Protocol IP Checksum 25 P 2 P 18 RPC 124 RSERVICES Address Source IP 13 SCAN 25 SMTP 23 SNMP 17 TELNET Destination IP Address 14 TFTP 9 VIRUS 3 WEB-ATTACKS 47 WEB-CGI 312 WEB-CLIENT | | | IP Options Stateful Packet Inspection Deep Packet Inspection inspects all traffic moving through a device – 98% more inspection Firewall Traffic Path

Intrusion Prevention: Sonic. WALL Unified Threat Management § 24 x 7 Signature Updates PRO Series as In-line Threat Solution • Full L 2 -7 signaturebased inspection • Application awareness § Unified Threat Management § Wireless UTM § Internal Protection WLAN Zone User Zone § Data Center Gateway Anti-Virus § Scan through unlimited file sizes § Scan through unlimited connections § Scan over more protocols than any similar solution Anti-Spyware/Phishing for protection against malicious programs § Blocks the installation of spyware § Blocks spyware that is emailed and sent internally Applications Layer Threat Protection: § Full protection from vulnerabilities, buffer overflows, worms, blended threats Content control, application blocking for control over IM, P 2 P and other apps and SPAM RBL blocking Fully updateable with pro-active intelligence and alerting

Intrusion Prevention: Sonic. WALL Approach Behind every appliance: §Purpose Built Hardened OS §Performance tuned §First to market scalable inspection techniques §Flexible security paths §Unified Threat Management Drop §Easy to Deploy – plug/play Deep Inspection Engine PKT INSPECTION SERVICES FW IPS A/V CFS VPN FORWARDING ENGINE Other Forward Flow Queue NETWORK I/O ENGINE FLOW VECTOR BUS STREAM REASS’M BW MANAGEMENT ROUTING L 2 L 3 L 4 L 7 DEFRAG FLOW ORDER INGRESS PACKET HANDLING IKE Fast Path FLOW CLASSIFIER Rules, Identity Mgmt and Policies Unified Threat Management BW MANAGEMENT RATE LIMITER REFRAG EGRESS PACKET HANDLING

Guidance to Solutions – Wireless NIST Guidance – § § § Client Devices Access Points Wireless Bridges Sonic. WALL NSA** and TZ Series § Wireless cards and access points Configuration/change control and management includes security feature enhancements and patches Standardized configurations to reflect security policy * NIST Special Publication 800 -48 Aug. 2007 ** NSA = Network Security Appliance Secure wireless roaming § § IEEE 802. 11 a/b/g § § § Granular security policy enforcement IEEE 802. 11 a/b/g options Multiple SSID support Central management Rogue access point detection Intrusion detection, wireless firewalling, virtual access point (VAP), and content filtering

Guidance to Solutions- VPNs NIST Guidance* § Manageability § High Availability and Scalability § § § Portal Customization Authentication Encryption and Integrity Protection Access Control Endpoint Security Controls Intrusion Prevention * NIST Special Publication 800 -113, Sept. 2007 Sonic. WALL E-Class SSL-VPN § Central Reporting and Management § § High Capacity and Availability § § § Granular Access Control Tokenless Two-factor Authentication, and RSA support Mobile Device Support Endpoint Control: Client Interrogation and Session Protection

Supporting Telework § SSL-VPN can be an all-in-one solution for all user to remotely access applications Supplier s § Mobile workers, Teleworkers, Partners, Contractors SSL-VPN § Not just for laptops § Desktops, PDAs, Smartphones H Q Tele. Worker s § Integrates on existing infrastructure Mobile Users § Opens new opportunities to access applications from the field and provide better services 19 CONFIDENTIAL All Rights Reserved

Supporting Telework ü Reduces traffic congestion ü Reduces public infrastructure costs ü Reduces air pollution ü Reduces real-estate costs ü Reduces office-operations costs ü Increases employee satisfaction ü Accommodates disabilities ü Helps meet regulatory compliance ü Improves public image 20 CONFIDENTIAL All Rights Reserved

Guidance to Solutions – Email Security NIST Guidance* § Hardening the email server § Malware scanning § Spam filtering § Phishing filter § Content Filtering § Blacklist and Whitelist capabilities * NIST Special Publications SP 800 -45/114, Feb. / Nov. 2007 Sonic. WALL E-Class Email Security § § Hardened OS § § § Dual-layer Commercial Anti-Virus § § Attachment Scanning Inbound and outbound e-mail protection Anti-spam; Anti-phishing DHA, Do. S, Zombie and Other Attack Protection Group and user management Robust Policy Management Monitoring, Reporting and Log Management

Guidance to Solutions – Back-Up and Recovery NIST Guidance* § § § Ensuring that information stored on telework devices is backed up Encrypting files stored on telework devices and removable media Storage encryption * NIST Special Publication SP 800 -114, Nov. 2007 Sonic. WALL Continuous Data Protection § § § § § Desktop, Laptop, Server Backup Continuous Data Protection File Versioning Open-file Backup Policy Based Backup Active Directory Backup Site-to-Site Backup Encryption Central Administration Remote Administration

Guidance to Solutions – Security Management NIST Guidance* Sonic. WALL GMS § § Access Control § Centralized security and network management § Active monitoring of heterogeneous network : single site to thousands of distributed devices VPN deployment and configuration § § Maintenance § § System and Communications Protection § Granular filters can isolate individual users or groups § System and Information Integrity § § Active device monitoring and alerting Audit and Accountability Configuration Management Identification and Authentication * NIST Special Publication SP 800 -53, Dec. 2006 Allows for customized security polices Isolate rogue hosts on network segments

Central Management & Reporting Infrastructure Management § A powerful and intuitive tool to centrally manage, monitor, and upgrade thousands of security appliances § A configuration engine to deploy a distributed VPN network § A tool to distribute security services to security appliances § A reporting engine to provide reports and daily logs of firewall activities Security management Change Control IT Process and Control Policy Management Reporting The Sonic. WALL Global Management System delivers higher quality service to the government, builds efficiencies, and increases security, availability and performance of your security infrastructure

Global Management System Designed to provide enterprises with flexible, powerful and intuitive solution to centrally and remotely manage and rapidly deploy Sonic. WALL appliances and security policy configurations. GMS Server Management Tunnels DB Web Client

GMS Delivers Secure Compliance Enforcement • GMS Delivers Policy and Management Enforcement through: § Centralized Management (Encrypted and Authenticated) § Strong Access Control (Read, Write, etc. ) § Comprehensive Audit Trails (Monitoring, Reporting, Logging) § Dynamic Vulnerability Management (Unified Threat Management Subscriptions)

Sonic. WALL View. Point Reporting Easy-to-use Web-based reporting tool that provides administrators with insight into the health of their network including both performance and security § Intelligent and Comprehensive: To help administrators optimize security, management growth and plan for future needs, View. Point provides understanding of: § Network events § Activity of threats § Employee Internet usage § Bandwidth consumption

Sonic. WALL®, Inc. is a global and publicly held company that designs, develops, and manufactures network security, secure remote access, Web and e-mail security, data backup and recovery, and policy and management solutions.

Sonic. WALL is Financially Solid § § § Founded 1991 Publicly traded since 1999 Financially solid (over $200 million in cash) $30 million invested in research and development 2006 30% year-over-year growth

Market-leading Solutions #1 For four quarters in a row, we are the worldwide leader in units #1 Unified Threat Management For the 2 nd year in a row, we are the leader in units selling for $490 -$1, 499 in #1 We introduced our first SSL-VPN solution in Q 3’ 05 and quickly moved to the leading unit market share position in Security Appliances SSL-VPN Introduced SCM solution in Q 4’ 04 and soon became a leading Web Filtering Appliance Provider Sources: IDC Quarterly Security Appliance Tracker Q 4 2005; Infonetics Network Security Appliances and Software, Quarterly Worldwide Market Share and Forecast Q 1’ 06 #3

The Sonic. WALL Advantage §Integrated, Dedicated and Distributed Enterprise Security and Productivity Remote / Branch Office Solutions Sonic. WALL Solutions Client Solutions Management Solutions §Completely integrated gateway security §Purpose built dedicated content security §Deployment specific remote office solutions §Unique, fully integrated, distributed wireless connectivity §Ultra-high performance, first to market deep packet inspection §Dynamic, automated services and updates §Scalable enterprise management, reporting and policy control

Sonic. WALL Qualifications § § § § Enables Federal Information Security Management Act compliance Installed Base proven in the field FIPS Certifications –FIPS 140 -2, Level 2 Low cost of entry, ease of deployment, and ease of management Lower TCO GSA schedule Pricing; Made in USA Letter of Supply, Solid channel distribution

Sonic. WALL Serving Federal Govt U. S. House of Representatives