Winter Gathering 2015 - Stålkontroll i nettverket

Transcript

1. 1 1 PALO ALTO NETWORKS Evry Ilsetra, Stålkontroll i nettverket

   A Whole New Way of Thinking | ©2014, Palo Alto Networks. Confidential and Proprietary. 1 [email protected]

2. 2

3. 3

4. 4 http://www.computerworld.com/category/malware-vulnerabilities/

5. 5

6. 6 Media

7. 7 And what’s needed for all these threats? Firewall Proxy

   For all, not just clients URL For all communication Anti Virus Not only for internet access, but also between devices and networks/zones? VPN Always on, with the same security and access, always User visibility and control To see who’s doing what, and control access based on users Control application access based on user Control URL access based on user Do QoS based on user IPS IPS for all traffic, related to application, always Malware Anti Spyware Not only for clients, for for everything in the network, between all zones Splunk/Arcsight/log/syslog DLP QoS Based on URL, applications and users, not only IP and port? SSL Decryption For all SSL MDM Are employees allowed to read corporate email on private devices? DoS Protection Reporting A centralized solution to cover all equipment, from all vendors Botnet detection Application awareness and control Always. Everywhere. For all ports Tufin Zero trust Architecture To get visibility, control and real security DoS Protection Unknown Malware Detection and protection For traffic, in all directions, always, without impacting the performance Zero day malware client protection EndPoint protection, capable of blocking unknowns

8. 8 Don’t Sell a Product, Sell a Whole New Way

   of Thinking We all know the story. A team creates a groundbreaking new innovation only to see it mired in internal debates. When it is eventually launched in the market, there is an initial flurry of sales to early adopters, but then sales cycles become sluggish. Pilot customers are enthusiastic, but broader adoption is slow even with customer support and training. All the pieces are in place to create “disruptive innovation” and “cross the chasm,” but the results are disappointing. What’s missing? The problem is that data, information, and value propositions are not enough to sell innovative products. We all know the saying, “I’ll believe it when I see it.” But when it comes to innovation, the truth is often “I’ll see it when I believe it.” To sell your idea to executives, buyers, and users, you have to change not only what they think, but how they think. Without the right mental model, they won’t see the problem, understand the benefits, or make the change. http://blogs.hbr.org/2014/07/dont-sell-a-product-sell-a-whole-new-way-of-thinking/

9. 10 What’s your status?  What security products are you

   using? – FW – With application awareness for all applications, on all ports, all the time, for any rule – With user awareness – IPS – AV – Anti Spyware – Modern Malware detection and protection – SSL decryption – On all SSL, or just https? – Proxy – Proxy settings, PAC script or WCCP? – URL – VPN, Always on? – NAC – For what purpose? – Logging/Reporting – QoS – Scada – Monitoring  Are you able to see what’s traversing your network? – What applications? – What threats? – Modern Malware? – For which users? – Zero day malware?  Are you able to see what’s going on between clients and servers? Servers and servers? Servers and printers? And the rest....  What about IoT? – Put them in isolated zones, because of no control.  Are you able to block the use of exploits on clients and servers?

10. 11 Customer example, 10 to 1  Just recently had

    a customer meeting, where we identified 10 security products, that could be replaced with 1 solution, Palo Alto Networks – 2 different FW vendors – 2 different client VPN solutions – 2 different proxy vendors – NAC, to verify that AV was updated – URL filtering – Centralized logging – WAN optimization  Statement from customer after all this info was on the White Board: «And, we have no control»  Was hit by Crypto Locker in October 2013  One solution: – PA-200 on ships, for security and bandwidth control on application level – PA-xxx on remote offices – PA-xxxx in HA centrally, for DC and more – Panorama – TP – URL – WildFire – GlobalProtect – Traps

11. 12 So where can we help? – Firewall projects –

    IPS projects – VPN projects – NAC projects – Proxy/URL projects – DC projects – Segmentation projects – Mobile security projects – Modern Malware projects – Local internet breakout projects – Centralized logging and reporting projects – Etc.

12. 55 WHY PALO ALTO NETWORKS Prevention Zero-Day Reduce Risk Policy

    Visibility Remediation Detection Endpoint Data Center Mobility BYOD Management Vulnerability Responsive Exploit Anti-Malware Forensics Automation Private Cloud Public Cloud Performance Scalability Platform Segmentation Applications Users Control Agile Perimeter Integrated Support Web Security Command-&-Control Virtualization Ecosystem Context Correlation Services People Culture Safe Enablement Application

13. 56