Upload
digitallibrary
View
288
Download
0
Embed Size (px)
DESCRIPTION
Given the widespread use of mobile devices and the increasingly dynamic nature of applications, today's enterprise security must be both flexible and contextual, taking into account more than just who and what, but also when and from where and using what device over what channel and for what purpose? Learn how to integrate contextual security into your existing application delivery infrastructure through real-life customer examples and best practices.
Citation preview
Adaptive Access
Contextual Security for
Application Delivery Networks
Peter Silva, Technical Marketing Manager - F5 Networks
Bill Podborney, Dir of Information Security – Alliant Credit Union
Adaptive Access
Behavioral Based
Contextual Security for
Application Delivery Networks
Defense in Depth: A Heretic Speaks
• Problems with DiD– “Slow Down” means Latency
– Increased Complexity
– Inefficient use of Resources
– Improperly Deployed
• Real World Impact– Slows New Technology Adoption
– Not Easily Extensible
– No Mandate for Integration
Missing Pieces: Setting up Dominoes
• Identity Management isn’t sufficient
• Security Implementations are Unaware of
Applications/OS/Device/Access Method
• Security Implementations aren’t Integrated
• SOA, gadgets, widgets
• Consolidation/Virtualization (dynamic)
• NAC, NAP and Trusted Computing
• Security is seen as a Hindrance, not an Enabler
The Eye of the Storm:
…And knocking them downAccess Contexts
`
User Group
Security Based on . . .
• User
• Device
• Locality
• Integrity State
. . . At the time of Access, for
the Duration of Access.
The Eye of the Storm: And Knocking them Down
Defined by . . .
• Services Available
• Service Restrictions
• Use Policies
. . . As Compared to Context.
The Eye of the Storm: And Knocking them Down
Providing . . .
• Intelligence
• Adaptability
• Auditability
. . . For Every Access,
Every Time.Mediation
Services
Policy
Enforcement
Point
Policy
Management
Point
Interdiction
Arbitration
Enforcement
Policy
Creation
ForensicsLogging
Policy Rule Base
Real-Time Policy
Arbitration Request
Notification
Session Traffic
Session Traffic
Unified Access and Application Delivery Controller
Provisioning
Unified Access and Application
Delivery Architecture
Real-Time Policy
Arbitration Request