Upload
grant-swanson
View
889
Download
0
Embed Size (px)
DESCRIPTION
Reconnex is the leader in information monitoring and protection appliances designed for any organization, including enterprises, government agencies or education institutions that want to protect their brands, maintain compliance, or protect sensitive information. A privately-held company based in Silicon Valley, Calif., Reconnex protects information for companies such as Cadence, WebEx Communications, The George Washington University, SIRVA and Maimonides Medical Center.
Citation preview
05/02/06 Reconnex Confidential
Ratinder Paul Singh Ahuja, Ph.DC.O.O & C.T.O
05/02/06 Reconnex Confidential
The ReconnexiGuard
Reconnex performs content monitoring, alerting, andforensic analysis
• Workplace Safety• Appropriate Use of
Corporate Resources
CorporateGovernance
• “Insider” Threats• Forensics• Social Engineering
CriticalInformation
Security
• IP theft• Defensibility of Trade Secrets• Competitive Intelligence
CompetitiveAdvantage
• SOX• GLBA• HIPAA
Compliance
• SB1386
Switch
05/02/06 Reconnex Confidential
Traditional Bottom UP Approach
BitsBits
PortsPorts
ProtocolsProtocols
CommunicationCommunication
• Firewalls/antivirus
• Networkintrusiondetection/protection
• Network flowtools
• limitedsessionreconstruction
05/02/06 Reconnex Confidential
The Bottom Up View:Bytes, Ports and Protocols
05/02/06 Reconnex Confidential
More Bottom Up
05/02/06 Reconnex Confidential
New Approach: Top Down
BitsBits
PortsPorts
ProtocolsProtocols
CommunicationCommunication
Objects, document Objects, document & applications& applications
WORD JPG GIF BMP TIFF C++
05/02/06 Reconnex Confidential
What Can You See? Over 150 contenttypes
E-Mail Microsoft Excel
ConfidentialDocuments
ProprietaryFormat
Microsoft PowerPoint
Schematics
Offshore Development
India Romania
Sourcecode
05/02/06 Reconnex Confidential
The ReconnexiManager
Reconnex has the ONLY Solution ThatAddresses the Known and Unknown Threats
Register — Detect — Remediate — Report
GigabitEthernet
The ReconnexiGuard
Executive Team
Off-Shore
InfoSec/IT
SignatureMatch
Finance
SalesDatabasesor Repositories
Integration Points• SIM• Storage• AD/LDAP• URL Filtering• Web & Mail Proxies
The ReconnexiController
Rule Match
Switchor Tap
“Reconnex’s forensicscapabilities are a key pieceof my compliance policy.”
CONFIDENTIAL - All RightsReservedReconnex Confidential
Reconnex Surveillance Types
• General Surveillance of all content, documentsand communications
• Document/Date/Time/Size/Watermarks/Sender/Recipient…
• Targeted Surveillance, powered by ReconnexDocument Registration
• Exact or Generic Phrases/Individuals…• “A Unique Solution to the Problem of False Positives”
• Can be operated on an ad hoc orscheduled basis
05/02/06 Reconnex Confidential
What does Reconnex iGuard do?
• Captures, classifies and stores in real time all content going in orout of a network
• Alerts are generated for policy violations in real time
• Allows for forensic searches over captured content for issues thatyou may become aware of in the future
Gigabit network
05/02/06 Reconnex Confidential
RCPE
The Reconnex Difference
Network Traffic RuleCreator
Real-TimeAlerts End User
HistoricalContent(RFS)
Content Summarization Look Up Table
Inbound capture(?)
Outbound capture
ForensicInvestigator
05/02/06 Reconnex Confidential
Why don’t other products do this?
HistoricalContent(RFS)
Content Summarization Look Up Table
ForensicInvestigator
!!Because it’s HARD!!
05/02/06 Reconnex Confidential
Easy to use Browser based access
05/02/06 Reconnex Confidential
Drill down to actual content
CONFIDENTIAL - All RightsReservedReconnex Confidential
Moments of Revelation from“Top Down” Work with Reconnex
05/02/06 Reconnex Confidential
www.reconnex.net