Upload
katelynn-oates
View
213
Download
0
Tags:
Embed Size (px)
Citation preview
© 2013 Bradford Networks. All rights reserved.
Rapid Threat ResponseFrom 7 Days to 7 Seconds
Agenda
• Changing Threat Landscape• Evolution of NAC to Security Automation• Intro to Bradford Networks• Leveraging Integration and Correlation• Rapid Threat Response• Business Impact
Profile of Today’s Advanced Cyber Threats
Data Consolidation
DataExfiltration
Internal Network
Scan
PhishingEmail on End User’s Device
User’s Device Compromised
Attack surface is now 3x what is was just a few years ago.
The Enterprise Today … Dynamic, Complex
Datacenter
Network
Users
Devices
Secure
Risk
Network Access Control
Assessing the Risk of
Every User and Device
BACKDOOR
SAFESAFE
SAFE
SAFE
BLINDSPOT
Visibility
Policies
Enforcement
Network Visibility
WHO WHAT WHEN
Real-TimeVisibility
SingleNetwork Sentry
Appliance
….
LOCATION 2
LOCATION N
LOCATION 1
WHERE
VPN
Flexible Network Access Policies
WHO WHAT WHERE WHEN
TRUSTEDUSERS
TRUSTEDTIME
TRUSTEDDEVICES
TRUSTEDLOCATIONS
Policy Enforcement
IdentifyUser
AssignNetwork Access
AssessRisk
IdentifyDevice
NoAccess
GuestAccess
RestrictedAccess
UnrestrictedAccess
Endpoint Compliance
SafeConfiguration
MandatoryApplications
Required OS Patch Levels
EndpointProtection
MinimumApplication Version
VLANAssignment
DeviceRisk Assessment
Network Access Control
Gaining and Removing Network Access
Endpoint Visibility & Compliance
Threat InvestigationWorkflows
Self-ServiceOnboarding
Threat / DeviceCorrelation
Isolate Investigate Block
ConnectReassign
Reconfigure
Network Access Policies
Security Information & Event Management
Intrusion Detection Systems
Security Intelligence & Big Data Analytics
Advanced Persistent Threat Detection
Active Directory
Antivirus
PatchManagement
Mobile DeviceManagement
ApplicationWhitelisting
Visibility
TrustedConfigurations
RiskIndication
Network ChangeAutomation
Rapid Threat Response
ControlNetworkAccess
Criteria for
GainingNetwork Access
Criteria for
RemovingNetwork Access
Evolution of NAC
RapidThreat Response
Minimize Threat Think Time
ThreatInvestigation
Simplify Investigation Workflows
Consumerization/BYOD
Enable Safe Network Provisioning
EndpointCompliance
Ensure Safe Devices
Self-ServiceOnboarding
Enable Scalable Onboarding
NAC 1.0Safe Onboarding
NAC 2.0BYOD
NAC 3.0Security Automation
© 2013 Bradford Networks. All rights reserved.
Rapid Threat Response
Cyber Threat Lifecycle
AttackTo
Compromise
CompromiseTo
Detection
DetectionTo
Containment
Attack Detection ContainmentCompromise
Cyber Threat Lifecycle
Why Detection to Containment Takes 7 Days
More Records Breached
Theft
EscalatingTotal Cost
More Impact on Brand
Impact
Threats Are Targeted and Complex
FragmentedIT Skills
Silos of SecurityInformation
Too Many Security Events
Detection to Containment Time
Getting Threat Response Down to 7 Seconds
Visibility Prevention Detection Response
Cyber Security Strategy
Threat Containment Threat Intelligence
Restrict Access
Block Device
RemediateDevice
DetermineMotive
TraceMethod
UncoverMistakes
ManualAutomation7 SECONDS
Live Inventory of Network Connections (LINC)
SmartEdge Integration Platform
Leader inRapid Threat Response
Network Analytics and Forensics
About Bradford Networks
Best Buy RatingFrom SC Magazine
SmartEdge Platform
USER
DEVICE CONNECTION
TIME
NetworkFirewalls
Detection
BYOD
Endpoint Protection
SIEM
APPLICATIONS
Rapid Threat Response (RTR) Essentials …
Live Inventory of Wired, Mobile and VPN Connections
Real-Time and Flexible Control of Network Access
Business-Criticality of User and Endpoints
Integrated High Fidelity Security Alerts
Network Sentry/RTR in Action
Response
Restrict Access
ThreatContainment
7 SECONDS
Block Device
RemediateDevice
Detection
IP Address
+ User Name+ Security Group
+ Device Type+ Operating System+ Wired Adapters+ Wireless Adapters+ Installed Applications+ Network Location+ Connection Port
Business Impact with Bradford Networks
Reduce Threat Response Time From Days to Seconds
Automate Response and Reduce Burden on Security Staff
Quickly Contain Threats, Prevent Propagation
Minimize Cost , Protect Brand, Protect Assets