Embed Size (px)
Citation preview
1
Endpoint Security ConsiderationsEndpoint Security Considerations
2
Agenda
Open NetworksPROs & CONsChallengesAlternatives
3
Open Networks are … Open
P2P applications
Wireless
Net Meeting
Instant Messenger
Internet access
Outsourcing
Wireless
Partners/Consultants
Telecommuting
Traveling Employees
Website access
Inside Outside
PE
RIM
ET
ER
4
Information Security Challenges
Know When you are Finished ?
Missing protection Security investment
not at work
Misconfiguration Solve ‘solved’ problems
again and again
Misuse/Misbehavior Tradeoff Protection
for productivity
Missing in action Chasing the unknown
What to do ?...
5
Challenge
Finished when you Stop Rogues
OpenNetworks
ValidDevice
ValidDevice
ValidDeviceValid
Device
RogueDevice
RogueDevice
6
Challenge
and…Prevent valid devices from becoming Rogues
OpenNetworks
ValidDevice
ValidDevice
ValidDeviceValid
Device
RogueDevice
RogueDevice
7
Open Network
What is a Rogue?
Gartner Vulnerabilities
Old PatchOld Patch
Recent PatchRecent Patch
New VulnerabilityNew Vulnerability
MisconfigurationMisconfiguration
Customer experience
Rogues
8
Compliance Models
Voluntary Compliance Model
Turning the crank faster doesn’t help
9
Process
Discover –missing in action
Protect
- mis-configuration,
- missing protection,
- misuse and misbehavior.
Enforce
- endpoints,
- access points
- all of the time.
Remediate – to reconnect
10
Know when you’re finished
11
Requirements
Devices – managed, unmanaged, unmanageable
Roles – educate software not people
Processes - network, security, operations
Plumbing – switches, wireless, VPN, SSL
Relentless – always, everywhere
12
Managed Unmanaged
Corporate-owned devices
Computers owned by
partners, suppliers, customers,
outsourcers, employees or public
kiosks
Network Dark Matter
rogue computers, network
infrastructure, and embedded
devices
Unmanageable
Devices
13
Educate software not people
Security policies must adapt from HQ to hotel to home to hotspot
Policies must change by role, device type, location and connection
Without transparency, CSOs must choose between good security or productive users
Adaptive PoliciesRole Device Type Network Location Policy
Executive Corporate Owned Enterprise LAN Trusted, file sharing on, full application access
Sales person Employee Owned Home wireless HI, file sharing off, IM off, print sharing off, limited application access
Outsourcer Unknown Public Internet VD, HI, SSL VPN access only and webmail only with data sanitization
15
NAC * NAP * TNC Comparison
16
Trusted Computing Group Standards
TCG –a thought leading organization working together to help enterprises ensure a trusted computing environment
Trusted Network Connect Sub-Group is creating a standard for interoperability to prevent untrustworthy devices from connecting to enterprise networks.
Leverage existing standards – current consideration- IEEE 802.1x protocol and the IETF EAP RFC 3748 protocol for
host access negotiation with network devices. - RADIUS [RFC 2865] for making access verification decisions
and defining network access privileges.
Ability to leverage the Trusted Platform Module (TPM) microchip for hardware based level of assurance.
17
Summary – Requirements
Devices – managed, unmanaged, unmanageable
Roles – educate software not people
Process – security, network, operations
Plumbing – switches, wireless, VPN, SSL
Relentless – always, everywhere
Thank you for your time
