Upload
john-leschorn
View
161
Download
3
Embed Size (px)
Citation preview
Ultra™
ULTRA™ A DEEP INSIGHT SOLUTIONS PRODUCT
INTRODUCING
Deep Insight Solutions™Proprietary
Our Proud Heritage
Started Developing Big Data Solutions in 2006…
… building advanced data fusion platforms for the Intelligence Community and US Department of Defense.
Working with Google and Yahoo, we pioneered the use of Hadoop as the Big Data platform for the U.S. Intelligence Community and Military Intelligence.
We have deployed over 100 PB of capacity around the world including Afghanistan, Iraq
and the Horn of Africa.
Deep Insight Solutions™Proprietary
Solutions Development
We have been fortunate enough to
work with some amazing people…
… and been given a chance to develop some amazing products.
2007-2012
Deployed over 65PB for US
Army Intel in first PODs
2010-2012
Engineered
FlexPod
with NetApp
2013+
300 Rack deployment for
USSOCOM,
worldwide enterprise architecture
2011-2012
Provide Security Architecture for UCS
2013
Big Data platform on Humvee, Helicopters, FOBs
The stuff we can tell you about…
Deep Insight Solutions™Proprietary
Security Architecture Design Principles
The Ultra Security Framework™ provides a flexible combination of security compliance and
operational automation.
Ultra provides comprehensive Defense in Depth security for the MapR platform.
Ultra is based on the SCAP Security Guide Project and provides NIST 800-53, FIPS 140-2 and ISO 27001
compliance.
GO
VER
NM
EN
T •NIST 800-53
•FIPS 140-2
• ISO 27001
•DISA STIG
•HIPAA
•SOX
•PCI-DSS
•GLBA
•CIP
•GXP
HEA
LTH •NIST 800-53
•FIPS 140-2
• ISO 27001
•DISA STIG
•HIPAA
•SOX
•PCI-DSS
•GLBA
•CIP
•GXPFIN
AN
CE •NIST 800-53
•FIPS 140-2
• ISO 27001
•DISA STIG
•HIPAA
•SOX
•PCI-DSS
•GLBA
•CIP
•GXP INTE
RN
ET
OF T
HIN
GS •NIST 800-53
•FIPS 140-2
• ISO 27001
•DISA STIG
•HIPAA
•SOX
•PCI-DSS
•GLBA
•CIP
•GXP
Deep Insight Solutions™Proprietary
Value Proposition
Ultra Security Compliant Framework
Build new or transform existing deployments with our advanced security compliant framework to a highly secure, managed
configuration with an 'Defense in Depth' architecture that is ready for the most demanding industry use cases.
Securing streaming data, by ensuring
proper management and governance of
the data and overall platform
infrastructure.
Open standards based software stack facilitates rapid integration
of 3rd party tools and services.
End to end role based data & application security controls.
Automated standards based hardened operating system,
services and application deployment and configuration.
INTERNET OF THINGS
FINANCEGOVERNMENT
HEALTH
A field proven framework for highly
sensitive intelligence gathering and data
analysis.
Store sensitive and regulated data locally
to maintain compliance with evolving
regulatory
Facilitates and secures high volume
streaming transactions in the most
complex regulatory environments.
Deep Insight Solutions™Proprietary
What is 'Defense in Depth'?Technical Security
Operational Security
Information System Security
The NSA definition for 'Defense in Depth' is:
“'Defense in Depth' is a practical strategy for achieving
Information Assurance in today’s highly networked
environments. It is a “best practices” strategy in that relies
on the intelligent application of techniques and
technologies that exist today. The strategy recommends a
balance between the protection capability and cost,
performance and operational considerations.”
(SCORE, 2011)
Over the years and working in conjunction with the U.S.
Intelligence community, Deep Insight Solutions engineers and
analysts have been responsible for defining, designing and
implementing the 'Defense in Depth' strategy for the world’s
most secure networked environments, including the National
Security Agency, CIA and Department of Defense military
intelligence networks.
Deep Insight Solutions™Proprietary
Technical Security
Ultra security concepts that are related to the technical security controls as described in NIST 800-53. Activities include:
Identification and Authentication
User Identification and Authentication
Device Identification and Authentication
Identifier Management
Authenticator Management
Access Control
Account Management
Access Enforcement
Information Flow Enforcement
Separation of Duties
Least Privilege
Session Controls
Permitted Actions without Id or Authentication
Security Attributes
Remote Access
Systems and Communications Protection
Application Partitioning
Shared Resources
Denial of Service Protection
Boundary Protection
Transmission Security
Single User Mode
PKI and Cryptography
Mobile Code
Protection of Information at Rest
Audit and Accountability
Auditable Events
Content of Audit Records
Audit Storage
Audit Reduction and Response
Protection of Audit Information
Time Synchronization
Deep Insight Solutions™Proprietary
Operational Security
Operational management focuses on all of the activities required to sustain an organization’s security posture on a daily basis.
Activities include:
Maintaining visible and up to date system security policies.
Automated Certification & Accreditation changes to the solution architecture. The C&A processes should provide the data to support risk management based decisions. These processes should also acknowledge that a “risk accepted by one is a risk shared by many” in an interconnected environment.
Effective management of the system security posture, including installation of security patches, virus updates, and maintaining up-to-date access control lists.
Provisioning and protection of key management services.
Performing system security assessments to assess and document the continued “Security System Readiness”.
Monitoring and reacting to current threats.
Attack sensing, warning and response.
Recovery and reconstitution.
Deep Insight Solutions™Proprietary
Information System Security
Information Assurance is required for systems Certification and Accreditation.
Activities include:
Risk Assessment
Ultra Self Risk Assessment
Vulnerability Scanning and Report Generation
Security Assessment and Authorization
Deep Insight Solutions™Proprietary
Time to Value
MapR Ultra Timeline: 1 Day
Typical Timeline: 6-12 Months
Hardware
Architecture Design
Cloud Workload Service
Requirements
Establish Compliance
Controls
Create Distributed Cloud
Environment
Deployed Compliant
Production Environment
Software
Architecture Design
Software Integration
NSA Security Architecture Framework
The MapR Ultra™ Security Compliance Framework integrates thousands of security related mitigations and enhancements to provide a turnkey, highly secure solution. The majority of our customers are standing up their platform from bare metal in the morning, and by the afternoon are bringing data into the platform, deploying
custom applications and conducting analytics without sacrificing security.
5 6 7 81 2 3 4
Deep Insight Solutions™Proprietary
Component ArchitectureP
latfo
rm O
rch
estra
tion
Application Framework for Custom Development MapR Partner Network
Commercial Engines and ApplicationsOpen Source Engines and Tools
Commodity Infrastructure
Ultra Security Compliance Framework™PKI, Secure Remote Access, LDAP, Audit Management, Host-based firewall, Unauthorized service prevention, Secure Hardened
OS, IA C&A Scanning, IA Report generation.
Custom Applications & Services
Deep Insight Solutions™Proprietary
Product Configuration and Service Options
Ultra Management Node
• Physical Appliance or Virtual Appliance
Ultra Managed Node Annual License
• Right to Use/Access to Patches and Security Update Repositories
Information Assurance Annual Subscription
• Quality Assured CVE & IAVA Updates
• 30 Days for CAT I’s, 90 days for CAT II-IV
Managed Platform Support Services Annual Subscriptions
• Tier 1 Support 8/5/5 Business Day Response
• Tier 2 Support 8/7/3 Business Day Response
• Tier 3 Support 8/7/Next Business Day Response
• Tier 3 Support 24/7/Same Day Response