February 2012Page: 1February 2012Page: 1 Halo NS/CS Solution Overview February 2012 Producer of revolutionary network and Cloud security devices SafeMedia

February 2012Page: 1 February 2012Page: 1

HaloNS/CS Solution OverviewFebruary 2012

Producer of revolutionarynetwork and Cloud security devices

SafeMedia Corporation - Confidential & ProprietaryCopyright© 2011

February 2012Page: 2

Welcome and IntroductionsCurrent Security SolutionsSecurity RequirementsOverview of SafeMedia and our SolutionsTechnology OverviewCustomer BenefitsDEMO & Questions

AgendaSolving tomorrow’s network security challenges Today



SafeMedia OverviewSolving tomorrow’s network security challenges Today

• SafeMedia is the Next Generation of Intelligent IDPS Solutions

• World-class team with strong security and networking experience - Initial customer July 2009, Version 1.3

- Version 3.0 in 2011

- Founding member, and executive team consists of top-tier industry leaders

• Builds next-generation IDPS that identify 1700+ applications- Reestablishes the IDPS as the core of the enterprise network security

infrastructure

- Innovations: Non-IP Centric, Protocol Behavior, Application Behavior/Awareness, Cloud Encapsulation (EncapsulatorTM)



Emerging Network & Cloud SecurityNetwork Security of Tomorrow Today

Cloud Security Network Security

Application Security Network DLPSafeMedia Corporation - Confidential & Proprietary

Copyright© 2011


New Requirements for the IDPS

1. Identify intrusions regardless of port, protocol, evasive tactic or SSL

2. Identify users through integration points

3. Granular forensically oriented UI with real-time visibility & functionality

4. Protect in real-time against threats embedded across all 7 layers of the OSI Model

5. Up to 40 gigabit, in-line or on-tap deployment with zero latency

HaloNS/CS Next Generation IDPS



1. Minimize intrusion

2. Maintaining a balance between open networks & security controls

3. Minimize sensitive information leakage

4. Being compliant with federal & state regulations

5. Reduce remediation costs

6. Reduce overall operating costs

Top Security Challenges



Intuitive Technologies Transform the IDPS

Behavioral AnalysisAnalyzes the application and protocol behavior

Non-IP CentricNot attackable, relies on data not IP Addresses

EncapsulatorTM

Internal protection for external resources

Protocol and Application Detection and Protection Match-Makers

Protocol and Application Behavioral Pathology

Packet “DNA” Forensics

Protocol and Packet Normalization

Social-Security

87 Targeted Groups115 Variations

Cloud Security

Hybrid Cloud

Public Cloud

• Dual Vector Protection• Data Loss Prevention• Powerful – Beyond Agent Based• Granular to the end-user Protection• Encapsulates in a secured mesh• Internal protection for external assets• Hybrid cloud usage while keeping up with compliancy• Integrate with cloud management platforms

• Encapsulates in a secured mesh• Internal protection for external assets• Public cloud usage while keeping up with compliancy• Integrate with cloud API’s and management platforms

Wire-Speed Operation Not Attackable

Not Location Address

DependentSilent to Users

Non-IP Centric



SafeMedia HaloNS/CS IDPS and DLP SolutionsInnovative and comprehensive architecture

• Streamlined Distributed Architecture• Portability• Sustainability

• Dual Detection Engines• Seamless operation• Wire-speed operation

• Intelligent libraries• 87 rule groups• 45,000 rules

• Patented protocol behavior• Understand normal behavior• Captures abnormalities

• Granular drill down interface• Widget based for ease of use and

customization• Forensic drill down in seconds

Patented Kernel• Seamless software

updates• High availabilityDual Engines

• Wire speed operation• Granular cross

enterprise protectionMultiple Intelligent libraries• 45,000 rules• Dynamic rule

management87 power rule groups• Powerful streamlined

protection• Sensitive data

protectionProtocol Behavior• Understanding

normalization• Detecting

abnormalityGranular drill down interface• Widget based for

ease of use• Forensic drill down

in seconds



NS-2050Copper 1GB/Copper Bypass/2 Probes3 Ports/Fiber AdapterRemote Update/Central Reporting2TB Storage/RAID/32GB RAM

NS-2000Copper 1GB/Copper Bypass/2 Probes3 Ports/Fiber AdapterRemote Update/Central Reporting1TB Storage/RAID/16GB RAM

NS-3000Copper 10GB/Fiber Bypass/2 Probes3 Ports/Fiber AdapterRemote Update/Central Reporting4TB Storage/RAID/RAM (Configurable)

NS-1000Copper 10/100/Copper Bypass/1 Probe3 Ports/Fiber Adapter/CS CompatibleRemote Update/Central Reporting600GB Storage/RAID/16GB RAM

NS-1050Copper 10/100/Copper Bypass/1 Probe3 Ports/Fiber AdapterRemote Update/Central Reporting600GB Storage/RAID/16GB RAM

NS-500Copper 10/1003 PortsRemote Update/Central Reporting500GB Storage/8GB RAM

CS-2050Copper 10GB/Copper Bypass/2 Probes3 Ports/Fiber AdapterRemote Update/Central Reporting6TB Storage/RAID/96GB RAM

CS-2000Copper 1GB/Copper Bypass/2 Probes3 Ports/Fiber AdapterRemote Update/Central Reporting4TB Storage/RAID/64GB RAM

CS-3000 (Orchestration)Copper 10GB/Copper Bypass/2 Probes3 Ports/Fiber AdapterRemote Update/Central Reporting10TB Storage/RAID/RAM (Configurable)

SafeMedia NextGen IDPS Models


Carrier class machines are available upon request


SafeMedia Managed Services

SafeMedia’s experts perform all security management of your LAN, WAN or Cloud:• Startup configuration • Signature tuning & updates• Configuration management changes• Security event monitoring & alert advisory• Performance and availability management

Managed Service Structure:• Eliminates hardware, software or maintenance costs• Monthly, quarterly or annual fee structure

SafeMedia CorporationConfidential & Proprietary


HaloNS/CS FeaturesVisibility and control of application, end-users, content, and sensitive data compliment

core IDPS features

• Distributed architecture– Cross platform internalized protection

for internal LAN/WAN and Cloud infrastructures

• Strong networking foundation– -1 to 40bigabit throughput– On-tap/In-line capabilities– Non-IP Centric environment– Copper/Fiber bypass– Wire-speed operation

• Encapsulation(EncapsulatorTM)– Ad-Hoc VPN encoding– Internal protection for external

resources– Secure multiple resource pools with one

device– Secure internal and external resources

from a single architecture

• Unprecedented functionality– Operate at wire-speed with zero

packet loss– 45,000 rules updated every 3 hours– Real-time bandwidth monitoring

• High availability– Available in select models– Active/active, active/passive – Configuration and session

Normalization– Path, link, and HA monitoring

• Virtual systems– Establish multiple detection engines

in a single device (NS/CS-2060, NS/CS-2050, and NS/CS-2000 Series)

• Simple, flexible management

– Widget based drill down interface, with forensic insight

NS-2000

NS-2050

NS-3000

CS-3000

CS-2050

CS-2000

NS1000

NS-500

NS-1050



HaloNS/CS – Granular Widget Based UI

• Single pane of glass methodology

– Visualize your entire datacenter or Cloud security platform from one instance

• Monitor you network real-time

– Visualize you infrastructure from a grass roots level featuring granular controls and capabilities

• Manage threat levels– Visualize current threat

levels in an easy to use and manage web console

• Visualize threats– Drill down to provider,

location, reputation, and forensic layer in seconds

Visualize and drill down to the forensic level in seconds



SafeMedia HaloNS/CS IDPS and DLP SolutionsInnovative and comprehensive architecture

Granular widget based GUI

Currently 11 preprocessors & 12 legacy interfaces

Cloud Security Encapsulator® encapsulation using Ad-Hoc VPN Encoding Technology

Over 45,000+ Threat Rules Updated every 3 hours by SafeMedia’s Vulnerability Lab

Detection Technologies Utilizing Protocol Behavior Analysis & Intelligence Libraries

Dual Detection Engines with dual vectors deployed using Neural Network Technology

Tool-Chain Distributed Architecture for Portability with Embedded non-IP Kernel



HaloNS/CS – For Network and Cloud Security

The HaloNS/CS benefits• Increased network availability & performance• Substantial reduction in network interruptions• Significant reduction of false positives and a drastic increase

in false negatives• Established the foundation for network-security compliance

& legislative mandates• Reduction of remediation cost caused by malicious attacks

and unauthorized disclosure of information

Securing the assets of tomorrow - Today



SafeMedia CompetitionBeyond next generation IDPS and network DLP solutions

FirstGeneration

Today’s“Next Generation”

Packet “DNA”

Dual IPDS EnginesIntelligent “Protocol Behavior”

11 targeted preprocessorsSuch as: HTTP, FTP, TCP, UDP…

Location NetFlow AppProtocol

Vulnerability

Application Awareness

Application Vulnerability

Identity (“DNA”)

Reputation Engine

Forensic Level

SafeMedia Next Generation IDPS - HaloNS & CS

01001010 0101 1010

Alert/Drop – Drop/Alert – Alert – Drop - Configurability



DeploymentHaloNS deployed in an enterprise environment



DeploymentHaloCS deployed in an hybrid cloud environment



Innovative ArchitectureHaloCS cross platform distributed architecture



• Improve Detection & Productivity– Improved network availability and performance– Significant reduction of false positives– Reduce impact of malicious attacks – Reduce unauthorized use of bandwidth

• Reduce Disruptions– Significantly fewer network performance and availability

interruptions

• Legislative Compliance– Easier accommodation of information-security compliance

requirements

• Lower procurement & Total Cost of Ownership– Fewer, higher performing components– Investment protection by migration portability

HaloNS/CS – Value Proposition


February 2012Page: 20SafeMedia Corp.

Confidential & Proprietary

Reduce Overall Operations Cost

Drastically reduce TCO

Reduce Overhead

Expenditure

• Capital cost – replace multiple devices- Legacy firewall, IPS, URL filtering device

(e.g. proxy, secure web gateway…)

• “Hard” operational expenses- Support contracts- Subscriptions- Power and HVAC

• Save on “soft” costs too- Rack space, deployment/integration,

headcount, training, help desk calls

Drastically Reduce Capital

Expenditure

• Managed Services- Cost reduction on capital expenditure

Measuring Value in Network Security


Risk Free HaloNS EVAL Appliance

• No Purchase Order Necessary• Install HaloNS in parallel or behind your current

IPDS or Firewall• If EVAL is successful covert to purchase order• Otherwise return to SafeMedia• Conclusion: This is a NO risk!

Duration 30 days



HaloNS/CS Summary

• Questions

• DEMO

• Sign up for FREE HaloNS/CS EVAL

• Action items

• Follow-up

Thank you

Be ready for future threats now!



1. IP Address for Management Port

2. Netmask for Management

3. Gateway for Management Port

4. Static Public IP with translation for internal Management Port

5. Internal DNS Server IP Address that Management Port can Query

6. Reduce overall operating costs

7. Firewall holes for IP Address 173.**0**.**0.**0 Port 4** with translation to Management Port

8. Firewall holes for IP Address 183.**0.**0.**0 Port 4** with translation to Management Port

9. IP Range of internal LAN HaloNS will be protecting i.e. 10.0.0.0/8

Note: Advise SafeMedia if you use fixed IP’s or DHCP

If you do use DHCP, advise how you use access control to track users

HaloNS Simple Installation Requirements


Documents

February 2012Page: 1February 2012Page: 1 Halo NS/CS Solution Overview February 2012 Producer of revolutionary network and Cloud security devices SafeMedia