Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
© Copyright 2016 Bradford Networks
Reduce Threat Containment Time to Seconds
Fortinet & Bradford Networks
Rick LeClerc, Chief Solution Architect
James Cabe, Lead Architect & Evangelist
© Copyright 2016 Bradford Networks
Agenda
MARKET TRENDS
ENTERPRISE SECURITY CHALLENGES
SOLUTION
GO-TO-MARKET
COMPANY OVERVIEW
SUMMARY
© Copyright 2016 Bradford Networks
Company Overview
Bradford Networks is leading the evolution of Network Access Control to
Security Automation & Orchestration by providing
End-to-end Visibility, Dynamic Access Control and Automated Threat Response
• Corporate: Venture Funded Private Company with HQ in Boston
• Use Cases: Onboarding, Network lockdown, NAC, Compliance, Analytics, Network Segmentation, Guest Management, Threat Response, etc.
• Deployment: Appliances, VM, Cloud
• Integration: SmartEdge Platform with REST API
• Go-To-Market: Value Added Resellers & Distributors
• Customers: 1000+ in 25+ countries
• Verticals: Finance, Healthcare, Hospitality, Retail, Education, Utilities, Gov
• Market Validation: Gartner MQ Visionary; 5 Star rating from SC Magazine
© Copyright 2016 Bradford Networks
Agenda
MARKET TRENDS
ENTERPRISE SECURITY CHALLENGES
SOLUTION
GO-TO-MARKET
COMPANY OVERVIEW
SUMMARY
© Copyright 2016 Bradford Networks
Ever Expanding Attack Surface
YOUR
BUSINESS
USERS SUPPLIERS
PARENT
COMPANY
GUESTS
PARTNERS
CONSULTANTS
BYOD
INTERNET
OF THINGS
© Copyright 2016 Bradford Networks
Tsunami of Internet of Things (IoT)
6
Good Protection
Good Context
Corporate
Moderate Protection
Moderate Context
BYOD
Limited Protection
Limited Context
Internet
Of Things
© Copyright 2016 Bradford Networks
Growing Security Concerns
TODAY 2020
NO DECLINE
1.5 MILLION
Open security positions
$6 TRILLION
Cyber crime cost
1.5 BILLION PEOPLE
Breaches will affect over
21 BILLION
Connected “things”
205 DAYS
To detect an external breach
11 MILLION
Records compromised in June 2016
6.4 BILLION
Connected “things”
1 MILLION
Open security positions
$3 TRILLION
Cyber crime cost
THE TRUE CHALLENGE = 1
UNCONTAINED THREAT
OPEN PORT
UNKNOWN DEVICE
No decline in sight
IT ONLY TAKES ONE
7 – Company Confidential –
© Copyright 2016 Bradford Networks
Budget Shifts
% of Enterprise Security Budgets Spent on Detection/Response*
2014: 10%
*Shift Cybersecurity Investment to Detection and
Response, 7 January 2016, Ayal Tiroush, Paul E. Proctor
2014
10%
60% 2020
Detection & Response
8
2020: 60%
© Copyright 2016 Bradford Networks
Agenda
MARKET TRENDS
ENTERPRISE SECURITY CHALLENGES
SOLUTION
GO-TO-MARKET
COMPANY OVERVIEW
SUMMARY
© Copyright 2016 Bradford Networks
Vulnerable Endpoints
© Copyright 2016 Bradford Networks
Threat Detection & Response
3
Months
6
Months
205 Days Median # of days attackers are present
on a victim network before detection.
THREAT UNDETECTED
Source: 2015 M-Trends Report
THREAT RESPONSE
9
Months
Detection
Breach
? Days
11
© Copyright 2016 Bradford Networks
Gap Between
SOC & NOC
Threat Containment Challenges
Silos of
Information Too Many
Security Events
© Copyright 2016 Bradford Networks
Gap between SOC & NOC
Corporate Network
1
Command & Control
Server
Internet
Switch
Compromised endpoint
attempts to call home
Callback
blocked
6
Network Operation Center
(NOC)
Security Operation Center
(SOC)
5
4
3 Review Events
Review Logs
Analyze Data
Incident Response
Contact NOC
7
Isolate/Contain Host
Switch
Long Threat
Containment
Timeline
8
9
Detect Host location
Determine Device Criticality
FortiGate
2
© Copyright 2016 Bradford Networks
Agenda
MARKET TRENDS
ENTERPRISE SECURITY CHALLENGES
SOLUTION
GO-TO-MARKET
COMPANY OVERVIEW
SUMMARY
© Copyright 2016 Bradford Networks
Network Security Technology Evolution
Evolution of NAC
NAC 1.0 Safe Onboarding
Security Automation & Orchestration NAC 2.0
BYOD
Enable Scalable On-boarding
Ensure Safe Devices
Enable Safe Network
Provisioning
Guest Management
Rapid Security Events Triage
Reduce Threat Containment
Time
15 – Company Confidential –
© Copyright 2016 Bradford Networks
Augmenting existing Security Controls
Analytics – Trending, Compliance, Forensics
• Contextual policy management • Risk assessment & mitigation • Dynamic network access control
RESULT Auto Adjusting
Controls
• Endpoints, Users, Applications • Network Infrastructure • Current & historical state
RESULT Know the Unknowns
• Rapid security events triage • Granular containment options • IR work-flow integrations
RESULT Containment
in Seconds
16 – Company Confidential –
© Copyright 2016 Bradford Networks
Firewall VPN IDS/IPS SIEM Router Switch Wireless Access Point
Vis
ibil
ity
C
on
trol
Leveraging Network Infrastructure
SNMP
CLI
SNMP
CLI
Radius
SNMP
Syslog
API
SNMP
Syslog
API
Radius SNMP
Syslog
API
SNMP
CLI
Radius
© Copyright 2016 Bradford Networks
Bradford + Fortinet
IP ADDRESS
MAC ADDRESS
LOGGED IN USER NAME
SECURITY GROUP
DEVICE TYPE AND OWNER
USER’S OTHER DEVICES
INSTALLED APPLICATIONS
OPERATING SYSTEM
WIRELESS ACCESS POINT
WIRED SWITCH PORT
CONNECTION DURATION/HISTORY
NETWORK ADAPTERS
ENDPOINT COMPLIANCE
Adding Intelligence to Security Events
© Copyright 2016 Bradford Networks
Security Alerts with Context
DEVICE
TYPES
USERS &
GROUPS
CONNECT
POINT
OS/
APPS
CONNECT
TIME
VPN
IP Address
© Copyright 2016 Bradford Networks
Automated Threat Response
Restrict
Access Execute a
Script
Context-Aware
Email/Text Click-To
Restore
Response
Cyber Security Defense
Visibility Prevention Detection
Correlation
© Copyright 2016 Bradford Networks
Integrated Offering – Data Flow
Corporate Network
Network Sentry
1
2 3
4
Command & Control
Server Internet
Switch
A compromised system
connects to the corporate
network and attempts to
call home
FortiGate
blocks
callback Fortinet FortiGate alerts Network
Sentry of the compromised system
Network Sentry correlates IP address,
user name and device details to identify
the location and isolate the device
FortiGate
© Copyright 2016 Bradford Networks
Bridging the Gap – SOC & NOC
1
Command & Control
Server
Internet
Compromised endpoint
attempts to call home
NOC
SOC
Isolate/Contain endpoint
Alerts Network Sentry of
compromised endpoint
3
4
Threat Response
Bradford Networks’
Network Sentry
Events Correlation Engine
WHO WHAT WHERE WHEN
Corporate Network
Switch
Switch
Short Threat
Containment
Time
Callback
blocked
FortiGate
2
© Copyright 2016 Bradford Networks
Agenda
MARKET TRENDS
ENTERPRISE SECURITY CHALLENGES
SOLUTION
GO-TO-MARKET
COMPANY OVERVIEW
SUMMARY
© Copyright 2016 Bradford Networks
Joint Go-to-market
• FortiGate, FortiSandbox, FortiSIEM,
• Fortinet Single Sign-On Agent
• Fabric-Ready Technology Alliance Partner Integration
• Secure Enterprise Premier (SEP) or Response (SER)
• Includes Automated Threat Response
• VM (ESXi, Hyper-V) or Appliance Network Sentry License
• FineTec, SecureSense, Atrion, Converged Networks, FutureCom, IntegraOne, IPS Networks
Mutual Channel Partners
• Luther College
• Widener University
• The Pittsburg Cultural Trust, etc. Deployed Integration
• Joint Solution Brief
• Configuration Guide
• Presentations Collateral
© Copyright 2016 Bradford Networks
Agenda
MARKET TRENDS
ENTERPRISE SECURITY CHALLENGES
SOLUTION
GO-TO-MARKET
COMPANY OVERVIEW
SUMMARY
© Copyright 2016 Bradford Networks
Gaining Market Traction
› Augments FortiGate, FortiSandbox & FortiSIEM functionality
› Highlight shift from Incident Response to Automated Threat Response
› Point to rapid adoption of BYOD and IoT – unmanaged endpoints, or endpoints without an agent
› Endpoint and network visibility for rapid triage of security events
› Granularity in containment
› Threat response automation to shorten containment time
© Copyright 2016 Bradford Networks
RETAIL HEALTHCARE/
BIOTECH FINANCIAL SERVICES
EDUCATION GOVERNMENT/
DEFENSE TECHNOLOGY UTILITIES
ENERGY INSURANCE MANUFACTURING MEDIA/
ENTERTAINMENT REAL ESTATE TRANSPORTATION HOSPITALITY
Trusted by Companies Worldwide…
27 – Company Confidential –
© Copyright 2016 Bradford Networks
Call to Action
FineTec: [email protected]
Bradford Networks: [email protected]
Fortinet: [email protected]
Resources https://www.bradfordnetworks.com/resources/network-
sentry-fortinet/
Partner Portal https://bradfordnetworks.force.com/partners/login