Upload
julianna-hill
View
217
Download
0
Embed Size (px)
Citation preview
Taking Control of CloudSecurity
Travis Abrams
DG Technology ConsultingA Unique Perspective on Security
Consulting and Professional Services• Health
checks• Deployment
services
Strategic Partner• VAR Board
Leadership on product feedback
• Technical Advisory Board member on product enhancements
Software Vendor• MEAS-
Mainframe Event Acquisition System
Why Intel?
The Cloud Brings New Challenges
SECURITY
Increasingly sophisticated
malwareIncreased SSL-encrypted web
trafficAdvanced,
persistent threats
APPLICATIONVISIBILITY
More people & devices connecting to more applications
outside traditional network, often
without IT knowledge
FLEXIBILITY
Need to accommodate
changing business conditions
Protection needs to travel with the user and device rather than stay in the
office
4
What's holding back the cloud?
What’s holding back the cloud?
Email Authentication WebData Loss Data Loss
Intrusion Intrusion
Enterprise
MobileUsers
EnterpriseUsers
Private CloudApplications
Partners CloudVendors
Applications Customers
Public Cloud
Cloud Channels
• Identify all web applications, including shadow IT
• Enforce acceptable usage policy• Control access with SSO and multi-factor
authentication
• DLP Engine‒ Full dictionaries‒ Enforce data leakage policy
• File encryption‒ Protect data on file-sharing sites
• Identify “phone-home” behavior• Aggressive scanning of non-human
initiated requests
eP
Anti-MalwareBotnet Client
Data Leakage
Application Visibility
Content Inspection
SSL Scanning
Web Gateway Meets The Challenge
10
• Signature-based AV• Zero-day malware detection
‒ Dissect, emulate target platform environment
‒ Evaluate code behavior
• Scrutinize HTTPS traffic• Identify malware and
applications hidden in encrypted web session
• Reputation (GTI)• Geo-location (GTI)• URL categorization & filtering (GTI)• Media & file analysis
Outbound TrafficInbound Traffic
12
Malware Detection
McAfee Beats The Competition
McAfee Web Gateway
Vendor 1 Vendor 2 Vendor 3 Vendor 4
83.9
69.1
57.2
47.8
62.1
Malware Detection Rate (%)
1170 malware samples
13
McAfee Gateway Anti-Malware Engine Scanning
DISSECT
ANALYZE
EMULATE
• Unique McAfee technology
• Emulation provides real-time protection
• Most effective zero-day protection
14
Data Loss Prevention
15
Proactive Encryption
Encryption protects cloud-based files
16
Security
• Patent pending, outbound detection of botnet client phone-home behavior
• Understand difference between normal user and application-initiated requests
• Dynamically adjust proactive detection level
Block Infected Client Communications
MalwareUnsolicited download Normal responseReal user clicks link
Normal ScanningAggressive
scanning blocks malware
Normal response
Managing Cloud Environments
Managing Cloud Environments
Managing Cloud Environments
TODAY’S REALITY:More than 80% of
employees worldwide use SaaS applications without IT approval.
– Frost & Sullivan:The Hidden Truth Behind Shadow IT
www.mcafee.com/ShadowIT
23
Application Discovery
What applicationsare on your network?
How much bandwidth are they
using?
Who are the top users?
Which are blocked?
What applicationsare on your network?
How much bandwidth are they
using?
Who are the top users?
Which are blocked?
24
Web Application Controls
Enable/Disable specificapplications
Control entitlements, access, data sharing
Apply policy based on application, user, group, risk, …
26
Application Access
One Time Password
Laptop
Mobile
Internal User
SSO Launch Pad
Single Sign On
27
The Offer
• McAfee security experts will conduct a free content security risk assessment
• Deploy McAfee Web Gateway 30-day trial
• Transparently collect web traffic (including from your existing SWG vendor) and evaluate:
• Correct URL filtering/categorization• Web traffic containing known and
zero-day malware• Acceptable usage policy enforcement
– Provide you with a results report
Risk Assessment
Free Risk Assessment
Thank you!
www.McAfee.com/webprotection