Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
See how a visibility architecture can help you www.ixiacom.com/solutions/network-visibility
1 "Cisco Global Cloud Index Projects Cloud Tra�c to Nearly Quadruple Representing 92 Percent of Total Data Center Tra�c by 2020" (November 2016)2 2016 DockerCon Keynote
User behavioral analysis
SecuritySystems
AnalyticsSystems
ComplianceSystems
The Fog of Security
CAN THE CISO BE EXPERT IN EVERYTHING SECURITY?
THE LAW OF LARGE NUMBERS
The CISO’s MIND MAP
The Solution?
VISIBILITY ARCHITECTURESpans all domains and correlates
responses and guidance
Securing the attack surface takes on its own complexity.
Vendors. Regulations. The Cloud. Conflicting Guidance.
Virtualization ContainersWorkload Density1
OUTSIDE THEPERIMETER
INSIDE THEPERIMETER
USER TRAINING
SECURITYMANAGEMENT
IP THEFT
Mind Map of Typical Fortune
500 CISO
Anti-virus
Hard drive encryption
Anti-exploit
Network-connected device patch management
ISO 27001 compliance
Strong password policy enforcement
Identity management/single
sign-on (SSO)
Network segmentation/trust zones
Perimeter firewall (FW), intrusion
detection system (IDS)
Incident response
Monitor and issue daily tickets
Risk assessment
Laptop hardening
Inbound email anti-spam control
Mobile phone remote
management
Laptop remote management
Social media/orphan
websites
Demilitarized zone (DMZ)
vulnerability
Data auto classification
Behavior training
Inside the perimeter: private cloud, firewalls, antivirus software, encryption, directory and authentication services, and network segmentation
Outside the traditional perimeter: public cloud services, SaaS services, smartphones, laptops, and typically most IoT
Areas which are not always emphasized: IP protection actions, such as data classification, behavior analysis, incident response, user testing, and user training
Other areas that need attention: security management, mobile applications that go directly to the cloud bypassing internal security, IoT, security, and alert management
Complexity and Conflicting Guidance
The CISO’s CHALLENGE
THREAT INTELLIGENCE
RISK AND COMPLIANCE
SECURITY OPERATIONS AND INCIDENT RESPONSE
FRAUD PREVENTION / TRANSACTION SECURITY
IDENTITY AND ACCESS MANAGEMENT
SIEM
DLP
DCAP
IAM
NGFW
IDPS
EPP
AST
WAF
CASB
Network Security
Endpoint Security
Web/Data Security
Mobile Security
Cloud Security
Industrial (IoT) Security
Messaging Security
Perimeter Security
Application Security
INDUSTRY TERMINOLOGY
EPP: Endpoint ProtectionDLP: Data Loss PreventionNGFW: Next Generation FirewallAST: Application Security Testing
SIEM: Security Information Event ManagementDCAP: Data Center Audit and ProtectionIDPS: Intrusion Detection and Protection SystemsWAF: Web Application FirewallCASB: Cloud Access Security Broker
Dockerized applications2
Containers pulled
Enterprise container growth192%
460K4B
2015 2020
7.3
11.9
© Keysight Technologies, 2017