Upload
jad-bejjani
View
440
Download
3
Tags:
Embed Size (px)
DESCRIPTION
This slide set presents the Managed Security Services offering of Data Consult. MSS is a cloud-based subscriptional service that allows you to monitor, analyze and correlate all events happening on your network. It also allows alerts and notifications in case any suspicious activity happens on your network, and allows investigation through its forensic capabilities.
Citation preview
Services DescriptionAugust 2014
AGENDA
● Cloud:○ Own v/s Lease○ Decentralization of IT
● Security:○ Threats○ Impact and Urgency○ Cost of Breach○ Log Monitoring
● Solution○ Overview○ Architecture○ Packages
● Backup Slides
CLOUD
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Cloud : Own versus Lease
● Own the asset: you can modify it as you please
● You can sell it whenever you want
● More economical on the long run
● High Investment - Depreciation
● Lower down payment● Lower monthly payments● Lower maintenance costs● Ability to modify the
offering at any time● Ability to change asset
every year or two
● Faster time to install● No need for in-house
expertise● No rent space● Increase or decrease
capacity at will
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Cloud Services
Decrease budget and avoid vendor lock-in
Save on technology upgrades and maintenance
Lower footprint on your network
Ensure compliance to regulatory mandates.
Deploy faster and easier
Gartner defines cloud computing as “...a style of computing in which scalable and elastic IT-enabled capabilities are delivered as a service using Internet technologies.”
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Cloud: The Decentralization of IT
Hardware
On-Premises
OS
Network
Database
Tools
Application
Data
Users
Hardware
IaaS
OS
Network
Database
Tools
Application
Data
Users
Hardware
PaaS
OS
Network
Database
Tools
Application
Data
Users
Hardware
SaaS
OS
Network
Database
Tools
Application
Data
Users
SECURITY
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Network Security: Malware, Vulnerabilities, Theft
Trojan Horse
File infection
Spam email
zero-day attacks
Software vulnerabilities
OS vulnerabilities
Identify theft
Mobile Loss
Phishing
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Impact and Urgency
112
3 2
4 3 2
1
Business Process affected.
Workaround available.
Business Process stopped. Can bare
minimal delay. Very hard workaround
Business Process stopped. No work
around
Urgency
Impact
Any system minor degradation non-business critical.
<50% of users impacted
Any system degraded or partially
unavailable. >50% of users impacted
Any system unavailable.
100% of users impacted
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Cost of Breach
IBM Data Breach Statistics 2014
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Logs
ODBC
WMI
SDEE
CPMI
SNMP
syslognetflow
ssh
native FIM
Registry Monitor
custom XML-based
log /lôg läg/ - noun"a record of performance, events, or day-to-day activities"synonyms: record, register, logbook, journal, diary, chronicle, daybook, record book, ledger;
RDEP Forensics
Network Behaviour Analysis
Performance Monitoring
Asset Analytics
Configuration Management
Vulnerability Scanner
Log Management
One Solution
SOLUTIONSIEM as a Service
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Solution Overview
MSS is a Unified Security Management service that combines multiple security functions in a single console:
● SIEM (security incident and event management)
● Secure Configuration Auditing
● Compliance Automation
● Contextual Forensic Analysis
Network state and event data is collected continuously. The system deploys alert correlations schemes to identify suspicious activity that can develop into threats affecting your business.
Network data collected is compressed and encrypted to avoid network congestion and ensure maximum security of your data.
‘... customers need to examine security event data in real time for internal and external threat management, and to collect, store, analyze and report on log data for incident response, forensics, and regulatory compliance…’
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Solution Architecture
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Key Components● Full SIEM deployment with real-time security monitoring,
historical analysis and event correlation
● 24x7 security and configuration device monitoring:
IPS/Firewall/VPN/Servers/Virtual Environments; up to 160
different node types
● Customized web-portal dashboard to provide real-time
reports and statistics
● Dedicated engineering consultants to support with forensic
investigation and remediation
● Compliance and security risk reviews: PCI DSS, HIPAA,
ISO27001/27002, COBIT, NIST800-53…
● Consulting Services - Security Posture Analysis and
Recommendation
● Full Engineering and Management Services
‘...the technology provides real-time security monitoring, historical analysis, and other support for incident investigation and compliance reporting...’
© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Dashboards Online Demo:
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
MSS Summary
Low monthly subscription fees
Leverage on DataConsult’s expertise in security
Scale very easily
Ensure compliance to regulatory mandates.
Get Security Monitoring installed in minutes
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
PackagesMSS MSS1
(Reporting)MSS2
(Premium)MSSe
(Consulting)MSSe+
(Managed)
Log Collection X X X X
Event Reporting X X X X
Asset and Performance Monitoring X X X X
Daily Security Status Reports X X X X
Forensic Investigations X X X
Configuration and Asset Management X X X
Event Correlation X X X
Network Behaviour Analysis X X X
24x7 Live Alert Monitoring & Notification X X X
Monthly Health Reports X X X
Compliance Automation X X
Security Posture Analysis and Recommendation X X
Remediation and Control X
Full Engineering and Device Management X
Thank You
BACKUP SLIDES
Screen Shots
© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Critical Event per Hour
© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Denied Connections per Hour
© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Alert Configuration
© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Destination Blocking
© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Destination Protocol
© Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
User by Protocol
BACKUP SLIDES
References
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
MALicious softWARE
Cisco Annual Security Report 2014
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Vulnerabilities
Kaspersky Security Bulletin 2014
© Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Mobile Device Theft
Sophos Security Threat Report 2014