View
1.851
Download
0
Tags:
Embed Size (px)
DESCRIPTION
IPsonar Features Aligned to ITIL v3 Processes
Citation preview
Implementing ITIL v3 Practices with
Chris Johnson, President Open Access Systems
973-838-5525
David Lennon Sr. Systems EngineerLumeta Corporation
Constantine Malaxos Director, Bus. Dev.
Lumeta Corporation [email protected]
Lumeta
ITIL v3 map http://www.oasyscorp.com/itilv3map.html
Sample RACI Matrix
One World, One Network
From Where You Stand, Can you Really See the Network Boundaries?
Defining Data Breaches
Verizon’s - 2008 DATA BREACH - INVESTIGATIONS REPORT - Four Years of Forensic Research. More than 500 Cases.
Throughout hundreds of investigations over the last four years, one theme emerges as perhaps the most consistent and widespread trend of our entire caseload. Nine out of 10 data breaches involved one of the following:
- A system unknown to the organization (or business group affected)
- A system storing data that the organization did not know existed on that system
- A system that had unknown network connections or accessibility
- A system that had unknown accounts or privileges
•We refer to these recurring situations as “unknown unknowns” and they appear to be the Achilles heel in the data protection efforts of every organization—regardless of industry, size, location, or overall security posture.
Network Discovery for Situational Awareness of
the Entire Network Infrastructure “One of the issues is we don’t
have a way of sharing and seeing the networks today in a timely
manner... We’ve got to build that situational awareness”
- LTG Alexander, Director, NSA at RSA 2009
The problem of ‘unknown, unknowns’
• Internet points of presence.
• Internet connections.
• Define & validate the perimeter
• Manage & secure entry points.
• Probe the address space.
• Prove the route of all network connections.
• Stop network “leaks” - unknown, unrestricted pathways into and/or out your network.
Back to the Future
• Lumeta Corporation is the developer of IPsonar®, the most widely deployed network discovery solution for large enterprise and government.
• Built on technology developed by the famed Bell Labs scientists that first mapped the Internet
• We’ve been using IPsonar to map the Internet every day for the past 10 years
• High-growth private company, founded late 2000
• Valuable to CIOs, CTOs, IT Security, Information Assurance and Network Management
Actionable Network Discovery Data
Pinpoint Unauthorized Connectivity Between Discovered Networks
Discover Known and Unknown Networks
Identify theNetwork Perimeter
Discover Complete Connected IP Address
Space and Accompanying Hosts
Identify Attributes of Network Devices and
Discovered Hosts
Gathering Network Data for Action
Network Discovery Host Discovery Leak DiscoveryDevice
Fingerprinting
OpenAPI
Lumeta Network Index
Interactive, Searchable
Network Maps
In-depth Reporting
Provides Automated, Comprehensive Device Discovery for IT Asset
Management
• Discover all assets across your enterprise.• Quickly profile end points and probe configurations.• Identify unknown or unmanaged devices, and bring them under management.• Obtain an accurate network baseline, and manage change.• Streamline ITAM processes & speed time-to-value with automated discovery.
Patented Leak Discovery for Data Leak Prevention
• Unknown or unauthorized connection into our out of the network are “leaks”
• Validate access control lists on perimeter devices
• Leaks provide a means to malicious or unauthorized entry across the network perimeter
• If sensitive data resides on a system that leaks to the Internet it may be exploited.
• Leak Discovery helps you stop the data leak before it happens – IPsonar’s leak discovery is true proactive data leak prevention.
• Patented –IPsonar is the only product offering network leak discovery.
• Leak Discovery is proactive – preventing a high exposure channel in the defense of sensitive data.
Network Discovery Drives Process Improvement &
Cost Efficiencies in IT Asset Management Projects• See dramatic IT Asset
Management process improvements.
• Eliminate excess cost, and drive down the cost of manual IT asset audits.
• Verify, validate, and provide assurance that your IT asset records are always up-to-date.
• Purge redundancies and identify legacy equipment that needs to be upgraded or removed.
• Automate end-point profiling, based on discovered information.
Validatethe
Assets
Updatethe
Database
Baselinethe
Network
Enables Faster Time-to-Value for IT in Mergers, Acquisitions, Divestitures
Unknown / Unmanaged Network Segments
Leak to Internet
Known / Managed Network
UndocumentedPartner
Connections
Keeps You Ahead Of Audits
With Active Device Discovery
• Enhanced Device Discovery produces reporting on Device Types, Vendors, Model Numbers, Operating System Versions and more.
• Test and Validate the location of all external connections
• Discover/Contain/remediate policy violations quickly
• View up-to-date compliance reports on Critical IT Assets
Provides Global Network Visibility for Network Change
• Provide accurate operational assessments and timelines for all IT initiatives.
• Enable rapid rollout of critical applications and processes.
• Reduce unplanned outages and compliance violations.
• Scorecard and minimize network risk.
• Improve business continuity preparation and execution.
The Cost & Number of Data Breaches are RisingSources of data breaches by percent of breachesExternal
74%
Internal 20%
Partner32%
• The average total cost per data breach incident reached US$6.65M in 2008. • External threats and lax security practices of third party connections are behind
most breaches.• In 2008, 24% of data all breaches involved an unknown network connection.• 51% data breach victims were using vendor default passwords on systems that
handle sensitive data. • More criminals breached corporate assets through default credentials than any
other single method in 2008.
Sources: http://datalossdb.org/; Ponemon Institute, “Cost Of A Data Breach”, Verizon Business, “2009 Data Breach Investigations Report”
Verizon Business, “2009 Data Breach Investigations Report”
IPsonar offers Unparalleled Network Visibility
Agent-less, Credential-lessLightweight – runs at the level of network ‘noise’.
Safe – deployed on the world’s most sensitive networks.Fast – maps the entire Internet in under 3 hours
Finds inbound and outbound “leaks”
Provides a comprehensive view of the entire routed infrastructure
Performs active probes and discovers everything that's on the network,
not just the IP range that is supplied for scanning
Provides visibility into every IP asset, host, node, and connection on the network – including non-traditional IP-enabled devices
Quick ITIL Wins Using Lumeta IPsonar • 1.) Service Strategy: IPsonar checks that financial resources are not wasted and that legacy
capacity is retired and the network perimeter meets the desired market.
• 2.) Service Strategy: Reports from IPsonar provide a solid foundation of accurate and compete network routes and assets stored in the Service Portfolio and used by all processes in decision making.
• 3.) Service Design: Continuity Management – IPsonar enables Faster Time to Value during mergers and maintains visibility into available assets and network routes.
• 4.) Service Design: Service Level Management- Users of IT under OLA’s and SLA’s are assured that their connections are as designed and are monitored for leaks.
• 5.) Service Design: Capacity Management a current and accurate network information provides the network capacity in terms of reach to maintain IT operations.
• 6.) Service Design: Availability Management - Risk due to the network leaks that can lead to breaches and loss of information and network downtime for mitigation.
• 7.) Service Design: Information Security uses IPsonar to find leaks and can provide compliance information that get added to audit reports and support the Security Policy.
• 9.) Continual Service Improvement: Lumeta Network Index is a Key Performance Indicator used to measure and quantify Risk due to the network. Scorecard is easy to understand for CEO’s.
• 10.) Continual Service Improvement: IPsonar provides a consistent set of reports on network assets, routes and leaks. All ITIL Process owners confirm that the network is as designed and can recommend improvements. Decisions and action can be made with confidence.
THANK YOU
Chris JohnsonPresident
Open Access Systems [email protected]
973-838-5525
David Lennon Sr. Systems EngineerLumeta Corporation
Constantine Malaxos Director, Bus. Dev.
Lumeta Corporation [email protected]