Slide 1

Download Report

Transcript Slide 1 

The New Age of Information
Security
Kimon Skarlatos
Country Manager - McAfee
July 17, 2015
McAfee-An Intel Company
Enterprise Security
CAN?
How?
McAfee-An Intel Company
2
Getting to Optimized:
The Maturity Model of Enterprise Security
REACTIVE
COMPLIANT/PROACTIVE
OPTIMIZED
(~3% of IT Budget on Security)
(~8% of IT Budget on Security)
(~4% of IT Budget on Security)
TCO
(CapEx + OpEx)
SECURITY
POSTURE
SECURITY OPTIMIZATION
McAfee-An Intel Company
3
Technology Architecture for Security
How Connected Is Your Security?
DLP
Agent
Host IPS
Agent
Antivirus
Agent
Encryption
NAC
Systems
Management
Agent
Audit
Agent
EVERY
SOLUTION HAS
AN AGENT
EVERY
AGENT HAS
A CONSOLE
EVERY
CONSOLE
REQUIRES
A SERVER
EVERY
SERVER REQUIRES
AN OS/DB
EVERY OS/DB REQUIRES
PEOPLE, MAINTENANCE,
PATCHING
WHERE DOES
IT END?
McAfee-An Intel Company
4
Technology Architecture for Security
How Connected Is Your Security?
McAfee ePO Server
(AV, DLP, NAC,
Encryption,
PA, Site Advisor)
SINGLE
AGENT
SINGLE
CONSOLE
McAfee-An Intel Company
5
Use Case: Unknown Threat
Non-Optimized Approach
!
• Notification & Analysis
• Determine Protection Status
• React
Analysis
• Monitor
Protection
Status
Vulnerable
Systems
Priority
Managed
Systems
Unmanaged
Systems
Next
Steps
Existing
Countermeasures
Exposed
Risk
AV
IPS
Manual
Scans
Ops
Team
Patch/
Updates
IPS
FW
Log
Analysis
Policy
Config
Contact
Vendor
Monitor
IPS
AV
IPS
IPS
FW
AV
AV
FW
FW
AV
McAfee-An Intel Company
6
Use Case
Unknown Threat: Optimized Approach
!
Situational
Awareness
Recommendations
Ops
Team
Patch
Policy
Config
Contact
Vendor
Monitor
McAfee-An Intel Company
7
Optimized = Value
SYSTEMS
• Hardware /
Software
• OS /
Database
ENVIRONMENTS
PROCESSES
• Virtualization
• SLA Monitoring
• Power
Management
• Training
• License
• Process
Improvements
• Maintenance
• Metrics /
Reporting
• Resource
Time/FTE Cost
• Reduced IR/
Forensics
• Legal/
Contracting
• Remediation
• Compliance/
Audit
McAfee-An Intel Company
8
Common Security Use Cases
!!
Consumerization of IT
Unknown Threat
Non-Optimized
Optimized
Non-Optimized
Advanced Persistent Threats
Optimized
Non-Optimized
Optimized
Situational
Analysis
Awareness
Protection
Status
Vulnerable
Systems
Managed
Systems
Priority
Recommendations
Unmanaged
Systems
Next
Steps
Exposed
Risk
AV
Ops
Team
Log
Analysis
Manual
Scans
Existing
Countermeasures
IPS
FW
Ops
Team
Policy
Config
Policy
Config
Patch
Patch/
Updates
Continuous Compliance
Data Protection
Contact
Vendor
Monitor
Next Generation Network Security
Contact
Vendor
Monitor
IPS
Non-Optimized
Optimized
IPS
AV
Non-Optimized
Optimized
IPS
IPS
FW
AV
Non-Optimized
AV
FW
FW
Optimized
AV
McAfee-An Intel Company
9
McAfee Security Connected
Solution Platform
NETWORK SECURITY
ENDPOINT SECURITY
Malware Protection
Device Encryption
Application Whitelisting
Desktop Firewall
Device Control
Email Protection
Network Access Control
Endpoint Web Protection
Host Intrusion Protection
Mobile Device Management
High Assurance Firewall
Network Intrusion Prevention
Network Access Control
Network Behavior Analysis
INFORMATION SECURITY
Email Security
Web Security
Data Loss Prevention
Encryption
Identity & Access Management
API and Web Services Security
Server & Database Protection
Hardware Assisted Security
Smartphone and Tablet Protection
Virtual Machine and VDI Protection
Embedded Device Protection
SECURITY MANAGEMENT
PARTNER COMMUNITY
Security Operations Mgmt
Policy Auditing & Management
Vulnerability Management
Risk Management
Compliance Management
10
Security Innovation Alliance
McAfee Connected
Global Strategic Alliance Partners
July 17, 2015
McAfee-An Intel Company
McAfee’s Open Platform for Security Risk Management
Industry Leadership to Drive Better Protection, Greater Compliance and Lower TCO
SIA Associate Partner
SIA Technology Partner
(McAfee Compatible)
Note: Partner list
growing rapidly –
inquire for current list
July 17, 2015
McAfee-An Intel Company
11
What It Takes to Make An
Organization SAFE
WHAT WE MUST KNOW…
Who Am I Dealing With
What Is the Purpose
What Data Is Accessed
Evaluate Risk
Datacenter
Continuous Monitoring
Learning and Intelligence
McAfee-An Intel Company
12
What It Takes to Make An
Organization SAFE
WHAT WE MUST KNOW…
DATA WE NEED TO EVALUATE…
Who Am I Dealing With
IP Address
DNS Server
Web Reputation
Domain(s)
What Is the Purpose
Affiliations
Web Activity
Email Address
Data Activity
What Data Is Accessed
Evaluate Risk
Network Activity
Protocol/Port
File Reputation
Mail Activity
Application
URL
Sender
Reputation
Continuous Monitoring
Learning and Intelligence
Datacenter
McAfee-An Intel Company
13
What It Takes to Make an Organization Safe
Global Threat Intelligence
Threat
Reputation
Network
IPS
Firewall
300M IPS
attacks/mo.
300M IPS
attacks/mo.
Web
Gateway
Mail
Gateway
2B Botnet
C&C IP
Reputation
Queries/mo.
20B Message
Reputation
Queries/mo.
Host AV
2.5B Malware
Reputation
Queries/mo.
.
Host IPS
300M IPS
Attacks/mo.
3rd Party
Feed
Geo location
feeds
McAfee-An Intel Company
14
McAfee Security Connected
Is Security Optimized
McAfee Pursuit of Safe
McAfee Approach:
• GTI-powered intelligence in depth
• Centralized management platform
• Extensible architecture
• Broadest set of technologies
• Flexible delivery options
Organizations with McAfee enjoy:
• Lower operational costs
• Enhanced overall security posture
• Partnership with #1 name in Security
McAfee-An Intel Company
15