Transcript the Presentation

Blue Coat Cloud Continuum
John Rose, Regional Account Manager
Seismic Shifts Causing Organizations to Rethink Security
EVOLVING
NETWORK
USAGE PATTERNS
NEXT-GENERATION
ENDPOINT
REVOLUTION
SHIFT TO CLOUD
APPLICATION USAGE
MODELS
© 2015 Blue Coat. All Rights Reserved. Confidential Information. Do Not Distribute.
Blue Coat Cloud Generation Security
Ensuring Safe Passage to the Cloud
SWG
CAS
Cloud API
Security
Regional
Office
Roaming
Users
Next Generation
Endpoints
Copyright © 2016 Blue Coat Systems Inc. All Rights Reserved.
3
Blue Coat Cloud Generation Security
Ensuring Safe Passage to the Cloud
SECURITY PLATFORM FOR THE CLOUD GENERATION
SSL Encryption
• Hybrid Ensures Smooth Transition (Physical, Virtual,
Cloud)
SWG
CAS
•
Protects All Devices Regardless of Form Factor
•
Delivers Architecture for Open Integration
•
Enables Advanced Threat Protection
•
Provides Integrated Cloud Security
Regional
Office
Roaming
Users
Next Generation
Endpoints
•
Application Visibility
•
Application Control
•
Cloud Data Protection
•
Protects Cloud Workloads
•
Ensures Protection Even With Encrypted Traffic
•
Incident Visibility Across Cloud and On-Premise
Interactions
•
Performance Optimization for Sanctioned Applications
Copyright © 2016 Blue Coat Systems Inc. All Rights Reserved.
4
Evolving to Deliver Cloud Generation Security
Key Requirements to Protect the Organization
Secure Transition to Cloud as it Arises
SSL Encryption
• Use the Cloud to Secure Interactions
Headquarters
/
• Provide
Visibility Into Application Usage
Data Center
• Ensure Control Over Cloud Application Usage
• Protect Data As It Interacts With The Cloud
• Dynamically Protect Workloads In The Cloud
Protect Next-Generation Endpoints
Regional
Office
• Deliver Device Agnostic Protection
Ensure Architectural Advancement
• Provide Open Environment
Roaming
Users
Next Generation
• Advanced Inspection
Endpoints On-Prem / Cloud
• DLP & Capture Capabilities On-Prem / Cloud
© 2015 Blue Coat. All Rights Reserved. Confidential Information. Do Not Distribute.
The Cloud Continuum
Customer Entry into Cloud Security
API Cloud
Integration
Data Origination
and Destination
Awareness
Anti-Malware
Engine
Full Packet Capture
Black/White Listing
Threat Forensics
File Reputation
Incident Workflow
Cipher and
Tokenization
File Prevalence
and Frequency
Network Recording
Reconstruction
Anti-Malware
(Anti-Virus)
Forensics &
Recording
PROTECTION &
SECURITY
Federated UserBased Policy
Enforcement
Data Sovereignty
Big Data
Visualization
Inline Enforcement
Based on Policy
Data Discovery and
Machine Learning
Classification
Compliance
Standards,
Reporting &
Enforcement
Encryption &
Tokenization
Real-Time
Bi-Directional DLP
Reporting &
Audit
COMPLIANCE &
GOVERNANCE
IP & URL
Filtering
Adv. Malware
(Sandbox)
Analytics &
Intelligence
Integrated Cloud
Data Analysis
Access &
Authorization
Visibility &
Discovery
Internet
Classification
Customizable
Detonation
Environments
Cloud SOC
API Cloud
Integration
Inline Policy
Enforcement
User Risk Analysis
Machine Learning
Data Algorithms
Federated Identity
Integration
Application
Identification
Library
Cloud Application
Risk Scoring
Real-Time Data
Aggregation
Granular Access
Policy for
Thousands of
Cloud Applications
Malnet &
Reputation
Machine Learning
Multi-Language
Real-Time Risk
Scoring
Real-Time
Detonation and
File Analysis
Evasion &
Obfuscation
Detection
Anomaly Detection
Data Visualization
and Compliance
Reporting
Risks Scoring
per Application
Compliance
Reporting for
Sanctioned &
Unsanctioned Apps
Federated Identity
of User Behavior
Copyright © 2016 Blue Coat Systems Inc. All Rights Reserved.
6
The Cloud Continuum
COMPLIANCE &
GOVERNANCE
PROTECTION &
SECURITY
Anti-Malware
(Anti-Virus)
IP & URL
Filtering
Adv. Malware
(Sandbox)
Forensics &
Recording
Encryption &
Tokenization
Analytics &
Intelligence
Real-Time
Bi-Directional DLP
Integrated Cloud
Data Analysis
Copyright © 2016 Blue Coat Systems Inc. All Rights Reserved.
Access &
Authorization
Reporting &
Audit
Visibility &
Discovery
7
A World of Chaos
Existing Cloud Security Model Limits Adoption
Cloud
Data Encryption
Provider
Cloud
DLP Provider
11
7
10
2
Complications of
Cloud Protection
•
Who Owns the Comprehensive
Service Level Agreements?
•
Single Pane of Glass?
•
Redundancy & HighAvailability?
•
Vendor Compatibility?
Complexity Manifested
8
9
3
Cloud
Web Gateway
Provider
12
4
6
1
Cloud
Access Control
Provider
5
Copyright © 2016 Blue Coat Systems Inc. All Rights Reserved.
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
User to Web Gateway
Web Gateway to DLP
DLP to Web Gateway
Web Gateway to Application
Application to Access Control
Access Control to Application
Application to Data Encryption
Data Encryption to Application
Application to Web Gateway
Web Gateway to DLP
DLP to Web Gateway
Web Gateway to User
8