1) Current perimeter security approaches are expensive, resource intensive, and ultimately ineffective due to relying on dozens of disparate technologies and devices operating as "islands of security".
2) Cloud/Sec is a new cloud-based perimeter security solution that eliminates capital expenses, provides effective application-layer security for all traffic, and reduces the burden on IT staff.
3) Cloud/Sec delivers superior visibility, threat management, and access control through a single unified interface and requires no hardware investments.
Take control of your SAP testing with UiPath Test Suite
Bat Blue Cloud Sec Presentation 4
1. Security “in-the-Cloud”
Getting Past the fluff and into the Cloud
Presented by: Babak Pasdar
President & CEO
Bat Blue Corporation
Cloud/Sec
Board Member:
2. * Security Goals:
Maintain the integrity, privacy and
availability of organizational systems
and data.
* Perimeter Security Challenges
The current approach to Perimeter security is...
...Expensive
...Resource intensive
…Ultimately ineffective
Cloud/Sec
3. * Perimeter Security Challenges - Expensive
The Current Approach to Perimeter Security
Demands...
...Dozens of Disparate Technologies
Firewalls, IPS, Proxy, URL-Filter, Anti-Virus, Anti-
Spyware, VPN (SSL/IPSec), Web App Firewalls, Load
Balancers, SIMs, etc...
...Multitude (24+) of Devices
Cloud/Sec
This translates to initial capital costs of...
...$75K - $100K+ for a small site
...$250K - $500K for a medium site or dot com
...$750k - $Millions for a large site
4. * Security Challenges - Resource Intensive
Dozens of Technologies & 24+ Devices...
...Require extremely complex & expensive
implementations
...Drive hundreds of direct and indirect
integration points forcing complicated
troubleshooting
...Requires managing dozens of disparate
policy sets quite often by disparate
resources
...Operate as “Islands of Security” without
an integrated operational mode
...Managing many vendor relationships
Cloud/Sec
6. * Security Challenges - Ineffective Security
Ineffective Security Model...
...Expensive equipment force organizations to
manage risk
...Complex security leads to a focus on
functionality and performance and not
security
...”Islands of Security” lead to protection gaps
and inconsistent security operations
...It takes hours, days or weeks to get a view on
what happened hours, days or weeks ago
Cloud/Sec
7. * Security Challenges - Ineffective Security
Ineffective Security Tools...
...Firewall is NOT security | Firewall is “Noise
Management”
...VPN is NOT security | VPN is privacy
...HTTPS is NOT security | HTTPS is privacy
...SSL is NOT security | SSL is privacy
...Security REQUIRES application level insight:
.... Proxy
.... IDS / IPS
.... Other Miscellaneous (WAN XL &
Network Visibility)
Cloud/Sec
8. * Security Challenges - Ineffective Security
Proxy as a security tool...
...is only application protocol aware (ie: http)
...limited to a handful of protocols and not all
...functions no better than a firewall, but at a
higher level
...is extremely slow
Cloud/Sec
9. * Security Challenges - Ineffective Security
IPS as a security tool...
...IPS is only 20-50% effective
after tuning
...That means it is 50+% un-credible
forcing alerting on rather than
blocking threats
...Forensics is extremely resource
intensive and can only leads to one
of two results:
Cloud/Sec
IPS overlays Thousands of
Signatures over data streams
Bit-pattern matching generates
significant false positives
This forces organizations
to do Forensics
Your Tools
Are Inaccurate!
You're
Breached!
Both of which are after the fact and at great cost!!!!
10. * Security Challenges - so what's the answer?
Cloud/Sec
A completely new security paradigm that delivers...
Economy – eliminating all capital expenses
Effectiveness – Application layer security for all
traffic regardless of port and
protocol
Efficiency – Reduce the burden on the IT staff
and make security operations
repeatable
11. Introducing:
Cloud/Sec
Cloud/Sec is a completely in-the-cloud perimeter security
solution that...
...Delivers superior application visibility & security
...Offers a single unified interface for managing Security
...Runs on BlueNET – a Cloud enabler that is extremely fast
...Diversely available data centers nationwide
...Requires no hardware investments & simple to activate
...Supports all organizational locations
....Headquarters
....Branch offices
....Home users
....Hotel / traveling users
....Mobile phone users (coming soon)
12. Cloud/Sec
Cloud/Sec Delivers superior visibility & security...
…Consolidate Perimeter Security functions
…Application identity & visibility
...User-based access control
(by application or port/protocol)
...Accurate Threat Management
(Malware, Spyware & Vulnerabilities)
...SSL decryption and re-encryption!!!
...Comprehensive integrated application & threat research
...URL filtering and site classification
...File by type transfer control
...Data Leakage Prevention (Credit Card, Social Security, etc..)
14. Consolidated Security Perimeter - Access Control
Cloud/Sec
A single Policy can
support...
...Access Control
...Threat Management
...Malware Protection
...URL Filtering
...File Control
...Leakage Prevention
17. Consolidated Security Perimeter – Application & Threat Research
Cloud/Sec
Step 1. Identify Applications
Step 2. Get Detailed Assessment on the Application
18. Consolidated Security Perimeter – Application & Threat Research
Cloud/Sec
Step 3. Get Source and Destination Information including IP, User &
Country
Step 4. Get Site
Categorization Information
Step 5. Get Threat Information
23. BlueNET
BlueNETBlueNET – The Cloud Enabler
BlueNETBlueNET eliminates the performance penalty of operating in-the-cloud
…Designed from the ground up to support Cloud Apps
...Uses “Hot Potato Extreme” Routing
...Guaranteed “One Hop Out” Routing
...No single point of failure for even the smallest sites
...Incorporates terabit-grade infrastructure
...Operates with extremely low latency
...Available in data centers nationwide
24. Cloud/Sec
BlueNETBlueNET & Cloud/SecCloud/Sec data centers...
…New York, NY ...Atlanta, GA ...Los Angeles, CA
111 8th
Ave. ...Sanfrancisco, CA
60 Hudson St. ...Chicago, IL ...Ashburn, VA
...Clifton, NJ ...Seattle, WA* ...Las Vegas, NV*
* Coming Soon
25. Cloud/SecCloud/Sec – Use Cases
…Multi-Site Organization
...Headquarters
...Branch Office
...Home
...Hotel
...Complete in-the-cloud Computing
...In-the-cloud Site Redundancy
...Dot Com Perimeter in-the-cloud
...Internet Anonymization