SlideShare a Scribd company logo

Segurdad de red para la generacion de la nube symantec

Download as PPTX, PDF
CSA Argentina
CSA Argentina

This document discusses network security implications of increased cloud usage and adoption of cloud applications. It identifies key challenges such as rogue cloud app use creating security and compliance issues, backhauling all traffic being costly and slowing performance, and encrypted traffic blinding traditional defenses. It proposes using a cloud-based proxy that can securely decrypt, inspect, and accelerate traffic to address these challenges by providing threat prevention, DLP enforcement, browser isolation, and other advanced security techniques on direct connections to the cloud.

Technology
1 of 20
GENERACION DE LA NUBE SEGURIDAD EN LA RED PARA LA
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Implications of the Cloud Generation Mobile Cloud Applications Web IoT Social 8 0 / 4 4 3 2
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Implications of the Cloud Generation Content Analysis CASB Web Isolation SSL Visibility Security Analytics DLP Born and breed to manage web traffic Loves HTTP(S):// (Performance, ETM) Terminates traffic and leverages integrated technology services for inspection Next Generation Firewall • Not designed for web traffic inspection • Big challenges with HTTP(S):// (Performance, ETM) • Passive inspection architecture cannot address web-based threats Proxy 8 0 / 4 4 3 3
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Customer Challenges Rogue Cloud App Use Creating Security & Compliance Issues Backhauling Traffic Is Costly & Slows Cloud Performance Encrypted Traffic Blind Spots Creates Vulnerabilities Modern Threats Overwhelming Traditional Network Defenses 4
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Tuning TAP Analytics APM Sandbox IPS Firewall Proxy 8 0 / 4 4 3 Bypasses Threat Protection Infrastructure Encrypted Traffic Creates Vulnerabilities Half of malware campaigns in 2019 will use some type of encryption to conceal malware delivery, command and control activity, or data exfiltration 5
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Fix SSL/TLS Encryption Vulnerability Secure Decryption of Network Traffic IPS APM TAP Network Tuning Security Analytics SandboxContent Analysis Proxy SSL Visibility “C & F’s” NGFWs, SWG’s, ADCs The Security Impact of HTTPS Interception* Testing conducted by: Firewall 8 0 / 4 4 3 • Securely decrypt SSL & TLS to allow complete inspection • Scale decryption with SSL Visibility Appliance • Set policies by category to maintain privacy • Must maintain broad industry cipher support 6 * https://jhalderm.com/pub/papers/interception-ndss17.pdf
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Customer Challenges Encrypted Traffic Blind Spots Creates Vulnerabilities Modern Threats Overwhelming Traditional Network Defenses 7
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Impact of “Passive” and Simplistic Threat Scanning Architectures Issue One – Ineffective Content Scanning Overwhelms Incident Response (IR) Queue • Alarms after the fact – malware is already through • IR teams scrambling to keep up Next Gen Firewall 8 0 / 4 4 3 Sandbox Organizations with >500 employees, needing advanced security and with the ability to manage multiple platforms, should make separate firewall, secure web gateway and email security decisions *https://www.gartner.com/doc/3869071 REPORT: Next- Generation Firewall Hype Has Become an Obstacle for Enterprises* Malware Gets Through • Stream architecture delivers documents before deep analysis • Scans with basic AV signature engines • Performance hit to inspect web traffic 8
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY SANDBOX WHITELIST BLACKLIST AV1 AV2 ADVANCED MACHINELEARNING Fixes Poor Gateway Sandbox Architectures Effective File Inspection for Threat Protection • Extract files and inspect before delivery • Pre-filter to improve detection and reduce sandbox load • Integrate sandbox (+cloud) or use 3rd party • Orchestrate to remediate on the endpointContent Analysis Endpoints SEP Proxy GIN 9
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Web Browsers Becoming the Ultimate Attack Surface Issue Two – Malware Targeting Web Browsers 1,400+New browser & plug-in vulnerabilities per year 83%Growth in active phishing URLs 78% of sites can be used to deliver malware JAVASCRIPT CSS SVG HTML IMAGES PLUG-INS ADD-ONS FONTS SOCIAL Browser vulnerabilities exploited by malware delivered to endpoints via web page rendering resources 10Statistic Sources: Symantec ISTR, Verizon DBIR
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 100% SAFE RENDERING INFORMATION Isolate the Web to Stop Threats • Isolate uncategorized/risky sites • Secure web browsing of privileged users • Embedded Email URLs (phishing) Secure Disposable Container DOWNLOAD EXECUTE RENDER 1001010010 1011010011 0010101 101010011010 01 11 10 https://www.gartner.com/document/3463618 Evaluate and pilot a remote browser solution…as one of the most significant ways an enterprise can reduce the ability of web-based attacks on users to cause damage.” Web IsolationProxy 11
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Customer Challenges Rogue Cloud App Use Creating Security & Compliance Issues Encrypted Traffic Blind Spots Creates Vulnerabilities Modern Threats Overwhelming Traditional Network Defenses 12
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Shadow IT and Changing Cloud Usage Models Create Risk Cloud Use – Data Security & Compliance Proliferation of Cloud Apps Variety of Locations Shadow Data Problem Loss of Sensitive Data *2018 Shadow Data Report Loss of Sensitive Data Regional OfficeHeadquarters Mobile Users • Identify and Control Shadow IT • Enforce DLP Policy Requirements 13%of Cloud Docs are Broadly Shared* 13
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY DLP AUDIT – APPFEED GIN • Risk attribute data • Enforce application access policy controls by application, user, group, etc. • In-Line DLP enforcement on all cloud and web application traffic • Extend controls with a CASB solution CASB App Rating Database Analytics Proxy Control Shadow IT – User Behavior - Enforce DLP Policy CLOUD ACCESS SECURITY BROKER Offices Roaming Users Access Control 14
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Customer Challenges Backhauling Traffic Is Costly & Slows Cloud Performance Rogue Cloud App Use Creating Security & Compliance Issues Encrypted Traffic Blind Spots Creates Vulnerabilities Modern Threats Overwhelming Traditional Network Defenses 15
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Traditional Backhaul Model Becoming Costly and Slow Need For Direct-To-Net Advanced Security Cloud App Growth & Mobile/Remote Workforce Users Want To Get Direct-To-Net Traffic Needs To Be Secured But Backhauling Is Expensive and Slow Secure, Direct Access to Web & Cloud Web Security as a Service 16
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Accelerated Cloud Backbone Telco POP Backbone Automate Policy & Content Acceleration Elastic Cloud SVC Structure Content Peering & Connection Scaling 3rd Party Monitoring Proxy At Core Threat Prevention and Information Security Cloud Controls (CASB) High-performance Global Backbone Web Security as a Service Proxy Terminate ♦ Decrypt ♦ Inspect Before Delivery ♦ Orchestrate SDN Connect IPSec VPN Firewall Advanced Network Security Stack in the Cloud Network Security for the Cloud Generation Performance Optimization for O365, AWS, etc. Web Isolation Malware Analysis & Sandbox DLP Inspection & Enforcement CASB Cloud Controls 17
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Encrypted Traffic Solving the Network Security Challenges of the Cloud Generation Symantec Network Security Modern Threats Cloud Security Cloud Delivered 18
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NETWORK PROTECTION Sebastian Brenner Sebastian_brenner@symantec.com
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Symantec is defining the Proxy as a termination point by… • Delivering a POWERFUL CLOUD SECURITY SERVICE that leverages the termination strength of a proxy to protect users, remote offices and devices no matter where they are in the world. • Innovating ADVANCED PROTECTION INCLUDING BROWSER ISOLATION services which ensure users are protected from the most sophisticated web and email attacks on Earth. • Ensuring STRENGTH IN MANAGING ENCRYPTED TRAFFIC to enable a proper balance of security and privacy when inspecting content. As cloud applications drive changes in how users interact in a networked world, we deliver strong security, simplicity of operation, and flexible deployment choices as part of our INTEGRATED CYBER DEFENSE PLATFORM. Defining the Proxy 20

Recommended

McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC ReportMcAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
Iftikhar Ali Iqbal
 
CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption?
Digital Transformation EXPO Event Series
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
Forcepoint LLC
 
Forcepoint Advanced Malware Detection
Forcepoint Advanced Malware DetectionForcepoint Advanced Malware Detection
Forcepoint Advanced Malware Detection
Forcepoint LLC
 
SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019
Advanced Technology Consulting (ATC)
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
MarketingArrowECS_CZ
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Bitglass
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Cisco do Brasil
 

Recommended

McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC ReportMcAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
McAfee - MVISION Cloud (MVC) - Cloud Access Security Broker (CASB) - POC Report
Iftikhar Ali Iqbal
 
CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption? CASB — Your new best friend for safe cloud adoption?
CASB — Your new best friend for safe cloud adoption?
Digital Transformation EXPO Event Series
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
Forcepoint LLC
 
Forcepoint Advanced Malware Detection
Forcepoint Advanced Malware DetectionForcepoint Advanced Malware Detection
Forcepoint Advanced Malware Detection
Forcepoint LLC
 
SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019SOC-as-a-Service - comSpark 2019
SOC-as-a-Service - comSpark 2019
Advanced Technology Consulting (ATC)
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
MarketingArrowECS_CZ
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Bitglass
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Cisco do Brasil
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
Forcepoint LLC
 
Bitglass Webinar - A Primer on CASBs and Cloud Security
Bitglass Webinar - A Primer on CASBs and Cloud SecurityBitglass Webinar - A Primer on CASBs and Cloud Security
Bitglass Webinar - A Primer on CASBs and Cloud Security
Bitglass
 
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the CloudTop 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
Forcepoint LLC
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
Shankar Subramaniyan
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
Bitglass
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)
Deivid Toledo
 
Zero Trust Networks
Zero Trust NetworksZero Trust Networks
Zero Trust Networks
Practical Code, LLC
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
Zscaler
 
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Netskope
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
Zscaler
 
F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence Service
F5 Networks
 
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat PreventionIntroducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention
IBM Security
 
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
michaelbasoah
 
Guide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in ChinaGuide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in China
Alibaba Cloud
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
Cloudflare
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
Susanne Tedrick
 
The Year the Internet Fell Apart
The Year the Internet Fell ApartThe Year the Internet Fell Apart
The Year the Internet Fell Apart
IBM Security
 
Fight bad bot on the internet
Fight bad bot on the internetFight bad bot on the internet
Fight bad bot on the internet
Cloudflare
 
Key Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsKey Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation Firewalls
AlgoSec
 
Mitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security ThreatsMitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security Threats
Bitglass
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec
 
Content is King - Symantec
Content is King - SymantecContent is King - Symantec
Content is King - Symantec
Harry Gunns
 

More Related Content

What's hot

Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
Bitglass
 
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat PreventionIntroducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention
IBM Security
 
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
michaelbasoah
 
Guide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in ChinaGuide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in China
Alibaba Cloud
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
Cloudflare
 
The Year the Internet Fell Apart
The Year the Internet Fell ApartThe Year the Internet Fell Apart
The Year the Internet Fell Apart
IBM Security
 
Mitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security ThreatsMitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security Threats
Bitglass
 

What's hot (20)

Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
 
Bitglass Webinar - A Primer on CASBs and Cloud Security
Bitglass Webinar - A Primer on CASBs and Cloud SecurityBitglass Webinar - A Primer on CASBs and Cloud Security
Bitglass Webinar - A Primer on CASBs and Cloud Security
 
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the CloudTop 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
 
Cloud Security Governance
Cloud Security GovernanceCloud Security Governance
Cloud Security Governance
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)
 
Zero Trust Networks
Zero Trust NetworksZero Trust Networks
Zero Trust Networks
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
 
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
Why Everyone Needs a Cloud-First Security Program - SASEfaction Guaranteed!
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
 
F5's IP Intelligence Service
F5's IP Intelligence ServiceF5's IP Intelligence Service
F5's IP Intelligence Service
 
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat PreventionIntroducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention
Introducing IBM Cloud Security Enforcer, CASB, IDaaS and Threat Prevention
 
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
Are Your Appliance Security Solutions Ready For 2048-bit SSL Certificates ?
 
Guide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in ChinaGuide to Cybersecurity Compliance in China
Guide to Cybersecurity Compliance in China
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
 
Introduction to Cloud Security
Introduction to Cloud SecurityIntroduction to Cloud Security
Introduction to Cloud Security
 
The Year the Internet Fell Apart
The Year the Internet Fell ApartThe Year the Internet Fell Apart
The Year the Internet Fell Apart
 
Fight bad bot on the internet
Fight bad bot on the internetFight bad bot on the internet
Fight bad bot on the internet
 
Key Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsKey Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation Firewalls
 
Mitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security ThreatsMitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security Threats
 

Similar to Segurdad de red para la generacion de la nube symantec

Content is King - Symantec
Content is King - SymantecContent is King - Symantec
Content is King - Symantec
Harry Gunns
 
Sangfor's Presentation.pdf
Sangfor's Presentation.pdfSangfor's Presentation.pdf
Sangfor's Presentation.pdf
ssusera76ea9
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar
AlgoSec
 
A Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudA Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public Cloud
Rochester Security Summit
 

Similar to Segurdad de red para la generacion de la nube symantec (20)

Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
Content is King - Symantec
Content is King - SymantecContent is King - Symantec
Content is King - Symantec
 
Faster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in awsFaster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in aws
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
 
Symantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB ProjectsSymantec Webinar | Tips for Successful CASB Projects
Symantec Webinar | Tips for Successful CASB Projects
 
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Sangfor's Presentation.pdf
Sangfor's Presentation.pdfSangfor's Presentation.pdf
Sangfor's Presentation.pdf
 
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITYTHE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITY
 
Visibility and Automation for Enhanced Security
Visibility and Automation for Enhanced SecurityVisibility and Automation for Enhanced Security
Visibility and Automation for Enhanced Security
 
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation EraRethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud world
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
 
Presentation cloud security the grand challenge
Presentation cloud security the grand challengePresentation cloud security the grand challenge
Presentation cloud security the grand challenge
 
Key Elements of a Security Delivery Platform
Key Elements of a Security Delivery PlatformKey Elements of a Security Delivery Platform
Key Elements of a Security Delivery Platform
 
2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar2021 01-27 reducing risk of ransomware webinar
2021 01-27 reducing risk of ransomware webinar
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
CheckPoint Software
CheckPoint SoftwareCheckPoint Software
CheckPoint Software
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
 
A Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public CloudA Plan to Control and Protect Data in the Private and Public Cloud
A Plan to Control and Protect Data in the Private and Public Cloud
 

More from CSA Argentina

Csa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nubeCsa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nube
CSA Argentina
 
Csa Summit 2017 - Managing multicloud environments
Csa Summit 2017 - Managing multicloud environmentsCsa Summit 2017 - Managing multicloud environments
Csa Summit 2017 - Managing multicloud environments
CSA Argentina
 
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos CloudCsa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
CSA Argentina
 
Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
CSA Argentina
 
Csa Summit 2017 - Csa Star for dummies
Csa Summit 2017 - Csa Star for dummiesCsa Summit 2017 - Csa Star for dummies
Csa Summit 2017 - Csa Star for dummies
CSA Argentina
 
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
CSA Argentina
 

More from CSA Argentina (20)

7o estudio-cloud security-esarsenu-2019-csaespearclbobrcomx-isacamad-v2
7o estudio-cloud security-esarsenu-2019-csaespearclbobrcomx-isacamad-v27o estudio-cloud security-esarsenu-2019-csaespearclbobrcomx-isacamad-v2
7o estudio-cloud security-esarsenu-2019-csaespearclbobrcomx-isacamad-v2
 
Cloud native y donde esta el piloto
Cloud native y donde esta el pilotoCloud native y donde esta el piloto
Cloud native y donde esta el piloto
 
Iam dev secops the infinity loop saga
Iam dev secops the infinity loop sagaIam dev secops the infinity loop saga
Iam dev secops the infinity loop saga
 
Presentacion DevSecOps Argentina
Presentacion DevSecOps ArgentinaPresentacion DevSecOps Argentina
Presentacion DevSecOps Argentina
 
Revista CSA LATAM FORUM 2019
Revista CSA LATAM FORUM 2019Revista CSA LATAM FORUM 2019
Revista CSA LATAM FORUM 2019
 
Cloud security adoption sophos
Cloud security adoption sophosCloud security adoption sophos
Cloud security adoption sophos
 
CSA LATAM FORUM - NETSKOPE
CSA LATAM FORUM - NETSKOPECSA LATAM FORUM - NETSKOPE
CSA LATAM FORUM - NETSKOPE
 
Hardening usuarios smartfense
Hardening usuarios smartfenseHardening usuarios smartfense
Hardening usuarios smartfense
 
Automated security analysis of aws clouds v1.0
Automated security analysis of aws clouds v1.0Automated security analysis of aws clouds v1.0
Automated security analysis of aws clouds v1.0
 
2018 cyberark evento cloud
2018 cyberark evento cloud2018 cyberark evento cloud
2018 cyberark evento cloud
 
Csa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nubeCsa Summit 2017 - Un viaje seguro hacia la nube
Csa Summit 2017 - Un viaje seguro hacia la nube
 
Csa Summit 2017 - Managing multicloud environments
Csa Summit 2017 - Managing multicloud environmentsCsa Summit 2017 - Managing multicloud environments
Csa Summit 2017 - Managing multicloud environments
 
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos CloudCsa summit 2017 - Plataforma de Seguridad para entornos Cloud
Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
 
Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
Csa Summit 2017 - Obteniendo información de tu organización a través de aplic...
 
Csa Summit 2017 - Csa Star for dummies
Csa Summit 2017 - Csa Star for dummiesCsa Summit 2017 - Csa Star for dummies
Csa Summit 2017 - Csa Star for dummies
 
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
CSA Summit 2017 - Infraestructuras Ágiles y Delivery Continuo, del testing ma...
 
UNDER THE DOME - SEGURIDAD SI, PERO TRANSPARENTE
UNDER THE DOME - SEGURIDAD SI, PERO TRANSPARENTEUNDER THE DOME - SEGURIDAD SI, PERO TRANSPARENTE
UNDER THE DOME - SEGURIDAD SI, PERO TRANSPARENTE
 
SECURITY AS A WAR - Infosecurity 2015
SECURITY AS A WAR - Infosecurity 2015SECURITY AS A WAR - Infosecurity 2015
SECURITY AS A WAR - Infosecurity 2015
 
Csa summit el circulo de la confianza entre el cliente y el proveedor cloud
Csa summit el circulo de la confianza entre el cliente y el proveedor cloud Csa summit el circulo de la confianza entre el cliente y el proveedor cloud
Csa summit el circulo de la confianza entre el cliente y el proveedor cloud
 
Csa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del cisoCsa summit la transformación digital y el nuevo rol del ciso
Csa summit la transformación digital y el nuevo rol del ciso
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 

Segurdad de red para la generacion de la nube symantec

  • 2. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Implications of the Cloud Generation Mobile Cloud Applications Web IoT Social 8 0 / 4 4 3 2
  • 3. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Implications of the Cloud Generation Content Analysis CASB Web Isolation SSL Visibility Security Analytics DLP Born and breed to manage web traffic Loves HTTP(S):// (Performance, ETM) Terminates traffic and leverages integrated technology services for inspection Next Generation Firewall • Not designed for web traffic inspection • Big challenges with HTTP(S):// (Performance, ETM) • Passive inspection architecture cannot address web-based threats Proxy 8 0 / 4 4 3 3
  • 4. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Customer Challenges Rogue Cloud App Use Creating Security & Compliance Issues Backhauling Traffic Is Costly & Slows Cloud Performance Encrypted Traffic Blind Spots Creates Vulnerabilities Modern Threats Overwhelming Traditional Network Defenses 4
  • 5. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Tuning TAP Analytics APM Sandbox IPS Firewall Proxy 8 0 / 4 4 3 Bypasses Threat Protection Infrastructure Encrypted Traffic Creates Vulnerabilities Half of malware campaigns in 2019 will use some type of encryption to conceal malware delivery, command and control activity, or data exfiltration 5
  • 6. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Fix SSL/TLS Encryption Vulnerability Secure Decryption of Network Traffic IPS APM TAP Network Tuning Security Analytics SandboxContent Analysis Proxy SSL Visibility “C & F’s” NGFWs, SWG’s, ADCs The Security Impact of HTTPS Interception* Testing conducted by: Firewall 8 0 / 4 4 3 • Securely decrypt SSL & TLS to allow complete inspection • Scale decryption with SSL Visibility Appliance • Set policies by category to maintain privacy • Must maintain broad industry cipher support 6 * https://jhalderm.com/pub/papers/interception-ndss17.pdf
  • 7. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Customer Challenges Encrypted Traffic Blind Spots Creates Vulnerabilities Modern Threats Overwhelming Traditional Network Defenses 7
  • 8. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Impact of “Passive” and Simplistic Threat Scanning Architectures Issue One – Ineffective Content Scanning Overwhelms Incident Response (IR) Queue • Alarms after the fact – malware is already through • IR teams scrambling to keep up Next Gen Firewall 8 0 / 4 4 3 Sandbox Organizations with >500 employees, needing advanced security and with the ability to manage multiple platforms, should make separate firewall, secure web gateway and email security decisions *https://www.gartner.com/doc/3869071 REPORT: Next- Generation Firewall Hype Has Become an Obstacle for Enterprises* Malware Gets Through • Stream architecture delivers documents before deep analysis • Scans with basic AV signature engines • Performance hit to inspect web traffic 8
  • 9. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY SANDBOX WHITELIST BLACKLIST AV1 AV2 ADVANCED MACHINELEARNING Fixes Poor Gateway Sandbox Architectures Effective File Inspection for Threat Protection • Extract files and inspect before delivery • Pre-filter to improve detection and reduce sandbox load • Integrate sandbox (+cloud) or use 3rd party • Orchestrate to remediate on the endpointContent Analysis Endpoints SEP Proxy GIN 9
  • 10. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Web Browsers Becoming the Ultimate Attack Surface Issue Two – Malware Targeting Web Browsers 1,400+New browser & plug-in vulnerabilities per year 83%Growth in active phishing URLs 78% of sites can be used to deliver malware JAVASCRIPT CSS SVG HTML IMAGES PLUG-INS ADD-ONS FONTS SOCIAL Browser vulnerabilities exploited by malware delivered to endpoints via web page rendering resources 10Statistic Sources: Symantec ISTR, Verizon DBIR
  • 11. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 100% SAFE RENDERING INFORMATION Isolate the Web to Stop Threats • Isolate uncategorized/risky sites • Secure web browsing of privileged users • Embedded Email URLs (phishing) Secure Disposable Container DOWNLOAD EXECUTE RENDER 1001010010 1011010011 0010101 101010011010 01 11 10 https://www.gartner.com/document/3463618 Evaluate and pilot a remote browser solution…as one of the most significant ways an enterprise can reduce the ability of web-based attacks on users to cause damage.” Web IsolationProxy 11
  • 12. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Customer Challenges Rogue Cloud App Use Creating Security & Compliance Issues Encrypted Traffic Blind Spots Creates Vulnerabilities Modern Threats Overwhelming Traditional Network Defenses 12
  • 13. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Shadow IT and Changing Cloud Usage Models Create Risk Cloud Use – Data Security & Compliance Proliferation of Cloud Apps Variety of Locations Shadow Data Problem Loss of Sensitive Data *2018 Shadow Data Report Loss of Sensitive Data Regional OfficeHeadquarters Mobile Users • Identify and Control Shadow IT • Enforce DLP Policy Requirements 13%of Cloud Docs are Broadly Shared* 13
  • 14. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY DLP AUDIT – APPFEED GIN • Risk attribute data • Enforce application access policy controls by application, user, group, etc. • In-Line DLP enforcement on all cloud and web application traffic • Extend controls with a CASB solution CASB App Rating Database Analytics Proxy Control Shadow IT – User Behavior - Enforce DLP Policy CLOUD ACCESS SECURITY BROKER Offices Roaming Users Access Control 14
  • 15. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Network Security Customer Challenges Backhauling Traffic Is Costly & Slows Cloud Performance Rogue Cloud App Use Creating Security & Compliance Issues Encrypted Traffic Blind Spots Creates Vulnerabilities Modern Threats Overwhelming Traditional Network Defenses 15
  • 16. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Traditional Backhaul Model Becoming Costly and Slow Need For Direct-To-Net Advanced Security Cloud App Growth & Mobile/Remote Workforce Users Want To Get Direct-To-Net Traffic Needs To Be Secured But Backhauling Is Expensive and Slow Secure, Direct Access to Web & Cloud Web Security as a Service 16
  • 17. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Accelerated Cloud Backbone Telco POP Backbone Automate Policy & Content Acceleration Elastic Cloud SVC Structure Content Peering & Connection Scaling 3rd Party Monitoring Proxy At Core Threat Prevention and Information Security Cloud Controls (CASB) High-performance Global Backbone Web Security as a Service Proxy Terminate ♦ Decrypt ♦ Inspect Before Delivery ♦ Orchestrate SDN Connect IPSec VPN Firewall Advanced Network Security Stack in the Cloud Network Security for the Cloud Generation Performance Optimization for O365, AWS, etc. Web Isolation Malware Analysis & Sandbox DLP Inspection & Enforcement CASB Cloud Controls 17
  • 18. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Encrypted Traffic Solving the Network Security Challenges of the Cloud Generation Symantec Network Security Modern Threats Cloud Security Cloud Delivered 18
  • 19. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY NETWORK PROTECTION Sebastian Brenner Sebastian_brenner@symantec.com
  • 20. Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Symantec is defining the Proxy as a termination point by… • Delivering a POWERFUL CLOUD SECURITY SERVICE that leverages the termination strength of a proxy to protect users, remote offices and devices no matter where they are in the world. • Innovating ADVANCED PROTECTION INCLUDING BROWSER ISOLATION services which ensure users are protected from the most sophisticated web and email attacks on Earth. • Ensuring STRENGTH IN MANAGING ENCRYPTED TRAFFIC to enable a proper balance of security and privacy when inspecting content. As cloud applications drive changes in how users interact in a networked world, we deliver strong security, simplicity of operation, and flexible deployment choices as part of our INTEGRATED CYBER DEFENSE PLATFORM. Defining the Proxy 20

Editor's Notes

  1. The world has moved to HTTPS – the language of web is now the language of cloud, mobile, video, social media And so HTTP is also the language of malware delivery, hackers, cybercriminals. Separating the good from the bad is very complex, but it is what will determine if your customers win or loose as they combat cyber-threats Cyber security professionals are at a crossroads. The game has changed, and the bad guys are getting more aggressive and inflicting more and more damage on corporate assets—and reputations—worldwide. Ransomware is through the roof, zero-day exploits are exploding, threats are hiding in encrypted traffic and email is riddled with malware. There is no perimeter anymore. Data, devices and employees are mobilized and traffic is increasingly going to the internet and cloud applications. So, the question now is, how do you protect a castle—by which we mean your enterprise—when the walls are tumbling down? In this presentation we'll discuss: - Why you should embrace cloud-based network security - The tools you need to provide protection against a variety of attacks - Why a proxy belongs at the center of your cloud service - Cloud migration strategies - Integrations that orchestrate defenses across control points and attack vectors
  2. We start out with a critical one – encrypted traffic. Latest stats are something like 80% of inbound traffic is encrypted and as much as 25% or outbound is as well. If your tools are blind to encrypted traffic you are in trouble We are then going to talk about today’s world of increasingly sophisticated threats on the web. Some attack you through content downloads, others get you through the simple act of visiting a malicious site. Both equally crippling. We have all heard about Shadow IT. But it’s more than just an annoyance of employees going around processes to get the cloud apps they want to use – it’s a real security and compliance issue. Controlling cloud app access and use is a top need in the network world. Finally, maintaining the right toolset to combat sophisticated threats and manage strict compliance Regs can be complicated and costly. Part of the cost is the tools, but part of it is moving traffic around your dispersed network with remote offices and mobile users in order to secure it. Your customers need a way to simplify the use and deployment of best-in-class security, and a way to boost their user’s cloud app performance while they are at it.
  3. Symantec’s Network Security portfolio is uniquely capable of solving these key challenge areas your customer’s are facing Encrypted Traffic – inspecting it at scale with an “A” rated secure approach Modern Threats – we have both covered Content downloads with Proxy feeding Content Analysis - architecture allows for highly accurate detection and blocking of threat before it gets through Web browsing threats with Proxy enforcing Web Isolation policies – any malicious code executing on the website gets isolated and cannot get to endpoint Cloud Security with CASB identifying Shadow IT and Proxy policies then controlling it. And the Proxy working together with DLP and CASB to enforce data security policies or web and cloud traffic Lastly – this is all available in the Symantec Global Cloud…the Industry’s most advanced cloud-delivered network security stack. Gets rid of the backhaul issue that is a pain to a lot of your customers, but also makes it simple to deploy best-in-class security