Weitere ähnliche Inhalte Ähnlich wie APAC Partner Update: SolarWinds Security Ähnlich wie APAC Partner Update: SolarWinds Security (20) Kürzlich hochgeladen (20) APAC Partner Update: SolarWinds Security2. 2
» Who we are!
» How to discovery security needs
» Firewall Security Manager (FSM)
» Log & Event Manager (LEM)
» Network Configuration Manager (NCM)
**We are trying to cover a lot in this presentation! Please use
the question box in the gotomeeting if anything needs
clarification or a question comes up.
2
Agenda
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
3. 3
SolarWinds – Who we are
Provide IT management software
that is powerful, easy-to-use and
affordable
Company background
Timeline 1999 Founded in Tulsa, OK
2005 Professional Investment
2006 Hired Management Team
2009 IPO (NYSE:SWI)
Headquarters Austin, Texas; over 500
employees worldwide
Customers Over 95,000 – from SMB to
Fortune 500
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
4. 4
HELP!!!
4
My firewall rules are getting out of control! I need to be sure there
are no holes in my configs! I need to know my network is protected!
Web server logs, OS logs, application logs, firewall
logs…it’s impossible to read through all of them!
Network configuration changes, device backups, inventory
maintenance, compliance reporting…I can’t keep up!
Mobile devices are everywhere! I can’t keep track
of which devices are safe and which aren’t!
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
5. 5
Firewall
Management
How often do you analyze your firewall configurations?
How do you know if your firewalls rules are optimized for both security & performance?
How do you test a firewall addition or change to ensure it doesn’t have a negative impact?
How do you perform security audits and compliance reporting?
Log Management
How many log file sources do you review and how often do you review them?
How do you know if a breach has occurred and can you respond immediately?
How do you handle multiple-event correlation to detect anomalous behavior?
How do you handle security and compliance reporting?
Configuration
Management
How often do you backup the configuration files on your devices?
How do you go about deploying configuration changes/updates to multiple devices?
How quickly can you recover a device from a failed updated or config change?
How are you alerted when a network change is made or a configuration policy violated?
Questions to Consider
5
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
7. 7
The Problem
As organizations grow and firewall rules become more and more complex, it’s
easy for engineers to overlook existing rules and inadvertently open security
holes simply by not knowing the full impact of their changes.
Let's be honest, some firewall rule sets have grown so large and unmanageable,
it's become virtually impossible to decipher what's going on with the naked eye.
7
“Through 2018, more
than 95% of firewall
breaches will be
caused by firewall
misconfigurations,
not firewall flaws.”
Gartner research,
November 28, 2012
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
8. 8
The Need for Easy Firewall Management
Which way would you rather manage your firewall configurations?
Point-&-Click ManagementComplex Command Line
OR
8
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
9. 9
Firewall Management Best Practices
Document all firewall rules and changes
Configure firewall rules with minimal access rights
Ensure all rules have business justification
Implement a change-control policy
Remove unused and redundant rules
Perform firewall rule audits on an ongoing basis
Log all pertinent firewall activity
Back up firewall configuration files and logs regularly
Automate, automate, automate!
9
SECURITY IS AN ON-GOING PROCESS, NOT A ONE-TIME PROJECT
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
10. 10
5 Ways SolarWinds FSM Can Help
1. Clean up and remove redundant, unused and conflicting rules
2. Scan your inventory for high risk firewalls and assess your risk
profile in minutes
3. Understand network policy through a unified view of connectivity,
routing, and the security rules responsible for allowing or blocking
network access
4. Know beforehand how a rule change will impact rules/objects,
traffic flows, and security checks
5. Troubleshoot service availability problems without touching
production devices
10
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
11. 11
Log & Event Manager
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
12. 12
The Problem
Log files are generated across almost all of your IT assets—web server
logs, operating system logs, application logs, firewall logs, and more.
And, all of these log files need to be collected, stored, analyzed, and
effectively correlated for security, compliance, and troubleshooting
purposes.
12
Trying to sort through and decipher all
these logs manually is virtually impossible!
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
13. 13
Log Management Best Practices
Define your log management policies and procedures
Log all relevant and required data (but don’t “over-log”)
Centrally aggregate all logged data
Review logs on a regularly scheduled basis
Correlate events across all log sources
Perform real-time monitoring and alerting
Run regularly scheduled security and compliance reports
Store logs securely and retain for the required amount of time
Automate, automate, automate!
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
14. 14
5 Ways SolarWinds LEM Can Help
1. Centralized collection of network device, machine, and cloud logs with
real-time, in-memory log correlation to instantly view security breaches
2. Built-in active responses to immediately and automatically take action
to mitigate threats
3. Advanced, easy-to-use, search interface with data visualization tools
that go well beyond ineffective traditional search bars
4. Over 300 out-of-the-box, “audit-proven” security and compliance
templates including PCI, HIPAA, SOX, GLBA and many more
5. USB defender technology protects sensitive data from with real-time
monitoring, detection notification and the ability to block usage
14
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
16. 16
The Problem
As enterprise networks grow in both size and complexity, the difficulty in
managing all the device configuration changes that are happening
throughout the IT infrastructure grows exponentially.
Manually logging in to each device separately to make changes or updates
means the likelihood of human error that can lead to policy violations,
unauthorized network access, and the possibility of a security breach.
Can you afford to take that chance?
16
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
17. 17
The Need for Easy Network Config Management
Which way would you rather manage your network devices?
OR
17
Manual SSH or Telnet™ to Each Device Point-&-Click Web-Based Management
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
18. 18
Configuration Management Best Practices
Create standards-based IT security and access policies
Implement a change management process to document and track all
changes to the network
Establish role-based permissions to control who can make what change
Backup critical network device configurations nightly and have a device
recovery plan in place
Perform continuous monitoring with real-time change detection alerts
Enforce policies with regularly scheduled security and compliance audits
Validate and maintain policies and procedures through ongoing data
analysis and reviews
Automate, automate, automate!
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
19. 19
5 Ways SolarWinds NCM Can Help
1. Automated device configuration management and bulk change management
to save time, reduce errors, and reduce the risk of costly network downtime
2. Automatic, scheduled backups of network configurations so your critical
devices are always protected
3. Configuration comparison and immediate rollback of failed changes to
instantly recover a device to a previous “known good” state
4. Real-time change detection and alerts to protect against policy violations,
unauthorized, unscheduled, and erroneous configuration changes
5. Out-the-box compliance reports, along with automated network inventory
reports customizable to your networks needs
19
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
20. 20
How to Promote and Sell
» Deals and Opportunities - Additional margin may be available for net new deals.
Contact us with your opportunities as soon as you have them for special pricing
PartnersAPAC@solarwinds.com
» Leads – Generate your own leads using custom coded download links for your customers.
Leads will be automatically tagged to you. Request custom links from
PartnersAPAC@solarwinds.com
» Training & Marketing Materials - Register for Partner Portal at solarwinds.com/partners
Sales and Technical training
Videos
Sales cards
Presentations
Current end-user price list
Demo License (NFR) application
Branding, logos, box shots, screenshots
What’s New section for up-to-date information
14
© 2013 SolarWinds Worldwide, LLC. All Rights Reserved.
21. 21
Demo Sites
» NCM
http://configuration.demo.solarwinds.com
» FSM
http://demo.solarwinds.com/flashdemo/fsm
» LEM
http://demo.solarwinds.com/flashdemo/lem
21
22. 22
© 2012 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
Summary and Q & A
» Clare Kavanagh, Channel Accounts Manager
Clare.Kavanagh@solarwinds.com
» Aravind Kurapati, APAC Geek
» Aravind.Kurapati@solarwinds.com
» Join our community of 150,000+ IT pros at www.thwack.com
Thank you for attending!
22
24. 24
Thank You
The SOLARWINDS and SOLARWINDS & Design marks are the exclusive property of SolarWinds Worldwide, LLC, are registered
with the U.S. Patent and Trademark Office, and may be registered or pending registration in other countries. All other
SolarWinds trademarks, service marks, and logos may be common law marks, registered or pending registration in the United
States or in other countries. All other trademarks mentioned herein are used for identification purposes only and may be or
are trademarks or registered trademarks of their respective companies.
© 2013 SOLARWINDS WORLDWIDE, LLC. ALL RIGHTS RESERVED.
24
Hinweis der Redaktion A firewall is considered a network’s “first line of defense” in protecting sensitive data from unauthorized access. It’s the entry point of the network—determining what is allowed in and out.Without the proper firewall rules in place, your network is left exposed and vulnerable. It’s like leaving your front door open for anyone to come in and take what they want.This is why firewall configuration management is so crucial. Without it, access to your network can become a free-for-all! And, it’s important to remember that SECURITY IS AN ON-GOING PROCESS, NOT A ONE-TIME PROJECT, which makes firewall management even more important! NCM provides automated network configuration and change management to reduce the risk of human error and save you time and money. No more having to manually SSH or Telnet to each device. Do everything from one easy-to-use, centralized web interface. Detect and report on configuration policy violations and deliver real-time alerts