Transcription
Network Security andForensicsRob Ayoub, CISSPSr. Product MarketingManager – NetworkSecuritypresenterphotoDavid BattyStrategist – NetworkSecuritypresenterphotoPaul MartiniCEOiboss
What is New in NetworkSecurity and ForensicsRob Ayoub, CISSP
FireEye Technologies Working TogetherCallbackAnalytics RuleBinocoloDynamic ThreatIntelligenceThreat IntelligenceSkyfeedGlobal CacheAnalytics & MLSmartVisionRiskwareIndicators of CompromiseMalwareGuard4 2019 FireEyeMulti-VectorExecutionFAUDEMVX BehaviorFAUDE KrakenMVX StaticFAUDE PhishEyeFileDelivery & PayloadMVX CorrelationBinocolo PhishingMVX FUMEBinocolo CentralDomain ReputationSmartLauncherExploitGuardHelix EyeNetworkSecurityEnt. – SearchSignature DetectionFireEyeEndpointSecurity
Solution OverviewCLOUDDynamic ThreatIntelligence(DTI Network)FireEyeAdversarialIntelligenceVerodin3rd PartyAppsFireEyeAppsFireEye EndpointCloud ManagementFireEye HelixFireEye EmailCloud EditionON-PREMISEFireEye CentralManagementFireEye Packet FireEye InvestigationAnalysis SystemCaptureFireEye Networkw/Cloud Collector(Optional)LogSourcesFireEyeFile Protect5 2019 FireEyeFireEyeMalware AnalysisFireEyeNetworkFireEye FireEye EmailEndpoint Server EditionSIEM3rd PartyIntegration
Key Themes for Network SecurityCloud SecurityNext Gen Threat DetectionEnhanced Reporting/Context 2019 FireEyeIncreased Network VisibilityIncreased Detection Visibility
Cloud ProtectionFireEye InvestigationAnalysis SystemFireEye FullPacket CaptureAmazon EC2UserFireEyeNetworkWebFront EndsMisc.App ServicesDatabaseServicesFIREEYE NETWORK FORENSICS AND AMAZON WEB SERVICES7 2019 FireEyeVirtual MachineNetwork Traffic CommunicationsNetwork ZoneReplicated Network Traffic
Server Side ontainmentAdvanced Detection8 2019 tion ofResources
New SSLi Features Delivered with 8.39 2019 FireEyeSSL PreviewProvides the ability to previewthe traffic load before engagingSSL Traffic MirroringAbility to span off decryptedtraffic from NX to anothermonitoring tool or even PXSSL FingerprintingLooks for malicious conversationpatterns around encryptedtraffic
The Future MORE CloudMORE VisibilityMORE DetectionsMORE Partnerships10 2019 FireEye
iboss FireEye Cloud Network Security
Network perimeters are hOfficesFirewallRoutersLoad BalancersWeb ApplicationFirewallsData backhaulPublicInternet12 2019 FireEyeHeadquartersBranchOfficesMobileWorkers
Global cloud security that follows the user, delivered as a service§ Protection for anydevice, from anylocation, in thecloud§ Delivered as asubscriptionservice with noinfrastructure orVMs to manage13 2019 FireEye§ Turnkeyprotection forflows and files,inside andoutside thenetworkperimeter§ Single pane ofglass reportingand policy
NETWORK SECURITY14 2019 FireEye
AuthenticationSSL DecryptionNETWORK SECURITYProxySSL Re-Encrypt15 2019 FireEye
AuthenticationSSL DecryptionNETWORK SECURITYProxySSL Re-Encrypt16 2019 FireEye
FireEye Cloud Network Security at a GlanceTechnologyProcessExpertiseNetwork SecurityAdvanced Threat Protection Cloud-delivered FireEye protection forusers, regardless of location SaaS platform eliminates appliances,provides infinite scale and reducesmanagement costs Signatureless MVX engine inspectssuspicious objects to identify targeted,evasive and unknown threats Codified intelligence for faster detectionand resolution of newly found threatsNetwork Security – CloudFireEye Everywhere17 2019 FireEye Dynamic threat intelligence protectscustomers before they are aware a newthreat is active Advanced IPS engine capable ofinspecting encrypted HTTPS traffic fornext-gen IPS protection to catch evasivethreats in encrypted content thattraditional firewalls miss
iboss cloud delivers FireEye Network Security globallyFireEye always-on cloud protection for users and devices, regardless of location, without appliancesMulti-Flow and IPS protection oncontent within SSL traffic100% of all Firewall and Proxy securityfeatures delivered as a SaaS solutionDirect Internet Breakouts for Branchoffices to pair with SD-WAN rolloutsCASB - Cloud application controlsGeo-Zoning and GDPR Controls18 2019 FireEyeGlobal points of presence ensure lowlatency no matter the location
Containerized Cloud ArchitectureProprietary architecture allows delivery of all Firewall and Proxy Security Features via Global CloudFootprintSAASOpen InternetPublic Cloudiboss cloudContainerizedCloudArchitecture19 2019 FireEyePrivate CloudData CenterMobileUsersHeadquartersBranch Offices
Familiar User Experience for iboss and FireEye customers20 2019 FireEye
Sacramento Municipal UtilityDistrictStephen Clemons
SMUD overview 2019 FireEye
Evolving Utility TechnologyEver changing technology landscape presents unique cybersecuritychallenges for the utility industry§ IoT (Grid Control / Customer Facing)§ Connected Field Staff
Expanding NetworkInternal Network:§ 2500workstations/laptops§ 1000 servers§ Network equipment§ Building AutomationNetwork§ Printers§ PACS§ IP based telephony§ Security cameras§ Governor networkPublic Facing:§ EV Chargers§ Smart thermostats§ Smart inverters§ Additional R&D IoTdevices§ Customer Owned EMSGrid:§ Distribution automationdevices§ 600,000 smart meters
iboss FireEyeUtility informed tools enable industry leading solutions§ iboss and FireEye work together to protect SMUD regardless ofdevice location– iboss traffic decryption enables inspection and action– FireEye detection actively blocks decrypted threats
SMUD’s PlansThree areas where the partnership with iboss & FireEye will enhanceour security posture1.Inspection of encrypted traffic2.Scalability of our mobile workforce3.Reduction in administrative overhead
iboss cloud delivers FireEye Network Security globally FireEye always-on cloud protection for users and devices, regardless of location, without appliances Multi-Flow and IPS protection on content within SSL traffic 100% of all Firewall and Proxy security features delivered as a SaaS solution Direct Internet Breakouts for Branch
