Network Security andForensicsRob Ayoub, CISSPSr. Product MarketingManager – NetworkSecuritypresenterphotoDavid BattyStrategist – NetworkSecuritypresenterphotoPaul MartiniCEOiboss

What is New in NetworkSecurity and ForensicsRob Ayoub, CISSP

FireEye Technologies Working TogetherCallbackAnalytics RuleBinocoloDynamic ThreatIntelligenceThreat IntelligenceSkyfeedGlobal CacheAnalytics & MLSmartVisionRiskwareIndicators of CompromiseMalwareGuard4 2019 FireEyeMulti-VectorExecutionFAUDEMVX BehaviorFAUDE KrakenMVX StaticFAUDE PhishEyeFileDelivery & PayloadMVX CorrelationBinocolo PhishingMVX FUMEBinocolo CentralDomain ReputationSmartLauncherExploitGuardHelix EyeNetworkSecurityEnt. – SearchSignature DetectionFireEyeEndpointSecurity

Solution OverviewCLOUDDynamic ThreatIntelligence(DTI Network)FireEyeAdversarialIntelligenceVerodin3rd PartyAppsFireEyeAppsFireEye EndpointCloud ManagementFireEye HelixFireEye EmailCloud EditionON-PREMISEFireEye CentralManagementFireEye Packet FireEye InvestigationAnalysis SystemCaptureFireEye Networkw/Cloud Collector(Optional)LogSourcesFireEyeFile Protect5 2019 FireEyeFireEyeMalware AnalysisFireEyeNetworkFireEye FireEye EmailEndpoint Server EditionSIEM3rd PartyIntegration

Key Themes for Network SecurityCloud SecurityNext Gen Threat DetectionEnhanced Reporting/Context 2019 FireEyeIncreased Network VisibilityIncreased Detection Visibility

Cloud ProtectionFireEye InvestigationAnalysis SystemFireEye FullPacket CaptureAmazon EC2UserFireEyeNetworkWebFront EndsMisc.App ServicesDatabaseServicesFIREEYE NETWORK FORENSICS AND AMAZON WEB SERVICES7 2019 FireEyeVirtual MachineNetwork Traffic CommunicationsNetwork ZoneReplicated Network Traffic

Server Side ontainmentAdvanced Detection8 2019 tion ofResources

New SSLi Features Delivered with 8.39 2019 FireEyeSSL PreviewProvides the ability to previewthe traffic load before engagingSSL Traffic MirroringAbility to span off decryptedtraffic from NX to anothermonitoring tool or even PXSSL FingerprintingLooks for malicious conversationpatterns around encryptedtraffic

The Future MORE CloudMORE VisibilityMORE DetectionsMORE Partnerships10 2019 FireEye

iboss FireEye Cloud Network Security

Network perimeters are hOfficesFirewallRoutersLoad BalancersWeb ApplicationFirewallsData backhaulPublicInternet12 2019 FireEyeHeadquartersBranchOfficesMobileWorkers

Global cloud security that follows the user, delivered as a service§ Protection for anydevice, from anylocation, in thecloud§ Delivered as asubscriptionservice with noinfrastructure orVMs to manage13 2019 FireEye§ Turnkeyprotection forflows and files,inside andoutside thenetworkperimeter§ Single pane ofglass reportingand policy


AuthenticationSSL DecryptionNETWORK SECURITYProxySSL Re-Encrypt15 2019 FireEye

AuthenticationSSL DecryptionNETWORK SECURITYProxySSL Re-Encrypt16 2019 FireEye

FireEye Cloud Network Security at a GlanceTechnologyProcessExpertiseNetwork SecurityAdvanced Threat Protection Cloud-delivered FireEye protection forusers, regardless of location SaaS platform eliminates appliances,provides infinite scale and reducesmanagement costs Signatureless MVX engine inspectssuspicious objects to identify targeted,evasive and unknown threats Codified intelligence for faster detectionand resolution of newly found threatsNetwork Security – CloudFireEye Everywhere17 2019 FireEye Dynamic threat intelligence protectscustomers before they are aware a newthreat is active Advanced IPS engine capable ofinspecting encrypted HTTPS traffic fornext-gen IPS protection to catch evasivethreats in encrypted content thattraditional firewalls miss

iboss cloud delivers FireEye Network Security globallyFireEye always-on cloud protection for users and devices, regardless of location, without appliancesMulti-Flow and IPS protection oncontent within SSL traffic100% of all Firewall and Proxy securityfeatures delivered as a SaaS solutionDirect Internet Breakouts for Branchoffices to pair with SD-WAN rolloutsCASB - Cloud application controlsGeo-Zoning and GDPR Controls18 2019 FireEyeGlobal points of presence ensure lowlatency no matter the location

Containerized Cloud ArchitectureProprietary architecture allows delivery of all Firewall and Proxy Security Features via Global CloudFootprintSAASOpen InternetPublic Cloudiboss cloudContainerizedCloudArchitecture19 2019 FireEyePrivate CloudData CenterMobileUsersHeadquartersBranch Offices

Familiar User Experience for iboss and FireEye customers20 2019 FireEye

Sacramento Municipal UtilityDistrictStephen Clemons

SMUD overview 2019 FireEye

Evolving Utility TechnologyEver changing technology landscape presents unique cybersecuritychallenges for the utility industry§ IoT (Grid Control / Customer Facing)§ Connected Field Staff

Expanding NetworkInternal Network:§ 2500workstations/laptops§ 1000 servers§ Network equipment§ Building AutomationNetwork§ Printers§ PACS§ IP based telephony§ Security cameras§ Governor networkPublic Facing:§ EV Chargers§ Smart thermostats§ Smart inverters§ Additional R&D IoTdevices§ Customer Owned EMSGrid:§ Distribution automationdevices§ 600,000 smart meters

iboss FireEyeUtility informed tools enable industry leading solutions§ iboss and FireEye work together to protect SMUD regardless ofdevice location– iboss traffic decryption enables inspection and action– FireEye detection actively blocks decrypted threats

SMUD’s PlansThree areas where the partnership with iboss & FireEye will enhanceour security posture1.Inspection of encrypted traffic2.Scalability of our mobile workforce3.Reduction in administrative overhead

iboss cloud delivers FireEye Network Security globally FireEye always-on cloud protection for users and devices, regardless of location, without appliances Multi-Flow and IPS protection on content within SSL traffic 100% of all Firewall and Proxy security features delivered as a SaaS solution Direct Internet Breakouts for Branch