Tech Talk On security, networking, and performance Dave Parker UW SSEC.
2015 Security Conference Dave Gill Intel Security.
-
Upload
joan-suzan-hubbard -
Category
Documents
-
view
215 -
download
3
Transcript of 2015 Security Conference Dave Gill Intel Security.
2015 Security Conference
Dave GillIntel Security
Dave Gill Channel Account Manager07799 666 197
Leading The World Into Connected Security ~ Logicalis Security Conference 2015
.
McAfee Confidential3
FirewallEndpoint
ProtectionGatewaySecurity
Network IPS ComplianceData
ProtectionMobility SIEM
.
3
TIME
Building Security By SiloTechnology Acquisition Process Has Delivered Security Chaos
.
McAfee Confidential4
Security Posture
TCOCapEx + OpEx
Point Products
Layered Tools
Building Security By SiloCreating a False Sense of Security
TIME
Lessons Learned
• Well-funded organizations do not equal well-defended organizations
• Maintaining compliance will not result in protection
• Massive alerting in a sea of noise cannot receive action
• Defenses operating in silos are setup to fail
Parity Advancement
.
McAfee Confidential5
Security Posture
TCOCapEx + OpEx
Building Security By SiloDelivering Operationally Effective Security
TIMEParity Advancement
Layered Tools
Point Products
ConnectedArchitecture
.
McAfee Confidential6
History of DefiningArchitecture
– Inventor of the world’s most widely used computing architecture
– Defining countless standards used in everyday lives ranging from USB, WiFi, to IoT
– Top 10 Most Influential Brands in the World
Largest Dedicated Security Provider
– Broadest security product coverage in the industry
– Complete portfolio focused upon security
– Leadership position in 6 of 8 Gartner Security Magic Quadrants
Delivering a Next Generation Security Architecture
– Defining innovative industry approaches for collaborative and adaptive security
– Introducing security integrations which are sustainable and broadly reaching
– Developing capabilities for new security paradigms in areas such as Software Defined Datacenter, Cloud, and IoT
.
McAfee Confidential7
Consolidating Architectures
Challenge:• Operational Complexity• Console Sprawl
Need:• Easier Deployment• Broader Adoption
Deliverables:• Console Consolidation• Fewer Agents
Value:• Easier Policy Management• Reduced Computing Resources
Endpoint
Intrusion Prevention
Web Gateway
Advanced Malware
SIEM
DLP
Firewall
Mail Gateway
Compliance
McAfee Security Connected EvolutionAchieving A Connected Ecosystem
.
McAfee Confidential8
McAfee Security Connected EvolutionAchieving A Connected Ecosystem
Consolidating Architectures
Challenge:• Operational Complexity• Console Sprawl
Need:• Easier Deployment• Broader Adoption
Deliverables:• Console Consolidation• Fewer Agents
Value:• Easier policy management• Reduced computing resources
Firewall
Intrusion Prevention
Web Gateway
DLPMail Gateway
Achieving Return on Investment
Challenge:• Reduce Budgets• Greater Operational Expense• Reduced Staffing
Need:
• Self Provisioning• Reduced Infrastructure Overhead
Deliverables:• Virtual / Cloud Security• Fewer Appliances• Reduced Vendor Footprint
Value:
• Significantly Reduced TCO• Simplified Operational Experience
EndpointAdvanced Malware
SIEMCompliance
.
McAfee Confidential9
Firewall
Mail Gateway
Intrusion Prevention
Web Gateway
DLP
EndpointAdvanced Malware
McAfee Security Connected EvolutionAchieving A Connected Ecosystem
Achieving Return on Investment
Challenge:• Reduce Budgets• Greater Operational Expense• Reduced Staffing
Need:
• Self Provisioning• Reduced Infrastructure
Deliverables:• Virtual / Cloud Security• Fewer Appliances• Reduced vendor footprint
Value:• Significantly reduced TCO• Simplified operational experience
Connected Services Framework
Challenge:• Siloed Technology Failures• Complex Attacks
Need:• Coordinated Response• Adaptive Security Environment
Deliverables:• Data Exchange Framework• Standardized Integration Model
Value:• Sustainable Integrations• Adaptive Protection Models
SIEMCompliance
.
McAfee Confidential10
A Connected Services Architecture Is Not…
• A Single Vendor Solution
• A Monolithic Architecture
• The Continuous Addition of New Technologies
• A New Environment Requiring More Resources to Maintain
• Massive Rip/Replace of Security Infrastructure
McAfee Security Connected EvolutionDebunking Common Obstacles
.
McAfee Confidential11
2001 201402 03 04 05 06 07 08 09 10 11 12 13
Consistently Creating Operational EffectivenessInnovating the Security Connected Concept
Consolidated Agent • Reduced endpoint agent footprint
to a single agent
• Increased hardware lifespan by
reducing host footprint/load
.
McAfee Confidential12
2001 201402 03 04 05 06 07 08 09 10 11 12 13
Consolidated Agent
• Consolidated endpoint console
management to a single interface via ePO
• Significantly reduced administrative
burden
Single Console
Consistently Creating Operational EffectivenessInnovating the Security Connected Concept
.
McAfee Confidential13
2001 201402 03 04 05 06 07 08 09 10 11 12 13
Consolidated Agent
Single Console
Network/VulnerabilityManagement
Network/Endpoint Integration
• Delivered endpoint contextual
information within network alerting
• Created relevance and actionability
within the network security environment
Consistently Creating Operational EffectivenessInnovating the Security Connected Concept
.
McAfee Confidential14
2001 201402 03 04 05 06 07 08 09 10 11 12 13
Consolidated Agent
Single Console
Network/VulnerabilityManagement
Network/Endpoint Integration
SecurityInnovation Alliance
Global ThreatIntelligence
Endpoint/Vulnerability Management
Hybrid WebProtection • Shared cross-vector threat
information across product-sets
• Delivered actionable
intelligence to provide adaptive
protection
Consistently Creating Operational EffectivenessInnovating the Security Connected Concept
.
McAfee Confidential15
2001 201402 03 04 05 06 07 08 09 10 11 12 13
Consolidated Agent
Single Console
Network/VulnerabilityManagement
Network/Endpoint Integration
SecurityInnovation Alliance
Global ThreatIntelligence
Endpoint/Vulnerability Management
Hybrid WebProtection
Host/ NetworkDLP Consolidation
Endpoint/ WebGateway Integration
One Time Password/ Web Gateway
Integration
AdvancedThreat Defense
Click to
Protect
Threat IntelligenceExchange• Delivers new architecture for products
to share threat data
• Introduces realtime adaptive threat
protection
• Enables an organization’s security
posture to instantly self-improve
Consistently Creating Operational EffectivenessInnovating the Security Connected Concept
.
McAfee Confidential16
Endpoint SecurityNetwork Security
Deep Security
Context and Orchestration
SecurityManagement
Analytics
Threat Intelligence
The McAfee Security Connected Platform
. 16McAfee Confidential
.
McAfee Confidential17
Endpoint SecurityNetwork Security
Deep Security
Context and Orchestration
SecurityManagement
Analytics
Threat Intelligence
The McAfee Security Connected Platform
. 17McAfee Confidential
.
McAfee Confidential18
Complete Protection From Endpoint to Network
NGFW
SIEM
TIE Server
Endpoint
Enabling a Next Generation Architecture
SIA Partners /3rd Parties
NSP
Web / Mail GatewayATD
DLP
.
McAfee Confidential18
.
McAfee Confidential19
Security Management
Countermeasures
Threat Intelligence
Analytics
Context and Orchestration
Complete Platform to Deliver Integrated Protection
OPTIMIZED PERFORMANCE FOR ACTIONABLE DECISION-MAKING
ADAPTIVE INTELLIGENCE PROVIDES STRONGER PROTECTION
BROAD DEFENSIVE COVERAGE FROM ENDPOINT TO NETWORK
SIMPLIFIED MANAGEMENT EXPERIENCE REDUCES EFFORT AND COST
INTEGRATED DATA EXCHANGE DELIVERS COHESIVE DEFENSE
.
McAfee Confidential20
SIA Associate PartnerSIA Technology Partner (McAfee Compatible)
McAfee’s Extensible Platform for Security Risk ManagementIndustry Leadership to Drive Better Protection, Greater Compliance, and Lower TCO
21