Cisco Expo 2012...Cisco Expo 2012 Lokalna mreža...

of 23/23
Cisco Expo 2012 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 1 © 2012 Cisco and/or its affiliates. All rights reserved. Emilio Vidas , Tomislav Jaklin
  • date post

    06-Feb-2020
  • Category

    Documents

  • view

    1
  • download

    0

Embed Size (px)

Transcript of Cisco Expo 2012...Cisco Expo 2012 Lokalna mreža...

  • Cisco Expo 2012

    © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11© 2012 Cisco and/or its affiliates. All rights reserved.

    Emilio Vidas , Tomislav Jaklin

  • Cisco Expo 2012

    • Interni ili externi IT

    • Infrastruktura

    • Aplikativni programi

    • Podaci

    © 2012 Cisco and/or its affiliates. All rights reserved. 2

    • Visoka dostupnost

    • Pouzdanost

    • Uposlenici

    • Definiranje sigurnosnih politika

  • Cisco Expo 2012

    Lokalna

    mreža

    Internet

    - Računovodstvo

    - Dopisi

    - Evidencija

    - Bankarstvo

    - Naručivanje

    - Informiranje

    - Udaljeni pristup

    - Ambulantna

    Smanjiti troškove

    Produktivnost

    © 2012 Cisco and/or its affiliates. All rights reserved. 3

    Smetnja ili napad

    - Evidencija

    - Osobni programi

    - E pošta

    - Ambulantna

    prodaja

    - Kontakti

    - Društvene mreže

    - Unutarnja

    - Vanjska

  • Cisco Expo 2012

    Izloženost

    Moguće vrste napada

    Kako se zaštititi

    © 2012 Cisco and/or its affiliates. All rights reserved. 4

    Kako se zaštititi

    Procjena štete

    Postupci za saniranje štete

  • Cisco Expo 2012

    Cijena

    Resursi

    Odgovornost

    © 2012 Cisco and/or its affiliates. All rights reserved. 5

    Odgovornost

    Tehnološka rješenja

    Netehnološki zahtjevi

  • Cisco Expo 2012

    Plan

    DesignPrimjena

    © 2012 Cisco and/or its affiliates. All rights reserved. 6

    Design

    Implementacija

  • Cisco Expo 2012

    Ironport Email Security Breakdown

    7© 2012 Cisco and/or its affiliates. All rights reserved.

    Breakdown

  • Cisco Expo 2012

    • Antispam protection

    Outbreak filter

    CASE (Context Adaptive Scanning Engine)

    SBRS filtering (Senderbase reputation filtering)

    • Malware protection (antivirus)

    © 2012 Cisco and/or its affiliates. All rights reserved. 8

    • Data Loss Prevention (DLP)

    • Email encryption

  • Cisco Expo 2012

    • Najveća mreža za nadziranje email i web prometa

    • Prikuplja podatke o više od 25% ukupnog email prometa

    • Real-time pogled na prijetnje

    • Baza za ostale prevencije

    © 2012 Cisco and/or its affiliates. All rights reserved. 9

  • Cisco Expo 2012

    • Pomoću Senderbase podataka generira se reputacija između -10 i +10

    • Na temelju reputacije primjenjuju se definirana pravila

    • Limitiranje broja konekcija sa hosta

    • False positive – manje od 1 od 1 000 000

    © 2012 Cisco and/or its affiliates. All rights reserved. 10

    • False positive – manje od 1 od 1 000 000

    • Web interface omogućava jednostavno upravljanje pravilima prema grupama korisnika

  • Cisco Expo 2012

    • Reputation filter zaustavlja 90 posto ulaznih prijetnji na razini konekcije

    • Analiza reputacije URLova unutar poruke

    • CASE (Context Adaptive Scanning Engine)

    Analizira kontekst i strukturu poruke

    © 2012 Cisco and/or its affiliates. All rights reserved. 11

    Analizira kontekst i strukturu poruke

    Odluka je kombinacija rezultata CASE i reputacije

  • Cisco Expo 2012

    • SenderBase registrira anomalije na globalnoj razini te identificiraepidemiju virusa

    • Ironport Threat Operation Center – 24x7 nadzor nadpotencijalnim prijetnjama, ljudska kontrola potvrđivanja epidemija

    © 2012 Cisco and/or its affiliates. All rights reserved. 12

  • Cisco Expo 2012

    • Sophos antivirus (opcija dodatno McAffee)

    • “Pattern matching” – klasična antivirus analiza usporedbom uzoraka

    • Heurestička analiza – složena analiza ponašanja

    © 2012 Cisco and/or its affiliates. All rights reserved. 13

  • Cisco Expo 2012

    • Curenje povjerljivih informacija može negativno utjecati na kompaniju

    • Novčane kazne

    • Negativan publicitet

    • Gubitak klijenata

    © 2012 Cisco and/or its affiliates. All rights reserved. 14

    • Gubitak klijenata

    • DLP analizira sadržaj, kontekst i odredište prema pravilima određenim unutar kompanije

  • Cisco Expo 2012

    Pojednostavljena struktura sigurnosnog rješenja

    15© 2012 Cisco and/or its affiliates. All rights reserved.

  • Cisco Expo 2012

    © 2012 Cisco and/or its affiliates. All rights reserved. 16

  • Cisco Expo 2012

    Ironport Web Security

    17© 2012 Cisco and/or its affiliates. All rights reserved.

    Ironport Web Security

  • Cisco Expo 2012

    • SenderBase

    • Web Reputation Filter

    • Threat Operations Center

    • Dinamičko ažuriranje

    © 2012 Cisco and/or its affiliates. All rights reserved. 18

  • Cisco Expo 2012

    • Sigurnost protiv malwarea

    • Kontrola web prometa i aplikacija

    • Sprječavanje curenja podataka

    © 2012 Cisco and/or its affiliates. All rights reserved. 19

  • Cisco Expo 2012

    • Predefinirane kategorije (65 kategorija)

    • Mogučnost dodavanja kategorija pomoću regularnih izraza

    • Dinamička analiza sadržaja

    • Definiranje politika na bazi grupe korisnika

    © 2012 Cisco and/or its affiliates. All rights reserved. 20

    • Integracija sa AD i LDAP

    • Detaljni interaktivni izvještaji za lakšu administraciju

  • Cisco Expo 2012

    • Koristi se SenderBase za analizu reputacije URLa

    • Svaki objekt na web stranici skenira se posebno, ne samo izvorni zahtjev

    © 2012 Cisco and/or its affiliates. All rights reserved. 21

  • Cisco Expo 2012

    Emilio Vidas Tomislav Jaklin

    © 2012 Cisco and/or its affiliates. All rights reserved. 22

    Emilio Vidas

    [email protected]

    Tel: 385 1 3688 664

    Fax: 385 1 3688 649

    Mob: 385 99 3688 664

    Tomislav Jaklin

    [email protected]

    Tel: 385 1 3688 648

    Fax: 385 1 3688 649

    Mob: 385 91 2688 648

  • Thank you.Thank you.