“i7 Networks” Manjunath M Gowda CEO & co-founder, i7 Networks.

“i7 Networks”

Manjunath M GowdaCEO & co-founder, i7 Networks

“If you are an Enterprise allowing BYODs (with or without MDM) to connect to corporate network, then follow me…..”

(else back to your emails on your phone )

“one SSH session from a mobile/tablet is all it takes to

breach your network”

Real story that happened in a US based publicly traded software

product company …..

….

Corporate Network

Firewall

SSH,FTP, ..

SSH, FTP…

Corporate Resources

Malicious APPs

Malicious Server

Reverse SSH Tunnel

SSH

Copyright i7 Networks, i7nw.com

There are 2 ways to protect your network from BYODs :


“To protect themselves against the BYOD threats, organizations:

• need Visibility into precisely • what are these devices, • what are they doing/accessing, and • how to enforce control over these access, • something that can’t be captured with

traditional technologies”

“Introducing i7’s Peregrine7”


Copyright i7 Networks, i7nw.com, [email protected]

Enterprise

MDM manage

d Devices

Unauthorized devices

Unmanaged devices

IoT devices

Unauthorized Apps

Apps from Alternate

Stores

Unsupported-OS devices Compromised

devices

Hot-spotted devices

Rogue/Insecure Devices

Vulnerable Devices

Authorized Apps

SSHSSH

FTP SVN


Enterprise

MDM manage

d Devices

Unauthorized devices

Unmanaged devices

IoT devices

Unauthorized Apps

Apps from Alternate

Stores

Unsupported-OS devices Compromised

devices

Hot-spotted devices

Rogue/Insecure Devices

Vulnerable Devices

Authorized Apps

Peregrine7

SSH

FTP

“We provide complete

Visibility

Unique Device, App & Protocol Fingerprinting

Security & Vulnerability Analysis

Multi-Tier Secure-Granular Access Controls

for all your smart devices and apps”Copyright i7 Networks, i7nw.com

“Our deployment is Super Simple….”


All done 100% Agentless & Non-Intrusive. No app or client to install on the device - Zero-touch/Zero Footprint”

“Appliance connected to span port - hence Zero Latency and hence Zero Risk for IT to try out too!!

Fits into any network

Zero Burden on the IT/Support staff.


Let’s see some of the screen shots of Peregrine7 ……



BYOD inventory analysis

Integrates with

• 100% Agentless and non-intrusive (Zero-Footprint)

• Access control while being Offline/out-of-band (Zero Latency)

• Visibility via Hot-spotting & Wi-Fi Sniffing

• App Recognition on the Wire

• Device Compromise Check (Jailbroken/Rooted)

• Close Integration with Google Apps / Exchange / Office365 to provide MDM capabilities

Different from Competition


Paying Customers

Indian Conglomerate with more than 75,000 employees and a multi-billion dollar company; Managing 1500 users for now

Indian services company with more than 1,000 employees and a multi-million dollar company;Managing 1000 users

Indian data center with more than 3,000 employees and a multi-million dollar company;Managing 1000 users

Plus Dozens of large POC customers

Ideation – Jan 2013Released 1.0 – Sept

2013

Awards & Accolades

Investors & Advisors

Manju, CEO & Co-Founder23 yrs. second startupFirst one (s7) got acquired by Bluecoat (Jan 2010) for $8.4MnExtremely good in GTM, Marketing & ExecutingBE, MS (Computer Sc.)MD for Bristol India and Bluecoat IndiaBristol, Wipro, S7, Bluecoat

Sachin, Chief mNetwork Architect, Co-FounderFew patents in the security space12+ years; worked with the team in S7BE (Comp Sc.)S7, Bluecoat

Srinivas, Chief mSecurity Architect, Co-FounderExpert in Cyber security; MS from IIT-B12+ years of exp.Few patents in the security spaceHP, Bluecoat

Jagadish, Senior Principal Engineer5+ years of Exp.Worked in S7 S7, Bluecoat

Geeta, Content-Marketing, inside-sales5+ years of Exp.Iron Mountain, Autonomy, Bluecoat

Brian Nesmith, ex-CEO of Bluecoat Systems, USA

Sharad Sharma, ex-CEO of Yahoo R&D, India

Core Te

am

Team together for second time; 1st venture S7 Software, ran successfully for 6 years & was acquired by Bluecoat Systems from the valley for $8.4Mn

Ofer Elzam, Dir. Network Security Sophos, USA

Questions?


[email protected]@i7networks

mailto:[email protected]

“Additional Slides…..”



Single device in-depth Security Analysis

Tall Claims!!! but Let’s get drilled into details…..


Continuous Monitoring

2. Complete Visibility & Discovery

3. Detailed Fingerprinting of the device and the Apps

5. Vulnerability and malicious assessment (Intrusions, Trojans)

6. Granular policy enforcement (MULTI-

TIER)

8. Analytics, Log, Audit &

Compliance Reporting

1. Entry Verification – Corporate Wi-Fi or

VPN? Which Wi-Fi?

Deny

4. Compromised (Jailbroken/Rooted),

Unauthorized, Unmanaged, hot-spotting check (Devices & Apps)

Deny

7. Device Management with integration of

Google Apps/Exchange / office 365

Not what the device tells us what it is but we find out what the device it……


DHCP Fingerprinting

TCP/IP fingerprinting

User Agent Analysis

Our Device profile Database Analysis

The Secure Fingerprinting Process

Various other Networking Parameters

What access to allow and what not to allow based on MULTI-TIER:

D = DeviceU = UserA = AppsL = Location of the branch officeT = TimeI = Intrusions, malicious.E = End point integrity (compromised)?R = What Resource?


Granular Policy Enforcement

D

U A

L

TI

E

R

Let me get further deeper into our Security and Vulnerability details…..


Check for internal intrusions-using

BYOD specific internal IDS

Check for malwares n/w signatures, C&C servers against our database +

3rd party

Check for vulnerabilities – CVE and other databases

(DVI*)

Check for Anomalies, Patterns, Issues (port/protocol analysis, Blacklist, C&C, GeoIP) (DTI*)

Security and Vulnerability check

Check for EPP tools, & bad URLs

Check for Jailbroken/Rooted (again agentless)

“i7 Networks” Manjunath M Gowda CEO & co-founder, i7 Networks.

Documents

Transcript of “i7 Networks” Manjunath M Gowda CEO & co-founder, i7 Networks.