Infoblox - Protecting You Devices from Security...

1 | © 2013 Infoblox Inc. All Rights Reserved. 1 | © 2013 Infoblox Inc. All Rights Reserved. 1 | © 2013 Infoblox Inc. All Rights Reserved.

Texas A&M Technology Summit Protecting Your Devices from Security Threats in Today’s University 2/17/16


Why Should Universities Care?

Internet of Things (IoT) and BYOD is making your network even larger… 1. How do I ensure staff and students can connect to my network and be producEve? 2. How do I ensure Wi-‐Fi access across my enEre campus (including my stadium)? 3. How do I keep up with managing so many IP’s? 4. How do I manage a growing network with a small staff? 5. How do I secure a now larger potenEal aPack surface for hackers?

With DNS being the fastest growing aPack vector, and so many users… 1. How do I prevent malware on devices I do not own? 2. How do I remediate malware on devices and enable my kill chain procedures? 3. How do I ensure that student SS numbers and credit card informaEon is not leaving my network?

4. How do I prevent DDOS aPacks at my physical infrastructure over DNS since it is such a criEcal network service?


Automate the most time-consuming network tasks

like discovery, change and configuration management

Infoblox Approach

Control

Automate

Secure

Address risk to critical infrastructure first. Protect against external attacks & malware call-backs

Deliver reliable, high performance network services for

data center, branch, cloud


Without Infoblox IN

TER

NET

IN

TRA

NET

MICROSOFT DNS

MICROSOFT DHCP

AMSTERDAM

DM

Z A

PPS

&

END

-PO

INTS

APPS & END POINTS

FIREWALL

BIND DNS EUROPE

BIND DNS AMERICAS

INTERNET

BIND DNS APJ

Vulnerable Vulnerable Vulnerable

Vulnerable (Malware)

Vulnerable Vulnerable Vulnerable

Security Vulnerabilities •  Hacks of DNS server •  External attacks (DNS DDoS) •  Malware inside network

Management Silos •  Multiple points of management •  Multiple data silos

MICROSOFT DNS

MICROSOFT DHCP

CHICAGO

MICROSOFT DNS

MICROSOFT DHCP

SINGAPORE

Single Points of Failure


With Infoblox IN

TER

NET

IN

TRA

NET

MICROSOFT DNS

MICROSOFT DHCP

AMSTERDAM

DM

Z A

PPS

&

END

-PO

INTS

APPS & END POINTS

FIREWALL

BIND DNS EUROPE

BIND DNS AMERICAS

INTERNET

BIND DNS APJ

CHICAGO

MICROSOFT DNS

MICROSOFT DHCP

SINGAPORE

MICROSOFT DHCP

MICROSOFT DNS

Secure ü  Secure Platform ü  Protection from external attacks ü  Block Malware call-backs ü  Identify infected devices

Efficient ü  ONE authoritative data source ü  All managed as ONE system

Resilient ü  HA = No single point of failure

V


DNS is a rich target

DNS is the cornerstone

protocol of the Internet used by everyone

and everything

DNS as a Protocol is

easy to exploit

DNS Outage = Business Downtime

Traditional protection is ineffective

against evolving DNS threats

No one is really looking


Security and Universities…

University based in Michigan •  Top 100 Public UniversiEes in USA •  Interconnected campuses covering 1200

acres and 143 buildings •  25,000 students in Graduate and

Undergraduate programs

Problem •  Connect to/from anywhere, they have an

“open network policy” •  Big challenge to miEgate 20k+ endpoints •  Needed to evaluate their security posture •  Installed Infoblox RPZ •  Thousands of student laptops were infected •  Immediate protecEon needed!

Current University Customers in the South Central


Why is DNS a concern?

Firewall/NGFW

Why is DNS a threat?

Business Value •  Avoid Outages/Downtime

•  Reputation/Brand/IP Protection against breach

•  Compliance – HIPPA, PCI, other

Reputational •  Threat Feed (RPZ)

•  Malware •  Command &

Control •  Geo

•  Eco-System (Integrations) •  Carbon Black •  Fire Eye •  Cisco ISE •  Rapid 7 •  STIX/TAXII

App Offerings Salesforce.com Office 365 Workday – HR SAP

IPS/IDS

Email/SPAM

Web Proxy

Your SIEM Solution (ex: Splunk) •  Centralized logging and reporting

Biz IP/Data

DNS

DNS communications via port 53 and is not protected by most of these tools and the ones that can block are not focused nor

have the primary function to protect

DNS APT/Sandbox

Signature •  “Known Threats” •  DNS Tunneling •  Protocol Vulnerabilities

•  DNS •  DHCP •  NTP

•  Infra Protection •  DDoS •  H/W Acceleration

Behavioral •  “Unknown Threats” •  Analytics

•  Size •  Sequence •  Words •  Machine vs. Human

•  Data Exfiltration •  “Zero day” threats

Summary

“Complete DNS Protection” •  Reputational •  Signature •  Behavioral


Analyst Report Highlights

Infoblox is the leader in DDI brand awareness and 45% of install base

Infoblox achieved 50% market share – 3X next competitor

Centrally managing IP services at this degree of scale requires robust DDI solutions

Ad hoc approaches likely will not be sufficient to meet the security, management, and control challenges facing IT

DDI — shorthand for DNS, DHCP, and IPAM — is a critical networking technology for every IT organization

“All Organizations Should Consider Infoblox” -- Gartner

Commercial DDI solutions can reduce OPEX by 50% or more”

Infoblox - Protecting You Devices from Security...

Documents

Transcript of Infoblox - Protecting You Devices from Security...