SELF DEFENDING NETWORK

( The Next Generation Of Network Security )

Presented BySwarna Bhargava ( MCA Vsem. )

Guided By Rashmi Gupta Mam

Page 2

Agenda

Self-Defending Network Concept Why do we need SDN’s? Foundation of the SDN?

Endpoint Protection Admission Control Infection Containment Intelligent Correlation and Incident Response Inline IDS and Anomaly Detection Application Security and Anti-X Defense

Summary

Page 3

Self-Defending Network (SDN) Concept

It is a systems-based solution that allows entities to use their

existing infrastructure in new ways to:

Reduce windows of valuability

Minimize the impact of attacks

Improve overall infrastructure availability and reliability

SDN also helps create autonomous systems that can

quickly react on attacks and can make decision to

security.

Page 4

Why do we need SDN’s?

Evolution of network Evolution of attacks on networks

Traditional approach Defense-in-depth

Proactive defense mechanisms

SDN approach

Adaptive defense mechanisms

Proactive solutions frontload defense mechanisms

Key elements of an adaptive solution:

Remain active at all times

Perform in easy way

Minimize propagation of attacks

Quickly respond to as-yet unknown attacks

Page 5

Proactive Defense Example

Internet

Outer Firewall

DMZ

Inner Firewall

InternalCorp.

Network

Servers (e.g. web, e-mail, proxy)

DevelopmentNetwork

Page 6

Foundation of a SDN

Endpoint Protection Admission Control Infection Containment Intelligent Correlation and Incident

Response Inline IDS and Anomaly Detection Application Security and Anti-X Defense

Page 7

Endpoint Protection

Cisco Security Agent

Point of presence on end user systems that enables

efficient exchange of valuable network threat

information as it occurs

Endpoint system virus, worm detection/protection

Page 8

Admission Control

Not only core component of a CSDN, but

incorporated into other technologies by over 30

industry-leading vendors

Network Admission Control (NAC) assists in

determining the level of access to grant an end-user

system in accordance with the security policy when it

initially joins the network

NAC also assists in managing end-user system’s

compliance with security patches and updates

Page 9

Infection Containment

The ability to identify non-compliant systems or network attacks as they occur and react appropriately, minimizing the effect of the breech

Potentially the #1 core component of a secure system belonging to a CSDN

Page 10

Intelligent Correction and Incident Response

Services that provide the ability to exchange:

Event information

Implications of an event occurring

Necessary actions to take

The appropriate nodes or systems to enforce

actions in real-time

These services aide in adapting to changes and

countering attacks that are occurring in the network

as they occur rather than after they occur

Page 11

Application Security and Anti-X Defense

A menagerie of application layer security products that address the “ever-evolving” classes of threats which are not effectively addressed by traditional firewall and network IDS products

Threat examples:E-mail based SPAM and phishingSpywareUnauthorized peer-to-peer activity

Page 12

Summary

Encompassing security solution that is proactive AND adaptive in nature that envelopes every level of network security rather than just specific layers

Key difference in CSDN and traditional security solutions…ability of CSDN’s to communicate and share information among different security products employed within the CSDN

Page 13

THANK YOU