Self Defending Network
-
Upload
swarna-gautam -
Category
Internet
-
view
276 -
download
1
description
Transcript of Self Defending Network
SELF DEFENDING NETWORK
( The Next Generation Of Network Security )
Presented BySwarna Bhargava ( MCA Vsem. )
Guided By Rashmi Gupta Mam
Page 2
Agenda
Self-Defending Network Concept Why do we need SDN’s? Foundation of the SDN?
Endpoint Protection Admission Control Infection Containment Intelligent Correlation and Incident Response Inline IDS and Anomaly Detection Application Security and Anti-X Defense
Summary
Page 3
Self-Defending Network (SDN) Concept
It is a systems-based solution that allows entities to use their
existing infrastructure in new ways to:
Reduce windows of valuability
Minimize the impact of attacks
Improve overall infrastructure availability and reliability
SDN also helps create autonomous systems that can
quickly react on attacks and can make decision to
security.
Page 4
Why do we need SDN’s?
Evolution of network Evolution of attacks on networks
Traditional approach Defense-in-depth
Proactive defense mechanisms
SDN approach
Adaptive defense mechanisms
Proactive solutions frontload defense mechanisms
Key elements of an adaptive solution:
Remain active at all times
Perform in easy way
Minimize propagation of attacks
Quickly respond to as-yet unknown attacks
Page 5
Proactive Defense Example
Internet
Outer Firewall
DMZ
Inner Firewall
InternalCorp.
Network
Servers (e.g. web, e-mail, proxy)
DevelopmentNetwork
Page 6
Foundation of a SDN
Endpoint Protection Admission Control Infection Containment Intelligent Correlation and Incident
Response Inline IDS and Anomaly Detection Application Security and Anti-X Defense
Page 7
Endpoint Protection
Cisco Security Agent
Point of presence on end user systems that enables
efficient exchange of valuable network threat
information as it occurs
Endpoint system virus, worm detection/protection
Page 8
Admission Control
Not only core component of a CSDN, but
incorporated into other technologies by over 30
industry-leading vendors
Network Admission Control (NAC) assists in
determining the level of access to grant an end-user
system in accordance with the security policy when it
initially joins the network
NAC also assists in managing end-user system’s
compliance with security patches and updates
Page 9
Infection Containment
The ability to identify non-compliant systems or network attacks as they occur and react appropriately, minimizing the effect of the breech
Potentially the #1 core component of a secure system belonging to a CSDN
Page 10
Intelligent Correction and Incident Response
Services that provide the ability to exchange:
Event information
Implications of an event occurring
Necessary actions to take
The appropriate nodes or systems to enforce
actions in real-time
These services aide in adapting to changes and
countering attacks that are occurring in the network
as they occur rather than after they occur
Page 11
Application Security and Anti-X Defense
A menagerie of application layer security products that address the “ever-evolving” classes of threats which are not effectively addressed by traditional firewall and network IDS products
Threat examples:E-mail based SPAM and phishingSpywareUnauthorized peer-to-peer activity
Page 12
Summary
Encompassing security solution that is proactive AND adaptive in nature that envelopes every level of network security rather than just specific layers
Key difference in CSDN and traditional security solutions…ability of CSDN’s to communicate and share information among different security products employed within the CSDN
Page 13
THANK YOU