clavister neteye amp neteye cloud
play

Clavister NetEye & NetEye Cloud. Version: 2019Q2 Encryption - PowerPoint PPT Presentation

Dec 02, 2023 •200 likes •408 views

Clavister NetEye & NetEye Cloud. Version: 2019Q2 Encryption does 80 % of pages loaded in Chrome on Windows are not mean content HTTPS, up from 69% last year . is SAFE. - GOOGLE'S HTTPS ENCRYPTION TRANSPARENCY REPORT DEC 18

  1. Clavister NetEye & NetEye Cloud. Version: 2019Q2

  2. Encryption does ” 80 % of pages loaded in Chrome on Windows are not mean content HTTPS, up from 69% last year .” is SAFE. - GOOGLE'S HTTPS ENCRYPTION TRANSPARENCY REPORT – DEC 18 High risk that threats enter the > 50% of all perimeter via network attacks secure hide in SSL transactions. GARTNER MENU MENU

  3. End-user Security Firewall Virtual Firewall • Therefore end-point security clients are always Central Management must haves in combination with a perimeter Identity Management firewall. VPN Tunnel ion otectio Prot Headquarters ser Pr End-Use Windows and macOS endpoint End security clients Remote worker Branch offices VPN Clients MENU

  4. End-user Security Firewall Virtual Firewall • Therefore end-point security clients are always must Central Management haves in combination with a perimeter firewall. Identity Management • However … not all clients are supported VPN Tunnel • Administration and management are challenges ion otectio Prot Headquarters ser Pr End-Use Windows and Mobile? IoT? Linux? macOS endpoint End security clients Remote worker Branch offices VPN Clients MENU

  5. How about SSL Inspection? Enabling SSL Inspection has a 60% - 80% drop in the average throughput on NGFWs with the functionality built in. NSS LABS – JULY 18 • Expensive • Complex nspection • Low QoS Headquarters L Insp Windows and macOS endpoint SSL SS security clients Remote worker Branch offices VPN Clients MENU

  6. A new approach required - Advanced Threat Protection • A complementary appliance – virtual or hardware Secure Web Server • Selective traffic routed ion Threat Protectio through • SSL Decryption Headquarters • Multiple scanning Advanced Th Windows and macOS endpoint engines security clients • Cloud Sandboxing Adv Remote worker Branch offices VPN Clients applied if needed MENU

  7. • Advanced Threat Protection • Integrated SSL Inspection with anti-virus scanning up to 2000 Mbit/s of Web traffic! • Cloud Sandboxing for controlled detonation • Complementary to any firewall! High-end appliance empowering enterprises and multi-site organizations screen encrypted traffic for threats.

  8. • Advanced Threat Protection as-a- Service Clavister NetEye Cloud • Traffic sent to the cloud securely via IPSec tunnels (and back) Secure Web Server • Full SSL Inspection and multiple malware scanning engines • No additional HW on-site required On-demand SSL Inspection with minimum impact on your firewall

  9. Clavister Clavister NetEye Cloud Sandbox Cloud • Suspic icious executable files files scanned by NetEye that need more investigation are send to Clavister Sandbox Cloud • Windows environment used for con ontrolle led deton onation • Im Impact analy lysis is and reporting back to administrator • Run as-a-Service, no o on on-sit ite HW HW required Controlled detonation outside the secure perimeter

  10. Secure Web Server Whats included? Management Logs • Managed solution Customer has no no access to NetEye instance • Logs/analyze in InCenter Clients

  11. Integrated Reporting in InCenter. • Clavister InCenter Cloud license included with each Clavister NetEye • Analytics combined with Clavister NetWall and other Clavister products Integrated Holistic Security Analytics

  12. Certificates / / Man-in in-the-Middle Secure Web Server • Act as Back-2-Back User Agent • Client needs to install same cert as managed by NetEye • NetEye not visible for client

  13. Setup appliance/virtual If NAT, it should be after NetEye. If not, log will not be • FW is responsible to route traceable to specific traffic to NetEye. Log IP 88.3.4.23 client Src 10.0.0.30 • NetEye works on L3 (L2 is supported for specific cases) NAT • Any FW works! • NetEye will have its own white/blacklists • Only defined ports will be decrypted • Route web traffic to NetEye • Only define ports will be scanned • Whitelist via FQDN PBR (all decrypted) • Save throughput for trusted destination • • Ex: YouTube, Microsoft, Twitter etc White/blacklist • Applications that dont work man-in-the-middle • Traffic can be bypassed • Health/Finance (WCF) Client • Etc IP 10.0.0.30 • Support will guide customer with these steps (if FW is Clavister)

  14. Setup Clo loud • Same decisions in FW IP 104.2.42.4 • Traffic is sent in IPsec tunnel to NetEye instance in cloud • Traffic is NOT sent back to FW again IP 88.3.4.23 • NAT Different IP addresses from same client • Localized to where cloud platform is available Same routing decisions Client IP 10.0.0.30

  15. Could be hours… Sandbox Admin Threat! HTTPS Encrypt Check cache? Decrypt .exe HTTP Web Server Client migh ight be infected Has file been scanned before (compare checksum)? -> If NO, send to sandbox AN AND Client

  16. Clavister NetEye. Clavister NetEye Advanced Threat Protection SKU Platform Model SSL Performance Interfaces Connect Protect Prevent Clavister NetEye 50 Virtual NE-50V 50 Mbps Antivirus Scanning Clavister NetEye 100 Virtual NE-100V 100 Mbps SSL Traffic Inspection Clavister NetEye 250 Virtual NE-250V 250 Mbps Sandboxing Clavister NetEye 500 Virtual NE-500V 500 Mbps Clavister NetEye 8000 Rack Appliance NE-8000 2 CPU, 20 Core each, 16GB 500 Mbps 1 x RJ45 Modules SKU Ram 4 x Module Clavister NetEye 8500 Rack Appliance NE-8500 2 CPU, 20 Core each, 16GB 1000 Mbps 1 x RJ45 Interface module 2x10 GbE SFP+ APP-CM-NET120 Ram 4 x Module Clavister NetEye 8900 Rack Appliance NE-8900 2 CPU, 20 Core each, 16GB 2000 Mbps 1 x RJ45 Ram 4 x Module Licensing Option * Security Subscription * Sandbox always hosted in the Cloud

  17. Clavister NetEye Cloud. Clavister NetEye Cloud Advanced Threat Protection hosted as a service in Clavister Cloud SKU Format Connect Protect Prevent Model SSL Performance Interfaces Antivirus Clavister NetEye 50 Cloud NE-50C 50 Mbps IPSEC Scanning Clavister NetEye 100 Cloud NE-100C 100 Mbps IPSEC SSL Traffic Inspection Clavister NetEye 250 Cloud NE-250C 250 Mbps IPSEC Sandboxing Clavister NetEye 500 Cloud NE-500C 500 Mbps IPSEC Licensing Option * Security Subscription * Sandbox always hosted in the Cloud

  18. Costs • Clavister NetEye and Clavister NetEye cloud are priced for peak throughput • Throughput only of HTTP and HTTPS traffic that needs decryption and scanning • Trusted domains can be excluded in the policy routing configured in the firewall • Example pricing: • 50 Mbit/s will serve 50 users or more – down to 1 Euro a month for virtual • 2000 Mbit/s will sever over 2000 users, under 1 Euro a month including HW • 500 Mbit/s will serve 600 users or more – down to 1 Euro a month including cloud costs! • Clavister InCenter Cloud for Clavister NetEye always included!

  19. Summary – Key Results • Advanced Threat Protection dedicated SSL Inspection with integrated malware scanning • Always latest signatures installed in Clavister NetEye Cloud • ion Secure detonation outside the Threat Protectio enterprise perimeter • Limited to no impact on firewall performance Advanced Th Clavister NetEye gives peace of Adv mind without need to upgrade security infrastructure. MENU

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come from? Why Cloud? Cloud for small, medium, enterprise, and government Barriers to adoption Embracing Cloud Social Mobile Cloud

972 views • 45 slides
SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud

SAS and (the) Cloud Dave Annis SAS Solutions onDemand SAS and (the) Cloud Everyones Cloud Tour of the buzzwords, myths and realities Whats in store for me, the boss, the company, the industry? Your cloud, our cloud their

224 views • 19 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

Cornell CS5412 Cloud Computing (Spring 2015) 1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper! The cloud business model is growing at an unparalleled pace without any limit in sight

632 views • 45 slides
CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is

1 CS5412: THE CLOUD VALUE PROPOSITION Lecture XXII Ken Birman Cloud Hype 2 The cloud is cheaper The cloud business model is growing at an unparalleled pace without any limit in sight In the future everything will be on the cloud

945 views • 65 slides
The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2% of total US energy

The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2% of total US energy

The Data Furnace: Heating Up with Cloud Computing Jie Liu , Michel Goraczko, Jiakang Lu Sean James, Christian Belady Kamin Whitehouse Microsoft University of Virginia The Cloud Is Big! The Cloud Is Hot! IT industry Constitutes about 2%

551 views • 16 slides
Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing

Cloud Computing & Cloud Models Cloud Models Topics Defining cloud computing Understanding: Distributed Application Design Resource Management Automation Virtualized Computing Environments High-performance Computing

1.02k views • 49 slides
NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises

NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises

NVIDIA GPUs in the Cloud 4 EVOLVING CLOUD REQUIREMENTS On Off Hybrid Cloud premises premises Connecting clouds New workloads Components to disrupt SOFTLAYER CAPABILITIES OVERVIEW 5 GLOBAL CLOUD PLATFORM Unified architecture enabled by

390 views • 17 slides
github.com/18F/cg-workshop I Want You to use cloud.gov : Focus on mission " :

github.com/18F/cg-workshop I Want You to use cloud.gov : Focus on mission " :

09:00 Welcome Shashank Khandelwal 09:10 cloud.gov Overview 09:40 cloud.gov Hands-on I 10:20 Break 10:30 Federalist Will Slack 10:40 cloud.gov Hands-on II 11:30 Q & A github.com/18F/cg-workshop I Want You to use cloud.gov

461 views • 34 slides
Cloud Ross Mallace Commercial Director Cloud/SaaS Cloud is here. ALL By 2020 most core

Cloud Ross Mallace Commercial Director Cloud/SaaS Cloud is here. ALL By 2020 most core

Banking in the Cloud Ross Mallace Commercial Director Cloud/SaaS Cloud is here. ALL By 2020 most core most banking initiatives will be in the cloud John Schlesinger Changing Cloud Adoption in Financial Services Over 100

561 views • 20 slides
A vision for Carrier Cloud Networking... Itzik Weinstein, CEO 1 Cloud Services The Cloud is

A vision for Carrier Cloud Networking... Itzik Weinstein, CEO 1 Cloud Services The Cloud is

A vision for Carrier Cloud Networking... Itzik Weinstein, CEO 1 Cloud Services The Cloud is highly scalable, and managed infrastructure capable of hosting end- customer applications and billed by consumption. - Forrester Virtual

399 views • 6 slides
Cloud-Integrated IP Design: Bursting EDA Workflows to the Public Cloud Jerome McFarland,

Cloud-Integrated IP Design: Bursting EDA Workflows to the Public Cloud Jerome McFarland,

Cloud-Integrated IP Design: Bursting EDA Workflows to the Public Cloud Jerome McFarland, Marketing Director, Elastifile Agenda Why Cloud? How Cloud? Real-World Example Why Cloud? IC Design Complexity is Steadily Increasing Process

604 views • 31 slides
Cloud-iQ New features including xSP reporting Crayon Channel Team Cloud-iQ updates The Cloud-iQ

Cloud-iQ New features including xSP reporting Crayon Channel Team Cloud-iQ updates The Cloud-iQ

Cloud-iQ New features including xSP reporting Crayon Channel Team Cloud-iQ updates The Cloud-iQ Platform is Crayons Cloud Service Scaling Engine. Offering best in class self- provisioning, billing and reporting capabilities to

346 views • 12 slides
Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON

Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON

Building a Private Cloud Cloud Infrastructure Using Opensource Building a Private Cloud OSCON 2010 Building a Private Cloud with Ubuntu Server 10.04 Enterprise Cloud (Eucalyptus) OSCON 2010 (Note: Special thanks to Jim Beasley, my lead Cloud

604 views • 37 slides
SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right?

SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right?

SUSE OpenStack Cloud 126 126 What is SUSE OpenStack Cloud You know of Cloud Compute right? Maybe you use AWS or Azure? Allowing pay-as-you-go model for IT infrastructure and toward dynamic software-defined service delivery.

168 views • 16 slides
Towards ds a self elf auto tomated CE CERN Clo Cloud Jos Castro Len CERN Cloud

Towards ds a self elf auto tomated CE CERN Clo Cloud Jos Castro Len CERN Cloud

Towards ds a self elf auto tomated CE CERN Clo Cloud Jos Castro Len CERN Cloud Infrastructure CERN Cloud Team Who am I? Outlines Introduction CERN Cloud service Automation status Upcoming challenges Improvement

799 views • 34 slides
Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry

Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry

Going Cloud Native with Cloud Foundry @chipchilders Chip Childers, VP Technology Cloud Foundry Foundation Why does Cloud Native matter? Since 2000, 52% of the Fortune 500 are no longer on the list Continuous Innovation There is a rough

794 views • 50 slides
Gibbs Free Energy What is free energy? Amount of available energy to do work Equation for

Gibbs Free Energy What is free energy? Amount of available energy to do work Equation for

Gibbs Free Energy What is free energy? Amount of available energy to do work Equation for Gibbs free energy: G = H - TS G = H - TS G change in Gibbs free energy H change in enthalpy (total energy of a

543 views • 12 slides
Internet Based Testing Testing 2.0 Background 750 000 4 000 1 : 400 Challenges

Internet Based Testing Testing 2.0 Background 750 000 4 000 1 : 400 Challenges

Examinations and Test Section Sep 2015 ATP- SIG (Dublin) Internet Based Testing Testing 2.0 Background 750 000 4 000 1 : 400 Challenges Austerity Application Growth 65% 300% Do more with less Opportunity Unproctored

501 views • 11 slides
Implementation of Plan Bay Area: State Transportation Grants B e c k y F r a n k , Ca l t r a n

Implementation of Plan Bay Area: State Transportation Grants B e c k y F r a n k , Ca l t r a n

Implementation of Plan Bay Area: State Transportation Grants B e c k y F r a n k , Ca l t r a n s D i s t r i c t 4 Co m m u n i t y P l a n n i n g B r a n c h Ch i e f B e t h Th o m a s , Ca l t r a n s D i s t r i c t 4 P e d e s

669 views • 19 slides
INFINIT SHIELD Transparent, Optimized, Integrated, Intelligent The Future Of Security The

INFINIT SHIELD Transparent, Optimized, Integrated, Intelligent The Future Of Security The

INFINIT SHIELD Transparent, Optimized, Integrated, Intelligent The Future Of Security The changing landscape of enterprise security 72% 81% 1/3 Mobile workforce Compromised Shadow IT passwords 72% of the U.S. workforce will By 2022, a

433 views • 10 slides
ATP AUTOMOTIVE ATP MOTORS ATP TRANSIT SPECIFIC COMPANIES TURNOVER GROUP Over 82 mil

ATP AUTOMOTIVE ATP MOTORS ATP TRANSIT SPECIFIC COMPANIES TURNOVER GROUP Over 82 mil

ATP AUTOMOTIVE ATP MOTORS ATP TRANSIT SPECIFIC COMPANIES TURNOVER GROUP Over 82 mil (without other countries turnover) ATP EXODUS EMPLOYEES Over 700 people Total spare parts from total business (some are sold through ATP Motors)

281 views • 16 slides
Department of Equity Board Presentation by: Shomari Jones Director, Equity and Graduation Success

Department of Equity Board Presentation by: Shomari Jones Director, Equity and Graduation Success

Department of Equity Board Presentation by: Shomari Jones Director, Equity and Graduation Success Krischanna Roberson Supervisor, Equity and Student Success The Bellevue School District Mission: 1 To provide all students with an exemplary

297 views • 15 slides
Welcome to Biology Ms. Kehinde What is the E.O.C Assessment? A summative assessment that all

Welcome to Biology Ms. Kehinde What is the E.O.C Assessment? A summative assessment that all

Welcome to Biology Ms. Kehinde What is the E.O.C Assessment? A summative assessment that all grade level students take at the end of the school year. This Biology E.O.C assessment is over all topics that have been taught from the start of the

260 views • 9 slides
Current Medical Treatment Options for Hyperinsulinism Diva D. De Len-Crutchlow, MD, MSCE

Current Medical Treatment Options for Hyperinsulinism Diva D. De Len-Crutchlow, MD, MSCE

Current Medical Treatment Options for Hyperinsulinism Diva D. De Len-Crutchlow, MD, MSCE Director, Congenital Hyperinsulinism Center Goals of Therapy Immediate: To promptly restore blood glucose to normal range [>70 mg/dL(>3.9

608 views • 19 slides

More recommend