solsoft network security change management platform
play

Solsoft Network Security Change Management Platform Domenick - PowerPoint PPT Presentation

Nov 09, 2023 •285 likes •583 views

Solsoft Network Security Change Management Platform Domenick Lionetti VP Sales and Business Development AGENDA Todays Netw ork Security Challenges Compliance Issues Customer Use Cases Solsoft Products and Company Summary of Benefits Q

  1. Solsoft Network Security Change Management Platform Domenick Lionetti VP Sales and Business Development

  2. AGENDA Today’s Netw ork Security Challenges Compliance Issues Customer Use Cases Solsoft Products and Company Summary of Benefits Q & A

  3. Company Key industry partnerships • Cisco AVVI D/ Ecosystem Certified Partner • Juniper/ Netscreen Alliance Partner • Nortel Contivity Alliance • Check Point OPSEC • Internet Security Systems • Arc Sight, IBM (Micromuse, Guardednet), Network Intelligence, netforensics • OPSWARE • Computer Associates Developer Partner • HP WW Reseller and OpenView Platinum Partner

  4. History Background/ Focus • Solsoft Established in 1997 • Started workstation to Design ACL’s for Cisco Routers, now supports large multi-vendor networks • 4 th Generation Solution • Over 100 man-years in Product Development • US Headquarters in Mountain View, CA • Enterprise and Service Provider Markets • Oct 2006 Merged with Exaprotect

  5. A unique PDCA Security Management Cycle • Sec. policy design • Incident management • Simulation • Active/guided • Audit trail • remediation • Implement • Report/Audit Communicate • • Alert on sec. • Configure logging • Policy deviations • Spot configuration changes

  6. Our Two Solutions to meet Security Compliance (Security Rule Design and Monitoring) 1. « Solsoft Policy Server »: Network Security Policy and Configuration Management (FW, Router, Switch, IPS/IDS) - Solsoft SPM product - + new SPM features - + OS Updates, Restore, Full Config Management Features (Dec 2007) 2. Exaprotect SIEM : (Security Event Monitoring) - Exaprotect SMS product - + new SMS features - + new SPM features to do remediation

  7. Over 200 Customers Worldwide • Over 20 Fortune 500 • Johnson & Johnson, Visa International Turner Broadcasting, Occidental Petroleum, Veritas, Best Buy, Marsh, Johnson Controls, KeyBank, TD Ameritrade, APPLE Computer… • Service Providers and Telco’s • AT&T Solutions, ISS (IBM), Verizon (Totality group) Maxis Wireless, Vodafone, T-Mobile, TelePac, WIND, Telecom Italia, Hutchinson 3G, Telekom Austria, UMC, E-Plus, Colt, Bouygues, Proximus, Unisys • Government agencies • DOJ, US Army, Pentagon, US Postal Service Israel Defense Force, State of Oregon, State of Minnesota, OECD, German Ministry of Finance, State of Freiburg (CH), La Poste, URSSAF, French Army, INA, NASA, French Weather Service, … • Other Customers and Institutions • University of Chicago, University of Maryland, Harvard, Nasdaq, MD Anderson, Lidl, Renault, Intelsat, Hugo Boss, Alcatel, Total, …

  8. Solsoft Solution • Change Management Platform (provides a common platform for Enterprise and Service Providers to receive, track and implement security change requests across their network) • Network Security Compliance and Audit Reporting Engine (provides proof of compliance , creates detailed reports on who, what, when and why security changes were performed) Ensures that Corporate Security Policy is actually running on the Network • Intelligent Threat Mitigation/Remediation (understands impact of changes upon Network Security Policy, it virtualizes the impact of the rules prior to deployment) • Policy Engine: engine is flexible and can design Security Policy for multi-vendor security technologies such as routers, switches, Firewalls, IPS/IDS.

  9. Security Management Challenges Managem ent Cost to I ssues Organization Show Proof of SOX, I SO Fines and Penalties BS7 7 9 9 , PCI High Cost of Generating Com pliance, track and Audit and Com pliance I m plem ent Change Managem ent Requests Reports High Training and Must Understand all the Personnel Costs ( Require Devices w hich are I m pacted by Policy larger team s) Change Dam age from Netw ork and Application layer attacks Managing Expired Rules Must Have Experts on Must rem ain on Higher Multi-vendor Platform s Cost Netw ork Security Hard to Manage Multi- Platform s vendor Netw ork and Migrate to new Technology

  10. Customer Security Requirements • ISO and Payment Card Industry Data Security Standard (PCI) The audit item SS00.f019 listed the following requirements: 1. Ensure globally configurable rules are consistent among all firewalls 2. Ensure firewall management consolidation project is completed 3. Ensure a review process exists for installation of rule bases 4. Routinely review firewall security configurations 5. Review firewall accounts, client lists, and firewall rules on a regular basis 6. Ensure inappropriate firewall authentication methods are disabled 7. Ensure firewall rule creation, installation, and review processes are established 8. Ensure standard firewall management procedures are appropriately applied to all firewalls and are managed securely • In addition, ISO/PCI Requirements: A. Provide security and separation-of-duties oversight for firewalls using Policy Management, including review and change control processes B. Provide security and separation-of-duties oversight for routers using ACL’s, including review and change control processes

  11. Security Compliancy Requirements Common items that come up in an infrastructure audit include: • Only authorized personnel have access to security systems • Authorized personnel only have access to security systems and functions for which they have responsibility for (separation of duties) • All activity by authorized personnel as well as any security systems transactions are logged and identified with the responsible party and/or process • Ensure workflow and tracking process exists for the implementation, maintenance, and decommission of approved services • Insure security baseline standards are implemented on all systems • Ensure configuration consistency for security systems providing global services

  12. Open Security Management Platform Firew alls Business Requirem ents SOLSOFT POLI CY SERVER VPNs Security Audit Routers Vulnerability Assessm ent Sw itches Event Correlation • Solsoft Device SDK • Solsoft Policy Server API • New Device Integration Custom er Portals: Policy review or • Firewall, IPS, IDS autom ated change requests • VPN • Network monitors • Routers and Switches • Event Correlation / SIEM • Productized, used internally • OSS • Built-in tools + training and direct • Help desk system development support • In-house and Legacy • Certification program

  13. Adaptive Security Management I ntegration cases I n House Help Desk Business Enabling tracking new Requirem ents policy requests and apply SOLSOFT m odifications POLI CY SERVER I n House Audit Tools Verify Status of Security Verify status of applied Applied Policy Audit policies autom atically Autom atically SPS API Vulnerability Assessm ent Query Active Policy to perform Vulnerability Query Active Policy to Assessm ent better perform better vulnerability vulnerability risk analysis analyses Defensive SI M/ SEM Policy Change Defensive Policy Change ( shunning ports ( shunning ports and and addresses) addresses) ExaProtect Event SI M / SEM Correlation Get Policy inform ation to enhance correlation

  14. Solsoft Security Change Management • Translates Visual Security Policy into Multi-Vendor device-specific commands (Design via: Topology, Tabular and API Scripting) Example: Access Control Lists, Anti-spoofing, Fully Meshed IPsec VPN, Network Address Translation, Cluster and Virtual Systems Security Policy Design Complex Security Rules

  15. Device-Based vs. Policy Based ? Device-based Policy-based • Ensures consistent security policy throughout the network • Common Interface for management across multiple vendor technologies • Gains in efficiency, small team can manage more complex networks • Shortens Response time to Network and Application level attacks

  16. All Cisco Network Security Management VPN Concentrator Firew all Enabled Router Firew all Router ACLs Layer 3 Sw itch • Secure Method of rule creation (Deny All) • Automatically generates security rules for each device in the path • Device Independent • End-to-End Rule Enforcement

  17. Mixed Vendor Network Security Management Nortel Cisco Linux Linux Check Point NetScreen Nortel Intel / Shiva Astaro Symantec Cipheroptics Cisco Check Point Linux Net Filter ISS Proventia M

  18. Network and Security Collaboration • Client Server Based Architecture (Remote Change Management) • Granular Role Based Access • Policy Workflow Management

  19. Security Policy Version Control • All policy changes made are archived and users actions logged • Unlimited Roll-back of ANY configuration • Ability to Push out Pre-Defined Security Policy based on different threat level scenarios • Diff Function can show changes between Policy Versions

  20. Security Reporter: Search Engine Search for any rules in a few clicks for policies enforced on multiple firewalls All Rules that Expire this month All rules for Change Request number 12345 All rules allowing port 135 (i.e. Blaster port) All rules a specific source and destination Full complete search for not only rules but any object defined in Solsoft

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
Network and Information Security (NIS) Platform WG3 Secure ICT Research & Innovation Fabio

Network and Information Security (NIS) Platform WG3 Secure ICT Research & Innovation Fabio

Network and Information Security (NIS) Platform WG3 Secure ICT Research & Innovation Fabio Martinelli CNR Raul Riesco Granadino INCIBE (Chairs) NIS Platform WG3 Secure ICT Research & Innovation Outline WG3 Main deliverables

392 views • 17 slides
Change Management Change Management Change Management Appreciate the balance within Change

Change Management Change Management Change Management Appreciate the balance within Change

Slide 2 Purpose of this Session Objectives Understanding of Change Management principles within RBS Understand why CM is important / necessary Change Management Change Management Change Management Appreciate the balance within

249 views • 4 slides
Using Hierarchical Change Mining to Manage Network Security Policy Evolution Gabriel A. Weaver,

Using Hierarchical Change Mining to Manage Network Security Policy Evolution Gabriel A. Weaver,

Using Hierarchical Change Mining to Manage Network Security Policy Evolution Gabriel A. Weaver, Nick Foti, Sergey Bratus, Dan Rockmore, and Sean W. Smith Presented by Gabriel A. Weaver Dartmouth College Network services change and evolve.

463 views • 43 slides
McAfee ESM: Situational Awareness Boubker Elmouttahid, CISSP, CISM, CRISC Solution Architect,

McAfee ESM: Situational Awareness Boubker Elmouttahid, CISSP, CISM, CRISC Solution Architect,

McAfee ESM: Situational Awareness Boubker Elmouttahid, CISSP, CISM, CRISC Solution Architect, Management Platform May 8, 2013 Confidential McAfee Internal Use Only Security Connected Platform NETWORK SECURITY ENDPOINT SECURITY Application

385 views • 15 slides
Name: Thomas Flynn ID: 16117743 Course: Information & Network Security MEng Supervisor: Dr.

Name: Thomas Flynn ID: 16117743 Course: Information & Network Security MEng Supervisor: Dr.

Name: Thomas Flynn ID: 16117743 Course: Information & Network Security MEng Supervisor: Dr. Sean McGrath Project Title: Docker Containers Deployed Using Bluemix Containerization platform Platform as a service Integrates Docker Linux OS

470 views • 20 slides
Do we need a new Internet? Part 2: Motivations for Change Adrian Perrig Network Security Group,

Do we need a new Internet? Part 2: Motivations for Change Adrian Perrig Network Security Group,

Do we need a new Internet? Part 2: Motivations for Change Adrian Perrig Network Security Group, ETH Zrich Worst Internet Security Problems? Malware (worms, viruses, etc.) Spyware Ransomware APT HTTP-based attacks Spam,

424 views • 17 slides
HPE SecureData for Big Data Platform HPE Vertica Big Data Platform HPE Security Data

HPE SecureData for Big Data Platform HPE Vertica Big Data Platform HPE Security Data

HPE SecureData for Big Data Platform HPE Vertica Big Data Platform HPE Security Data Security February 2016 Data Security Impacts Design and Delivery of Big Data Projects Data Security frequently is a leading Role Security Impacts

545 views • 23 slides
Economics of network security Harald Vranken 1 Economics of network security Note that

Economics of network security Harald Vranken 1 Economics of network security Note that

Advanced Network Security (2019-2020) Economics of network security Harald Vranken 1 Economics of network security Note that network in this lecture means Physical communication network (eg. Internet, telephony, fax, telegraph)

769 views • 49 slides
Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able

Intro, history, hacking Network Security Lecture 1 Welcome to Network Security Should be able to Skills identify design and Ability to analyze the implementation security of networked vulnerabilities in network systems protocols

564 views • 33 slides
Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn

Foundations of Network and Foundations of Network and Computer Security Computer Security J ohn Black J CSCI 6268/TLEN 5831, Fall 2004 Introduction UC Davis PhD in 2000 Cryptography Interested in broader security as well

492 views • 12 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

932 views • 55 slides
Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application

Network Security Where we are in the Course Security crosses all layers Application Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

374 views • 13 slides
Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon

Network Security Where we are in the Course Security crosses all layers Applicatjon Transport Network Link Physical CSE 461 University of Washington 2 Security Threats Security is like performance Means many things

1.12k views • 92 slides
Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security

Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security

CS 155 Spring 2018 Mobile Device and Platform Security Part II John Mitchell Two lectures on mobile security Introduction: platforms and trends Threat categories Physical, platform malware, malicious apps Defense

1.17k views • 93 slides
Firewall What is it? Do we need one? Oxford Hills School District March 5, 2018 What is a

Firewall What is it? Do we need one? Oxford Hills School District March 5, 2018 What is a

Firewall What is it? Do we need one? Oxford Hills School District March 5, 2018 What is a firewall? Term first used in 1851 Henry Ford used them to protect passengers from engine fires, smoke and heat. Computer networks: a part of a

500 views • 21 slides
Project Turris http://www.turris.cz/en/ Ondrej Filip Tech Day March 24, 2014

Project Turris http://www.turris.cz/en/ Ondrej Filip Tech Day March 24, 2014

Project Turris http://www.turris.cz/en/ Ondrej Filip Tech Day March 24, 2014 Singapore Project Turris Started in 2013 project of shared cyberdefense CZ.NIC Labs Main goals Security research End user security

373 views • 19 slides
Parallel Firewall Designs for High-Speed Networks Ryan J. Farley WAKE FOREST US Department of

Parallel Firewall Designs for High-Speed Networks Ryan J. Farley WAKE FOREST US Department of

Wake Forestp pComputer Science + DOE MICS Parallel Firewall Designs for High-Speed Networks 1 Parallel Firewall Designs for High-Speed Networks Ryan J. Farley WAKE FOREST US Department of Energy U N I V E R S I T Y Computer Science Network

1.21k views • 49 slides
Actively Embrace Change Rising of New Players Traditional IT Infrastructure Successful

Actively Embrace Change Rising of New Players Traditional IT Infrastructure Successful

Sangfor HCI The 3rd Gen HCI Driving Hyperconvergence to Fully Converged Actively Embrace Change Rising of New Players Traditional IT Infrastructure Successful Transition in the IT industry Sliding down Azure, Office365 / High-speed AWS

475 views • 22 slides
Governing Board Meeting October 24, 2019 Agenda Welcome CISS Phase 1 Complete CISS

Governing Board Meeting October 24, 2019 Agenda Welcome CISS Phase 1 Complete CISS

Criminal Justice Information System Governing Board Meeting October 24, 2019 Agenda Welcome CISS Phase 1 Complete CISS Phase 2 Deployment Update CJIS Program and Budget Update Qualis: CISS Project Health Other

767 views • 27 slides
Distributed Sensor Data Contextualization at Scale for Threat Intelligence Analysis Jason Trost

Distributed Sensor Data Contextualization at Scale for Threat Intelligence Analysis Jason Trost

Distributed Sensor Data Contextualization at Scale for Threat Intelligence Analysis Jason Trost January 12, 2016 whoami Jason Trost VP of Threat Research @ ThreatStream Previously at Sandia, DoD, Booz Allen, Endgame Inc. Background

473 views • 28 slides
ePouta Infrastructure Jaakko Leinonen Typical Cloud CSC VM cPouta VM You F i r e w

ePouta Infrastructure Jaakko Leinonen Typical Cloud CSC VM cPouta VM You F i r e w

ePouta Infrastructure Jaakko Leinonen Typical Cloud CSC VM cPouta VM You F i r e w Internet a l VM l OpenStack ePouta Architecture CSC Your site Optical Private Network Multiprotocol Label Switching VM Server VM OPN

433 views • 5 slides
IT SYNERGY WORK SHOP IT Synergy: OVERVIEW An increase in the value of the organization as a

IT SYNERGY WORK SHOP IT Synergy: OVERVIEW An increase in the value of the organization as a

IT SYNERGY WORK SHOP IT Synergy: OVERVIEW An increase in the value of the organization as a result of IT alignment with the organization mission. Grafton Area School District AGENDA Who is Heartland Assessment Process

267 views • 14 slides

More recommend