Michael Tolliver Senior Account Manager MichaelTolliverForcepointcom 703 8563376 Cross Domain Data Protection Behavioral Analytics NGFW CASB Advanced Malware Detection Email Security Web Security ID: 805634
Download The PPT/PDF document "Always-On Cybersecurity for Tomorrow: Ra..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Always-On Cybersecurity for Tomorrow: Raise the Bar & Rise to the Cloud
Michael TolliverSenior Account ManagerMichael.Tolliver@Forcepoint.com(703) 856-3376
Cross Domain | Data Protection | Behavioral Analytics | NGFW | CASB | Advanced Malware Detection | Email Security | Web Security
Slide2Agencies are undergoing their own digital transformation
Digital Transformation
Race to the Cloud
Apps | Infrastructure | Distributed Workforce
Always On / Extreme Networking Security
Next-Generation
Critical Data Protection
Secure, Cost-Effective, Multi-Domain Infrastructure
Customer Mission Outcomes
Bring Capability to the Field/Tactical Edge
Apps | Infrastructure | Austere environments
Slide3Forcepoint: Advancing Government Missions
Proven Mission Expertise for High-Consequence Environments
Human-Centric Security
Expertise to guide customer decisions to the right solutions for their sensitive, regulated environments.
Continued product evolution with specific regulated industry requirements in mind.
US and international central government, defense, intelligence, and system integrators
Critical Infrastructure (i.e., Oil & Gas, Utilities, Critical Manufacturing)
Email Security
CASB
Cross Domain
DDP
NGFW
DLP
UEBA
Web Security
Purpose-Built to Enable NextGen Cybersecurity
Created by Raytheon in 2016 to commercialize defense-grade technologies for large enterprises.
One of the largest private cybersecurity companies in the world
CROSS DOMAIN
Cyber Products
NGFW
WEB, EMAIL,
DLP
UEBA
CASB
Slide4Solutions to Support the Most Mission Critical Agencies
Stop data loss from insiders and compromised users
Prevent sabotage and financial loss
Protecting your supply chain
Secure the adoption of SaaS & cloud
Enable direct-to-cloud connectivity and security for remote offices
Protect off-network users
Modernize your hybrid IT network
Deploy a cloud converged security model from the cloud
Next-gen your data protection
Protect data in the cloud
Discover data in a hybrid environment
Confidently verify regulatory compliance (e.g., GDPR and HIPAA)
Cross Domain
NGFW
SD-WAN
AMD
Web
CASB
Email
DLP/DDP
UEBA
Converged Security Capabilities
Security Initiatives
Security Initiatives
Security Initiatives
Workforce and Supply
Chain Protection
Secure Cloud Adoption and Network User Protection
Critical Data and Intellectual Property Protection
Forcepoint Proprietary
Slide5Extreme Networking Creates Advantages and Risks
A critical need is created to secure interactions of all classifications across the extended enterprise.
Network transformation to support cloud-centric IT breaks existing security architectures.
Personnel and IoT devices are security vulnerabilities.
More critical data is being created than properly protected.
Data should flow freely across the business.
Cloud IT creates security blind spots and fragmented security management and accountability.
“Your IT infrastructure is going to the cloud, driven by business need and speed.”
“I need to automate policies and reduce the quantity of alerts requiring investigation.”
“Workforce, devices, and business processes are
globally hyperconnected.”
“Employees and partners collaborate using all of a
company’s assets.”
Forcepoint Proprietary
Slide6Customer Priority: Securing Segmented Networks
What we hear: “How do I keep up with a workforce and data moving across multiple networks and classifications?”Solutions are not scalable or able to support agency enterprise
Flexible implementation options must grow with the enterprise
Manual process automation
Must provide a Proven Assessment & Authorization Pedigree (certification)
Must be commercial software“Sneakernetting” files
Scalable, enterprise-ready solutions that can support up to 100,000 usersNSA’s Raise-The-Bar compliant Cross-Domain Solutions on the U.S. NCDSMO baselineDeploy multilevel secure access and sharing to enable extreme networkingApproved solutions for all environments including TSABI and SABI
Transfer structured and unstructured data securelyCHALLENGES
SOLUTIONS
Slide7What is Raise The Bar?
Raise The Bar An NSA and NCDSMO-led initiative to continually improve the status quo in the cross-domain community to combat rising threats – The bar raises every year!
Focuses on cross-domain solution internal mechanisms as well as system integrations to answer evolving threats
Primarily focuses on Transfer (Guard) solutions but also addresses key concepts for Access solutions
Monitored closely by the Five-Eyes CDS working group
Forcepoint is heavily involved in Raise The Bar (RTB)
Trusted Thin Client, SimShield, Trusted Gateway System & High Speed Guard have met Raise The Bar objectivesSimShield = one of the first products across the community to complete independent testing with RTB objectives
Periodic design reviews are held with NSA to review progress and objectivesAll products have had favorable SABI LBSA test results and SAOs reviewsFeedback is provided to NSA and NCDSMO on tailoring RTB to emerging mission requirements
Forcepoint Proprietary
Unmatched RTB success and experienced on Assessment & Authorization and the most comprehensive cross domain vendor on the NCDSMO list
Slide8Customer Priority:
Moving to the CloudWhat we hear: “My IT infrastructure is going to the cloud, driven by business need and speed.”Expanding attack surfaceEvent overload and a lack of visibility
Disjointed security policy and siloed security solutions
Disparate compliance regulations
Extreme networking
within the cloud
Eliminates blind spots by understanding how your people and data interactCloud-First, Hybrid ReadyComplete visibility into cloud application usageRobust, coordinated protection solutions thwart advanced malware attacksFlexible deployment options to enable smooth transition
CHALLENGES
SOLUTIONS
Slide9Customer Priority: Moving to the Cloud
Cloud Access and Gateway Security Advantages
ELIMINATE
SECURITY
BLIND SPOTS
REAL-TIME
ADVANCED
THREAT DEFENSE
FLEXIBLE
DEPLOYMENT
OPTIONS
Forcepoint CASB delivers extensive insight and control
to user behavior and cloud applications
Real-time coordinated threat protection
with Forcepoint Web, Email, and AMD solutions
Flexible deployment architectures
to ease transition to cloud and maximize productivity
Slide10Customer Priority:
Smarter DataWhat we hear: “I need to automate policies and reduce the quantity of alerts requiring investigation.”Protecting critical data in a way that doesn’t Frustrate users
Overwhelm admins
Mistake malicious for normal employee behavior.
Embed risk-adaptive protection
Protect data based on calculated behavioral risk level of users and the value of data accessed.
Intelligent DLP/DDPReduce the number of alerts that need to be triaged; transition DLP from broad to individual policies. Increased ProductivityProvide greater flexibility in policies and adapt enforcement based on calculated risk. Proactive Security ManagementDetect and respond to high-impact events in a shorter amount of time.
CHALLENGES
SOLUTIONS
Slide11Customer Priority: Smarter Data
Gain a Better Understanding of Intent with Forcepoint Dynamic Data Protection
Tries to print customer’s sensitive data. DLP blocks it, but then…
T
ries
to copy it to USB
.
DLP blocks it, but then…
Tries to upload it to Google Drive. CASB blocks it, but then…
Tries to send it to a personal email address
.
DLP blocks it, but then…
Tries to upload it to Dropbox
.
CASB blocks it, but then…
Tries to FTP it outside the organization
.
DLP blocks it.
Employee Risk
Slide12Customer Priority: Keep Up with Increased Connectivity
What we hear: “I can’t keep up with my globally hyperconnected workforce, devices, and business processes.”Decrypting traffic while safeguarding privacyControlling access to web content
Regaining control of shadow IT
Managing enterprise-grade connectivity and protection from your own multi-tenant systems
Firewall and IPS work cohesively for cost savings and to avoid overprovisioning
Direct-to-cloud connectivity and security for remote offices
Modernize hybrid IT networks Secure the adoption of SaaS and public cloudsConverged Connectivity and ProtectionUnites people and data securely without gaps/redundancies.
CHALLENGES
SOLUTIONS
Slide13Forcepoint Knows Global Governments
Protecting Critical Data and Intellectual PropertySecuring data at rest, in motion, and in use across hybrid environmentsCloud and Network SecurityTransforming network security on prem and in the cloudNetwork Segmentation – Cross DomainFirst to meet Raise the Bar and A&A requirements
Government Pedigree
20+ years of providing mission-critical solutions that enable agility without sacrificing security.
Slide14Thank you!
© 2019 Forcepoint |
14
Forcepoint Proprietary
Slide15Backup slides
Slide16Forcepoint is Uniquely Positioned for Cross-Domain Excellence
U.S. government Raise The Bar compliantState-of-the-art filter technologiesTSABI/SABI approved Scalable, enterprise-ready solutions that can support up to 100,000 usersFlexible implementation options that grow with the enterprise
Supporting various mission-critical use cases and environments (from tactical to datacenter to cloud)
Cost-effective commercial software business model
Cost savings and efficiencies realized and proven (vs a GOTS solution)
Use of commodity hardware Market leader in cross-domainDeployed and trusted in over 100,000 desktops across the U.S. & Five Eye governmentsMost comprehensive cross-domain portfolio on NCDSMO list
Over 20 years’ experience in cross-domain development and deployment Extensive cybersecurity portfolio and expertise in conjunction with cross-domain Cleared professional services support to include extensive Assessment and Authorization experience
Slide17Forcepoint Cloud Access And Gateway Security Solution
Email
Security
Web
Security
CASB
Shared Global
Threat Intelligence
Remote Users
Office
THREATS
Ransomware
Malicious Email
High-Risk Cloud App
Suspicious Traffic
Advanced Malware Detection
Cloud
–
Hybrid
–
On-Prem
Cloud
–
On-Prem
Slide18Introducing Dynamic Data Protection
Delivering Risk-Adaptive Protection
Set dynamic enforcement action plan
View DLP incidents
with end-user
risk level
Endpoint monitoring,
Collection,
and enforcement
Endpoint
Server
Forcepoint Behavioral Analytics
Forcepoint DLP
Investigate high-risk entity activity
Automatically analyze DLP data for identity risk calculation
Slide19Forcepoint’s Integrated Approach to Network Security
Cloud Services
CASB
w/ DLP
CASB
App Risk
Threat
Intelligence
Install
Cloud
IP & File
Reputation
URL
Filtering
Web
Security
Advanced
Malware Detection
Security Management Console
Unified Policies, Dashboards & Reports
Endpoint
Context
ECA
Endpoint
Integration
Unified Appliance with Deep Security Built-in
Physical, Virtual, Cloud
SD-WAN
NGFW
IPS
Anti-
Evasion
Decryption
Proxies
Virtual
Contexts
VPN
Endpoint
Awareness
Segmentation
Centralized Management • High Availability
Workforce Protection
Data Loss Prevention
Behavior
Analytics
DLP
WP
Slide20Forcepoint Integrates Connectivity with Security to Make Both Better
HQ
Branches
Roaming
Users
Forcepoint
Endpoint
Internet
Web Security
CASB
NGFW
Multi-Link™ VPN
AMD
ThreatSeeker
Web
VPN
SD-WAN
MPLS
Direct-to-Cloud
(SD-WAN)
Site-to-Site
(VPNs)
Access Control & Intrusion Prevention
(NGFW/IPS)
Web Threats & Content Security
(Secure Web Gateway Cloud)
Cloud App Data Protection
(CASB)
Connectivity
Security
Slide21One Network Security System, Many Uses
AWS, Azure
Cloud Data Centers
Security
Management
Center
NGFW
VPN
NGFW
VPN
VPN
VPN
App Web
interfaces
Subcontractors
Data
Stores, Branches,
Remote Offices
Headquarters
Mobile
Users
Partners
DMZ
SD-WAN
VPN
NGFW
Virtualized
Data Centers
vNGFW
VPN
vNGFW
IPS
IPS
IPS
IPS
Internet
Corporate Network