April 6 2016 Eugen Bacic Lead Architect Bell Canada The Issue is Massive Interconnection 2 Millions of connections from Kbs to Gb s Telco Core Networks run at 100s of Gb s Just wireless internet traffic is measured in ID: 597589
Download Presentation The PPT/PDF document "Security Challenges" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Security ChallengesApril 6, 2016
Eugen Bacic
Lead Architect
Bell CanadaSlide2
The Issue is Massive Interconnection2
Millions of connections from Kb/s to
Gb
/s
Telco Core Networks run at 100s of Gb/sJust wireless internet traffic is measured in petabytes/day!Wireless is exploding: 11PB/month in 2011 growing to 122/month in 2017 1GB/month/device in 2011 to ~10GB/month in 2017 Growth estimate: ~100% annuallyBy 2019 internet traffic will operate at 1.4petabits/second*All that traffic isn’t pleasantMuch of it must be stopped before it hits customersAnd it generates a lot of security events * http://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networking-index-vni/VNI_Hyperconnectivity_WP.html
| 2016 04 06Slide3
Interconnectivity Realities3
IP-based networks have replaced proprietary networks
Internet allows for new collaboration
- between geographically
dispersed groups - involving new, inventive social groupings - allows like-minded groups to easily find each other/cooperate But has resulted in new threats:isolated malcontents now together courtesy of internetremote causes can become a local crisisCollaboration = new privacy and security requirementsMetcalfe’s Law:The value of a network is proportional to the square of the number of connected users in the system (n2)
| 2016 04 06Slide4
Security Challenges4
Feeding demand for connectivity while maintaining security and reliability is hard
Security at the edge is problematic; no holistic view of malware
Typical architectural solutions focus on the perimeter
(the crunch outside/gooey inside problem)Businesses want to cooperate but ensure their security is maintained based on their security needs/requirementsSecurity technologies remain mired in the 1980sNothing truly new in security since approximately 1995!Security must move to the core and be analyzed at speedSecurity must move to protecting information assets and away from protecting the periphery & physical assets| 2016 04 06Slide5
A Brief Historical Security Aside5
1969
:
Multics
, MAC & DAC, Unix1970s: First worm, first virus First antimalware Reference Monitor, Security Kernel, Lattices, … Security models & formalization Public Key, Digital Signatures, Network crypto, …1980s: Threat monitoring, detection, protection & analysis Flow modeling, formal methods & models Security virtualization, sandboxing, Ring architecture DDoS protection VPNs, 2 factor authentication, text sanitization, …
Firewalls (Trusted Guard), trusted platforms (hardware)
First criteria (Orange Book – Rainbow Series)
1990s
: Policy-driven security, RBAC,
metapolicies
,
composability
Trusted databases, verifiable OS
Unified evaluation criteria (FIPS, Common Criteria)
Security Winter
| 2016 04 06Slide6
Security Challenges (cont.)6
Large customers are entire eco-systems unto themselves … but want to interoperate with partners, customers &
gov’t
Employees aren’t all equally threat conscious
More avenues for threats to enter an organizationInternal threats can have profound effectsCultural & National differences can cause issues“Hackers” leverage “trust bonds” to infiltrate networksGoal with malware is to get you to do something you wouldn’t do if you really knew where/from whom the request originated| 2016 04 06Slide7
Additional Considerations7
No universal security policies
Retention requirements may be mandated by 3
rd
party New privacy/security/accountability laws typically affect some firms immediatelySometimes entire IT & security departments are outsourcedCollecting security events a problem of bandwidth:Fastest log collectors operate at about 150k events/sBut firewalls alone can spit out millions of events/sHow to collect, correlate and analyze at speed?Some clients require that all events be collected & stored for monthsCentralized collection requires massive power and is impacted by Metcalfe’s Law| 2016 04 06Slide8
Challenges Summary8
Security remains much the same as it was two decades ago
But network speed & connectivity is vastly greater
Threat is to the very fabric storing information assets
Threats and threat agents are more sophisticatedInformation overload is getting worse (“eyes on glass”)Collaboration = ever changing privacy/security requirementsNeed to balance security and collaboration possibilities while dealing with user awareness & old, outdated security notionsNew solutions must not increase burden on security providers while providing more security at the speed of the networkNew solutions must provide security reflective of the customerWe need to do renew our efforts into IT/cyber security R&D| 2016 04 06Slide9
Questions?