/
Context-aware Security from the Core Context-aware Security from the Core

Context-aware Security from the Core - PowerPoint Presentation

tawny-fly
tawny-fly . @tawny-fly
Follow
342 views
Uploaded On 2019-12-13

Context-aware Security from the Core - PPT Presentation

Contextaware Security from the Core Agenda Changing Network Dynamics Closing the DNS Gap Infoblox Solutions Why Infoblox Hands on lab introduction Internet Live Stats httpwwwinternetlivestatscominternetusers ID: 770269

threat dns data amp dns threat amp data malware security grid 2016 internet cost survey infoblox attacks respondents source

Share:

Link:

Embed:

Download Presentation from below link

Download Presentation The PPT/PDF document "Context-aware Security from the Core" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.


Presentation Transcript

Context-aware Security from the Core

Agenda Changing Network Dynamics Closing the DNS Gap Infoblox Solutions Why InfobloxHands on lab introduction

Internet Live Stats (http://www.internetlivestats.com/internet-users/) http://www.cnbc.com/2016/02/01/an-internet-of-things-that-will-number-ten-billions.html https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf Evolving Network Environment and Paradigm Shifts... 3.4 Billion 1 Active internet users worldwide in 2016, +25% over last year 21 Billion 2 Connected devices by 2020, +30% over last year Internet of Things Network Evolution Digital Transformation Digital transformation is happening faster than you think New trends like IoT are increasing the attack surface Networks are being transformed – Cloud, SDN, others Connected Devices Active Internet Users

...Are Leading to Increased Exposure to Cyber Threats Organizations are facing an unprecedented challenge of data breaches

Products Galore: Solutions Missing 400 + VENDORS

DNS – The Critical Yet Vulnerable Asset

The DNS Gap – A Multi Dimensional Threat Vector The Leading Culprit in Data Exfiltration % of survey respondents that experienced DNS data exfiltration 4 % of survey respondents that experienced DNS tunneling4 Average consolidated cost of a data breach3$4M46%45% APT/Malware Proliferation Rooted in DNS 91% 431M # 1 New unique pieces of malware in 2015 6 Malware C&C is #1 responsible vector for crimeware 7 Of malware uses DNS to carry out campaigns 5 Making Your Infrastructure Work Against You 78% 84% >$500 Of reflection/amplification attacks use DNS 1 Per min cost of downtime due to DDoS attack 2 DNS: most common application layer attacks 1 Average cost per year to deal with DNS attacks 2 $1.5M Ineffective Threat Intelligence 70% 46% 45% % of survey respondents unable to prioritize the threat by category 8 % of survey respondents lacked context for threat intel to make it actionable 8 of survey respondents that felt Threat Intel is not timely 8 Arbor WISR2016 Report Ponemon Institute Study – The Cost of Denial-of-Service Attacks. March 2015 Source: Ponemon Institute, 2016 Cost of Data Breach Study Source: SC Magazine , Dec 2014, “DNS attacks putting organizations at risk, survey finds” Source: Cisco 2016 Annual Security Report Symantec 2016 Internet Security Threat Report Verizon 2016 Data Breach Investigations Report Source: Ponemon Institute, 2015 Second Annual Study on Exchange Cyber Threat Intelligence

Efficiency & Optimization of Security Operations # 3 Threat Containment and Operations Protect Users and Data # 2 Data Protection and Malware Mitigation Three Aspects of Security Better Application and Service Availability # 1 Infrastructure Protection

Why Infoblox ?

Multipronged Approach to Threat Detection Detect & Prevent communications to malware, C2, Ransomware Government-grade Threat Intelligence Ecosystem Reputation Infrastructure protection for critical core services Carrier-grade deep packet inspection Instant identification of popular tunneling tools Signature Patented Streaming Analytics Technology Detect & Prevent Data Exfiltration “Machine Learning” Behavior

RBL Zone File Leverage Threat Intel Across Entire Security Infrastructure Infoblox SURBL Marketplace Custom TI Single-source of TI management Faster triage Threat Prioritization RESULT: C&C IP List Spambot IPs C&C & Malware Host/Domain CSV File JSON Phishing & Malware URLs RPZ TIDE Define Data Policy, Governance & Translation Dossier Investigate Threats

Importance of a Robust, Scalable & Hybrid Architecture Infoblox Grid Grid Member with DNS Firewall Network Insight Infoblox Cloud ActiveTrust Threat Intel Your Public Cloud IaaS Your Private Cloud IaaS Grid Member Reporting & Analytics Edge Network/ Remote Office DHCP HQ Grid Master (HA pair) Grid Member DNS / DHCP Grid Member DNS / DHCP Grid Master Candidate @Recovery Site Microsoft DNS, DHCP Branch Office

Let’s see it in action …Welcome to the hands-on-lab

Next Steps Path to Engagement Try Our Products – Free of Cost & Risk ActiveTrust Cloud eval ActiveTrust (on-premises) eval Security(PCAP) assessment Engage with Infoblox to discuss your security architectures

Next Steps