Network Security 2011
Download
Report
Transcript Network Security 2011
Challenges in Network Security
2011
SonicWALL Inc.
Technology Trends
- Networking a Key Driver
Bandwidth
Performance
Availability
Efficiency
Manageability
Security
2
Network Security Remains an Issue
Computer malware, still a problem later:
1971 - Built in the Laboratory – Creeper (BBN)
1981 - In the wild – Elk Cloner (Skrenta)
1988 - On the Internet – Morris Worm (Cornell)
2010 – Unyielding Malware and Spam fueled by self propagating
BotNets
Physical security analogy – Bank Robberies
Why rob banks?
“That’s where the money is”
3
CONFIDENTIAL All rights reserved.
Network Attacks have evolved
to the Application Level
Why do they exist?
It’s Human Nature …
Programmers make mistakes
Malware exploits mistakes
Software everyone uses daily…
Seemingly Safe Applications
Adobe PDF Reader
http://www.zdnet.com/blog/security/another-day-another-adobe-pdfreader-security-hole/7693
5
CONFIDENTIAL All Rights Reserved
Adobe Download Manager
http://glanceworld.com/the-worst-security-flaw-in-adobedownload-manager.html
“The Dirty Dozen” Most Vulnerable
Applications for 2010
Which do you use?
1. Google Chrome
2. Apple Safari
3. MS Office
4. Adobe Acrobat
5. Mozilla Firefox
6. Sun JDK
7. Adobe Shockwave Player
8. Microsoft Internet Explorer
9. RealNetworks RealPlayer
10. Apple Webkit
11. Adobe Flash Player
12. Apple Quicktime and the Opera Web browser
(tied)
http://www.networkworld.com/news/2010/111510-google-chrome-dirty-dozen.html
6
CONFIDENTIAL All Rights Reserved
Malware Lurks in Social Networks
Set-up: Create bogus celebrity LinkedIn profiles
Lure: Place link to celebrity “videos” in profile
Attack: Download of “codec” required to view video
Infect: Codec is actually Malware
Result: System compromised
7
CONFIDENTIAL All Rights Reserved
A Typical Day in 2010
SonicWALL Security Center
www.sonicwall.com/securitycenter.asp
Application Chaos
More applications
Fundamental shifts in
infrastructure
Less budget
Less staff
Less control
“Bad Control”
Challenge:
•
•
Secure
Separate good from
bad
“Good Prioritize?”
Traditional Firewalls Obsolete
Traditional Firewalls
- Ignore Application Level Traffic
- Focus on network level threats
- Point solutions become complex to manage and are not
adequate in scalability and security
Threats
Current
Required
Application Access
3
Application Layer Threats
Proxy
Software Vulnerabilities
2
Worms
IDS/IDP
Basic Applications
Legacy System Access
1
Complete
Inspection
must span
the
communicati
on spectrum
Traditional Firewall
Threats have evolved, Firewalls must too
10
Copyright 2010 SonicWALL Inc. All Right Reserved.
Network Security & 10 Gig Security
Network Security must evolve due to …
1. Need for Application Control
Including SSL Inspection
2. Need for Full Security with Deep Packet Inspection
3. Faster interconnect (10GbE)
Who wants 10+ Gb Security?
Government (ie: DoE, NSx, CIx, etc)
University (ie: 10GE infrastructure)
Business (ie: Cloud / Data Center / Backbone / App Clusters)
Core Internet Players
Cloud providers
Internet Service providers
Mobile Internet Service providers
11
Next Generation Security Architecture
Security
Requirements
1.
SonicWALL
Solution Features
Consolidated & Integrated Security
Technology
Multi-Tiered Protection Technology
2.
Application Visibility - Inspection of
Real-time & Latency Sensitive
Applications/Traffic
Patented Re-Assembly Free DPI (RFDPI)
3.
12
Scalable & High Performing
Enough to Protect Against
Perimeter and Internal Network
Challenges
Copyright 2010 SonicWALL Inc. All Right Reserved.
Multi-Core High Perf. Architecture
Application Intelligence & Control on
Next Generation Firewall
Identify
Categorize
By Application
- Not by Port & Protocol
By User/Group
-Not by IP
By Content Inspection
-Not by Filename
By Application
By Application Category
By Destination
By Content
By User/Group
Users/Groups
Control
Prioritize Apps by Policy
Manage Apps by Policy
Block Apps by Policy
Detect and Block Malware
Detect & Prevent Intrusion Attempts
Policy
Application Chaos
Critical Apps
So many on Port 80
Massively Scalable
Next-Generation
Security Platform
Acceptable Apps
Prioritized Bandwidth
Managed Bandwidth
Ingress
Egress
High Performance Multi-Core
Re-Assembly Free
DPI
Unacceptable Apps
Blocked
Malware Blocked
Cloud-Based
Extra-Firewall
Intelligence
Visualize &
Manage Policy
Visualize
13
CONFIDENTIAL All Rights Reserved
Better Network Intelligence
14
CONFIDENTIAL All Rights Reserved
App Traffic Visualization for Fast
Analysis
15
CONFIDENTIAL All Rights Reserved
User Identification
Single Sign On (AD/LDAP Integration)
Local Login
Identify Top Bandwidth users
16
CONFIDENTIAL All Rights Reserved
Powerful Control
Bandwidth Manage OR Block
By User or Group, with Exceptions
By Schedule
By App Category
By App Feature
By Single App
17
CONFIDENTIAL All Rights Reserved
Available Today since SonicOS 5.0
SonicWALL Scalable DPI/NGFW Lineup
Fastest NGFW
• One software code base
• One architecture
• Order of Magnitude Scalability
• NGFW Features
from any Vendor
$25K
NSA E10000*
NSA
NSAE8500
E8500
NSA E7500
NSA E6500
NSA E 5500
NSA 4500
Least Expensive
NGFW from any
Vendor
NSA 3500
NSA 2400
NSA 240
TZ210
TZ200
$295
TZ100
25Mbps
18
1600 Mbps
SuperMassive E10000 Series
19
CONFIDENTIAL All Rights Reserved
Introducing Project “SuperMassive”
Next Generation Security Platform
20
CONFIDENTIAL All Rights Reserved
Next-Generation Network Security Platform
Comprehensive Inspection
Application Intelligence & Control
Powerful IPS, Multi-gig performance
Management/Visualization of traffic
RFDPI Technology
SSL Traffic Inspection
High Availability:
The Technology
96 processor cores
40+ Gbps Stateful Inspection
30+ Gbps IPS
30+ Application Control
10+ Gbps Threat Prevention
Detects over 1 Million unique threats
A/P, A/A, StateSync, Clustering
Detects, Classifies and Controls
over 3,500 Unique Applications
Design for Extreme Performance
22
•
Ultra-Low Latency
•
High Performance
•
240 Gbps Interconnect
•
Near-Linear Scalability
with doubling of
processing cores
CONFIDENTIAL All Rights Reserved
SuperMassive E10000 Series
24 Cores (A/A Config)
48 Cores
23
CONFIDENTIAL All Rights Reserved
24 Cores
96 Cores
SuperMassive E10000 Series
Stateful:
App Control:
IPS:
Anti-Malware:
VPN:
Conn/sec:
SPI Conn:
DPI Conn:
5+ Gbps
3.0+ Gbps
3.0+ Gbps
1.5+ Gbps
2.5+ Gbps
80k/sec
1,500,000
1,250,000
6x10 GbE SFP+
16x10 GbE SFP
Stateful:
10 Gbps
App Control: 7.5 Gbps
IPS:
7.5 Gbps
Anti-Malware: 3 Gbps
VPN:
5.0 Gbps
Conn/sec:
160k/sec
SPI Conn:
3,000,000
DPI Conn:
2,500,000
20 Gbps
15 Gbps
15 Gbps
6.0 Gbps
10 Gbps
320k/sec
6,000,000
5,000,000
48 Cores
24
CONFIDENTIAL All Rights Reserved
16x10 GbE SFP
24 Cores
24 Cores (A/A Config)
Stateful:
App Control:
IPS:
Anti-Malware:
VPN:
Conn/sec:
SPI Conn:
DPI Conn:
6x10 GbE SFP+
6x10 GbE SFP+
16x10 GbE SFP
Stateful:
App Control:
IPS:
Anti-Malware:
VPN:
Conn/sec:
SPI Conn:
DPI Conn:
40 Gbps
30 Gbps
30 Gbps
10 Gbps
20 Gbps
640k/sec
12,000,000
10,000,000
96 Cores
6x10 GbE SFP+
16x10 GbE SFP
SonicGRID:
Security Protection at Scale
1,000,000+ Individual Threats
25,000 Threat Family Signatures
25
3500+ Application Signatures
•
•
•
•
World Renowned Expertise
Active industry research contributor
Delivers continuous security subscription IP
and content
100% IP ownership of all signatures
SonicWALL: Dynamic Security
for the Global Network
Next Generation Firewall and 10/40
Gigabits of full security protection
Global, Distributed, Mobile and Cloud
Real-time Awareness and Visibility
Communication of Shared Threats and
Shared Defenses
Proactive Risk Management and
Compliance
Best Economics
26
Q&A
CONFIDENTIAL
All Rights Reserved
27