Transcript Endpoint Security Considerations Agenda  Open Networks  PROs & CONs  Challenges  Alternatives Open Networks are … Open Inside  Wireless  Net Meeting  Instant Messenger  Email 

Endpoint Security Considerations
1
Agenda
 Open Networks
 PROs & CONs
 Challenges
 Alternatives
2
Open Networks are … Open
Inside
 Wireless
 Net Meeting
 Instant Messenger
 Email
 Internet access
PERIMETER
 P2P applications
Outside
 Outsourcing
 Wireless
 Partners/Consultants
 Telecommuting
 Traveling Employees
 Website access
3
Information Security Challenges
Missing protection
Security investment
not at work
Misconfiguration
Solve ‘solved’ problems
again and again
Misuse/Misbehavior
Tradeoff Protection
for productivity
Missing in action
Chasing the unknown
What to do
?...
Know When you are Finished ?
4
Challenge
Finished when you Stop Rogues
Valid
Device
Rogue
Device
Valid
Device
Rogue
Device
Open
Networks
Valid
Device
Valid
Device
5
Challenge
and…
Prevent valid devices from becoming Rogues
Valid
Device
Rogue
Device
Valid
Device
Valid
Device
Open
Networks
Rogue
Device
Valid
Device
6
What is a Rogue?
Customer experience
Rogues
Gartner Vulnerabilities
Old Patch
Recent Patch
New Vulnerability
Misconfiguration
Open Network
7
Compliance Models
Voluntary Compliance Model
Turning the crank faster doesn’t help
8
Process
 Discover –missing in action
 Protect
- mis-configuration,
- missing protection,
- misuse and misbehavior.
 Enforce
- endpoints,
- access points
- all of the time.
 Remediate – to reconnect
9
Know when you’re finished
10
Requirements
 Devices – managed, unmanaged, unmanageable
 Roles – educate software not people
 Processes - network, security, operations
 Plumbing – switches, wireless, VPN, SSL
 Relentless – always, everywhere
11
Devices
Managed
Unmanaged
Unmanageable
Corporate-owned
devices
Computers owned
by
partners, suppliers,
customers,
outsourcers,
employees or public
kiosks
Network Dark
Matter
rogue computers,
network
infrastructure, and
embedded
devices
12
Educate software not people
 Security policies must adapt from HQ to hotel to home
to hotspot
 Policies must change by role, device type, location
and connection
 Without transparency, CSOs must choose between
good security or productive users
Adaptive Policies
Role
Device Type
Network Location
Policy
Executive
Corporate Owned
Enterprise LAN
Trusted, file sharing on,
full application access
Sales person
Employee Owned
Home wireless
HI, file sharing off, IM off,
print sharing off, limited
application access
Outsourcer
Unknown
Public Internet
VD, HI, SSL VPN access
only and webmail only with
data sanitization
13
NAC * NAP * TNC Comparison
15
Trusted Computing Group Standards
 TCG –a thought leading organization working together
to help enterprises ensure a trusted computing
environment
 Trusted Network Connect Sub-Group is creating a
standard for interoperability to prevent untrustworthy
devices from connecting to enterprise networks.
 Leverage existing standards – current consideration
- IEEE 802.1x protocol and the IETF EAP RFC 3748 protocol for
host access negotiation with network devices.
- RADIUS [RFC 2865] for making access verification decisions
and defining network access privileges.
 Ability to leverage the Trusted Platform Module (TPM)
microchip for hardware based level of assurance.
16
Summary – Requirements
 Devices – managed, unmanaged, unmanageable
 Roles – educate software not people
 Process – security, network, operations
 Plumbing – switches, wireless, VPN, SSL
 Relentless – always, everywhere
17
Thank you for your time