SlideShare une entreprise Scribd logo
1  sur  9
1

NAC - A Solution for
Disappearing Perimeter
December 11, 2013
Rahul Desai

Company Proprietary and Confidential

NAC - A Solution to Disappearing Perimeter
Agenda
•
•
•
•

2

Understanding Today's Threat Landscape
BYOD - Bring Your Own Device
NAC - A Solution for BYOD Security Threats
Case Study

Company Proprietary and Confidential

NAC - A Solution to Disappearing Perimeter
Changing Threat Landscape

3

• Conventional Threats and Security Models
• Generic threats for mass disruption
• Multi-tier security approach
• Reactive by design; mainly address known threats
• Emerging Threats
• Polymorphic and zero-day
• Personalized and targeted
• Evolving Threat Vectors
• Increasing BYOD culture – more Internal threats
• Limited control on non-compliant, with conventional approach

• Fear of the unknown!

Company Proprietary and Confidential

NAC - A Solution to Disappearing Perimeter
BYOD: Bring Your Own Device

4

• Bring Your Own Device
• Use of personally owned devices like smartphones, tablets and
laptops at workplace
• Flexibility to users by allowing non-WinTel platforms
• 95% of Enterprises allow BYOD in some form
• Security concerns introduced with BYOD
• Increased internal threat to data – Customers, I-P, employees’
personal information
• Better means for ‘Bad leaver’ to harm
• Existing infrastructure security limitations
• Lesser control on users, system. Disappearing Perimeters!

Company Proprietary and Confidential

NAC - A Solution to Disappearing Perimeter
NAC: A Solution to BYOD Security Threats

5

• BYOD Security Solutions: VDI, MDM and NAC.
• NAC for BYOD works independently, addresses all platforms,
maintains the user experience and protects data at the Network level.
• Network Access Control
• Unification of network security, endpoint security and user/system
authentication
• Targeted at Security policy enforcement, identity/access
management and mitigation of zero-day threats
• NAC for BYOD Security Vs. NAC for Conventional Network
• Agentless and inline
• Wired and wireless network coverage
• Addressing the unknown!

Continued

Company Proprietary and Confidential

NAC - A Solution to Disappearing Perimeter
NAC: A Solution to BYOD Security Threats

6

Employees
Wired/Wireless

Contractors
Network Access

Guests
• User Identity Management
• Security Policy Enforcement and
Remediation

Company Proprietary and Confidential

NAC - A Solution to Disappearing Perimeter
Case Study: Introducing BYOD in a Multinational FMCG

7

• Multinational FMCG organization
• 80+ Countries, 200+ Locations worldwide

• Mixed IT environment
• Unix, Windows Servers; Windows Desktops and Laptops
• Official acceptance of BYOD
• To additionally allow Smartphones, Tablets (iOS and Android) and
MacBooks
• Challenges:
• Increased IT Infrastructure management cost (time, effort and
increased risk)
• Inadequate IT Security controls to accommodate mobile devices
• Lack of employee awareness of BYOD best practices
Continued

Company Proprietary and Confidential

NAC - A Solution to Disappearing Perimeter
Case Study: Introducing BYOD in a Multinational FMCG

8

• Solution: Integrate NAC into existing IT security infrastructure
• Policy based Network access control
• Transparent to compliant end-users
• Host integrity enforcement through Remediation system
• Optional remediation mechanism for Smartphones
• NAC Implementation Process
• Identify the scope of devices to be allowed
• Define and update IT Security policies and controls
• Implement and rollout
• Use Cases
1. MacBook is running older Mac OS.
2. iPhone is running a restricted application.
3. An employee’s personal Windows laptop does not have Antivirus
installed.
Company Proprietary and Confidential

NAC - A Solution to Disappearing Perimeter
Discussion: Q&A

9

Rahul Desai
rahul.desai@risknaut.com
Company Proprietary and Confidential

NAC - A Solution to Disappearing Perimeter

Contenu connexe

Tendances

ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...Digital Bond
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMJim Gilsinn
 
国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析Onward Security
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Joan Figueras Tugas
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?Digital Bond
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextAlgoSec
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNorth Texas Chapter of the ISSA
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82majolic
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Lancope, Inc.
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)Byres Security Inc.
 
Assessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsAssessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsDigital Bond
 
Network Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionNetwork Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionConor Ryan
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial  systemsCybersecurity for modern industrial  systems
Cybersecurity for modern industrial systemsItex Solutions
 
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Cybersecurity Implementation and Certification in Practice for IoT EquipmentCybersecurity Implementation and Certification in Practice for IoT Equipment
Cybersecurity Implementation and Certification in Practice for IoT EquipmentOnward Security
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Jim Gilsinn
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Digital Bond
 
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersEnsuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersAlgoSec
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
 

Tendances (20)

ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
 
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEMNetwork Reliability Monitoring for ICS: Going Beyond NSM and SIEM
Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM
 
国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析国际物联网安全标准与认证大解析
国际物联网安全标准与认证大解析
 
Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)Cybersecurity in Industrial Control Systems (ICS)
Cybersecurity in Industrial Control Systems (ICS)
 
Should I Patch My ICS?
Should I Patch My ICS?Should I Patch My ICS?
Should I Patch My ICS?
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
 
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin WheelerNTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
NTXISSACSC2 - Securing Industrial Control Systems by Kevin Wheeler
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
 
Nist 800 82
Nist 800 82Nist 800 82
Nist 800 82
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
 
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
ANSI/ISA-99 and Intrinsically Secure Systems (May 2009)
 
Assessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsAssessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS Solutions
 
Network Access Control as a Network Security Solution
Network Access Control as a Network Security SolutionNetwork Access Control as a Network Security Solution
Network Access Control as a Network Security Solution
 
Cybersecurity for modern industrial systems
Cybersecurity for modern industrial  systemsCybersecurity for modern industrial  systems
Cybersecurity for modern industrial systems
 
Cybersecurity Implementation and Certification in Practice for IoT Equipment
Cybersecurity Implementation and Certification in Practice for IoT EquipmentCybersecurity Implementation and Certification in Practice for IoT Equipment
Cybersecurity Implementation and Certification in Practice for IoT Equipment
 
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
Using Cyber-Vulnerability Assessment (CVA) to Optimize Control System Upgrade...
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
 
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersEnsuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
 

Similaire à NAC - A Solution for Disappearing Perimeter

Security For Business: Are You And Your Customers Safe
Security For Business:  Are You And Your Customers SafeSecurity For Business:  Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safewoodsy01
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourleyGovCloud Network
 
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...bugcrowd
 
Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech    Mirror Cloud Presentation. 112211Zenith Infotech    Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211hdmchughgmailcom
 
Ubiquitous computing presentation 2
Ubiquitous computing presentation 2Ubiquitous computing presentation 2
Ubiquitous computing presentation 2Arpan Patel
 
CASBs: 8 Critical Capabilities in partnership with ISMG Media Group
CASBs: 8 Critical Capabilities in partnership with ISMG Media GroupCASBs: 8 Critical Capabilities in partnership with ISMG Media Group
CASBs: 8 Critical Capabilities in partnership with ISMG Media GroupBitglass
 
Wp byod
Wp byodWp byod
Wp byodJ
 
Sphere 3D presentation for Credit Suisse technology conference 2014
Sphere 3D presentation for Credit Suisse technology conference 2014Sphere 3D presentation for Credit Suisse technology conference 2014
Sphere 3D presentation for Credit Suisse technology conference 2014Peter Bookman
 
BYOD - Secure the data, not the device
BYOD - Secure the data, not the deviceBYOD - Secure the data, not the device
BYOD - Secure the data, not the deviceb coatesworth
 
Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Andris Soroka
 
Mobile Solutions and Privacy – Not One at the Expense of the Other
 Mobile Solutions and Privacy – Not One at the Expense of the Other Mobile Solutions and Privacy – Not One at the Expense of the Other
Mobile Solutions and Privacy – Not One at the Expense of the Otherbradley_g
 
NetIDEAS Inc. - Enabling Global Design Teams with hosted Windchill
NetIDEAS Inc. - Enabling Global Design Teams with hosted WindchillNetIDEAS Inc. - Enabling Global Design Teams with hosted Windchill
NetIDEAS Inc. - Enabling Global Design Teams with hosted WindchillJeff Kiesel
 
Cybersecurity
Cybersecurity Cybersecurity
Cybersecurity nado-web
 
Cyber Threat Prevention
Cyber Threat Prevention Cyber Threat Prevention
Cyber Threat Prevention Jonathan Posner
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
 
Cloudy with a chance of downtime
Cloudy with a chance of downtimeCloudy with a chance of downtime
Cloudy with a chance of downtimeAFCOM
 
Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)k33a
 

Similaire à NAC - A Solution for Disappearing Perimeter (20)

Security For Business: Are You And Your Customers Safe
Security For Business:  Are You And Your Customers SafeSecurity For Business:  Are You And Your Customers Safe
Security For Business: Are You And Your Customers Safe
 
110307 cloud security requirements gourley
110307 cloud security requirements gourley110307 cloud security requirements gourley
110307 cloud security requirements gourley
 
Logicalis BYOD Briefing
Logicalis BYOD BriefingLogicalis BYOD Briefing
Logicalis BYOD Briefing
 
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
 
Zenith Infotech Mirror Cloud Presentation. 112211
Zenith Infotech    Mirror Cloud Presentation. 112211Zenith Infotech    Mirror Cloud Presentation. 112211
Zenith Infotech Mirror Cloud Presentation. 112211
 
Ubiquitous computing presentation 2
Ubiquitous computing presentation 2Ubiquitous computing presentation 2
Ubiquitous computing presentation 2
 
Byod final (2)
Byod   final (2)Byod   final (2)
Byod final (2)
 
CASBs: 8 Critical Capabilities in partnership with ISMG Media Group
CASBs: 8 Critical Capabilities in partnership with ISMG Media GroupCASBs: 8 Critical Capabilities in partnership with ISMG Media Group
CASBs: 8 Critical Capabilities in partnership with ISMG Media Group
 
Wp byod
Wp byodWp byod
Wp byod
 
Sphere 3D presentation for Credit Suisse technology conference 2014
Sphere 3D presentation for Credit Suisse technology conference 2014Sphere 3D presentation for Credit Suisse technology conference 2014
Sphere 3D presentation for Credit Suisse technology conference 2014
 
BYOD - Secure the data, not the device
BYOD - Secure the data, not the deviceBYOD - Secure the data, not the device
BYOD - Secure the data, not the device
 
Mobile Apps Security
Mobile Apps SecurityMobile Apps Security
Mobile Apps Security
 
Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012Lumension Security - Adjusting our defenses for 2012
Lumension Security - Adjusting our defenses for 2012
 
Mobile Solutions and Privacy – Not One at the Expense of the Other
 Mobile Solutions and Privacy – Not One at the Expense of the Other Mobile Solutions and Privacy – Not One at the Expense of the Other
Mobile Solutions and Privacy – Not One at the Expense of the Other
 
NetIDEAS Inc. - Enabling Global Design Teams with hosted Windchill
NetIDEAS Inc. - Enabling Global Design Teams with hosted WindchillNetIDEAS Inc. - Enabling Global Design Teams with hosted Windchill
NetIDEAS Inc. - Enabling Global Design Teams with hosted Windchill
 
Cybersecurity
Cybersecurity Cybersecurity
Cybersecurity
 
Cyber Threat Prevention
Cyber Threat Prevention Cyber Threat Prevention
Cyber Threat Prevention
 
Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015Journey to the Cloud: Securing Your AWS Applications - April 2015
Journey to the Cloud: Securing Your AWS Applications - April 2015
 
Cloudy with a chance of downtime
Cloudy with a chance of downtimeCloudy with a chance of downtime
Cloudy with a chance of downtime
 
Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)Bring Your Own Device (BYOD)
Bring Your Own Device (BYOD)
 

Dernier

Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxUdaiappa Ramachandran
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 

Dernier (20)

Building AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptxBuilding AI-Driven Apps Using Semantic Kernel.pptx
Building AI-Driven Apps Using Semantic Kernel.pptx
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 

NAC - A Solution for Disappearing Perimeter

  • 1. 1 NAC - A Solution for Disappearing Perimeter December 11, 2013 Rahul Desai Company Proprietary and Confidential NAC - A Solution to Disappearing Perimeter
  • 2. Agenda • • • • 2 Understanding Today's Threat Landscape BYOD - Bring Your Own Device NAC - A Solution for BYOD Security Threats Case Study Company Proprietary and Confidential NAC - A Solution to Disappearing Perimeter
  • 3. Changing Threat Landscape 3 • Conventional Threats and Security Models • Generic threats for mass disruption • Multi-tier security approach • Reactive by design; mainly address known threats • Emerging Threats • Polymorphic and zero-day • Personalized and targeted • Evolving Threat Vectors • Increasing BYOD culture – more Internal threats • Limited control on non-compliant, with conventional approach • Fear of the unknown! Company Proprietary and Confidential NAC - A Solution to Disappearing Perimeter
  • 4. BYOD: Bring Your Own Device 4 • Bring Your Own Device • Use of personally owned devices like smartphones, tablets and laptops at workplace • Flexibility to users by allowing non-WinTel platforms • 95% of Enterprises allow BYOD in some form • Security concerns introduced with BYOD • Increased internal threat to data – Customers, I-P, employees’ personal information • Better means for ‘Bad leaver’ to harm • Existing infrastructure security limitations • Lesser control on users, system. Disappearing Perimeters! Company Proprietary and Confidential NAC - A Solution to Disappearing Perimeter
  • 5. NAC: A Solution to BYOD Security Threats 5 • BYOD Security Solutions: VDI, MDM and NAC. • NAC for BYOD works independently, addresses all platforms, maintains the user experience and protects data at the Network level. • Network Access Control • Unification of network security, endpoint security and user/system authentication • Targeted at Security policy enforcement, identity/access management and mitigation of zero-day threats • NAC for BYOD Security Vs. NAC for Conventional Network • Agentless and inline • Wired and wireless network coverage • Addressing the unknown! Continued Company Proprietary and Confidential NAC - A Solution to Disappearing Perimeter
  • 6. NAC: A Solution to BYOD Security Threats 6 Employees Wired/Wireless Contractors Network Access Guests • User Identity Management • Security Policy Enforcement and Remediation Company Proprietary and Confidential NAC - A Solution to Disappearing Perimeter
  • 7. Case Study: Introducing BYOD in a Multinational FMCG 7 • Multinational FMCG organization • 80+ Countries, 200+ Locations worldwide • Mixed IT environment • Unix, Windows Servers; Windows Desktops and Laptops • Official acceptance of BYOD • To additionally allow Smartphones, Tablets (iOS and Android) and MacBooks • Challenges: • Increased IT Infrastructure management cost (time, effort and increased risk) • Inadequate IT Security controls to accommodate mobile devices • Lack of employee awareness of BYOD best practices Continued Company Proprietary and Confidential NAC - A Solution to Disappearing Perimeter
  • 8. Case Study: Introducing BYOD in a Multinational FMCG 8 • Solution: Integrate NAC into existing IT security infrastructure • Policy based Network access control • Transparent to compliant end-users • Host integrity enforcement through Remediation system • Optional remediation mechanism for Smartphones • NAC Implementation Process • Identify the scope of devices to be allowed • Define and update IT Security policies and controls • Implement and rollout • Use Cases 1. MacBook is running older Mac OS. 2. iPhone is running a restricted application. 3. An employee’s personal Windows laptop does not have Antivirus installed. Company Proprietary and Confidential NAC - A Solution to Disappearing Perimeter
  • 9. Discussion: Q&A 9 Rahul Desai rahul.desai@risknaut.com Company Proprietary and Confidential NAC - A Solution to Disappearing Perimeter

Notes de l'éditeur

  1. Presentation on “Network Access Control as a Solution for the Disappearing Perimeter”Presenter: Rahul Desai
  2. rahul.desai@risknaut.com