SlideShare une entreprise Scribd logo

XO _Hosted Security Product Overview__v.21 (1)

Télécharger en tant que PPTX, PDF
P
Pasquale Tursi
1  sur  15
Hosted Security – Product Overview
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 2 Hosted Security • A network-based security solution. • Fully managed, cloud Security-as-a-Service offering. • Integrates a complete suite of security solutions. – Helps shield your network and data applications from being compromised or disrupted by security threats. • Allows you to gain security protection without making capital expenses or having to increase staff.
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 3 WHAT DO WE MEAN BY “IN THE CLOUD” • Security can be classified in one of two ways: – Cloud Based. – Premises Based. • The cloud refers to the Internet and the millions of servers that connect to it. • A cloud based solution means that you are getting an application or a service through a server you are accessing through the Internet. • Hosted Security is a public cloud solution, meaning that it is an open, multi-tenant solution where customers can have service capabilities that are not located on their premise. • XO is able to support hundreds of customers on a common Unified Threat Management (UTM) platform.
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 4 Elements Hosted Security encompasses: • Next-generation Network Firewall security - helps you protect your XO MPLS VPN data network. • Intrusion Detection and Prevention System service - safeguards your network from targeted attacks and other known threats. • Web and Content Filtering - prevents users from going to prohibited web sites and sites with known malware threats. • Secure Remote Access - for mobile workforces to connect back to your private XO MPLS WAN. • Secure VPN - allows connections from off-net locations. • An online customer portal – allows your organization’s security professionals to: – Custom design firewall and security policies. – Implement rule changes and configuration requests quickly. – Get online reporting. - Open trouble tickets and view ticket status.
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 5 Architecture • Provides high-availability and failover among geographically diverse physical gateways with network redundancy to ensure business continuity. – Single firewall solution available for customer’s who don’t require geo- redundancy. • Provides aggregated Internet bandwidth, which can be shared by all MPLS VPN locations and allows you to save on Internet access costs. • Gives you the flexibility to add the security options you need, as you need them, to meet ever-changing requirements of end users. • Allows you to modify the Internet bandwidth to the MPLS network without requiring physical changes to any location. • Integrates XO’s MPLS VPN with Hosted Security into an end-to-end networking and security management solution—from one service provider on one invoice.
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 6 Key Benefits • No need to add staff, deploy new hardware, or undergo extensive development. • Supports you 24 x 7 x 365 through a certified security partner. • Can be implemented with minimal lead time. • Delivers a high level of network security. • Does not degrade network availability or uptime. • Scalable—easily add locations or users, including off-net locations with Internet Protocol Security (IP Sec) integration to Internet-based locations. • Allows you to implement security policies consistently across your network. • Services are sold individually, so that you can select the services that best meet your needs.
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 7 Features Feature Benefit Network Firewall Stateful packet inspection at the edge of the MPLS cloud. Allows/denies traffic based on IP headers and port addresses. Policy rules can be modified on a per customer basis. De-Militarized Zone (DMZ) Allows for firewall segmentation for customer who want to partition Internet from private WAN traffic. Intrusion Detection & Prevention Identifies and stops pre-determined attacks and malicious activity before they can enter your VPN. Web and Content Filtering Allows you to set up filtering rules to prevent users from downloading content that may be harmful to their computers or to the corporate network, or may be inappropriate based on company policies. Secure Remote Access Option 1 – XO authenticates users Option 2 – Customer self-authenticates users Allows your mobile workforce to connect to your corporate VPN through secure, encrypted, on-demand sessions. Secure Remote Access (Off –Net Connectivity) Allows off-net locations (fixed addresses) to connect to your corporate IP-VPN through an IPsec Tunnel.
Secure, Online Customer Portal Incidence Response Tracking • Event and incident details • Action taken • Date and time data • Attack header and payload Transaction Audit Details Captures all security-related activities including: • Device log-ins • Rules updates • Configuration changes • Actions taken • Alerts issued On-Demand Reporting Presents data on the health and security configuration of your network that faces the Internet: • Attack attempts, including attack source and destination • Attack severity • Targeted systems • Actions taken to address threats On-Demand Support • Submit support requests online • View status/history of submitted requests
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 9 Network Firewall • Unified Threat Management platform is deployed in XO network points of presence (POPs) between the MPLS VPN cloud and the Internet. • XO provisions a dedicated unique virtual firewall (Virtual DOMain or VDOM) on a per customer basis: – Default policy rules allow/deny traffic based on stateful packet inspection • You can modify policy rules through a secure online web portal. – DeMilitarized Zone (DMZ) allows you to have an isolated segment within the VDOM for any servers or services that are facing the Internet. • You can have unique security policies and specific rules defined independently from the IP-VPN for the DMZ network. • You have the optional choice of a VDOM presence on two or three geographically diverse physical platforms for geographic, as well as local blade-level redundancy.
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 10 Intrusion Detection and Prevention • Captures and inspects traffic, (even traffic allowed by the firewall). • Identifies signatures (known attack patterns). • Looks for anomalous data. • Blocks known threat sites and traffic from invalid source IP addresses. • Generates an alert when it finds unauthorized traffic, and takes action to: – Block/substitute. – Warn/permit. – Allow/track. • Updates signature database dynamically as threats are identified. • Subscribes to Fortinet’s proprietary signature database. • Supports multiple threat levels from low to high, and takes action appropriately. • In-house Security Analysts provide internal rules development and customization. – Service is proactively managed.
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 11 Web and Content Filtering • Allows you to set up filtering rules and content policies to prevent users from downloading content that may be harmful to their computers or to the corporate network, or inappropriate based on company policies and best use practices. – Permits you to translate corporate web usage policies to default rule set on the firewall. • Filers at multiple levels: – By content rating (can filter known URLs, or allow corporate policies to be enforced on content that has not been seen before). – To block a category (for example: pornography or gambling). – By white-lists (allow) and black-lists (deny) for specific URLs. – User security rating: automatically blocks sites known for malware with warnings before proceeding. – By blocking anonymizers–which enable proxies to hide a user’s real IP address.
Secure Remote Access • Gives roaming users the ability to connect to your corporate MPLS VPN using IP Sec tunnels. – You use a pre-installed VPN client for authorization and access. • Gives roaming users the ability to connect to the corporate MPLS VPN using Secure Sockets Layer (SSL) sessions. – Users log in through a secure on-line portal, or – Can use a proprietary Fortinet SSL VPN client, which would need to be installed on each user’s PC. • Users are authenticated and authorized before they can access the corporate network. • You have the choice of having BAE authenticate users, or self- authenticating users. • SRA uses Security Policy Server (SPS) to authenticate identification and grant access for an incoming connection.
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 13 Off-Net Connectivity / VPN • Allows off-net sites to connect to the MPLS VPN using IP Sec tunnels. – The IP Sec protocol allows authentication between a host and the security gateway at the beginning of a session. – Maintains an encrypted IP Sec connection between your location and the network firewall for as long as traffic exists. – Each IP packet in the data stream is encrypted to ensure security.
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 14 Conceptual Illustration
Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 15 Summary Hosted Security services use high-speed, multi-threat security gateways, 24 x 7 monitoring and management, and advanced technology to help you better protect the data traffic that runs over your XO MPLS VPN service.

Recommandé

Hosted security
Hosted securityHosted security
Hosted security
Mari Hansen
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
Belsoft
 
Why choose pan
Why choose panWhy choose pan
Why choose pan
Achmad Yudo
 
Hacking SIP Like a Boss!
Hacking SIP Like a Boss!Hacking SIP Like a Boss!
Hacking SIP Like a Boss!
Fatih Ozavci
 
VoIP Wars: Destroying Jar Jar Lync (Filtered version)
VoIP Wars: Destroying Jar Jar Lync (Filtered version)VoIP Wars: Destroying Jar Jar Lync (Filtered version)
VoIP Wars: Destroying Jar Jar Lync (Filtered version)
Fatih Ozavci
 
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
Fatih Ozavci
 
VoIP Wars: The Phreakers Awaken
VoIP Wars: The Phreakers AwakenVoIP Wars: The Phreakers Awaken
VoIP Wars: The Phreakers Awaken
Fatih Ozavci
 
Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceHardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
Fatih Ozavci
 

Recommandé

Hosted security
Hosted securityHosted security
Hosted security
Mari Hansen
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
Belsoft
 
Why choose pan
Why choose panWhy choose pan
Why choose pan
Achmad Yudo
 
Hacking SIP Like a Boss!
Hacking SIP Like a Boss!Hacking SIP Like a Boss!
Hacking SIP Like a Boss!
Fatih Ozavci
 
VoIP Wars: Destroying Jar Jar Lync (Filtered version)
VoIP Wars: Destroying Jar Jar Lync (Filtered version)VoIP Wars: Destroying Jar Jar Lync (Filtered version)
VoIP Wars: Destroying Jar Jar Lync (Filtered version)
Fatih Ozavci
 
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
VoIP Wars: Destroying Jar Jar Lync (Unfiltered version)
Fatih Ozavci
 
VoIP Wars: The Phreakers Awaken
VoIP Wars: The Phreakers AwakenVoIP Wars: The Phreakers Awaken
VoIP Wars: The Phreakers Awaken
Fatih Ozavci
 
Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and DefenceHardware Hacking Chronicles: IoT Hacking for Offence and Defence
Hardware Hacking Chronicles: IoT Hacking for Offence and Defence
Fatih Ozavci
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
 
Security chapter6
Security chapter6Security chapter6
Security chapter6
FLYMAN TECHNOLOGY LIMITED
 
Departed Communications: Learn the ways to smash them!
Departed Communications: Learn the ways to smash them!Departed Communications: Learn the ways to smash them!
Departed Communications: Learn the ways to smash them!
Fatih Ozavci
 
MBFuzzer : MITM Fuzzing for Mobile Applications
MBFuzzer : MITM Fuzzing for Mobile ApplicationsMBFuzzer : MITM Fuzzing for Mobile Applications
MBFuzzer : MITM Fuzzing for Mobile Applications
Fatih Ozavci
 
en_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityen_secur_br_secure_access_mobility
en_secur_br_secure_access_mobility
Brian Kesecker
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay Alive
Positive Hack Days
 
PAN PA500
PAN PA500PAN PA500
PAN PA500
Altaware, Inc.
 
Antirus,Firewall,Encryption,Wifi Routers, IAS, Google admin console
Antirus,Firewall,Encryption,Wifi Routers, IAS, Google admin consoleAntirus,Firewall,Encryption,Wifi Routers, IAS, Google admin console
Antirus,Firewall,Encryption,Wifi Routers, IAS, Google admin console
SACHIN SHARMA
 
What is (not) Network Security
What is (not) Network SecurityWhat is (not) Network Security
What is (not) Network Security
John ILIADIS
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
Aurobindo Nayak
 
FortiGate-80C
FortiGate-80CFortiGate-80C
FortiGate-80C
Компания ИНТРО
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
Laurent Daudré-Vignier
 
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
LiveAction Next Generation Network Management Software
 
Internet .ppt
Internet .pptInternet .ppt
Internet .ppt
Trust Odia
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year Project
MOHAMMEDELALAM1
 
How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...
Askozia
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
Belsoft
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Sachintha Gunasena
 
Minimizing Information Transparency
Minimizing Information TransparencyMinimizing Information Transparency
Minimizing Information Transparency
Usman Arshad
 
Retail
RetailRetail
Retail
Lan & Wan Solutions
 
Carta a una aprendiza de epistemología pedro ramos
Carta a una aprendiza de epistemología pedro ramosCarta a una aprendiza de epistemología pedro ramos
Carta a una aprendiza de epistemología pedro ramos
Pedro Ramos
 
Papel de la filosofia
Papel de la filosofiaPapel de la filosofia
Papel de la filosofia
ANET GARCIA HERNANDEZ
 

Contenu connexe

Tendances

Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
 
Departed Communications: Learn the ways to smash them!
Departed Communications: Learn the ways to smash them!Departed Communications: Learn the ways to smash them!
Departed Communications: Learn the ways to smash them!
Fatih Ozavci
 
MBFuzzer : MITM Fuzzing for Mobile Applications
MBFuzzer : MITM Fuzzing for Mobile ApplicationsMBFuzzer : MITM Fuzzing for Mobile Applications
MBFuzzer : MITM Fuzzing for Mobile Applications
Fatih Ozavci
 
en_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityen_secur_br_secure_access_mobility
en_secur_br_secure_access_mobility
Brian Kesecker
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay Alive
Positive Hack Days
 

Tendances (20)

Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
 
Security chapter6
Security chapter6Security chapter6
Security chapter6
 
Departed Communications: Learn the ways to smash them!
Departed Communications: Learn the ways to smash them!Departed Communications: Learn the ways to smash them!
Departed Communications: Learn the ways to smash them!
 
MBFuzzer : MITM Fuzzing for Mobile Applications
MBFuzzer : MITM Fuzzing for Mobile ApplicationsMBFuzzer : MITM Fuzzing for Mobile Applications
MBFuzzer : MITM Fuzzing for Mobile Applications
 
en_secur_br_secure_access_mobility
en_secur_br_secure_access_mobilityen_secur_br_secure_access_mobility
en_secur_br_secure_access_mobility
 
How to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay AliveHow to Hack a Telecom and Stay Alive
How to Hack a Telecom and Stay Alive
 
PAN PA500
PAN PA500PAN PA500
PAN PA500
 
Antirus,Firewall,Encryption,Wifi Routers, IAS, Google admin console
Antirus,Firewall,Encryption,Wifi Routers, IAS, Google admin consoleAntirus,Firewall,Encryption,Wifi Routers, IAS, Google admin console
Antirus,Firewall,Encryption,Wifi Routers, IAS, Google admin console
 
What is (not) Network Security
What is (not) Network SecurityWhat is (not) Network Security
What is (not) Network Security
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
 
FortiGate-80C
FortiGate-80CFortiGate-80C
FortiGate-80C
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
 
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
 
Internet .ppt
Internet .pptInternet .ppt
Internet .ppt
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year Project
 
How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...How to protect your business telephony from cyber attacks - webinar 2017, Eng...
How to protect your business telephony from cyber attacks - webinar 2017, Eng...
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
 
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & EncryptionEntrepreneurship & Commerce in IT - 11 - Security & Encryption
Entrepreneurship & Commerce in IT - 11 - Security & Encryption
 
Minimizing Information Transparency
Minimizing Information TransparencyMinimizing Information Transparency
Minimizing Information Transparency
 
Retail
RetailRetail
Retail
 

En vedette

En vedette (19)

Carta a una aprendiza de epistemología pedro ramos
Carta a una aprendiza de epistemología pedro ramosCarta a una aprendiza de epistemología pedro ramos
Carta a una aprendiza de epistemología pedro ramos
 
Papel de la filosofia
Papel de la filosofiaPapel de la filosofia
Papel de la filosofia
 
formato de texto en word
formato de texto en wordformato de texto en word
formato de texto en word
 
Mapa mental.pdf
Mapa mental.pdfMapa mental.pdf
Mapa mental.pdf
 
Toimeentulotuen yhteistyötilaisuudet: Helsinki 19.2.2016
Toimeentulotuen yhteistyötilaisuudet: Helsinki 19.2.2016Toimeentulotuen yhteistyötilaisuudet: Helsinki 19.2.2016
Toimeentulotuen yhteistyötilaisuudet: Helsinki 19.2.2016
 
GB&SMITH - 360Suite
GB&SMITH - 360SuiteGB&SMITH - 360Suite
GB&SMITH - 360Suite
 
Medidas de dispersion
Medidas de dispersionMedidas de dispersion
Medidas de dispersion
 
Presentación voleibol
Presentación voleibolPresentación voleibol
Presentación voleibol
 
Dental implants procedure
Dental implants procedureDental implants procedure
Dental implants procedure
 
Trabajo de menores
Trabajo de menoresTrabajo de menores
Trabajo de menores
 
Boas Práticas em Segurança da Informação
Boas Práticas em Segurança da InformaçãoBoas Práticas em Segurança da Informação
Boas Práticas em Segurança da Informação
 
Tìm hiểu thực trạng ô nhiễm môi trường nước và thiết kế bài trắc nghiệm đánh ...
Tìm hiểu thực trạng ô nhiễm môi trường nước và thiết kế bài trắc nghiệm đánh ...Tìm hiểu thực trạng ô nhiễm môi trường nước và thiết kế bài trắc nghiệm đánh ...
Tìm hiểu thực trạng ô nhiễm môi trường nước và thiết kế bài trắc nghiệm đánh ...
 
Arrecífes de coral
Arrecífes de coralArrecífes de coral
Arrecífes de coral
 
Vida a la vida
Vida a la vidaVida a la vida
Vida a la vida
 
The value of experience: including young people in energy research
The value of experience: including young people in energy researchThe value of experience: including young people in energy research
The value of experience: including young people in energy research
 
Exploring energy poverty in Greece: Evidence from primary surveys
Exploring energy poverty in Greece: Evidence from primary surveysExploring energy poverty in Greece: Evidence from primary surveys
Exploring energy poverty in Greece: Evidence from primary surveys
 
Toimeentulotuki kelasta, tilaisuus kumppaneille 7.11.2016
Toimeentulotuki kelasta, tilaisuus kumppaneille 7.11.2016Toimeentulotuki kelasta, tilaisuus kumppaneille 7.11.2016
Toimeentulotuki kelasta, tilaisuus kumppaneille 7.11.2016
 
Emotion, Arousal, Attention and Flow: Chaining Emotional States to Improve Hu...
Emotion, Arousal, Attention and Flow: Chaining Emotional States to Improve Hu...Emotion, Arousal, Attention and Flow: Chaining Emotional States to Improve Hu...
Emotion, Arousal, Attention and Flow: Chaining Emotional States to Improve Hu...
 
Technical writing
Technical writingTechnical writing
Technical writing
 

Similaire à XO _Hosted Security Product Overview__v.21 (1)

Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docx
ikirkton
 
Pangpse training q12011
Pangpse training q12011Pangpse training q12011
Pangpse training q12011
Joe Palo Alto
 
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docxWWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
ericbrooks84875
 
Authentic Assessment Project (AAP) Jan 2017Background Informat.docx
Authentic Assessment Project (AAP) Jan 2017Background Informat.docxAuthentic Assessment Project (AAP) Jan 2017Background Informat.docx
Authentic Assessment Project (AAP) Jan 2017Background Informat.docx
rock73
 
Next-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with TelosNext-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Amazon Web Services
 
Chapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdfChapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdf
AschalewAyele2
 

Similaire à XO _Hosted Security Product Overview__v.21 (1) (20)

Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
Background Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docxBackground Information for World-Wide Trading CompanyWorld-Wide .docx
Background Information for World-Wide Trading CompanyWorld-Wide .docx
 
Internet security
Internet securityInternet security
Internet security
 
Pangpse training q12011
Pangpse training q12011Pangpse training q12011
Pangpse training q12011
 
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docxWWTC Office Layout Diagram.htmlBackground Information for Wo.docx
WWTC Office Layout Diagram.htmlBackground Information for Wo.docx
 
Authentic Assessment Project (AAP) Jan 2017Background Informat.docx
Authentic Assessment Project (AAP) Jan 2017Background Informat.docxAuthentic Assessment Project (AAP) Jan 2017Background Informat.docx
Authentic Assessment Project (AAP) Jan 2017Background Informat.docx
 
Firewall (Network Firewall used by Network)
Firewall (Network Firewall used by Network)Firewall (Network Firewall used by Network)
Firewall (Network Firewall used by Network)
 
XO Enterprise Cloud
XO Enterprise CloudXO Enterprise Cloud
XO Enterprise Cloud
 
Next-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with TelosNext-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with Telos
 
cisco security training
cisco security trainingcisco security training
cisco security training
 
SECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.pptSECURITY PROTOCOLS.ppt
SECURITY PROTOCOLS.ppt
 
Protect your guest wifi - NOW
Protect your guest wifi - NOWProtect your guest wifi - NOW
Protect your guest wifi - NOW
 
Network security
Network security Network security
Network security
 
Datasheet: Security
Datasheet: SecurityDatasheet: Security
Datasheet: Security
 
LORIOT-Private-Network-Server.pdf
LORIOT-Private-Network-Server.pdfLORIOT-Private-Network-Server.pdf
LORIOT-Private-Network-Server.pdf
 
Chapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdfChapter_Five Compueter secuityryhf S.pdf
Chapter_Five Compueter secuityryhf S.pdf
 
firewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptxfirewall as a security measure (1)-1.pptx
firewall as a security measure (1)-1.pptx
 
PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PLNOG 17 - Artur Kane - DDoS? You shall not pass!PLNOG 17 - Artur Kane - DDoS? You shall not pass!
PLNOG 17 - Artur Kane - DDoS? You shall not pass!
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
 
Design Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security GuidelinesDesign Like a Pro: SCADA Security Guidelines
Design Like a Pro: SCADA Security Guidelines
 

XO _Hosted Security Product Overview__v.21 (1)

  • 1. Hosted Security – Product Overview
  • 2. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 2 Hosted Security • A network-based security solution. • Fully managed, cloud Security-as-a-Service offering. • Integrates a complete suite of security solutions. – Helps shield your network and data applications from being compromised or disrupted by security threats. • Allows you to gain security protection without making capital expenses or having to increase staff.
  • 3. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 3 WHAT DO WE MEAN BY “IN THE CLOUD” • Security can be classified in one of two ways: – Cloud Based. – Premises Based. • The cloud refers to the Internet and the millions of servers that connect to it. • A cloud based solution means that you are getting an application or a service through a server you are accessing through the Internet. • Hosted Security is a public cloud solution, meaning that it is an open, multi-tenant solution where customers can have service capabilities that are not located on their premise. • XO is able to support hundreds of customers on a common Unified Threat Management (UTM) platform.
  • 4. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 4 Elements Hosted Security encompasses: • Next-generation Network Firewall security - helps you protect your XO MPLS VPN data network. • Intrusion Detection and Prevention System service - safeguards your network from targeted attacks and other known threats. • Web and Content Filtering - prevents users from going to prohibited web sites and sites with known malware threats. • Secure Remote Access - for mobile workforces to connect back to your private XO MPLS WAN. • Secure VPN - allows connections from off-net locations. • An online customer portal – allows your organization’s security professionals to: – Custom design firewall and security policies. – Implement rule changes and configuration requests quickly. – Get online reporting. - Open trouble tickets and view ticket status.
  • 5. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 5 Architecture • Provides high-availability and failover among geographically diverse physical gateways with network redundancy to ensure business continuity. – Single firewall solution available for customer’s who don’t require geo- redundancy. • Provides aggregated Internet bandwidth, which can be shared by all MPLS VPN locations and allows you to save on Internet access costs. • Gives you the flexibility to add the security options you need, as you need them, to meet ever-changing requirements of end users. • Allows you to modify the Internet bandwidth to the MPLS network without requiring physical changes to any location. • Integrates XO’s MPLS VPN with Hosted Security into an end-to-end networking and security management solution—from one service provider on one invoice.
  • 6. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 6 Key Benefits • No need to add staff, deploy new hardware, or undergo extensive development. • Supports you 24 x 7 x 365 through a certified security partner. • Can be implemented with minimal lead time. • Delivers a high level of network security. • Does not degrade network availability or uptime. • Scalable—easily add locations or users, including off-net locations with Internet Protocol Security (IP Sec) integration to Internet-based locations. • Allows you to implement security policies consistently across your network. • Services are sold individually, so that you can select the services that best meet your needs.
  • 7. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 7 Features Feature Benefit Network Firewall Stateful packet inspection at the edge of the MPLS cloud. Allows/denies traffic based on IP headers and port addresses. Policy rules can be modified on a per customer basis. De-Militarized Zone (DMZ) Allows for firewall segmentation for customer who want to partition Internet from private WAN traffic. Intrusion Detection & Prevention Identifies and stops pre-determined attacks and malicious activity before they can enter your VPN. Web and Content Filtering Allows you to set up filtering rules to prevent users from downloading content that may be harmful to their computers or to the corporate network, or may be inappropriate based on company policies. Secure Remote Access Option 1 – XO authenticates users Option 2 – Customer self-authenticates users Allows your mobile workforce to connect to your corporate VPN through secure, encrypted, on-demand sessions. Secure Remote Access (Off –Net Connectivity) Allows off-net locations (fixed addresses) to connect to your corporate IP-VPN through an IPsec Tunnel.
  • 8. Secure, Online Customer Portal Incidence Response Tracking • Event and incident details • Action taken • Date and time data • Attack header and payload Transaction Audit Details Captures all security-related activities including: • Device log-ins • Rules updates • Configuration changes • Actions taken • Alerts issued On-Demand Reporting Presents data on the health and security configuration of your network that faces the Internet: • Attack attempts, including attack source and destination • Attack severity • Targeted systems • Actions taken to address threats On-Demand Support • Submit support requests online • View status/history of submitted requests
  • 9. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 9 Network Firewall • Unified Threat Management platform is deployed in XO network points of presence (POPs) between the MPLS VPN cloud and the Internet. • XO provisions a dedicated unique virtual firewall (Virtual DOMain or VDOM) on a per customer basis: – Default policy rules allow/deny traffic based on stateful packet inspection • You can modify policy rules through a secure online web portal. – DeMilitarized Zone (DMZ) allows you to have an isolated segment within the VDOM for any servers or services that are facing the Internet. • You can have unique security policies and specific rules defined independently from the IP-VPN for the DMZ network. • You have the optional choice of a VDOM presence on two or three geographically diverse physical platforms for geographic, as well as local blade-level redundancy.
  • 10. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 10 Intrusion Detection and Prevention • Captures and inspects traffic, (even traffic allowed by the firewall). • Identifies signatures (known attack patterns). • Looks for anomalous data. • Blocks known threat sites and traffic from invalid source IP addresses. • Generates an alert when it finds unauthorized traffic, and takes action to: – Block/substitute. – Warn/permit. – Allow/track. • Updates signature database dynamically as threats are identified. • Subscribes to Fortinet’s proprietary signature database. • Supports multiple threat levels from low to high, and takes action appropriately. • In-house Security Analysts provide internal rules development and customization. – Service is proactively managed.
  • 11. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 11 Web and Content Filtering • Allows you to set up filtering rules and content policies to prevent users from downloading content that may be harmful to their computers or to the corporate network, or inappropriate based on company policies and best use practices. – Permits you to translate corporate web usage policies to default rule set on the firewall. • Filers at multiple levels: – By content rating (can filter known URLs, or allow corporate policies to be enforced on content that has not been seen before). – To block a category (for example: pornography or gambling). – By white-lists (allow) and black-lists (deny) for specific URLs. – User security rating: automatically blocks sites known for malware with warnings before proceeding. – By blocking anonymizers–which enable proxies to hide a user’s real IP address.
  • 12. Secure Remote Access • Gives roaming users the ability to connect to your corporate MPLS VPN using IP Sec tunnels. – You use a pre-installed VPN client for authorization and access. • Gives roaming users the ability to connect to the corporate MPLS VPN using Secure Sockets Layer (SSL) sessions. – Users log in through a secure on-line portal, or – Can use a proprietary Fortinet SSL VPN client, which would need to be installed on each user’s PC. • Users are authenticated and authorized before they can access the corporate network. • You have the choice of having BAE authenticate users, or self- authenticating users. • SRA uses Security Policy Server (SPS) to authenticate identification and grant access for an incoming connection.
  • 13. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 13 Off-Net Connectivity / VPN • Allows off-net sites to connect to the MPLS VPN using IP Sec tunnels. – The IP Sec protocol allows authentication between a host and the security gateway at the beginning of a session. – Maintains an encrypted IP Sec connection between your location and the network firewall for as long as traffic exists. – Each IP packet in the data stream is encrypted to ensure security.
  • 14. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 14 Conceptual Illustration
  • 15. Copyright 2012. XO Communications, LLC. All rights reserved. XO, the XO design logo, and all related marks are registered trademarks of XO Communications. 15 Summary Hosted Security services use high-speed, multi-threat security gateways, 24 x 7 monitoring and management, and advanced technology to help you better protect the data traffic that runs over your XO MPLS VPN service.

Notes de l'éditeur

  1. 04/4/16 - Version 22
  2. 06/20/13 –SilverSky is XO’s technology partner, formerly known as StillSecure.