SlideShare une entreprise Scribd logo

Ransomware-Recovery-as-a-Service

Télécharger en tant que PPTX, PDF
Sagi Brody
Sagi Brody

As presented on 1/31/2018 at Cisco NYC Security Open House. These slides describe how a proper Disaster Recovery infrastructure, with a proper an automated network integration can provide instant recovery from Ransomware attacks and can improve security of the production environment.

Technologie
1  sur  27
Ransomware-Recovery-as-a-Service Sagi Brody @webairsagi Chief Technology Officer
Topics • Why Disaster-Recovery-as-a-Service (DRaaS) at a security open house? • How does DRaaS turn into RRaaS (Ransomware-Recovery-as-a-Service) • How do I use DRaaS to improve production security? • How do we leverage new technology to automate it? • How does it all change in a Hybrid IT world?
DDoS & Cyberattack - 2017 FUD • 2017 Global Ransomware damage exceeds $5B. Up from $325M in 2015 • 35% increase in # of attacks per target, Q1 to Q3 2017* • 55% increase in attacks >10Gbps* • 20+ reflection vectors with 600x1 amplification (CLDAP newest) • EternalRed/SambaCry *nix server exploit • Repear sleeper BotNet: 9 exploits in D-link, Linksys… (Mirai 2.0) • DDoS being used as a distraction for Cybersecurity *Corero DDoS Trends Report 2017
Ransom DDoS (RDoS) We are Armada Collective. If you haven heard for us, use Google. Recently, we have launched some of the largest DDoS attacks in history. Check this out, for example: https://twitter.com/optucker/status/665470164411023360 (and it was measured while we were DDoS-ing 3 other sites at the same time) We will start DDoS-ing your network if you don't pay 20 Bitcoins @ 14sJhJTVzQBAhZ4a8o2BCb1LufxoZ7UpAT by Monday Right now we will start small 30 minutes UDP attack on your site's IP: xx.xx.xx.xx. It will not be hard, just to prove that we are for real Armada Collective. Check your logs. If you don't pay by Friday, massive attack will start, price to stop will increase to 40 BTC and will go up 2 BTC for every hour of attack. In addition, we will be contacting affected customers to explain why they are down and recommend them to move to OVH. We will do the same on social networks Our attacks are extremely powerful - sometimes over 1 Tbps per second. Prevent it all with just 20 BTC @ 14sJhJTVzQBAhZ4a8o2BCb1LufxoZ7UpAT Do not reply, we will not read. Pay and we will know its you. AND YOU WILL NEVER AGAIN HEAR FROM US! AAnd nobody will ever know you cooperated.
Ransomware: Proactive solutions are not enough Full Cyber & Business Continuity Protection Proactive Reactive Threat monitoring & mitigation Disaster Recovery & IT Resiliency Orchestration
Webair Disaster-Recovery-as-a-Service Platforms: • Vmware, HyperV • Physical Servers • Native HCI platforms • IBM iSeries, AIX, Mainframe (i, P, Z) • Native storage replication (Nimble, NetApp Snap Mirror, EMC, Object) Features: • Fully Managed Failover AND Failback • Fully Managed Quarterly testing with reporting • 72 hours per month of DR environment usage included • 30 Day Journal history • Synchronous 15 minute RPO SLA, 1 Hour RTO SLA • Portal Access with on-demand testing, and spin up • Application specific failover • Automated runbook creation, including scripting, network automation, 3rd party APIs
Webair Disaster-Recovery-as-a-Service Cost Metrics: • Per Server per month • Storage used per month • No transfer charges • No operation charges • No declaration fee
Disaster-Recovery-as-an-entry-point • Recovery infrastructure is often ignored until needed • Forcing a DR failover event can expose new attack vectors • DR site security not on-par with production • MSSP monitoring at recovery site? • Asset, Vulnerability, Penetration testing of DR site?
Improve Production Security • MSSP full accountability • Consistent security & technology • Reference Architecture: • Replica of production @DR • SIEM @ DR • DRaaS API & Automation • Free Usage of recovery infrastructure • Enhanced Security: • Replica for DLP, asset & vulnerability scanning, penetration testing • Reduce production vulnerability exposure time • Reduce time to remediation
“Usable” Ransomware Recovery • Application specific failover & failback • Is it easier than paying off the ransom? • DRaaS and RRaaS is not about replicating data, its about the network.
DR Network Automation & Exposure Traditional Methods: • MPLS, VPN, cross connects • Internal & external route injection (iBGP/eBGP, static…) • DNS • Double-NAT • L2 Stretch.. • More dirtiness Security Implications: • All security related change control must be matched at DR (ACLs..) • DR-Site must be considered standalone “branch office” • DR-Site requires feature parity to support security platforms • Solid/Proper Security & DR scenario may require major changes to production (re-IP)
DR Networking & Security: A better way Using Software-Defined Perimeter tools for DRaaS automation • i.e: AppGate, ScaleFT, NSX • Enforces Zero-Trust security models across organization • Abstracts security control from network architecture • Policy based, global security • Provides software-defined controller for automation
DR Networking & Security: A better way SDP for Disaster Recovery • Policy based failover & failback between production/DR • No traditional network changes required to failover/back • Network team not required for proper DR configuration • Security guaranteed to be same at DR site • Requirement: • Organization must utilize the SDP software • DRaaS provider/infrastructure must support • 1+1 = 3
DR Networking & Security: Public Fabric
DR Networking & Security: Fabric Fabric for Disaster Recovery • Automated capacity increases to recovery site via API • Follows your infrastructure • Easy traffic segmentation: • Replication traffic • Easy traffic segmentation via multiple VXCs • Dangerous L2 stretch only enabled at recovery time (l2 overlap) • Part of IT Resilience Orchestration
Future Production Environments: Hybrid IT
Hybrid IT: New Disruption Opportunities • Non-traditional Prod/DR • “Production” in SaaS • Internet connectivity more important • Hyperscale on-ramp • IoT phone-home to SaaS • Hosted Voice & SIP • 3rd parties being attacked • Cohesive Security Policies
Direct Access Cloud • Cloud infrastructure privately connected to customer environments • Cloud infrastructure which is local, low-latency, data-sovereign • Predictable performance • Utilize organization’s existing security policies and devices • “Air-Gapped” cloud infrastructure • Single point accountability • Single network & security integration • “Workloads’s best interest at heart” • Match Hyperscale counterparts, i.e. AzureStack
Global Locations
• Tier 3 rated, SOC1, SOC2, FISMA, CJIS, HIPAA, PCI-DSS, NYS DFS 500, Open-IX Compliance • 400 Cabinet capacity, up to 8MW Power • 3 Generators on-site with 7+ days worth of fuel on-site • Hyperscale on-ramp on premises (AWS, Azure, Google) • DDoS monitoring and mitigation on-premises • Eco-system of managed services on-premises • Provides native transport services to all NY metro offices and data centers • Tax-Exempt and Hydro-Electric “green” power allocation from NYPA • Outside 25 mile NYC “blast zone” with Manhattan Bypass fiber routes • BCDR seats on-premises • LIRR train station on-premises Webair NY1
THANK YOU Gartner Notable Vendor Magic Quadrant Disaster-Recovery-as-a-Service, 2017 Market Guide for IT Resiliency Orchestration, 2017 Hype Cycle for Cloud Security, 2017 Hype Cycle for Business Continuity Management and IT Resilience, 2017

Recommandé

Latest Trends in Web Application Security
Latest Trends in Web Application SecurityLatest Trends in Web Application Security
Latest Trends in Web Application SecurityCloudflare
 
How to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingHow to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingCloudflare
 
Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Bangladesh Network Operators Group
 
How to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesHow to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesCloudflare
 
Next-Gen DDoS Detection
Next-Gen DDoS DetectionNext-Gen DDoS Detection
Next-Gen DDoS DetectionAlex Henthorn-Iwane
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceCloudflare
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderCloudflare
 
Botconf ppt
Botconf pptBotconf ppt
Botconf pptCloudflare
 

Recommandé

Latest Trends in Web Application Security
Latest Trends in Web Application SecurityLatest Trends in Web Application Security
Latest Trends in Web Application SecurityCloudflare
 
How to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingHow to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingCloudflare
 
Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Bangladesh Network Operators Group
 
How to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesHow to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesCloudflare
 
Next-Gen DDoS Detection
Next-Gen DDoS DetectionNext-Gen DDoS Detection
Next-Gen DDoS DetectionAlex Henthorn-Iwane
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceCloudflare
 
What You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderWhat You're Missing With Your Current WAF Provider
What You're Missing With Your Current WAF ProviderCloudflare
 
Botconf ppt
Botconf pptBotconf ppt
Botconf pptCloudflare
 
Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Cloudflare
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyCloudflare
 
What do you need to know to scale your business to China using Microsoft Azure
What do you need to know to scale your business to China using Microsoft AzureWhat do you need to know to scale your business to China using Microsoft Azure
What do you need to know to scale your business to China using Microsoft AzureAsaf Nakash
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsCloudflare
 
What’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesWhat’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesCloudflare
 
How to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherHow to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherPanther Labs
 
Slashing Your Cloud Risk: 3 Must-Do's
Slashing Your Cloud Risk: 3 Must-Do'sSlashing Your Cloud Risk: 3 Must-Do's
Slashing Your Cloud Risk: 3 Must-Do'sSecurity Innovation
 
The Advent of Serverless Technologies
The Advent of Serverless TechnologiesThe Advent of Serverless Technologies
The Advent of Serverless TechnologiesCloudflare
 
What You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackWhat You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackCloudflare
 
Scaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceScaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceCloudflare
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerPriyanka Aash
 
New Products Overview: Use Cases and Demos
New Products Overview: Use Cases and DemosNew Products Overview: Use Cases and Demos
New Products Overview: Use Cases and DemosCaitlin Magat
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
Cloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloadsCloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloadsAsaf Nakash
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAsaf Nakash
 
Azure F5 Solutions
Azure F5 SolutionsAzure F5 Solutions
Azure F5 SolutionsMarketingArrowECS_CZ
 
Cloud computing data storage technology
Cloud computing data storage technologyCloud computing data storage technology
Cloud computing data storage technologyhbnazari
 
MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017
MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017
MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017Andrew Miller
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...Imperva Incapsula
 
SSL for SaaS Providers
SSL for SaaS ProvidersSSL for SaaS Providers
SSL for SaaS ProvidersCloudflare
 
Combating Cyberattacks through Network Agility and Automation
Combating Cyberattacks through Network Agility and AutomationCombating Cyberattacks through Network Agility and Automation
Combating Cyberattacks through Network Agility and AutomationSagi Brody
 
A non-technical introduction to Cloud Computing
A non-technical introduction to Cloud ComputingA non-technical introduction to Cloud Computing
A non-technical introduction to Cloud ComputingWilliam Pourmajidi
 

Contenu connexe

Tendances

Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Cloudflare
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyCloudflare
 
What do you need to know to scale your business to China using Microsoft Azure
What do you need to know to scale your business to China using Microsoft AzureWhat do you need to know to scale your business to China using Microsoft Azure
What do you need to know to scale your business to China using Microsoft AzureAsaf Nakash
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsCloudflare
 
What’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesWhat’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesCloudflare
 
How to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherHow to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherPanther Labs
 
Slashing Your Cloud Risk: 3 Must-Do's
Slashing Your Cloud Risk: 3 Must-Do'sSlashing Your Cloud Risk: 3 Must-Do's
Slashing Your Cloud Risk: 3 Must-Do'sSecurity Innovation
 
The Advent of Serverless Technologies
The Advent of Serverless TechnologiesThe Advent of Serverless Technologies
The Advent of Serverless TechnologiesCloudflare
 
What You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackWhat You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackCloudflare
 
Scaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceScaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceCloudflare
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerPriyanka Aash
 
New Products Overview: Use Cases and Demos
New Products Overview: Use Cases and DemosNew Products Overview: Use Cases and Demos
New Products Overview: Use Cases and DemosCaitlin Magat
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 
Cloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloadsCloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloadsAsaf Nakash
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAsaf Nakash
 
Cloud computing data storage technology
Cloud computing data storage technologyCloud computing data storage technology
Cloud computing data storage technologyhbnazari
 
MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017
MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017
MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017Andrew Miller
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...Imperva Incapsula
 
SSL for SaaS Providers
SSL for SaaS ProvidersSSL for SaaS Providers
SSL for SaaS ProvidersCloudflare
 

Tendances (20)

Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)
 
Filling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation StrategyFilling the Gaps in Your DDoS Mitigation Strategy
Filling the Gaps in Your DDoS Mitigation Strategy
 
What do you need to know to scale your business to China using Microsoft Azure
What do you need to know to scale your business to China using Microsoft AzureWhat do you need to know to scale your business to China using Microsoft Azure
What do you need to know to scale your business to China using Microsoft Azure
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teams
 
What’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product LaunchesWhat’s New at Cloudflare: New Product Launches
What’s New at Cloudflare: New Product Launches
 
How to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with PantherHow to Implement Snowflake Security Best Practices with Panther
How to Implement Snowflake Security Best Practices with Panther
 
Slashing Your Cloud Risk: 3 Must-Do's
Slashing Your Cloud Risk: 3 Must-Do'sSlashing Your Cloud Risk: 3 Must-Do's
Slashing Your Cloud Risk: 3 Must-Do's
 
The Advent of Serverless Technologies
The Advent of Serverless TechnologiesThe Advent of Serverless Technologies
The Advent of Serverless Technologies
 
What You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS AttackWhat You Should Know Before The Next DDoS Attack
What You Should Know Before The Next DDoS Attack
 
Scaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceScaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-service
 
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerHACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN Controller
 
New Products Overview: Use Cases and Demos
New Products Overview: Use Cases and DemosNew Products Overview: Use Cases and Demos
New Products Overview: Use Cases and Demos
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
Cloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloadsCloud Camp: Infrastructure as a service advance workloads
Cloud Camp: Infrastructure as a service advance workloads
 
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and complianceAzure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
 
Azure F5 Solutions
Azure F5 SolutionsAzure F5 Solutions
Azure F5 Solutions
 
Cloud computing data storage technology
Cloud computing data storage technologyCloud computing data storage technology
Cloud computing data storage technology
 
MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017
MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017
MGT3342BUS - Architecting Data Protection with Rubrik - VMworld 2017
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
 
SSL for SaaS Providers
SSL for SaaS ProvidersSSL for SaaS Providers
SSL for SaaS Providers
 

Similaire à Ransomware-Recovery-as-a-Service

Combating Cyberattacks through Network Agility and Automation
Combating Cyberattacks through Network Agility and AutomationCombating Cyberattacks through Network Agility and Automation
Combating Cyberattacks through Network Agility and AutomationSagi Brody
 
A non-technical introduction to Cloud Computing
A non-technical introduction to Cloud ComputingA non-technical introduction to Cloud Computing
A non-technical introduction to Cloud ComputingWilliam Pourmajidi
 
Virtualization and cloud computing
Virtualization and cloud computingVirtualization and cloud computing
Virtualization and cloud computingDeep Gupta
 
DDoS Mitigator. Personal control panel for each hosting clients.
DDoS Mitigator. Personal control panel for each hosting clients.DDoS Mitigator. Personal control panel for each hosting clients.
DDoS Mitigator. Personal control panel for each hosting clients.Глеб Хохлов
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraRogerChaucaZea
 
Financial impact of Cloud Computing
Financial impact of Cloud ComputingFinancial impact of Cloud Computing
Financial impact of Cloud Computingkrisbliesner
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Akash Mahajan
 
Meetup Microservices Commandments
Meetup Microservices CommandmentsMeetup Microservices Commandments
Meetup Microservices CommandmentsBill Zajac
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
Updates to Apache CloudStack and LINBIT SDS
Updates to Apache CloudStack and LINBIT SDSUpdates to Apache CloudStack and LINBIT SDS
Updates to Apache CloudStack and LINBIT SDSShapeBlue
 
Internet Scale Architecture
Internet Scale ArchitectureInternet Scale Architecture
Internet Scale ArchitectureRightScale
 
How Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run ITHow Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run ITPeter HJ van Eijk
 
The Best of Both Worlds: Implementing Hybrid IT with AWS
The Best of Both Worlds: Implementing Hybrid IT with AWSThe Best of Both Worlds: Implementing Hybrid IT with AWS
The Best of Both Worlds: Implementing Hybrid IT with AWSRightScale
 
Disaster recovery solutions and datacentre replacements
Disaster recovery solutions and datacentre replacementsDisaster recovery solutions and datacentre replacements
Disaster recovery solutions and datacentre replacementsOVHcloud
 
Ransomware: The Defendable Epidemic
Ransomware: The Defendable EpidemicRansomware: The Defendable Epidemic
Ransomware: The Defendable EpidemicSagi Brody
 
A scalable server environment for your applications
A scalable server environment for your applicationsA scalable server environment for your applications
A scalable server environment for your applicationsGigaSpaces
 
Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)johndorian555
 
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoWho Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoThousandEyes
 
Wowrack Cloud Services
Wowrack Cloud ServicesWowrack Cloud Services
Wowrack Cloud ServicesDoug Cardinale
 
A Complete Guide Cloud Computing
A Complete Guide Cloud ComputingA Complete Guide Cloud Computing
A Complete Guide Cloud ComputingSripati Mahapatra
 

Similaire à Ransomware-Recovery-as-a-Service (20)

Combating Cyberattacks through Network Agility and Automation
Combating Cyberattacks through Network Agility and AutomationCombating Cyberattacks through Network Agility and Automation
Combating Cyberattacks through Network Agility and Automation
 
A non-technical introduction to Cloud Computing
A non-technical introduction to Cloud ComputingA non-technical introduction to Cloud Computing
A non-technical introduction to Cloud Computing
 
Virtualization and cloud computing
Virtualization and cloud computingVirtualization and cloud computing
Virtualization and cloud computing
 
DDoS Mitigator. Personal control panel for each hosting clients.
DDoS Mitigator. Personal control panel for each hosting clients.DDoS Mitigator. Personal control panel for each hosting clients.
DDoS Mitigator. Personal control panel for each hosting clients.
 
Presentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion seguraPresentacion de solucion cloud de navegacion segura
Presentacion de solucion cloud de navegacion segura
 
Financial impact of Cloud Computing
Financial impact of Cloud ComputingFinancial impact of Cloud Computing
Financial impact of Cloud Computing
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014
 
Meetup Microservices Commandments
Meetup Microservices CommandmentsMeetup Microservices Commandments
Meetup Microservices Commandments
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloud
 
Updates to Apache CloudStack and LINBIT SDS
Updates to Apache CloudStack and LINBIT SDSUpdates to Apache CloudStack and LINBIT SDS
Updates to Apache CloudStack and LINBIT SDS
 
Internet Scale Architecture
Internet Scale ArchitectureInternet Scale Architecture
Internet Scale Architecture
 
How Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run ITHow Cloud Computing will change how you and your team will run IT
How Cloud Computing will change how you and your team will run IT
 
The Best of Both Worlds: Implementing Hybrid IT with AWS
The Best of Both Worlds: Implementing Hybrid IT with AWSThe Best of Both Worlds: Implementing Hybrid IT with AWS
The Best of Both Worlds: Implementing Hybrid IT with AWS
 
Disaster recovery solutions and datacentre replacements
Disaster recovery solutions and datacentre replacementsDisaster recovery solutions and datacentre replacements
Disaster recovery solutions and datacentre replacements
 
Ransomware: The Defendable Epidemic
Ransomware: The Defendable EpidemicRansomware: The Defendable Epidemic
Ransomware: The Defendable Epidemic
 
A scalable server environment for your applications
A scalable server environment for your applicationsA scalable server environment for your applications
A scalable server environment for your applications
 
Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)Infrastructure as a service (iaa s)
Infrastructure as a service (iaa s)
 
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and CiscoWho Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
Who Moved My Network? Mastering Hybrid WANs with ThousandEyes and Cisco
 
Wowrack Cloud Services
Wowrack Cloud ServicesWowrack Cloud Services
Wowrack Cloud Services
 
A Complete Guide Cloud Computing
A Complete Guide Cloud ComputingA Complete Guide Cloud Computing
A Complete Guide Cloud Computing
 

Plus de Sagi Brody

Automated Ransomware Recovery for Full Cyber Protection
Automated Ransomware Recovery for Full Cyber ProtectionAutomated Ransomware Recovery for Full Cyber Protection
Automated Ransomware Recovery for Full Cyber ProtectionSagi Brody
 
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...Sagi Brody
 
Pulling Back the Cloud Curtain
Pulling Back the Cloud CurtainPulling Back the Cloud Curtain
Pulling Back the Cloud CurtainSagi Brody
 
Why Managed Service Providers Should Embrace Container Technology
Why Managed Service Providers Should Embrace Container TechnologyWhy Managed Service Providers Should Embrace Container Technology
Why Managed Service Providers Should Embrace Container TechnologySagi Brody
 
Multi-Layer DDoS Mitigation Strategies
Multi-Layer DDoS Mitigation StrategiesMulti-Layer DDoS Mitigation Strategies
Multi-Layer DDoS Mitigation StrategiesSagi Brody
 
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider DisciplineTroubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider DisciplineSagi Brody
 
Managing Remote Operation Teams
Managing Remote Operation TeamsManaging Remote Operation Teams
Managing Remote Operation TeamsSagi Brody
 
TroubleShooting as a Service
TroubleShooting as a ServiceTroubleShooting as a Service
TroubleShooting as a ServiceSagi Brody
 

Plus de Sagi Brody (8)

Automated Ransomware Recovery for Full Cyber Protection
Automated Ransomware Recovery for Full Cyber ProtectionAutomated Ransomware Recovery for Full Cyber Protection
Automated Ransomware Recovery for Full Cyber Protection
 
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...
Enabling Limitless Connectivity, Opportunity and Growth with Interconnection ...
 
Pulling Back the Cloud Curtain
Pulling Back the Cloud CurtainPulling Back the Cloud Curtain
Pulling Back the Cloud Curtain
 
Why Managed Service Providers Should Embrace Container Technology
Why Managed Service Providers Should Embrace Container TechnologyWhy Managed Service Providers Should Embrace Container Technology
Why Managed Service Providers Should Embrace Container Technology
 
Multi-Layer DDoS Mitigation Strategies
Multi-Layer DDoS Mitigation StrategiesMulti-Layer DDoS Mitigation Strategies
Multi-Layer DDoS Mitigation Strategies
 
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider DisciplineTroubleshooting: A High-Value Asset For The Service-Provider Discipline
Troubleshooting: A High-Value Asset For The Service-Provider Discipline
 
Managing Remote Operation Teams
Managing Remote Operation TeamsManaging Remote Operation Teams
Managing Remote Operation Teams
 
TroubleShooting as a Service
TroubleShooting as a ServiceTroubleShooting as a Service
TroubleShooting as a Service
 

Dernier

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Dernier (20)

How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

Ransomware-Recovery-as-a-Service

  • 2. Topics • Why Disaster-Recovery-as-a-Service (DRaaS) at a security open house? • How does DRaaS turn into RRaaS (Ransomware-Recovery-as-a-Service) • How do I use DRaaS to improve production security? • How do we leverage new technology to automate it? • How does it all change in a Hybrid IT world?
  • 3. DDoS & Cyberattack - 2017 FUD • 2017 Global Ransomware damage exceeds $5B. Up from $325M in 2015 • 35% increase in # of attacks per target, Q1 to Q3 2017* • 55% increase in attacks >10Gbps* • 20+ reflection vectors with 600x1 amplification (CLDAP newest) • EternalRed/SambaCry *nix server exploit • Repear sleeper BotNet: 9 exploits in D-link, Linksys… (Mirai 2.0) • DDoS being used as a distraction for Cybersecurity *Corero DDoS Trends Report 2017
  • 4. Ransom DDoS (RDoS) We are Armada Collective. If you haven heard for us, use Google. Recently, we have launched some of the largest DDoS attacks in history. Check this out, for example: https://twitter.com/optucker/status/665470164411023360 (and it was measured while we were DDoS-ing 3 other sites at the same time) We will start DDoS-ing your network if you don't pay 20 Bitcoins @ 14sJhJTVzQBAhZ4a8o2BCb1LufxoZ7UpAT by Monday Right now we will start small 30 minutes UDP attack on your site's IP: xx.xx.xx.xx. It will not be hard, just to prove that we are for real Armada Collective. Check your logs. If you don't pay by Friday, massive attack will start, price to stop will increase to 40 BTC and will go up 2 BTC for every hour of attack. In addition, we will be contacting affected customers to explain why they are down and recommend them to move to OVH. We will do the same on social networks Our attacks are extremely powerful - sometimes over 1 Tbps per second. Prevent it all with just 20 BTC @ 14sJhJTVzQBAhZ4a8o2BCb1LufxoZ7UpAT Do not reply, we will not read. Pay and we will know its you. AND YOU WILL NEVER AGAIN HEAR FROM US! AAnd nobody will ever know you cooperated.
  • 5. Ransomware: Proactive solutions are not enough Full Cyber & Business Continuity Protection Proactive Reactive Threat monitoring & mitigation Disaster Recovery & IT Resiliency Orchestration
  • 6.
  • 7.
  • 8.
  • 9.
  • 10. Webair Disaster-Recovery-as-a-Service Platforms: • Vmware, HyperV • Physical Servers • Native HCI platforms • IBM iSeries, AIX, Mainframe (i, P, Z) • Native storage replication (Nimble, NetApp Snap Mirror, EMC, Object) Features: • Fully Managed Failover AND Failback • Fully Managed Quarterly testing with reporting • 72 hours per month of DR environment usage included • 30 Day Journal history • Synchronous 15 minute RPO SLA, 1 Hour RTO SLA • Portal Access with on-demand testing, and spin up • Application specific failover • Automated runbook creation, including scripting, network automation, 3rd party APIs
  • 11. Webair Disaster-Recovery-as-a-Service Cost Metrics: • Per Server per month • Storage used per month • No transfer charges • No operation charges • No declaration fee
  • 12. Disaster-Recovery-as-an-entry-point • Recovery infrastructure is often ignored until needed • Forcing a DR failover event can expose new attack vectors • DR site security not on-par with production • MSSP monitoring at recovery site? • Asset, Vulnerability, Penetration testing of DR site?
  • 13.
  • 14. Improve Production Security • MSSP full accountability • Consistent security & technology • Reference Architecture: • Replica of production @DR • SIEM @ DR • DRaaS API & Automation • Free Usage of recovery infrastructure • Enhanced Security: • Replica for DLP, asset & vulnerability scanning, penetration testing • Reduce production vulnerability exposure time • Reduce time to remediation
  • 15. “Usable” Ransomware Recovery • Application specific failover & failback • Is it easier than paying off the ransom? • DRaaS and RRaaS is not about replicating data, its about the network.
  • 16. DR Network Automation & Exposure Traditional Methods: • MPLS, VPN, cross connects • Internal & external route injection (iBGP/eBGP, static…) • DNS • Double-NAT • L2 Stretch.. • More dirtiness Security Implications: • All security related change control must be matched at DR (ACLs..) • DR-Site must be considered standalone “branch office” • DR-Site requires feature parity to support security platforms • Solid/Proper Security & DR scenario may require major changes to production (re-IP)
  • 17. DR Networking & Security: A better way Using Software-Defined Perimeter tools for DRaaS automation • i.e: AppGate, ScaleFT, NSX • Enforces Zero-Trust security models across organization • Abstracts security control from network architecture • Policy based, global security • Provides software-defined controller for automation
  • 18. DR Networking & Security: A better way SDP for Disaster Recovery • Policy based failover & failback between production/DR • No traditional network changes required to failover/back • Network team not required for proper DR configuration • Security guaranteed to be same at DR site • Requirement: • Organization must utilize the SDP software • DRaaS provider/infrastructure must support • 1+1 = 3
  • 19. DR Networking & Security: Public Fabric
  • 20. DR Networking & Security: Fabric Fabric for Disaster Recovery • Automated capacity increases to recovery site via API • Follows your infrastructure • Easy traffic segmentation: • Replication traffic • Easy traffic segmentation via multiple VXCs • Dangerous L2 stretch only enabled at recovery time (l2 overlap) • Part of IT Resilience Orchestration
  • 22. Hybrid IT: New Disruption Opportunities • Non-traditional Prod/DR • “Production” in SaaS • Internet connectivity more important • Hyperscale on-ramp • IoT phone-home to SaaS • Hosted Voice & SIP • 3rd parties being attacked • Cohesive Security Policies
  • 23.
  • 24. Direct Access Cloud • Cloud infrastructure privately connected to customer environments • Cloud infrastructure which is local, low-latency, data-sovereign • Predictable performance • Utilize organization’s existing security policies and devices • “Air-Gapped” cloud infrastructure • Single point accountability • Single network & security integration • “Workloads’s best interest at heart” • Match Hyperscale counterparts, i.e. AzureStack
  • 26. • Tier 3 rated, SOC1, SOC2, FISMA, CJIS, HIPAA, PCI-DSS, NYS DFS 500, Open-IX Compliance • 400 Cabinet capacity, up to 8MW Power • 3 Generators on-site with 7+ days worth of fuel on-site • Hyperscale on-ramp on premises (AWS, Azure, Google) • DDoS monitoring and mitigation on-premises • Eco-system of managed services on-premises • Provides native transport services to all NY metro offices and data centers • Tax-Exempt and Hydro-Electric “green” power allocation from NYPA • Outside 25 mile NYC “blast zone” with Manhattan Bypass fiber routes • BCDR seats on-premises • LIRR train station on-premises Webair NY1
  • 27. THANK YOU Gartner Notable Vendor Magic Quadrant Disaster-Recovery-as-a-Service, 2017 Market Guide for IT Resiliency Orchestration, 2017 Hype Cycle for Cloud Security, 2017 Hype Cycle for Business Continuity Management and IT Resilience, 2017