Apani Ov V9

707 vues

Publié le

EpiForce Protecting Personal Data

  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Apani Ov V9

  1. 1. … ..Protecting Your Data
  2. 2. Apani Security <ul><li>“ Apani delivers security software protecting sensitive data from internal and external intruders.” </li></ul>
  3. 3. About Apani <ul><li>Global Company </li></ul><ul><ul><li>Headquartered: Southern California </li></ul></ul><ul><ul><li>Offices in United States, United Kingdom and Japan </li></ul></ul><ul><li>Company Founded 2003, Privately Funded </li></ul><ul><ul><li>Takahara Group, Tokyo, Japan </li></ul></ul><ul><li>Strong Security Software Experience </li></ul><ul><ul><li>Hughes Aircraft </li></ul></ul><ul><ul><li>Developed VPN software for Nortel & Cisco </li></ul></ul><ul><li>Citigroup, Inc. First Major Enterprise Customer </li></ul>
  4. 4. <ul><li>Security Solution Provider </li></ul><ul><ul><li>Enterprise wide security software company </li></ul></ul><ul><ul><li>Professional Services </li></ul></ul><ul><ul><li>24/7 Technical Support </li></ul></ul>About Apani <ul><li>Market Focus </li></ul><ul><ul><li>Retail </li></ul></ul><ul><ul><li>Healthcare </li></ul></ul><ul><ul><li>Financial Services </li></ul></ul><ul><ul><li>Public Sector </li></ul></ul>
  5. 5. The Apani Solution <ul><ul><li>Support for heterogeneous environments </li></ul></ul><ul><ul><li>Enterprise wide and centrally managed </li></ul></ul><ul><ul><li>Software based network segmentation </li></ul></ul><ul><ul><li>Deploy over existing network infrastructure </li></ul></ul><ul><ul><li>Physical and virtual machines </li></ul></ul><ul><ul><li>Identity based access and control </li></ul></ul><ul><ul><li>Transparent to both users and applications </li></ul></ul><ul><ul><li>Protect against insider and outsider threats </li></ul></ul><ul><ul><li>Encrypt data-in-motion </li></ul></ul><ul><ul><li>Meet compliance mandates </li></ul></ul>
  6. 6. Financial Services Success <ul><li>Citigroup, Inc., Global financial services company </li></ul><ul><ul><li>provides consumers, corporations, governments, and institutions with a range of financial products and services </li></ul></ul><ul><ul><li>200 million customer accounts and operates in approximately 140 countries </li></ul></ul><ul><li>First major enterprise customer </li></ul><ul><li>PCI – DSS compliance </li></ul><ul><li>Security implementation: “Details are proprietary to Citi” </li></ul>
  7. 7. Health Care Success <ul><li>Pennsylvania School of Medicine </li></ul><ul><ul><li>Oldest and one of the finest </li></ul></ul><ul><ul><li>3 hospitals with over 1500 beds </li></ul></ul><ul><li>PCI – DSS compliance </li></ul><ul><li>Encrypt data in motion </li></ul><ul><li>Server segmentation </li></ul><ul><li>Central management in a heterogeneous environment </li></ul>
  8. 8. Public Sector Success <ul><li>Staffordshire Police </li></ul><ul><ul><li>Staffordshire, England </li></ul></ul><ul><ul><li>Employs 4500 personnel </li></ul></ul><ul><li>350 servers and 2500 workstations </li></ul><ul><li>CoCo compliance, United Kingdom </li></ul><ul><li>Support legacy applications </li></ul><ul><li>Encrypt data in motion for LAN and WAN </li></ul><ul><li>Server segmentation </li></ul>
  9. 9. Retail Success <ul><li>Financial services company providing credit card, insurance, and banking services worldwide </li></ul><ul><ul><li>Canadian Tire Corporation, Ltd has more than 475 stores across Canada </li></ul></ul><ul><ul><li>CTFS is financial services arm of Canadian Tire Corporation, Ltd </li></ul></ul><ul><li>Managing 5 million credit card accounts </li></ul><ul><ul><li>The Options MasterCard accepted at 24 million locations worldwide </li></ul></ul><ul><li>PCI – DSS compliance </li></ul><ul><li>Encrypt data in motion </li></ul><ul><li>Server segmentation </li></ul><ul><li>Central management in a heterogeneous environment </li></ul>
  10. 10. Retail Success <ul><li>UK luxury department store </li></ul><ul><ul><li>Landmark Knightsbridge department store, one of London's biggest attractions </li></ul></ul><ul><ul><li>Signature shops in airports and department stores in Asia and Europe </li></ul></ul><ul><li>PCI – DSS compliance </li></ul><ul><li>Encrypt data in motion </li></ul><ul><li>Server segmentation </li></ul><ul><li>Central management in a heterogeneous environment </li></ul>
  11. 11. … ..EpiForce Technical Overview
  12. 12. Apani Product Overview <ul><ul><li>EpiForce – Apani Security Software Solution </li></ul></ul><ul><ul><li>EpiForce includes: </li></ul></ul><ul><ul><ul><li>Encryption of data-in-motion </li></ul></ul></ul><ul><ul><ul><li>Network security segmentation </li></ul></ul></ul><ul><ul><ul><li>Identity based access </li></ul></ul></ul><ul><ul><ul><li>Central security management </li></ul></ul></ul>
  13. 13. EpiForce Architecture <ul><li>Flexible, granular policy </li></ul><ul><ul><li>User- and host-based network access control </li></ul></ul><ul><ul><li>Network layer implementation </li></ul></ul><ul><li>Distributed, failover protection </li></ul><ul><ul><li>No single point of failure </li></ul></ul><ul><ul><li>No bottlenecks </li></ul></ul><ul><li>Secure, standards-based </li></ul><ul><ul><li>IPSec, X.509v3 </li></ul></ul><ul><ul><li>3DES, 128/256 bit AES </li></ul></ul><ul><ul><li>FIPS 140.2 level 1 </li></ul></ul><ul><li>Highly scalable </li></ul><ul><ul><li>On-demand policy distribution </li></ul></ul><ul><ul><li>Up to 300,000 agents </li></ul></ul><ul><li>Interoperability </li></ul><ul><ul><li>Supports AIX, HP-UX, Linux, Solaris, VMware, Windows and legacy platforms </li></ul></ul>
  14. 14. <ul><li>Software Agent integrated with host TCP/IP stack </li></ul><ul><li>Communicates with admin server to update and monitor host security policies </li></ul><ul><li>Authenticates hosts via X.509v3 certificates </li></ul><ul><li>Mediates all inbound and outbound network access </li></ul>Software Agents User Space Kernel Space Physical Link IP TCP Application Key Manager IKE Negotiation Manager Cryptographic Engine <ul><li>Access Control </li></ul><ul><li>Authentication </li></ul><ul><li>Confidentiality </li></ul><ul><li>Integrity </li></ul>Security Policy Manager
  15. 15. Security Zones <ul><li>Zones are configured to create security policies </li></ul><ul><li>Zones bring lists of Agents or users together with rules (clear, deny or protect) and ports </li></ul><ul><li>There are three zone types in priority order: </li></ul><ul><ul><li>Client/Server Zones </li></ul></ul><ul><ul><li>Internal Access Zones </li></ul></ul><ul><ul><li>External Access Zones </li></ul></ul><ul><li>Zones overlay existing security architecture </li></ul>
  16. 16. EpiForce Deployment Scenarios <ul><li>Network segmentation into security zones </li></ul><ul><li>Partner & outsource isolation </li></ul><ul><li>Encrypt data in motion </li></ul><ul><li>Virtualization </li></ul><ul><li>Identity based access </li></ul>
  17. 17. <ul><li>Security zones provide defense in depth </li></ul><ul><li>Real time policy management </li></ul><ul><li>Host-based access control </li></ul><ul><li>Authenticate, authorize, administer and audit </li></ul>Network Segmentation
  18. 18. Contractor with VPN Firewall/VPN Windows/Citrix Terminal Server Contractor Isolation <ul><li>Single EpiForce Agent on the server can control multiple remote users and their security policies </li></ul><ul><li>Mitigates the risk of unauthorized access to critical data </li></ul>
  19. 19. <ul><li>Highly effective, low-overhead encryption engine </li></ul><ul><li>Selective encryption at the port level </li></ul><ul><li>Secure legacy applications without rewrites </li></ul><ul><li>Industry-standard, strong encryption </li></ul><ul><li>Policy persistence with migration </li></ul>Encrypt Data in Motion
  20. 20. Virtualization <ul><li>Manage virtual and physical environments </li></ul><ul><li>No bottle neck or single point of failure </li></ul><ul><li>Support for VMotion </li></ul><ul><li>Protect communication between virtual machines on same ESX host </li></ul><ul><li>No impact on current architecture </li></ul>
  21. 21. Identity Based Access <ul><li>Network access control based on identity </li></ul><ul><ul><li>Policy follows user </li></ul></ul><ul><ul><li>Flexible & dynamic </li></ul></ul><ul><ul><li>Data invisible to unauthorized users, reducing risk </li></ul></ul><ul><ul><li>Central management of security policies </li></ul></ul><ul><ul><li>Audit user activity </li></ul></ul>Contractors Partners Employees HR Finance Test Portal Sales Marketing
  22. 22. EpiForce Feature Summary <ul><li>Uses industry standard cryptographic protocols to secure Agents and network data </li></ul><ul><li>Automates all cryptographic tasks, for example, certificate renewals and key creation </li></ul><ul><li>Provides selective data protection for data on the corporate network </li></ul><ul><li>Manages network security for all VMs within a host as well as between hosts. </li></ul><ul><li>Implements identical network security policies on both virtual and physical systems transparently </li></ul>
  23. 23. The Ideal Security Solution <ul><li>Easier to deploy than hardware based security products </li></ul><ul><li>Investment protection of legacy applications </li></ul><ul><li>Lower cost of ownership </li></ul><ul><ul><li>100% software based </li></ul></ul><ul><ul><li>Easily maintained </li></ul></ul><ul><ul><li>Limited training </li></ul></ul><ul><li>Scalability </li></ul><ul><ul><li>Accommodates growth </li></ul></ul><ul><ul><li>Adapts to changes in the network infrastructure </li></ul></ul><ul><ul><li>Virtual and physical environments </li></ul></ul><ul><li>Promotes green IT </li></ul><ul><ul><li>Install on existing servers and desktops </li></ul></ul><ul><ul><li>Added security without adding to the footprint </li></ul></ul>A Solution Backed by a Company with a Passion for Client Satisfaction

×