SlideShare une entreprise Scribd logo

An introduction to Unified Threat Management (UTM), for Dummies

Télécharger en tant que PPTX, PDF
Elsa Cariello
Elsa Cariello

This document provides an introduction to Unified Threat Management (UTM). It discusses how traditional network security approaches using standalone appliances are inadequate to address today's dynamic threat landscape. UTM offers a consolidated solution, integrating firewall, intrusion prevention, antivirus, web filtering, and other functions into a single device. This improves visibility, management, and performance while lowering costs compared to maintaining separate products. UTM enables organizations to securely enable access and applications while adapting security policies to new threats and network changes.

Technologie
1  sur  25
An introduction to Unified Threat Management (UTM) http://bit.ly/CARMcloud
The Security Challenge • Today’s networking environment and threat landscape are changing constantly — new devices, applications, and threats appear almost daily • Organizations of all sizes struggle to enable secure access for users on the latest mobile devices while blocking the latest threats hidden inside application traffic from social media sites. It’s a tough fight! http://bit.ly/CARMcloud
The need for Consolidated Network Security • In today’s increasingly mobile world, networks change constantly. New services, access methods, and even devices continue to show up in networks at a frenetic pace • As a result, organizations of all sizes face challenges in maintaining control over network and security policies • Unfortunately, many organizations continue to take a traditional approach to network security in spite of changing software, devices, and user habits. Such a traditional approach cannot adapt to the latest trends and leaves organizations vulnerable to today’s threats • To keep up with the constant change, organizations of all sizes must adopt a different approach http://bit.ly/CARMcloud
The Good More and Better Network Access • The evolution and incredible proliferation of networking and security technology has produced many benefits: – Today, remote users can access corporate data inside a firewall using any device with a network connection – Every day, the number of applications is exploding; exploiting the internet’s speed and always-on access makes it trivial to deliver content to end-users – Today’s applications deliver better access to back-end and internal data resources, which has enabled tremendous leaps in productivity among employees, partners, vendors, and customers – Delivery models have also evolved, from traditional ‘on premise’ applications inside a network, towards cloud-based hosted application services – The growing use of social media in everyday business practices reflects a profound change in where and how potential customers, partners, and agencies gather data, influence buying decisions, and build brand awareness http://bit.ly/CARMcloud
The Good What’s the impact? • A lot of good things have happened on corporate networks, and a lot of those things involve new technologies and new uses for existing systems and information assets • But these changes also add to the burden of maintaining security and require forward thinking to ensure that levels of protection and security keep up with new uses, new forms of access, and new forms of communication http://bit.ly/CARMcloud
The Bad • The ongoing application explosion means that new apps show up and run on systems and devices on organizational networks every day • Too often, such applications fly under the radar of network administrators and appear without planning, proper licensing, or even informed consent • Worse, such applications can potentially inundate those networks on which they appear with unknown, questionable, or even outright malicious content http://bit.ly/CARMcloud
Why is this an issue? • Traditional firewalls cannot detect these new applications; they rely on port numbers or protocol identifiers to recognize and categorize network traffic and to enforce policies related to such traffic • Apps that use specific port numbers or protocols make it easy for network administrators to block unwanted traffic, but browser-based applications often use only two port numbers, each associated with a protocol vital to user productivity and responsible for the bulk of Internet traffic today • This means that all traffic from browser-based apps looks exactly the same to traditional firewalls; they can’t differentiate between applications, so there is no easy way to block bad, unwanted, or inappropriate programs whilst permitting desirable or necessary apps to proceed unhindered http://bit.ly/CARMcloud
Examples of the impact • Exposure to malicious content – User-created content encompasses a wide range of threats, such as malware or links to malicious sites that could compromise user systems or even entire networks – Common risks include links to malicious sites where visitors are subject to drive-by downloads • Unwanted bandwidth consumption – Bandwidth-intensive web-based applications such as YouTube can clog networks and impede delivery of business-critical content – File-sharing applications can bog down networks because of large file sizes and the sheer number of files being swapped • Exposure to data leakage – Apps that can accommodate outbound file attachments can permit employees to (perhaps unwittingly) export sensitive, confidential or protected information outside organizational boundaries and controls – This can incur potential civil and criminal liabilities, as well as loss of customer trust and brand equity http://bit.ly/CARMcloud
And The Ugly • Online crime is an ever-increasing part of the threat landscape. Beyond the threats of damage or data loss from malware, professional criminals have gone online to ply their unsavoury trades • Corporations, institutions, government agencies, and other large organizations can fall prey to various kinds of cyberwarfare, that aim to steal information, transfer funds, or perform other illicit activities http://bit.ly/CARMcloud
Botnets • One of the ugliest elements of this side of the online universe is botnets • A bot is an individual computer that has been compromised with malware that takes instructions from a criminal. Each such computer is called a bot and collections of such computers are called botnets • Some common forms of attack include: – Phishing-based attack – credentials are stolen or additional victims claimed. Phishing can open the door to network penetration and compromise – Search Engine Optimization (SEO) attack – gaming search engines to include malicious sites high in page rankings. Victims search for a popular term and land on the malicious site unknowingly. This can also open the door to network penetration and compromise – Compromised legitimate websites - this can happen in various ways without detection by the site operator. For example, ads being served by a third party that redirect visitors to malicious sites, injecting malicious code into the site itself, or replacing legitimate HTML code with code that contains malware – Internal infections - this is often achieved by using an auto-run function, once the device is introduced to a network. However, some botnets can infect legitimate files on mobile devices that are executed on-demand by victims http://bit.ly/CARMcloud
Traditional firewalls can’t keep up with today’s threats • Because network traffic is so heavily web- and application- based, the ability of legacy security technologies to protect internal networks is increasingly challenged, to say the least • Attacks have become more frequent and more serious. Every day new attacks are designed to avoid detection and come up with more and better ways to steal our information • As attacks and their consequences become more dangerous and costly, organizations are learning to their dismay that their existing security infrastructures can’t keep up • Traditional firewalls and security appliances have lost their ability to block such traffic, which means prevailing tools and technologies can’t prevent the worst and most nefarious attacks from affecting or damaging networks http://bit.ly/CARMcloud
Inadequate Protection (at Best) • One of the first and most basic lines of network defence is a firewall, a device that inspects inbound and out-bound traffic on a network • Firewalls were the first widely deployed network security technology when internet use really began in earnest. The firewall’s job is to inspect traffic and decide what is allowed to go from outside to inside, and from inside to outside • But network traffic has changed vastly in the last decade, and a great proportion is now web-based • Because of the commingling of modern application traffic with everyday web access, traditional port-based firewalls have essentially become blind to the most common type of network traffic • This means: – They cannot distinguish different types of traffic that use the same port – They cannot detect applications that tunnel inside other applications – They cannot see inside encrypted packets – They can’t even block sneaky rogue applications that use nonstandard port numbers http://bit.ly/CARMcloud
Evolving firewall technology still can’t keep up • As simple rules for filtering traffic in a firewall proved to be too permissive, firewall vendors deployed new technology to stay abreast of the changing threat landscape • One important advance was the development of a proxy server, which sits transparently on the network and checks all packets for policy compliance before forwarding them • Various other security protocols were also developed to distinguish legitimate communications from suspicious or malicious types of connections, allowing only packets that corresponded to a valid, recognized, active connection between a client and server and rejecting everything else • In spite of these advances, firewalls could not stop the evolving threats. With each new firewall technology, the hackers devised new evasion techniques. New threats simply slipped through legacy firewalls and headed right onto the trusted network, attacking clients and servers with gusto and abandon • Network security vendors sought to fight back by creating new technologies to fight the new threats http://bit.ly/CARMcloud
From Firewalls to Stand-alone Products • Over time, as the threat landscape evolved, organizations began adding specialized or stand-alone security devices to their infrastructures, with the intention of providing workarounds to the limitations of traditional firewalls • Each device addresses a specific threat: One appliance provides malware screening, and another provides content filtering of websites and traffic. Still others detect and block intrusions, or add spam filtering and e-mail message handling. Put them all together on a network, and you could have half a dozen or more appliances, each inspecting the stream of traffic moving across the network • All of these devices were designed to improve a network’s security by adding functionality missing from the firewall. However, a patchwork of stand-alone technologies can have the opposite effect on network visibility as well as performance. They don’t talk to each other easily (if at all). They lack central management and monitoring because each product operates on its own. Plus, data from individual devices isn’t aggregated to create a complete or holistic view http://bit.ly/CARMcloud
Examples of Stand-alone Security Appliances Here are some examples of typical stand-alone security appliances that are deployed in a network: • Virtual private network (VPN): Uses special protocols to move information across the Internet securely • Data loss prevention (DLP): Looks for confidential, proprietary, or regulated data leaving the network. It can stop wholesale loss of proprietary data, as well as small scale accidental losses • Intrusion prevention system (IPS): Acts as a network’s watchdog, looking for patterns of network traffic and activity, and recording events that may affect security • Content filtering technologies: These devices block traffic to and/or from a network by IP address, domain name/URL, type of content or payload http://bit.ly/CARMcloud
The reality of using Stand- alone security appliances • There are several implications of the use of stand- alone security appliances, namely: – Multiple devices create a performance hit – Reduced network visibility – Total Cost of Ownership is far too high • The benefits of moving away from this approach include: – An integrated and holistic view of network security – Optimal TCO – Minimal latency impact http://bit.ly/CARMcloud
Finding a way out… • Many organizations want to find a way out of the expensive, labour-intensive, unsecure, and chaotic mess of traditional firewalls supplemented with multiple stand- alone security technologies • Unified Threat Management (UTM) is the approach that many organizations have adopted to improve visibility and control of their network security while lowering complexity of their networks • UTM creates an environment in which all network security falls beneath a single, consistent technology umbrella • UTM enables the consolidation of all traditional as well as next-generation firewalls into a single device http://bit.ly/CARMcloud
Stepping up to UTM • UTM represents a significant shift in the evolution of network security technology and equipment • UTM generally refers to a security appliance that consolidates a wide range of essential network security functions into a single device, including next-generation firewall technologies like application control • As network threats evolve and new threats emerge, network security must change and adapt to protect against such threats. This adaptability can make UTM difficult to define because the technologies included can vary from vendor to vendor • Over time, however, the collection of capabilities associated with UTM has consistently expanded, and this trend shows no sign of tapering off http://bit.ly/CARMcloud
UTM – bringing order to chaos The best UTM solutions include the following core security functions: • Network firewalls perform stateful packet inspection • IPS detects and blocks intrusions and certain attacks • Application control provides visibility and control of application behaviour and content • VPN enables secure remote access to networks • Web filtering halts access to malicious, inappropriate, or questionable websites and online content • IPv6 support in all network security functions protects networks as they migrate from IPv4 to IPv6 • Support for virtualized environments, both virtual domains and virtual appliances http://bit.ly/CARMcloud
Additional technologies UTM solutions may also include additional security technologies that organizations can choose to deploy, including: • Data loss prevention that blocks accidental or intentional loss of confidential, proprietary, or regulated data • Anti-malware/anti-spam protection that prevents malicious payloads or unwanted messages from entering networks • Endpoint control that enforces corporate security policies with remote users and devices http://bit.ly/CARMcloud
Flexible, Future-Ready and Powerful • UTM delivers a flexible, future-ready solution to meet the challenges of today’s networking environments • Not every organization is going to deploy every technology included in a UTM device; in fact, most do not, but a UTM gives an organization the ability to deploy as many or as few technologies as it needs, when and where it needs them • The best UTM solutions employ a simple licensing model that includes all technologies, eliminating the need to purchase additional modules or to count users as an organization’s security requirements change over time • UTM delivers a versatile, powerful solution to meet the challenges of today’s most complex networking environment. It overcomes shortcomings of non-integrated, legacy systems built around traditional firewalls and individual, stand-alone appliances and software http://bit.ly/CARMcloud
UTM – Significant Advantage • One significant advantage UTM devices have over legacy firewalls (combined with multiple appliances), is integrated management. The “single pane of glass” management console of UTM provides a consolidated management interface with ready access to all configurations, management, and monitoring functions • This is especially useful when it comes to seeing and reacting to combinations of events that represent a sophisticated attack. This reduces the likelihood of common failings from traditional systems, including failure to notice an incident or event, failure to act in a timely fashion, and failure to maintain compliance and audit controls http://bit.ly/CARMcloud
UTM – Other Business Advantages There are many other significant advantages to UTM, namely: • Cost effectiveness – driven by consolidation of network and security management • Improved awareness • Reduced ‘false sense of security’ • Accelerated processing speeds-up business • Ability to keep pace with the changing threat landscape http://bit.ly/CARMcloud
UTM delivers a flexible, future- ready solution to meet the challenges of today’s networking environments. For a more detail on all of the topics covered in this summary, please download our free e- book: Unified Threat Management for Dummies http://bit.ly/CARMcloud
Thank-you

Recommandé

UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)military
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
unified threat management by Nisha Menon K
unified threat management by Nisha Menon K unified threat management by Nisha Menon K
unified threat management by Nisha Menon KNisha Menon K
 
Sophos Utm Presentation 2016
Sophos Utm Presentation 2016Sophos Utm Presentation 2016
Sophos Utm Presentation 2016InformatikaFortuno
 
Utm (unified threat management) security solutions
Utm (unified threat management) security solutionsUtm (unified threat management) security solutions
Utm (unified threat management) security solutionsAnthony Daniel
 
Network security
Network security Network security
Network securityVikas Jagtap
 
Preparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless ProtectionPreparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless ProtectionSophos
 
Android Firewall project
Android Firewall projectAndroid Firewall project
Android Firewall projectKarunakar Singh Thakur
 

Recommandé

UTM (unified threat management)
UTM (unified threat management)UTM (unified threat management)
UTM (unified threat management)military
 
UTM Unified Threat Management
UTM Unified Threat ManagementUTM Unified Threat Management
UTM Unified Threat ManagementLokesh Sharma
 
unified threat management by Nisha Menon K
unified threat management by Nisha Menon K unified threat management by Nisha Menon K
unified threat management by Nisha Menon KNisha Menon K
 
Sophos Utm Presentation 2016
Sophos Utm Presentation 2016Sophos Utm Presentation 2016
Sophos Utm Presentation 2016InformatikaFortuno
 
Utm (unified threat management) security solutions
Utm (unified threat management) security solutionsUtm (unified threat management) security solutions
Utm (unified threat management) security solutionsAnthony Daniel
 
Network security
Network security Network security
Network securityVikas Jagtap
 
Preparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless ProtectionPreparing Your School for BYOD with Sophos UTM Wireless Protection
Preparing Your School for BYOD with Sophos UTM Wireless ProtectionSophos
 
Android Firewall project
Android Firewall projectAndroid Firewall project
Android Firewall projectKarunakar Singh Thakur
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Sophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionSophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionGiovanni Giovannelli
 
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellAll about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellHishan Shouketh
 
Unified Threat Management Vs Next-Gen Firewall: What's the difference?
Unified Threat Management Vs Next-Gen Firewall: What's the difference?Unified Threat Management Vs Next-Gen Firewall: What's the difference?
Unified Threat Management Vs Next-Gen Firewall: What's the difference?Seqrite
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT securitySophos Benelux
 
What's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecurityWhat's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecuritySophos Benelux
 
Firewalls
FirewallsFirewalls
FirewallsJyoti Akhter
 
E firewalls
E firewallsE firewalls
E firewallsAbhiroop Ghatak
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版Ploynatcha Akkaraputtipat
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Sophos Benelux
 
Cyberoam Firewall Presentation
Cyberoam Firewall PresentationCyberoam Firewall Presentation
Cyberoam Firewall PresentationManoj Kumar Mishra
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Lecture 4 firewalls
Lecture 4 firewallsLecture 4 firewalls
Lecture 4 firewallsrajakhurram
 
Firewalls
FirewallsFirewalls
FirewallsAkhil Sharma
 
Firewalls
FirewallsFirewalls
FirewallsIGZ Software house
 
Supply Chain Attack Backdooring Your Networks
Supply Chain Attack Backdooring Your Networks Supply Chain Attack Backdooring Your Networks
Supply Chain Attack Backdooring Your Networks Bangladesh Network Operators Group
 
Firewalls
FirewallsFirewalls
Firewallsvaishnavi
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 
Firewalls
FirewallsFirewalls
FirewallsShreya Singireddy
 
Unified Threat Management
Unified Threat ManagementUnified Threat Management
Unified Threat ManagementMilan Petrásek
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationyogendrasinghchahar
 

Contenu connexe

Tendances

Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsAnthony Daniel
 
Sophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionSophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionGiovanni Giovannelli
 
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellAll about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellHishan Shouketh
 
Unified Threat Management Vs Next-Gen Firewall: What's the difference?
Unified Threat Management Vs Next-Gen Firewall: What's the difference?Unified Threat Management Vs Next-Gen Firewall: What's the difference?
Unified Threat Management Vs Next-Gen Firewall: What's the difference?Seqrite
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT securitySophos Benelux
 
What's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecurityWhat's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecuritySophos Benelux
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Sophos Benelux
 
Cyberoam Firewall Presentation
Cyberoam Firewall PresentationCyberoam Firewall Presentation
Cyberoam Firewall PresentationManoj Kumar Mishra
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentationgaurav96raj
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewallsMurali Mohan
 
Lecture 4 firewalls
Lecture 4 firewallsLecture 4 firewalls
Lecture 4 firewallsrajakhurram
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slidesrahul kundu
 

Tendances (20)

Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
 
Sophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser ProtectionSophos Next-Generation Enduser Protection
Sophos Next-Generation Enduser Protection
 
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshellAll about Firewalls ,IPS IDS and the era of UTM in a nutshell
All about Firewalls ,IPS IDS and the era of UTM in a nutshell
 
Unified Threat Management Vs Next-Gen Firewall: What's the difference?
Unified Threat Management Vs Next-Gen Firewall: What's the difference?Unified Threat Management Vs Next-Gen Firewall: What's the difference?
Unified Threat Management Vs Next-Gen Firewall: What's the difference?
 
The next generation of IT security
The next generation of IT securityThe next generation of IT security
The next generation of IT security
 
What's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized SecurityWhat's cooking at Sophos - an introduction to Synchronized Security
What's cooking at Sophos - an introduction to Synchronized Security
 
Firewalls
FirewallsFirewalls
Firewalls
 
E firewalls
E firewallsE firewalls
E firewalls
 
Sangfor ngfw 修订版
Sangfor ngfw 修订版Sangfor ngfw 修订版
Sangfor ngfw 修订版
 
Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014Security: more important than ever - Sophos Day Belux 2014
Security: more important than ever - Sophos Day Belux 2014
 
Cyberoam Firewall Presentation
Cyberoam Firewall PresentationCyberoam Firewall Presentation
Cyberoam Firewall Presentation
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Network security and firewalls
Network security and firewallsNetwork security and firewalls
Network security and firewalls
 
Lecture 4 firewalls
Lecture 4 firewallsLecture 4 firewalls
Lecture 4 firewalls
 
Firewalls
FirewallsFirewalls
Firewalls
 
Firewalls
FirewallsFirewalls
Firewalls
 
Supply Chain Attack Backdooring Your Networks
Supply Chain Attack Backdooring Your Networks Supply Chain Attack Backdooring Your Networks
Supply Chain Attack Backdooring Your Networks
 
Firewalls
FirewallsFirewalls
Firewalls
 
Introduction of firewall slides
Introduction of firewall slidesIntroduction of firewall slides
Introduction of firewall slides
 
Firewalls
FirewallsFirewalls
Firewalls
 

En vedette

Unified Threat Management
Unified Threat ManagementUnified Threat Management
Unified Threat ManagementMilan Petrásek
 
How to join the twitter chat with Druva
How to join the twitter chat with Druva How to join the twitter chat with Druva
How to join the twitter chat with Druva Elsa Cariello
 
Smarter social enterprise
Smarter social enterpriseSmarter social enterprise
Smarter social enterpriseElsa Cariello
 
Exclusive Group is Recruiting!
Exclusive Group is Recruiting!Exclusive Group is Recruiting!
Exclusive Group is Recruiting!Elsa Cariello
 
Unified Threat Management Solutions
Unified Threat Management SolutionsUnified Threat Management Solutions
Unified Threat Management SolutionsKelvin Charles
 
Információbiztonság: IT biztonságtechnikai közbeszerzések
Információbiztonság: IT biztonságtechnikai közbeszerzésekInformációbiztonság: IT biztonságtechnikai közbeszerzések
Információbiztonság: IT biztonságtechnikai közbeszerzésekS&T Consulting Hungary
 
Belsoegesű motorok általános
Belsoegesű motorok általánosBelsoegesű motorok általános
Belsoegesű motorok általánosCsongor Kiss
 
Young Enterprise Day 2014 – Palo Alto Networks: az újgenerációs tűzfal
Young Enterprise Day 2014 – Palo Alto Networks: az újgenerációs tűzfalYoung Enterprise Day 2014 – Palo Alto Networks: az újgenerációs tűzfal
Young Enterprise Day 2014 – Palo Alto Networks: az újgenerációs tűzfalYoung BTS Kommunikációs rendszerek
 
Watchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationWatchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationKaveh Khosravi
 
Overview of Linux
Overview of LinuxOverview of Linux
Overview of LinuxThang Man
 
Firewall fundamentals
Firewall fundamentalsFirewall fundamentals
Firewall fundamentalsThang Man
 

En vedette (15)

Unified Threat Management
Unified Threat ManagementUnified Threat Management
Unified Threat Management
 
Firewall presentation
Firewall presentationFirewall presentation
Firewall presentation
 
Chap11 scr
Chap11 scrChap11 scr
Chap11 scr
 
How to join the twitter chat with Druva
How to join the twitter chat with Druva How to join the twitter chat with Druva
How to join the twitter chat with Druva
 
Smarter social enterprise
Smarter social enterpriseSmarter social enterprise
Smarter social enterprise
 
Exclusive Group is Recruiting!
Exclusive Group is Recruiting!Exclusive Group is Recruiting!
Exclusive Group is Recruiting!
 
Unified Threat Management Solutions
Unified Threat Management SolutionsUnified Threat Management Solutions
Unified Threat Management Solutions
 
Análisis
AnálisisAnálisis
Análisis
 
Információbiztonság: IT biztonságtechnikai közbeszerzések
Információbiztonság: IT biztonságtechnikai közbeszerzésekInformációbiztonság: IT biztonságtechnikai közbeszerzések
Információbiztonság: IT biztonságtechnikai közbeszerzések
 
Belsoegesű motorok általános
Belsoegesű motorok általánosBelsoegesű motorok általános
Belsoegesű motorok általános
 
Young Enterprise Day 2014 – Palo Alto Networks: az újgenerációs tűzfal
Young Enterprise Day 2014 – Palo Alto Networks: az újgenerációs tűzfalYoung Enterprise Day 2014 – Palo Alto Networks: az újgenerációs tűzfal
Young Enterprise Day 2014 – Palo Alto Networks: az újgenerációs tűzfal
 
Watchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetationWatchguard Firewall overview and implemetation
Watchguard Firewall overview and implemetation
 
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
Palo Alto Networks - Next-generation Firewall Security with Expanding Scalabi...
 
Overview of Linux
Overview of LinuxOverview of Linux
Overview of Linux
 
Firewall fundamentals
Firewall fundamentalsFirewall fundamentals
Firewall fundamentals
 

Similaire à An introduction to Unified Threat Management (UTM), for Dummies

UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014Tarek Nader
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)IJERD Editor
 
FORTINET_WP-WEBFILTERING-201106.pdf
FORTINET_WP-WEBFILTERING-201106.pdfFORTINET_WP-WEBFILTERING-201106.pdf
FORTINET_WP-WEBFILTERING-201106.pdfMuhammadSajidAbdulga
 
Firewall buyers-guide
Firewall buyers-guideFirewall buyers-guide
Firewall buyers-guideAndy Kwong
 
Healthcare_Security_White_Paper
Healthcare_Security_White_PaperHealthcare_Security_White_Paper
Healthcare_Security_White_PaperJames Maudlin
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information SystemSatya P. Joshi
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesisidro luna beltran
 
Anti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsAnti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsUltraUploader
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav SinghGaurav Singh
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationE.S.G. JR. Consulting, Inc.
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationKen Flott
 
SECURING THE WEB DOMAIN BASED ON HASHING
SECURING THE WEB DOMAIN BASED ON HASHINGSECURING THE WEB DOMAIN BASED ON HASHING
SECURING THE WEB DOMAIN BASED ON HASHINGAM Publications
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and riskEY
 
Cybersecurity: Malware & Protecting Your Business From Cyberthreats
Cybersecurity: Malware & Protecting Your Business From CyberthreatsCybersecurity: Malware & Protecting Your Business From Cyberthreats
Cybersecurity: Malware & Protecting Your Business From CyberthreatsSecureDocs
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsCognizant
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed Great Bay Software
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power pointbodo-con
 
Web Security and Network Security
Web Security and Network SecurityWeb Security and Network Security
Web Security and Network Securitycrussell79
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective amarukanda
 

Similaire à An introduction to Unified Threat Management (UTM), for Dummies (20)

UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014UTM Technology & Leaders of UTMs in Gartner Magic report 2014
UTM Technology & Leaders of UTMs in Gartner Magic report 2014
 
M1_Introduction_IPS.pptx
M1_Introduction_IPS.pptxM1_Introduction_IPS.pptx
M1_Introduction_IPS.pptx
 
Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)Welcome to International Journal of Engineering Research and Development (IJERD)
Welcome to International Journal of Engineering Research and Development (IJERD)
 
FORTINET_WP-WEBFILTERING-201106.pdf
FORTINET_WP-WEBFILTERING-201106.pdfFORTINET_WP-WEBFILTERING-201106.pdf
FORTINET_WP-WEBFILTERING-201106.pdf
 
Firewall buyers-guide
Firewall buyers-guideFirewall buyers-guide
Firewall buyers-guide
 
Healthcare_Security_White_Paper
Healthcare_Security_White_PaperHealthcare_Security_White_Paper
Healthcare_Security_White_Paper
 
Security and control in Management Information System
Security and control in Management Information SystemSecurity and control in Management Information System
Security and control in Management Information System
 
Seguridad web -articulo completo- ingles
Seguridad web -articulo completo- inglesSeguridad web -articulo completo- ingles
Seguridad web -articulo completo- ingles
 
Anti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documentsAnti spyware coalition definitions and supporting documents
Anti spyware coalition definitions and supporting documents
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav Singh
 
Toward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network AutomationToward Continuous Cybersecurity with Network Automation
Toward Continuous Cybersecurity with Network Automation
 
Toward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network AutomationToward Continuous Cybersecurity With Network Automation
Toward Continuous Cybersecurity With Network Automation
 
SECURING THE WEB DOMAIN BASED ON HASHING
SECURING THE WEB DOMAIN BASED ON HASHINGSECURING THE WEB DOMAIN BASED ON HASHING
SECURING THE WEB DOMAIN BASED ON HASHING
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
Cybersecurity: Malware & Protecting Your Business From Cyberthreats
Cybersecurity: Malware & Protecting Your Business From CyberthreatsCybersecurity: Malware & Protecting Your Business From Cyberthreats
Cybersecurity: Malware & Protecting Your Business From Cyberthreats
 
Application Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting ReputationsApplication Security: Safeguarding Data, Protecting Reputations
Application Security: Safeguarding Data, Protecting Reputations
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed
 
Ch15 power point
Ch15 power pointCh15 power point
Ch15 power point
 
Web Security and Network Security
Web Security and Network SecurityWeb Security and Network Security
Web Security and Network Security
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective a
 

Plus de Elsa Cariello

Exclusive Group Love Campaign Infographic
Exclusive Group Love Campaign InfographicExclusive Group Love Campaign Infographic
Exclusive Group Love Campaign InfographicElsa Cariello
 
Exclusive Group and Palo Alto and the Unbreakable Bond
Exclusive Group and Palo Alto and the Unbreakable BondExclusive Group and Palo Alto and the Unbreakable Bond
Exclusive Group and Palo Alto and the Unbreakable BondElsa Cariello
 
Why Exclusive Group and Fortinet are a solid "partnership".
Why Exclusive Group and Fortinet are a solid "partnership". Why Exclusive Group and Fortinet are a solid "partnership".
Why Exclusive Group and Fortinet are a solid "partnership". Elsa Cariello
 
How to join a Twitter Chat from Exclusive Networks Group
How to join a Twitter Chat from Exclusive Networks GroupHow to join a Twitter Chat from Exclusive Networks Group
How to join a Twitter Chat from Exclusive Networks GroupElsa Cariello
 
Carm presentation new logo may 14
Carm presentation new logo may 14Carm presentation new logo may 14
Carm presentation new logo may 14Elsa Cariello
 
Infographic on why you need CARM when’a cyber breach take place.
Infographic on why you need CARM when’a cyber breach take place. Infographic on why you need CARM when’a cyber breach take place.
Infographic on why you need CARM when’a cyber breach take place. Elsa Cariello
 

Plus de Elsa Cariello (6)

Exclusive Group Love Campaign Infographic
Exclusive Group Love Campaign InfographicExclusive Group Love Campaign Infographic
Exclusive Group Love Campaign Infographic
 
Exclusive Group and Palo Alto and the Unbreakable Bond
Exclusive Group and Palo Alto and the Unbreakable BondExclusive Group and Palo Alto and the Unbreakable Bond
Exclusive Group and Palo Alto and the Unbreakable Bond
 
Why Exclusive Group and Fortinet are a solid "partnership".
Why Exclusive Group and Fortinet are a solid "partnership". Why Exclusive Group and Fortinet are a solid "partnership".
Why Exclusive Group and Fortinet are a solid "partnership".
 
How to join a Twitter Chat from Exclusive Networks Group
How to join a Twitter Chat from Exclusive Networks GroupHow to join a Twitter Chat from Exclusive Networks Group
How to join a Twitter Chat from Exclusive Networks Group
 
Carm presentation new logo may 14
Carm presentation new logo may 14Carm presentation new logo may 14
Carm presentation new logo may 14
 
Infographic on why you need CARM when’a cyber breach take place.
Infographic on why you need CARM when’a cyber breach take place. Infographic on why you need CARM when’a cyber breach take place.
Infographic on why you need CARM when’a cyber breach take place.
 

Dernier

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 

Dernier (20)

Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

An introduction to Unified Threat Management (UTM), for Dummies

  • 1. An introduction to Unified Threat Management (UTM) http://bit.ly/CARMcloud
  • 2. The Security Challenge • Today’s networking environment and threat landscape are changing constantly — new devices, applications, and threats appear almost daily • Organizations of all sizes struggle to enable secure access for users on the latest mobile devices while blocking the latest threats hidden inside application traffic from social media sites. It’s a tough fight! http://bit.ly/CARMcloud
  • 3. The need for Consolidated Network Security • In today’s increasingly mobile world, networks change constantly. New services, access methods, and even devices continue to show up in networks at a frenetic pace • As a result, organizations of all sizes face challenges in maintaining control over network and security policies • Unfortunately, many organizations continue to take a traditional approach to network security in spite of changing software, devices, and user habits. Such a traditional approach cannot adapt to the latest trends and leaves organizations vulnerable to today’s threats • To keep up with the constant change, organizations of all sizes must adopt a different approach http://bit.ly/CARMcloud
  • 4. The Good More and Better Network Access • The evolution and incredible proliferation of networking and security technology has produced many benefits: – Today, remote users can access corporate data inside a firewall using any device with a network connection – Every day, the number of applications is exploding; exploiting the internet’s speed and always-on access makes it trivial to deliver content to end-users – Today’s applications deliver better access to back-end and internal data resources, which has enabled tremendous leaps in productivity among employees, partners, vendors, and customers – Delivery models have also evolved, from traditional ‘on premise’ applications inside a network, towards cloud-based hosted application services – The growing use of social media in everyday business practices reflects a profound change in where and how potential customers, partners, and agencies gather data, influence buying decisions, and build brand awareness http://bit.ly/CARMcloud
  • 5. The Good What’s the impact? • A lot of good things have happened on corporate networks, and a lot of those things involve new technologies and new uses for existing systems and information assets • But these changes also add to the burden of maintaining security and require forward thinking to ensure that levels of protection and security keep up with new uses, new forms of access, and new forms of communication http://bit.ly/CARMcloud
  • 6. The Bad • The ongoing application explosion means that new apps show up and run on systems and devices on organizational networks every day • Too often, such applications fly under the radar of network administrators and appear without planning, proper licensing, or even informed consent • Worse, such applications can potentially inundate those networks on which they appear with unknown, questionable, or even outright malicious content http://bit.ly/CARMcloud
  • 7. Why is this an issue? • Traditional firewalls cannot detect these new applications; they rely on port numbers or protocol identifiers to recognize and categorize network traffic and to enforce policies related to such traffic • Apps that use specific port numbers or protocols make it easy for network administrators to block unwanted traffic, but browser-based applications often use only two port numbers, each associated with a protocol vital to user productivity and responsible for the bulk of Internet traffic today • This means that all traffic from browser-based apps looks exactly the same to traditional firewalls; they can’t differentiate between applications, so there is no easy way to block bad, unwanted, or inappropriate programs whilst permitting desirable or necessary apps to proceed unhindered http://bit.ly/CARMcloud
  • 8. Examples of the impact • Exposure to malicious content – User-created content encompasses a wide range of threats, such as malware or links to malicious sites that could compromise user systems or even entire networks – Common risks include links to malicious sites where visitors are subject to drive-by downloads • Unwanted bandwidth consumption – Bandwidth-intensive web-based applications such as YouTube can clog networks and impede delivery of business-critical content – File-sharing applications can bog down networks because of large file sizes and the sheer number of files being swapped • Exposure to data leakage – Apps that can accommodate outbound file attachments can permit employees to (perhaps unwittingly) export sensitive, confidential or protected information outside organizational boundaries and controls – This can incur potential civil and criminal liabilities, as well as loss of customer trust and brand equity http://bit.ly/CARMcloud
  • 9. And The Ugly • Online crime is an ever-increasing part of the threat landscape. Beyond the threats of damage or data loss from malware, professional criminals have gone online to ply their unsavoury trades • Corporations, institutions, government agencies, and other large organizations can fall prey to various kinds of cyberwarfare, that aim to steal information, transfer funds, or perform other illicit activities http://bit.ly/CARMcloud
  • 10. Botnets • One of the ugliest elements of this side of the online universe is botnets • A bot is an individual computer that has been compromised with malware that takes instructions from a criminal. Each such computer is called a bot and collections of such computers are called botnets • Some common forms of attack include: – Phishing-based attack – credentials are stolen or additional victims claimed. Phishing can open the door to network penetration and compromise – Search Engine Optimization (SEO) attack – gaming search engines to include malicious sites high in page rankings. Victims search for a popular term and land on the malicious site unknowingly. This can also open the door to network penetration and compromise – Compromised legitimate websites - this can happen in various ways without detection by the site operator. For example, ads being served by a third party that redirect visitors to malicious sites, injecting malicious code into the site itself, or replacing legitimate HTML code with code that contains malware – Internal infections - this is often achieved by using an auto-run function, once the device is introduced to a network. However, some botnets can infect legitimate files on mobile devices that are executed on-demand by victims http://bit.ly/CARMcloud
  • 11. Traditional firewalls can’t keep up with today’s threats • Because network traffic is so heavily web- and application- based, the ability of legacy security technologies to protect internal networks is increasingly challenged, to say the least • Attacks have become more frequent and more serious. Every day new attacks are designed to avoid detection and come up with more and better ways to steal our information • As attacks and their consequences become more dangerous and costly, organizations are learning to their dismay that their existing security infrastructures can’t keep up • Traditional firewalls and security appliances have lost their ability to block such traffic, which means prevailing tools and technologies can’t prevent the worst and most nefarious attacks from affecting or damaging networks http://bit.ly/CARMcloud
  • 12. Inadequate Protection (at Best) • One of the first and most basic lines of network defence is a firewall, a device that inspects inbound and out-bound traffic on a network • Firewalls were the first widely deployed network security technology when internet use really began in earnest. The firewall’s job is to inspect traffic and decide what is allowed to go from outside to inside, and from inside to outside • But network traffic has changed vastly in the last decade, and a great proportion is now web-based • Because of the commingling of modern application traffic with everyday web access, traditional port-based firewalls have essentially become blind to the most common type of network traffic • This means: – They cannot distinguish different types of traffic that use the same port – They cannot detect applications that tunnel inside other applications – They cannot see inside encrypted packets – They can’t even block sneaky rogue applications that use nonstandard port numbers http://bit.ly/CARMcloud
  • 13. Evolving firewall technology still can’t keep up • As simple rules for filtering traffic in a firewall proved to be too permissive, firewall vendors deployed new technology to stay abreast of the changing threat landscape • One important advance was the development of a proxy server, which sits transparently on the network and checks all packets for policy compliance before forwarding them • Various other security protocols were also developed to distinguish legitimate communications from suspicious or malicious types of connections, allowing only packets that corresponded to a valid, recognized, active connection between a client and server and rejecting everything else • In spite of these advances, firewalls could not stop the evolving threats. With each new firewall technology, the hackers devised new evasion techniques. New threats simply slipped through legacy firewalls and headed right onto the trusted network, attacking clients and servers with gusto and abandon • Network security vendors sought to fight back by creating new technologies to fight the new threats http://bit.ly/CARMcloud
  • 14. From Firewalls to Stand-alone Products • Over time, as the threat landscape evolved, organizations began adding specialized or stand-alone security devices to their infrastructures, with the intention of providing workarounds to the limitations of traditional firewalls • Each device addresses a specific threat: One appliance provides malware screening, and another provides content filtering of websites and traffic. Still others detect and block intrusions, or add spam filtering and e-mail message handling. Put them all together on a network, and you could have half a dozen or more appliances, each inspecting the stream of traffic moving across the network • All of these devices were designed to improve a network’s security by adding functionality missing from the firewall. However, a patchwork of stand-alone technologies can have the opposite effect on network visibility as well as performance. They don’t talk to each other easily (if at all). They lack central management and monitoring because each product operates on its own. Plus, data from individual devices isn’t aggregated to create a complete or holistic view http://bit.ly/CARMcloud
  • 15. Examples of Stand-alone Security Appliances Here are some examples of typical stand-alone security appliances that are deployed in a network: • Virtual private network (VPN): Uses special protocols to move information across the Internet securely • Data loss prevention (DLP): Looks for confidential, proprietary, or regulated data leaving the network. It can stop wholesale loss of proprietary data, as well as small scale accidental losses • Intrusion prevention system (IPS): Acts as a network’s watchdog, looking for patterns of network traffic and activity, and recording events that may affect security • Content filtering technologies: These devices block traffic to and/or from a network by IP address, domain name/URL, type of content or payload http://bit.ly/CARMcloud
  • 16. The reality of using Stand- alone security appliances • There are several implications of the use of stand- alone security appliances, namely: – Multiple devices create a performance hit – Reduced network visibility – Total Cost of Ownership is far too high • The benefits of moving away from this approach include: – An integrated and holistic view of network security – Optimal TCO – Minimal latency impact http://bit.ly/CARMcloud
  • 17. Finding a way out… • Many organizations want to find a way out of the expensive, labour-intensive, unsecure, and chaotic mess of traditional firewalls supplemented with multiple stand- alone security technologies • Unified Threat Management (UTM) is the approach that many organizations have adopted to improve visibility and control of their network security while lowering complexity of their networks • UTM creates an environment in which all network security falls beneath a single, consistent technology umbrella • UTM enables the consolidation of all traditional as well as next-generation firewalls into a single device http://bit.ly/CARMcloud
  • 18. Stepping up to UTM • UTM represents a significant shift in the evolution of network security technology and equipment • UTM generally refers to a security appliance that consolidates a wide range of essential network security functions into a single device, including next-generation firewall technologies like application control • As network threats evolve and new threats emerge, network security must change and adapt to protect against such threats. This adaptability can make UTM difficult to define because the technologies included can vary from vendor to vendor • Over time, however, the collection of capabilities associated with UTM has consistently expanded, and this trend shows no sign of tapering off http://bit.ly/CARMcloud
  • 19. UTM – bringing order to chaos The best UTM solutions include the following core security functions: • Network firewalls perform stateful packet inspection • IPS detects and blocks intrusions and certain attacks • Application control provides visibility and control of application behaviour and content • VPN enables secure remote access to networks • Web filtering halts access to malicious, inappropriate, or questionable websites and online content • IPv6 support in all network security functions protects networks as they migrate from IPv4 to IPv6 • Support for virtualized environments, both virtual domains and virtual appliances http://bit.ly/CARMcloud
  • 20. Additional technologies UTM solutions may also include additional security technologies that organizations can choose to deploy, including: • Data loss prevention that blocks accidental or intentional loss of confidential, proprietary, or regulated data • Anti-malware/anti-spam protection that prevents malicious payloads or unwanted messages from entering networks • Endpoint control that enforces corporate security policies with remote users and devices http://bit.ly/CARMcloud
  • 21. Flexible, Future-Ready and Powerful • UTM delivers a flexible, future-ready solution to meet the challenges of today’s networking environments • Not every organization is going to deploy every technology included in a UTM device; in fact, most do not, but a UTM gives an organization the ability to deploy as many or as few technologies as it needs, when and where it needs them • The best UTM solutions employ a simple licensing model that includes all technologies, eliminating the need to purchase additional modules or to count users as an organization’s security requirements change over time • UTM delivers a versatile, powerful solution to meet the challenges of today’s most complex networking environment. It overcomes shortcomings of non-integrated, legacy systems built around traditional firewalls and individual, stand-alone appliances and software http://bit.ly/CARMcloud
  • 22. UTM – Significant Advantage • One significant advantage UTM devices have over legacy firewalls (combined with multiple appliances), is integrated management. The “single pane of glass” management console of UTM provides a consolidated management interface with ready access to all configurations, management, and monitoring functions • This is especially useful when it comes to seeing and reacting to combinations of events that represent a sophisticated attack. This reduces the likelihood of common failings from traditional systems, including failure to notice an incident or event, failure to act in a timely fashion, and failure to maintain compliance and audit controls http://bit.ly/CARMcloud
  • 23. UTM – Other Business Advantages There are many other significant advantages to UTM, namely: • Cost effectiveness – driven by consolidation of network and security management • Improved awareness • Reduced ‘false sense of security’ • Accelerated processing speeds-up business • Ability to keep pace with the changing threat landscape http://bit.ly/CARMcloud
  • 24. UTM delivers a flexible, future- ready solution to meet the challenges of today’s networking environments. For a more detail on all of the topics covered in this summary, please download our free e- book: Unified Threat Management for Dummies http://bit.ly/CARMcloud