SlideShare une entreprise Scribd logo

Secure SD-WAN Service from IBM Security

Télécharger en tant que PPTX, PDF
IBM Security
IBM Security

International Data Corporation (IDC) estimates that worldwide Software-Defined WAN (SD-WAN) revenues will exceed $6 billion in 2020. SD-WAN makes it simple for organizations to use different network technologies to connect their remote offices and/or branches to one another via Multi-protocol Label Switching (MPLS) for critical data requiring enterprise grade performance and security, and commercial broadband over the internet for all other data types. In addition, SD-WAN helps accelerate hybrid cloud adoption by facilitating vendor- and technology-agnostic data transport over any WAN or internet circuit. While IT leaders are excited about the lower costs and increased efficiencies enabled by this technology, they are unsure if SD-WAN will increase the attack surface of their network and open up new vulnerabilities as they connect to the various cloud providers. Join us for a webinar on July 24 to meet Ben Hendrick, Partner & Global Competency Leader Infrastructure & Endpoint Security at IBM Security and Chirstina Richmond, Program Director for IDC's Security Services as they discuss some of the steps that you can take in order to secure your SD-WAN infrastructure.

Technologie
1  sur  18
Secure SD-WAN service from IBM Security Ben Hendrick Partner & Global Competency Leader Infrastructure & Endpoint Security (IES) July 24, 2017
2 IBM Security Flat networks Security infra sprawl Simplified, agile management Secure end-to-end fabric Zero Trust Security is the guiding principle made possible by next generation architectures and technologies now available to clients IBM CONFIDENTIAL • Security is an enabler for the SDx infrastructure changes • Enhanced security can be enabled by these SDx changes in the infrastructure IBM Security will help you in partnership with your infrastructure teams to: Private and Public Cloud, Virtualized, Boundary-less, Software Defined, and Zero Trust Perimeter-Centric, Boundaries, and Trusted FUTURE STATECURRENT STATE Design and prove • Build a business case • Create a macro design Integrate and test • Develop a micro design • Execute an implementation plan Manage and optimize • Run a healthy security infrastructure • Respond to changes
3 IBM Security Security Thought Leadership White Paper Rein in “box sprawl” with an end-to-end Zero Trust approach to security Deploy strong segmentation and encryption to ensure coherent data protection, enterprise-wide
4 IBM Security
5 IBM Security
6 IBM Security Key links on the new Secure SD-WAN Solution • http://www-03.ibm.com/security/services/managed-security-services/sd-wan/ (Main Public – IBM Portal for Secure SD-WAN) • https://youtu.be/bUlAAHcM5j4 (John Wheeler – VP) Overview of Infrastructure and Endpoint Security video • https://youtu.be/BrZWscc_Syk (Ben Hendrick – IES Partner) Overview of Zero Trust Security video • https://securityintelligence.com/secure-sd-wan-the-first-step-toward-zero-trust- security/ (Ben Hendrick – Global IES Partner Blog) • https://securityintelligence.com/events/zero-trust-security-for-the- infrastructure-and-endpoint/ (External Webinar)
7 IBM Security An integrated and intelligent security immune system Criminal detection Fraud protection Workload protection Cloud access security broker Access management Entitlements and roles Privileged identity management Identity management Data access control Application security management Application scanning Data monitoring Device management Transaction protection Content security Malware protection Antivirus Endpoint patching and management Virtual patching Firewalls Network forensics and threat management Sandboxing Network visibility and segmentation Indicators of compromise IP reputation Threat sharing Vulnerability management Incident response Threat hunting and investigation User behavior analysisCognitive security Threat and anomaly detection
8 IBM Security Introducing Secure SD-WAN from IBM Security Enhance the security, performance and agility of your Wide Area Network (WAN) and accelerate your journey to the cloud by partnering with IBM Security to introduce security-rich software-defined technology that can work with your current network infrastructure to: • Improve network security • Reduce network connectivity costs • Optimize network and application performance • Accelerate hybrid cloud adoption
9 IBM Security Benefits of Secure SD-WAN • Low impact to existing operations; no expensive “rip and replace” required • Immediate security improvement • Flexible delivery models and platforms • Increased network visibility to security • All circuit paths are encrypted at all times • Applications run faster, as application routing always uses the fastest and lowest latency path available • Cloud access is enabled and optimized; multi-cloud services are secured and protected • Can be combined with IBM Security’s Managed Security Services (MSS) for a complete end-to-end security solution
10 IBM Security Corporate Business Units Legal, Audit SecurityHub TechnologyIBM Security Hub – Reference Model Baseline SOC Service Delivery Management Service Level Management Operational Efficiency Service Reporting Escalation Cyber-Security Command Center (CSCC) Executive Security Intelligence Briefings Local Reg. Security Oversight SOC Governance Consolidated Security Analytics & Dashboards Local/Reg. Intel. Briefings SecurityHub Governance SecurityHub Operations SOC Platform Components Big DataBI ToolsSIEMPortal Use Case Library Integration Tool Response Procedure Tool Ticketing & Workflow Cyber-Security Command Center (CSCC) Executive Security Intelligence Briefings SOC Governance Consolidated Security Analytics & Dashboards Local/Reg. Intel. Briefings Local Reg. Security Oversight SOC Service Delivery Management Service Level Management Operational Efficiency Service Reporting Escalation Sec. Integration Security Intelligence Security Analytics Projects and Admin. Support Threat Monitoring Threat Triage Threat Response CSIRT Management Security Hub Input Sources Active Directory/LDAP | Network Security | Unstructured Data | Reference Data IT Ops OT Ops Business Ops Emergency Response Legend MSS IES
11 IBM Security No matter where you are in your SD-WAN journey, IBM Security can help • Onsite workshop • Network assessment • Business case creation • Architectural design • Proof of concept • Quality Assurance Testing • Documentation creation and review • Create and execute implementation plan • Transition to steady state • Full monitoring and management from IBM Managed Security Services • Client-managed • Ongoing vulnerability and penetration testing services from IBM X-Force Red Plan & design Implement Manage & optimize
12 IBM Security Secure SD-WAN: Edge Delivery Model • Branch office firewall • IPSec between branch offices • Secure Transport Overlay over any type of WAN • Scalable Cloud VPN for secure connectivity to any destination • Extensible Network Segmentation to Enterprise datacenter and Cloud • Integrated Application Firewall for Branch security • Virtual Services Edge Platform for adding 3rd party Secure VNFs Security features
13 IBM Security Circuit Costs: MPLS vs Hybrid vs Commercial Broadband Source: Telegeography.com – Broadband vs. MPLS pricing for San Francisco Q4 2014. Median monthly price: 10-20 Mbps Broadband $110/month, 10 Mbps MPLS IP VPN + Local Access $2,100 Month ~$2100/Month ~$1100/Month ~$220/Month MPLS Only ~$2,520,000 Hybrid ~$1,200,000 Dual Internet ~ $264,000 MonthlyCostPerSite
14 IBM Security Secure SD-WAN: Security as a Service Branch office Wireless centric site Legacy site Remote user CUSTOMER EDGE EDGE DEVICE Legacy MPLSIBM MWSMSS SD Wan Internet VPN MPLS Internet VPN MPLS WAN TRANSPORT CLOUD RESOURCES INTERNETSOFTLAYERWATSON IOT AZUREAWS Internet VPN MPLS/direct EDGE DEVICE EDGE DEVICE SECURITY HUB OPTIONAL – QRADAR (SEIM, FLOW, FORENSICS) IBM PEERING POINT Secure VPN EDGE DEVICE Available Security Features • Next Gen firewall • IPS • Anti-spam • URL Filtering • Malware / AV detection • Command & control traffic detection • Geo IP blocking • SSL VPN • IPSec • Dynamic routing (eBGP, iBGP, OSPF) • QoS • User FW with machine identification • SSL forward proxy
15 IBM Security Case Study – Before • Client relied exclusively on expensive private MPLS circuits for communications between regional datacenters and branch offices • Updates/changes had to be propagated separately via each datacenter/branch office cluster, thus introducing significant risk of inconsistent network security controls DC #1 Internet DC #2 Internet DC #3 Internet DC #4 Internet DC #5 Internet DC #6 Internet DC #7 Internet DC #8 Internet DC #9 Internet 100% 100% 100% 100% 100% 100% 100% 100% 100% MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS Branches Branches Branches Branches Branches Branches BranchesBranchesBranches • Getting a comprehensive view of the effectiveness of access control policies and network/application usage was nearly impossible • Network bandwidth could not be optimized at an enterprise level • Advanced security, Unified Threat Management (UTM) and analytics capabilities were not enabled throughout the enterprise
16 IBM Security Case Study – After • Security is centralized and standardized across five “hubs”, improving the client’s security posture and reducing end-user time needed to access cloud applications. The hubs are integrated back into the clients’ active directory infrastructure to ensure proper user authentication. • SIEM analytics is performed against all traffic and alerts are prioritized and acted upon according to corporate policy Internet Cloud services IBM Secure SD-WAN Client datacenters MPLS Internet IP-Sec Branches 70% of network traffic 30% of network traffic Internet IP-Sec • 70% of network traffic is now routed over the internet via secure IP-SEC tunnels, reducing the need for private MPLS circuits and significantly reducing circuit costs • Network traffic is optimized by always routing across the best available connection • Data center consolidation and transformation activities can now be performed by the client without having to alter security infrastructure
17 IBM Security IBM Security – Integrated Consulting and Managed Security Services Unparalleled Expertise • Access to a global network of recognized security experts • Deep industry service delivery experience across numerous types of operations • Ability to lead and execute large, transformational projects Integrated Approach • Integrated portfolio of security services and technology • Open ecosystem with 100+ technology partners and 30+ services partners • 800+ technical vendor and 150+ professional security certifications Best-in-class Managed Security Services • IBM X-Force® Exchange and Threat Research teams providing zero-day threat alerts to clients • 1400+ employees serving 130+ countries, with a 95% retention rate • 35 billion+ security events analyzed daily across 4,500+ global clients
18 IBM Security A global leader in network innovation • #1 in enterprise security software and services* • 7,500+ people • 12,000+ customers • 133 countries • 3,500+ security patents • 15 acquisitions since 2005 *According to Technology Business Research, Inc. (TBR) 2016

Recommandé

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
IBM Security
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
IBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
IBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
IBM Security
 

Recommandé

Automation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOpsAutomation: Embracing the Future of SecOps
Automation: Embracing the Future of SecOps
IBM Security
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
IBM Security
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
IBM Security
 
Integrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM ResilientIntegrated Response with v32 of IBM Resilient
Integrated Response with v32 of IBM Resilient
IBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
IBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
IBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon BlackAccelerating SOC Transformation with IBM Resilient and Carbon Black
Accelerating SOC Transformation with IBM Resilient and Carbon Black
IBM Security
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent OrchestrationHow to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
IBM Security
 
Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
IBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
IBM Security
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
IBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
IBM Security
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
IBM Security
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
IBM Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
IBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
IBM Security
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile Metrics
IBM Security
 
Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware
IBM Security
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
IBM Security
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
IBM Security
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
IBM Security
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
IBM Security
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS Solution
IBM Security
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Edi Saputra
 

Contenu connexe

Plus de IBM Security

Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
IBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
IBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
IBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
IBM Security
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
IBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
IBM Security
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
IBM Security
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
IBM Security
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
IBM Security
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS Solution
IBM Security
 

Plus de IBM Security (20)

Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?Are You Ready to Move Your IAM to the Cloud?
Are You Ready to Move Your IAM to the Cloud?
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat IntelligenceOrchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
 
WannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do NowWannaCry Ransomware Attack: What to Do Now
WannaCry Ransomware Attack: What to Do Now
 
How to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security OperationsHow to Improve Threat Detection & Simplify Security Operations
How to Improve Threat Detection & Simplify Security Operations
 
IBM QRadar UBA
IBM QRadar UBA IBM QRadar UBA
IBM QRadar UBA
 
Mobile Vision 2020
Mobile Vision 2020Mobile Vision 2020
Mobile Vision 2020
 
Retail Mobility, Productivity and Security
Retail Mobility, Productivity and SecurityRetail Mobility, Productivity and Security
Retail Mobility, Productivity and Security
 
Close the Loop on Incident Response
Close the Loop on Incident ResponseClose the Loop on Incident Response
Close the Loop on Incident Response
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats Orchestrate Your Security Defenses; Protect Against Insider Threats
Orchestrate Your Security Defenses; Protect Against Insider Threats
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
 
See How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile MetricsSee How You Measure Up With MaaS360 Mobile Metrics
See How You Measure Up With MaaS360 Mobile Metrics
 
Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware Valuing Data in the Age of Ransomware
Valuing Data in the Age of Ransomware
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network InsightsNowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
 
Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017Top 12 Cybersecurity Predictions for 2017
Top 12 Cybersecurity Predictions for 2017
 
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
Safeguard Healthcare Identities and Data with Identity Governance and Intelli...
 
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune SystemCybersecurity In The Cognitive Era: Priming Your Digital Immune System
Cybersecurity In The Cognitive Era: Priming Your Digital Immune System
 
Top 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS SolutionTop 5 Things to Look for in an IPS Solution
Top 5 Things to Look for in an IPS Solution
 

Dernier

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 

Dernier (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 

Secure SD-WAN Service from IBM Security

  • 1. Secure SD-WAN service from IBM Security Ben Hendrick Partner & Global Competency Leader Infrastructure & Endpoint Security (IES) July 24, 2017
  • 2. 2 IBM Security Flat networks Security infra sprawl Simplified, agile management Secure end-to-end fabric Zero Trust Security is the guiding principle made possible by next generation architectures and technologies now available to clients IBM CONFIDENTIAL • Security is an enabler for the SDx infrastructure changes • Enhanced security can be enabled by these SDx changes in the infrastructure IBM Security will help you in partnership with your infrastructure teams to: Private and Public Cloud, Virtualized, Boundary-less, Software Defined, and Zero Trust Perimeter-Centric, Boundaries, and Trusted FUTURE STATECURRENT STATE Design and prove • Build a business case • Create a macro design Integrate and test • Develop a micro design • Execute an implementation plan Manage and optimize • Run a healthy security infrastructure • Respond to changes
  • 3. 3 IBM Security Security Thought Leadership White Paper Rein in “box sprawl” with an end-to-end Zero Trust approach to security Deploy strong segmentation and encryption to ensure coherent data protection, enterprise-wide
  • 6. 6 IBM Security Key links on the new Secure SD-WAN Solution • http://www-03.ibm.com/security/services/managed-security-services/sd-wan/ (Main Public – IBM Portal for Secure SD-WAN) • https://youtu.be/bUlAAHcM5j4 (John Wheeler – VP) Overview of Infrastructure and Endpoint Security video • https://youtu.be/BrZWscc_Syk (Ben Hendrick – IES Partner) Overview of Zero Trust Security video • https://securityintelligence.com/secure-sd-wan-the-first-step-toward-zero-trust- security/ (Ben Hendrick – Global IES Partner Blog) • https://securityintelligence.com/events/zero-trust-security-for-the- infrastructure-and-endpoint/ (External Webinar)
  • 7. 7 IBM Security An integrated and intelligent security immune system Criminal detection Fraud protection Workload protection Cloud access security broker Access management Entitlements and roles Privileged identity management Identity management Data access control Application security management Application scanning Data monitoring Device management Transaction protection Content security Malware protection Antivirus Endpoint patching and management Virtual patching Firewalls Network forensics and threat management Sandboxing Network visibility and segmentation Indicators of compromise IP reputation Threat sharing Vulnerability management Incident response Threat hunting and investigation User behavior analysisCognitive security Threat and anomaly detection
  • 8. 8 IBM Security Introducing Secure SD-WAN from IBM Security Enhance the security, performance and agility of your Wide Area Network (WAN) and accelerate your journey to the cloud by partnering with IBM Security to introduce security-rich software-defined technology that can work with your current network infrastructure to: • Improve network security • Reduce network connectivity costs • Optimize network and application performance • Accelerate hybrid cloud adoption
  • 9. 9 IBM Security Benefits of Secure SD-WAN • Low impact to existing operations; no expensive “rip and replace” required • Immediate security improvement • Flexible delivery models and platforms • Increased network visibility to security • All circuit paths are encrypted at all times • Applications run faster, as application routing always uses the fastest and lowest latency path available • Cloud access is enabled and optimized; multi-cloud services are secured and protected • Can be combined with IBM Security’s Managed Security Services (MSS) for a complete end-to-end security solution
  • 10. 10 IBM Security Corporate Business Units Legal, Audit SecurityHub TechnologyIBM Security Hub – Reference Model Baseline SOC Service Delivery Management Service Level Management Operational Efficiency Service Reporting Escalation Cyber-Security Command Center (CSCC) Executive Security Intelligence Briefings Local Reg. Security Oversight SOC Governance Consolidated Security Analytics & Dashboards Local/Reg. Intel. Briefings SecurityHub Governance SecurityHub Operations SOC Platform Components Big DataBI ToolsSIEMPortal Use Case Library Integration Tool Response Procedure Tool Ticketing & Workflow Cyber-Security Command Center (CSCC) Executive Security Intelligence Briefings SOC Governance Consolidated Security Analytics & Dashboards Local/Reg. Intel. Briefings Local Reg. Security Oversight SOC Service Delivery Management Service Level Management Operational Efficiency Service Reporting Escalation Sec. Integration Security Intelligence Security Analytics Projects and Admin. Support Threat Monitoring Threat Triage Threat Response CSIRT Management Security Hub Input Sources Active Directory/LDAP | Network Security | Unstructured Data | Reference Data IT Ops OT Ops Business Ops Emergency Response Legend MSS IES
  • 11. 11 IBM Security No matter where you are in your SD-WAN journey, IBM Security can help • Onsite workshop • Network assessment • Business case creation • Architectural design • Proof of concept • Quality Assurance Testing • Documentation creation and review • Create and execute implementation plan • Transition to steady state • Full monitoring and management from IBM Managed Security Services • Client-managed • Ongoing vulnerability and penetration testing services from IBM X-Force Red Plan & design Implement Manage & optimize
  • 12. 12 IBM Security Secure SD-WAN: Edge Delivery Model • Branch office firewall • IPSec between branch offices • Secure Transport Overlay over any type of WAN • Scalable Cloud VPN for secure connectivity to any destination • Extensible Network Segmentation to Enterprise datacenter and Cloud • Integrated Application Firewall for Branch security • Virtual Services Edge Platform for adding 3rd party Secure VNFs Security features
  • 13. 13 IBM Security Circuit Costs: MPLS vs Hybrid vs Commercial Broadband Source: Telegeography.com – Broadband vs. MPLS pricing for San Francisco Q4 2014. Median monthly price: 10-20 Mbps Broadband $110/month, 10 Mbps MPLS IP VPN + Local Access $2,100 Month ~$2100/Month ~$1100/Month ~$220/Month MPLS Only ~$2,520,000 Hybrid ~$1,200,000 Dual Internet ~ $264,000 MonthlyCostPerSite
  • 14. 14 IBM Security Secure SD-WAN: Security as a Service Branch office Wireless centric site Legacy site Remote user CUSTOMER EDGE EDGE DEVICE Legacy MPLSIBM MWSMSS SD Wan Internet VPN MPLS Internet VPN MPLS WAN TRANSPORT CLOUD RESOURCES INTERNETSOFTLAYERWATSON IOT AZUREAWS Internet VPN MPLS/direct EDGE DEVICE EDGE DEVICE SECURITY HUB OPTIONAL – QRADAR (SEIM, FLOW, FORENSICS) IBM PEERING POINT Secure VPN EDGE DEVICE Available Security Features • Next Gen firewall • IPS • Anti-spam • URL Filtering • Malware / AV detection • Command & control traffic detection • Geo IP blocking • SSL VPN • IPSec • Dynamic routing (eBGP, iBGP, OSPF) • QoS • User FW with machine identification • SSL forward proxy
  • 15. 15 IBM Security Case Study – Before • Client relied exclusively on expensive private MPLS circuits for communications between regional datacenters and branch offices • Updates/changes had to be propagated separately via each datacenter/branch office cluster, thus introducing significant risk of inconsistent network security controls DC #1 Internet DC #2 Internet DC #3 Internet DC #4 Internet DC #5 Internet DC #6 Internet DC #7 Internet DC #8 Internet DC #9 Internet 100% 100% 100% 100% 100% 100% 100% 100% 100% MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS MPLS Branches Branches Branches Branches Branches Branches BranchesBranchesBranches • Getting a comprehensive view of the effectiveness of access control policies and network/application usage was nearly impossible • Network bandwidth could not be optimized at an enterprise level • Advanced security, Unified Threat Management (UTM) and analytics capabilities were not enabled throughout the enterprise
  • 16. 16 IBM Security Case Study – After • Security is centralized and standardized across five “hubs”, improving the client’s security posture and reducing end-user time needed to access cloud applications. The hubs are integrated back into the clients’ active directory infrastructure to ensure proper user authentication. • SIEM analytics is performed against all traffic and alerts are prioritized and acted upon according to corporate policy Internet Cloud services IBM Secure SD-WAN Client datacenters MPLS Internet IP-Sec Branches 70% of network traffic 30% of network traffic Internet IP-Sec • 70% of network traffic is now routed over the internet via secure IP-SEC tunnels, reducing the need for private MPLS circuits and significantly reducing circuit costs • Network traffic is optimized by always routing across the best available connection • Data center consolidation and transformation activities can now be performed by the client without having to alter security infrastructure
  • 17. 17 IBM Security IBM Security – Integrated Consulting and Managed Security Services Unparalleled Expertise • Access to a global network of recognized security experts • Deep industry service delivery experience across numerous types of operations • Ability to lead and execute large, transformational projects Integrated Approach • Integrated portfolio of security services and technology • Open ecosystem with 100+ technology partners and 30+ services partners • 800+ technical vendor and 150+ professional security certifications Best-in-class Managed Security Services • IBM X-Force® Exchange and Threat Research teams providing zero-day threat alerts to clients • 1400+ employees serving 130+ countries, with a 95% retention rate • 35 billion+ security events analyzed daily across 4,500+ global clients
  • 18. 18 IBM Security A global leader in network innovation • #1 in enterprise security software and services* • 7,500+ people • 12,000+ customers • 133 countries • 3,500+ security patents • 15 acquisitions since 2005 *According to Technology Business Research, Inc. (TBR) 2016