EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day on 7th June 2016.

Confidential-Property of EfficientIP - All rights reserved-Copyright © 2016
SWITCHPOINT NV/SA Quarterly Experience Day 2016
Fabien Renaud : Presales Expert
Régis Penin : Sales Engineer

Company Overview
Strong
Partnerships
Technology
Integration
USA-Westchester, PA
Innovative DDI Software Company
Simplicity - Security - Availability
100+
Employees
IDC
Fastest Growing
DDI Company*
*IDC DDI REPORT 2014
HQ - R&D
USA - Westchester, PA
EMEA - France, Paris
24x7
Follow-The-Sun
Support ServicesAwarded
Technologies
600+ Customers
110+ Countries
5 Continents
DDI (DNS-DHCP-IPAM)
A foundation for reliable, secure and agile Network Infrastructure

EfficientIP: Sample of Our Customers
Page 3
Telecommunication
Vodafone
Colt
T Mobile
SFR
Easynet
KPN
Telecom of Thailand
Qatar Telecom
Maskatel
Virgin Mobile
ONO
Energy
Repsol
EDF
GDF
Suez
Air Liquide
Education
Leeds University
Hamburg University
Paris University
Utrecht University
Pais Vasco University
Financial
Allianz
Zurich Financial Services
Swiss Re
Axa Wealth
Standard Life
Bank of France
BRED
Electronics-Defense
Philips
NXP
Nokia Siemens Network
Cassidian
EADS Astrium

DNS-DHCP-IPAM
Applications & Services
Network
Page 4
Why are Network Services so Critical?
The bridge between users and their applications
Customers Citizens StudentsEmployees
Web Apps.Internet emailVideo
IPV

NO DNS = NO BUSINESS
Applications & Services
Web Apps.Internet emailVideo
IPV
Page 5
Why are Network Services so Critical?
If the bridge is down…
Customers Citizens StudentsEmployees

Solution Portfolio
Page 6

Global visibility
End-to-end consistency
Management automation
Role-based delegation
Unified Management Framework “SMART DDI”
Reconcile
Manage
Deploy
Design
Device
Management
DDI & VLAN
Management
Network
Discovery
Network
Configuration
Solution Portfolio ‘SOLIDserver’ (1)
Page 7

IP addressing & VLAN Plan Management
Network Services Engines : DNS-DHCP-NTP-TFTP
DNS Guardian: 100% DNS cache availability under attack *
DNS Hybrid Technology: 3 differents DNS Engines on one Appliance
DNS Blast: Absorb up to 17 Million queries per second *
Multi-Vendor DNS&DHCP Services Management *
Microsoft – ISC – SOLIDServer™
Device Deployment Management: Device Manager *
Network Discovery & Configuration Management: NetChange*
Page 8
Solution Portfolio ‘SOLIDserver’ (2)

Automate Deployment and Management
Multi-vendor DNS-DHCP: Microsoft, ISC, SOLIDserver
Enforce Best Practices
Reduce Complexity & TCO
Page 9
A centralized IPAM to manage SmartArchitecture™
(Secured, Reliable, Automated)

Confidential-Property of EfficientIP - All rights reserved-Copyright © 2016Page 10
Printer
Belgium
10.1.0.0 /16
Gand
10.1.0.0 /24
de
10.2.0.0 /16
fr
10.3.0.0 /16
uk
10.4.0.0 /16
Bruxelles
10.1.1.0 /24
Charleroi
10.1.2.0 /23
10.1.4.1
10.1.4.25
Block
Subnet
Pool
IP address
IP Space: Your Company
Liege
10.1.4.0 /24
ToIP
10.1.4.26
10.1.4.100
10.1.4.101
10.1.4.150
10.1.4.200
(server200)
10.1.4.151
10.1.4.253
10.1.4.254
(Gateway)
Global Consistency and Uniqueness Control within an IP Space
No duplicate IP address or subnet overlap

IPAM Corner stone of the Global DDI Solution
Page 11
Server
View
Zone
RR
IPAMDNS DHCP
Space
Block
Subnet
Pool
IP address
Server
Group
Static
with IP
Range
Scope
Lease
Lease
granted
Add subnet
Add IP
address
Add CNAME,
A,… records
Add subnet
Add pool
Add IP address
(with MAC)

Enforcement of Company defined best practices &
Conformity Management
Templates of objects: Dedicated forms with specific list
of fields (i.e. for printer, server, router)
How to make sure naming convention is respected ?

Much more than DDI
360°DNS Security
Solution To Protect Your
Business

DNS Attacks Classification
Direct DoS, Amplification, Reflection
attacks
3 Main Types of DNS Attacks
EXPLOITS
VOLUMETRIC
Random QName, Phantom and Sloth
attacks...
DNS Tunnelling, poisoning, 0-day
!!
STEALTH

Attack Objectives
Page 15
Multiple DNS Targets
For Many Objectives
PUBLIC
PRIVATE
Business Downtime
Embezzlement of Money
Intellectual Property Theft
Customer Data Theft
Damaged Reputation
Password Stealing
Volumetric
Stealth
Exploits

Why Are DNS Attacks So Impacting?
Page 16
Traditional Security Solutions Are Not
Adapted to Mitigating DNS Attacks
Firewall & Next Generation Firewall
Anti-DDoS Appliances
IPS
Secure Web Gateway
...
A Specialized Layer of Defense Is Required To
Protect Users & DNS Services From Hidden Threats
in DNS Traffic

EfficientIP DNS Security Vision
Page 17
Protect All DNS Services
From All Attack Types
EXPLOITS
PRIVATE PUBLIC
VOLUMETRIC
!!
STEALTH

EfficientIP Security Solution
Strengthen Security
Foundation
Block 0-Day Vulnerabilities
Enforce Best Practices
Ensure DNS Continuity
with Adaptive Security
Advanced Attack Detection
Graduated Countermeasures
Secure Public DNS
Availability
Resiliency & Robustness
Absorb Extreme DoS
Attacks on Cache Servers
Cache Security & Performance
Protect Users & Block DNS-
Based Malware Activity
Prevent, Detect & Mitigate

SOLIDserver DNS
Page 19

Hardened Appliance
Enforce DNS Security Best Practices
SmartArchitecture Templates: Stealth DNS, Master-Slave, Multi-master
Block Zero-Day Vulnerabilities: Hybrid DNS Engines
Three DNS Engines transparently Managed as a single entity
Mitigate Amplification & Reflection Threat
Response Rate Limiting (RRL)
Ensure Data Integrity & Authenticity
DNSSEC Automation: “One Click” Deployment
Page 20
SOLIDserver DNS
IT Night WINNER
Best Security Product 2014
Most Innovative Security Solution
SOLIDserver Security Foundation
PUBLIC & PRIVATE

DNS Cloud
Page 21

Amazon Route53 Integration
Advanced Protection For DDoS & 0-Day
52 DNS Spots – Hybrid DNS engine
High-Availability & Performance
Anycast resiliency – Ultra Low Latency
Simple & Flexible
Deployment –Management – Reversibility
Cost-Effective
Page 22
DNS Services In the Cloud
PUBLIC
UNIFIED MANAGEMENT OF
IN-HOUSE & AMAZON CLOUD DNS

DNS Firewall
Page 23

DNS Firewall
Page 24
PROTECT AGAINST MALWARE AND
PHISHING WITH RESPONSE POLICY ZONE
PRIVATE DNS SERVICES
Prevent Initial Infection
Block malicious sites
Detect and Block Malware Activity
Users & Applications, CnC Communications
Mitigate Data Exfiltration
Locate Infected Devices to Remediate

DNS Guardian
Page 25

DNS Guardian
Page 26
Inside DNS Transaction Analysis For Accurate Attack
Detection
Global & Per IP Statistics (cache & recursive)
Volumetric, Stealth & Exploit Attacks Detection
Tunnelling, RQName attacks, phantom attacks, anomalies
Graduated Protection With Smart Countermeasures
Block source IPs of the attacks
Quarantine suspected source IPs of attacks
Patented Rescue Mode: Ensure service continuity even if the attack
source is unidentifiable.
ADAPTIVE DNS SECURITY
PRIVATE DNS SERVICES

Comprehensive DNS Security Solution
Page 27

DNS Blast: Cache Security & Performance
Page 28
Absorbs DoS Attacks on DNS Cache & Eliminates Risks of Blocking
Legitimate Clients
World’s Fastest DNS Caching Server with 17 million qps
High Performance of ACL, RPZ & DNSSEC
Ensures Unparalleled High-Availability with Anycast Resilience
Decreases Costs & Network Complexity
No need to pile up DNS servers and expensive load-balancers
Improved User Experience with Ultra Low Latency
Unequalled Cache Hit Rate (CHR) with Multicast Cache Sharing
Persistent Cache (Restart & Restore)

DNS Security Performance & Intelligence
Page 29
Complete Coverage of DNS Services
Public & Private
Comprehensive Attack Type Detection
Volumetric, Stealth & Exploit Attacks
Smart & Adaptive Threat Protection
Block, Quarantine & Rescue Modes
Simple to Deploy & Maintain
Cost Effective

Thank you for your attention!
Page 30

EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day on 7th June 2016.

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day on 7th June 2016.

Similaire à EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day on 7th June 2016. (20)

Plus de SWITCHPOINT NV/SA

Plus de SWITCHPOINT NV/SA (7)

Dernier

Dernier (20)

EfficientIP presentation used during the SWITCHPOINT NV/SA Quarterly Experience Day on 7th June 2016.