Agosto 2016
1
SEGURIDAD, VISIBILIDAD Y SDN: CONTROL TOTAL XAVIER MARTINEZ ELIZALDE DIRECTOR GENERAL
SEGURIDAD 2
Palo Alto Networks
3 | Š 2015, Palo Alto Networks. Confidential and Proprietary.
Palo Alto Networks at-a-glance CORPORATE HIGHLIGHTS • Founded in 2005; first customer shipment in 2007 • Safely enabling applications and preventing cyber threats
ENTERPRISE CUSTOMERS
REVENUES
26,000
$MM 24,000 $1,000
• Able to address all enterprise cybersecurity needs • Exceptional ability to support global customers
$928 20,000
$800
$598
16,000
13,500
$600
$396
12,000
9,000
$400
$255
• Experienced team of 3,300+ employees • Q2 FY16: $334.7M revenue
19,000
8,000
$119
$200
$13
$49
4,700
4,000
$0 FY09 FY10 FY11 FY12 FY13 FY14 FY15
0 jul.-11
4 | © 2015, Palo Alto Networks. Confidential
jul.-12
jul.-13
jul.-14
jul.-15
La Seguridad como un Habilitador de Negocios Administraciรณn de Riesgo
Eficiencia
Riesgo
Agilidad Evoluciรณn de TI
Nuestra diferencia: EL PODER DEL CONTEXTO
Failure of legacy security architectures Limited visibility
Lacks correlation DNS protection for outbound DNS
Manual response
DNS protection cloud Endpoint AV
DNS Alert SMTP Alert Web Alert AV Alert Endpoint Alert DNS Alert SMTP Alert AV Alert Endpoint Alert Web Alert AV Alert DNS Alert Web Alert
UTM/Blades
Internet
Enterprise Network
Anti-APT for port 25 APTs
Vendor 1
Vendor 3
Internet Connection
Vendor 2
Vendor 4
Malware Intelligence
7 | Š 2015, Palo Alto Networks. Confidential
Anti-APT for port 80 APTs
Network AV Anti-APT cloud
Una Arquitectura fundamentalmente diferente Palo Alto Networks: políticas de seguridad en un solo paso.
?
Clasificiación Total
Aplicación Usuarios Contenidos
Enforcement
Listo
?
Puertos Clasificación
User L1-4
Detección de Algunas Aplicaciones Filter
User L1-4
Archivos Clasificación Filter
User L1-4
Amenazas Match Filter
etc.
LOS DEMÁS
Competencia: Filtros secuenciales sin contexto
PORQUÉ ES IMPORTANTE? Ejemplo de escenario:
Política deseada Navegación Web
Bloquea todos los archivos
Respaldo Nube
Permite todos los archivo
SharePoint on line
Bloquea solo Ejecutables
Nosotros podemos!
Los demás no…
Single-Pass Parallel Processing™ (SP3) Architecture
10 | Š 2015, Palo Alto Networks. Confidential and Proprietary.
OUR PLATFORM FUNDAMENTALS
APP ID
USER ID
CONTENT ID
SAFELY ENABLE APPLICATIONS
THREAT INTELLIGENCE CLOUD
THE UNKNOWN
REMEDIATION Automatically prevented
Automatically identified
WildFire
Protections delivered automatically in
192,000
Anti-malware protections per day
24,000
URL protections per day
15 minutes
THREAT INTELLIGENCE CLOUD
Rich forensics and reporting for quick, detailed investigation
12,000
DNS protections per day Threat Prevention
URL Filtering
Forensics & Reporting
Requirements for the future DETECT AND PREVENT THREATS AT EVERY POINT ACROSS THE ORGANIZATION
Cloud
At the mobile device
At the internet edge
6 | © 2015, Palo Alto Networks. Confidential
Between employees and devices within the LAN
At the data center edge, and between VM’s
Within private, public and hybrid clouds
Unique platform offering Consistency
Cloud
Products
Aperture™
Datacenter
Enterprise perimeter
Distributed/BYOD
Endpoint
Traps™ Physical: PA-200, PA-500, PA-3000 Series, PA-5000 Series, PA-7050, PA-7080 WildFire: WF-500 Virtual: VM-Series for NSX, AWS, and KVM
Threat Prevention URL Filtering Subscriptions
GlobalProtect™ WildFire™ Use cases
Next-Generation Firewall
Cybersecurity: IDS / IPS / APT
Web gateway
VPN
Management system
Panorama, M-100 & M-500 appliances, GP-100 appliance
Operating system
PAN-OS™
15 | © 2015, Palo Alto Networks. Confidential and Proprietary.
16 | © 2015, Palo Alto Networks. Confidential
Mobile security
RESUMEN EJECUTIVO DE BENEFICIOS: FACILITA EL USO SEGURO DE LA RED SE REDUCE Y CONTROLA EL RIESGO EN LA RED
Remover las amenazas de los trรกficos permitidos
Permitir de manera segura solo las aplicaciones deseadas por usuarios o grupos. Visibilidad del uso de todas las aplicaciones y los usuarios en la red on the network
Cloud
VISIBILIDAD 1 7
¿Que problemas resuelve?
ANTES
DESPUÉS
1 8
Objetivos primarios
Seguridad
Penetraciรณn
Inteligencia
1 9
Las 12 razones para integrar la plataforma de Visibilidad de Gigamon
1. 2.
3. 4. 5. 6.
Elimina los problemas derivados de puertos SPAN 7. Monitoreo de puertos de alta velocidad con 8. herramientas de baja velocidad 9. Maximizar la utilizaciรณn de las herramientas de red 10. Prevenir la sobresuscripciรณn 11. de la s herramientas Incrementar la visibilidad de 12. la red Habilitar el monitoreo
centralizado Reducir la complejidad de administraciรณn Incrementar la agilidad operacional Reducir el costo operacional Reducir el costo de capital Facilitar la redundancia en seguridad Tener una arquitectura completamente abierta 2 0
¿Con quien trabajamos?
RED
HERRAMIENTAS
Herramientas centralizadas
2 1
¿Qué nos diferencia?
o Creador del mercado • Plataforma de entrega de seguridad y Fabric de visibilidad de trafico. Fundada en 2004
o Maquina de innovación • 31 patentes emitidas y 28 pendientes en USA
o Determinante de crecimiento • Esencial para la seguridad, los centros de datos, la nube y la movilidad
o Clientes lideres • 78 de Fortune 100 y 386 de los Fortune 1000
o Presencia Global • Red de ventas, experiencia técnica reconocida mundialmente y soporte local 2 2
Portafolio de la plataforma de visibilidad de Gigamon
2 3
SDN (Software Defined Networking) 2 4
Dell 2016
The Future of SDN is Open Changing the industry and encouraging innovation
Open Networking delivers choice Toward a software-defined data center
Overlay solutions NVO with VMware & Microsoft Open Stack - SDN and NFV Open Networking
Open Networking
Softwaredefined networks Open automation TCL, Perl & Python scripting REST-API, XML, OMI, Puppet, Chef
Programmable solutions
Open SDN controllers open standards, open source open protocol: Open Flow
Controller solutions
Speed Port density RU
Non Blocking Line rate
Now: Networking paradigm shift Traditional networking Proprietary architectures & mgmt tools
Hundreds of protocols
Future of networking Standard orchestration & automation tools Optional 3rd party SDN/NVO controller Any networking OS
Proprietary networking OS (e.g., Cisco IOS, Juniper OS)
Open standard hardware
Proprietary ASICs
Merchant silicon
Dell enables the Open Networking Ecosystem Leverage open, innovative and best-of-breed solutions Automation
Orchestration
Monitoring
Standard orchestration & automation tools Optional 3rd party SDN/ NVO solutions
Others
Any networking OS Open standard hardware Merchant silicon
Others
Others
Others
Software for the Open Networking era NetOps
DevOps
OS10 Open Networking Software
Native Linux Apps
3rd Party Apps
OS10 Apps
Management Tools
Automation Tools
Common Management Services (CMS)
IP Services
Fabric Services
L2/L3 Protocols
Linux Networking
Security Services
Policy Control
Premium package (Q316)
Development Environment via Control Plane Services (CPS)
Dell Networking OS10 Base (Native Linux) Platform Abstraction via OCP Switch Abstraction Interface (SAI)
Modern software for modern operations
Base package (Q216)
Dell Networking Operating Systems, Dell OS9, OS10
• Feature rich, mission critical, line rate performance Cumulus Linux
• Linux expertise and Linux standardized environments that value common Linux tools for server and network management; Tools and skills convergence Big Switch Networks Switch Light OS • Network tapping and monitoring for customers interested in adopting SDN • Big Cloud Fabric for fully automated, single pane management network fabrics IP Infusion
• Traditional Network Virtualization with MPLS; Rich L2/L3 feature set Pluribus Networks
• Controller less Distributed Fabric and Analytics
CONTROL TOTAL
NETJER CLOUD CONTROL TOTAL
ยกMuchas gracias! Xavier Martinez Elizalde Director General Netjer Networks xavier.martinez@netjernetworks.com Twitter: XavierMEL LinkedIn: https://mx.linkedin.com/in/xavier-martinez-elizalde-lugo-984659