SECURITY UITDAGINGEN 2015 Hoe uw IT-infrastructuur beschermen?
Robby Cauwerts | Security Engineer
©2015 Check Point Software Technologies Ltd.
1
CHECK POINT NAMED A LEADER IN THE GARTNER MAGIC QUADRANTS FOR ENTERPRISE NETWORK FIREWALLS SINCE 1997
UNIFIED THREAT MANAGEMENT 4 YEARS IN A ROW
MOBILE DATA PROTECTION 8 YEARS IN A ROW
2
Fantastic 2014
Heartbleed
Shellshock (Bashbug) 3
Sony Hack
[Restricted] ONLY for designated groups and individuals
4
Unknown Malware is in Your network Malware is active 77% of the Malware is active for up to 4 weeks before it is getting detected.
Known Malware Every 10 min known malware is downloaded
77%
10 Unknown Malware
27
Every 27 min unknown malware is being downloaded
Source: Check Point Security Report 2014 More than 1900 Enterprise Customers In addition events from more than 9000 gateways managed by Check Point Security Services 5
Security CheckUp
6
MALWARE & HACKERS
©2015 Check Point Software Technologies Ltd.
The Security Landscape 25 Years Ago:
20 Years Ago:
15 Years Ago:
10 Years Ago:
5 Years Ago:
Now:
Invention of Firewall
Invention of Stateful Inspection
Prevalent use of Antivirus, VPN, IPS
URL Filtering, UTM
NGFW, Mobile Security
Threat Intelligence Threat Prevention
Accelerating Rise of Malware
1994: Green Card Lottery
1988: Morris Worm
2003: Anonymous Formed 2000: I Love You 1998: Melissa
[Restricted] ONLY for designated groups and individuals
2007: Zeus Trojan 2006: WikiLeaks 2010: DDoS attacks: Stuxnet SCADA
2011: Stolen authentication information
8
Threat Prevention
ACCESS CONTROL PROVIDES MINIMAL SECURITY
9
Threat Prevention Check Point Research
[Restricted] ONLY for designated groups and individuals
Global Sensor Data
Industry Feeds
10
Threat Prevention Protect against Unknown Malware
Protect Hosts that known Vulnerabilities can’t be used
Firewall
Perform Access Control
IPS
Anti-Virus
Threat Emulation
Block Known Malware
11
Stroom van nieuwe malware
12
Ongekend door traditionele AV
13
Sandbox: AV 2.0
INSPECT INSPECT FILE FILE
SHARE SHARE
EMULATE
PREVENT PREVENT
14
Sandbox: AV 2.0 Abnormal file activity
“Naive” processes created
Tampered system registry Remote Connection to Command & Control Sites
File System Activity
System Registry
System Processes
Network Connections 15
Geo Protecion
16
Geo Protecion
17
GEBRUIKERS
©2015 Check Point Software Technologies Ltd.
Gebruikers zijn creatief
19
Gebruikers beseffen niet hoeveel bandbreedte ze gebruiken
126minx1080p(5Mbit/s)= 4.5 Gbyte
20
Volledig afsluiten kan niet altijd.
21
Granulaire controle
22
Blokkeren of informeren?
23
Visibiliteit
24
GEVOELIGE DATA
©2015 Check Point Software Technologies Ltd.
Gevoelige data • Accidentieel verzenden van ̶ de verkeerde gegevens ̶ naar de verkeerde personen
• Kopieren van data naar media gevoelig voor ̶ diefstal ̶ verlies
• Gebruiksvriendelijke combinatie van beiden nodig
26
DLP
27
Removable Media Protection
28
Encryptie van documenten • Transparant voor de gebruiker • Document beschermt zichzelf ̶ Stevige encryptie ̶ Verspreiding via mail, sociale media of cloud apps vormt hierdoor geen probleem.
29
MOBILITEIT
©2015 Check Point Software Technologies Ltd.
• Mobile Exploits in de lift! • Verlies van devices: verlies van data!
Mobiele Devices
• Dubbel gebruik • Prive-doeleinden • Bedrijfstoepassingen
• Securitymogelijkheden worden vastgelegd door de fabrikanten • VB: Beperkte “Anti-Virus” • Geen uniforme gebruikservaring • Geen uniforme rapportage
31
Fabrikant biedt “bescherming” tegen dataverlies...
Drie maal proberen Alle vakantiefoto’s kwijt...
32
Home Working
33
Check Point Capsule – NO MDM
34
SAMENVATTING
©2015 Check Point Software Technologies Ltd.
Samenvatting • Security Checkup / Audit • Threat prevention ipv access control • sandboxing • Granulaire controle over applicaties • Geo protection • Visibiliteit • Document encryptie • Aandacht voor mobile devices 36
THANK YOU! VRAGEN?
©2015 Check Point Software Technologies Ltd.
37