Network & Data Security Technologies - Petrotech-eg.com

abdomendebonairSecurity

Nov 2, 2013 (3 years and 7 months ago)

132 views


March

2008

www.alkantelecom.com

















We think ahead,


You go beyond…

Prepared by

Mona Ramzy

Presales team leader

+20
-
101548320

Mona.ramzy@alkantelecom.com

2008

Agenda


Company profile.


Introduction.


Endpoint protection.


Network protection.


Wan optimization & traffic shaping
(QOS).


Security Services.


Summary.


2008

Alkan Group

Wholly Owned Subsidiaries

Established in 1974

12 companies

Diversified Business

3,600 Professionals

Yearly turnover exceeds 4 Billion EGP

Existence in 16 countries in ME & Africa



2008

Introduction

Security Solutions

Wan
optimiz
ation &
Traffic
shaping

CITRIX

Bluecoat Packet shaper&
mach 5

Data protection

Data loss prevention

Data Encryption

I/O Port Control

End Point protection

Network Security

UTM & FW

IDS/IPS

Proxy & Caching


Mail Security

Event management

Compliance Systems

Security Services

ISO 27001

PCI Compliance

Vulnerability Assessment

Risk analysis

2008

Security Portfolio

2008

Security Portfolio


Endpoint Data Protection

I.

Endpoint Encryption


Protect

your

company’s

mission
-
critical

information

with

Endpoint

Encryption
.

This

solution

uses

powerful

encryption

and

strong

access

control

to

prevent

unauthorized

access

to

your

sensitive

data

and

stop

its

loss
.


McAfee

Endpoint

Encryption

(SafeBoot

Encryption)

Lumension

End

Point

Security





2008

Security Portfolio (Cont’d.)


II. Data loss prevention


The

point

of

these

products

is

to

monitor,

document,

and

often

prevent

sensitive

information

from

leaving

an

organization

without

authorization
.


McAfee Data Loss Prevention (DLP)


III.
Device Control


Do

you

know

where

your

data

is?

Device

Control

protects

data

from

leaving

your

company’s

control

and

falling

into

the

wrong

hands

through

removable

media,

such

as

USB

drives,

MP
3

players,

CDs,

and

DVDs
.



McAfee Device Control


Lumension

End Point Security



2008

Security Portfolio

2008

Security Portfolio (Cont’d.)



FIREWALLS



Stateful firewalls


Maintain

context

about

active

sessions,

and

use

that

"state

information"

to

speed

packet

processing
.

Any

existing

network

connection

can

be

described

by

several

properties,

including

source

and

destination

IP

address,

UDP

or

TCP

ports,

and

the

current

stage

of

the

connection's

lifetime

(including

session

initiation,

handshaking,

data

transfer,

or

completion

connection)
.


Fortinet


Juniper

Cisco



2008

Security Portfolio (Cont’d.)



FIREWALLS Cont’



Unified Threat Management


Unified

Threat

Management

(UTM)

devices

are

dedicated

appliances

that

include

integrated

firewall,

VPN,

intrusion

detection

or

intrusion

prevention,

and

anti
-
virus

capabilities
.


Fortinet


Juniper


Application
-
layer firewalls

work

on

the

application

level

of

the

TCP/IP

stack

(i
.
e
.
,

all

browser

traffic,

or

all

telnet

or

ftp

traffic),

and

may

intercept

all

packets

traveling

to

or

from

an

application
.

They

block

other

packets

(usually

dropping

them

without

acknowledgement

to

the

sender)
.

In

principle,

application

firewalls

can

prevent

all

unwanted

outside

traffic

from

reaching

protected

machines
.

Secure Computing (Sidwinder)





2008

Security Portfolio (Cont’d.)



Intrusion prevention system


Network Intrusion Prevention Systems


NIPS

are

security

devices

that

perform

deep
-
packet

inspection

to

identify

and

block

malicious

traffic
.

NIPS

look

for

signatures

of

known

viruses

and

worms,

and

block

that

traffic

accordingly,

also

include

a

rate
-
limiting

feature

that

allows

a

network

administrator

to

set

a

threshold

of

traffic

that

is

allowed

to

pass

at

any

one

time
.

McAfee

NIPS


Juniper

Cisco


Proventia
® Network Intrusion Prevention System (IPS)

Tipping Point


Host Intrusion prevention system


preserves your desktops and servers with signature and behavioral
protection, and a system firewall.

McAfee HIPS

Proventi

a Server Sensor







2008

Security Portfolio (Cont’d.)



Total Endpoint Protection

Protect

your

endpoints

from

malicious

threats,

mitigate

risk,

and

lower

costs

with

our

simplified,

comprehensive,

and

powerful

end
-
to
-
end

solution

.



Kaspersky Total Space Security

McAfee Total Protection for Enterprise


2008

Security Portfolio (Cont’d.)




Identity Management


Identity

management

defines

a

digital

identity

for

each

entity

(human,

hardware,

or

process),

associates

attributes

with

the

identity,

and

enforces

the

means

by

which

the

identity

can

be

verified
.


Digital

Certificate

services

plus

PKI

integration

plus

smart

card

or

token

integration

.







VASCO

RSA

Customized Strong Authentication Solutions



2008

Security Portfolio (Cont’d.)







Proxy And caching



Some

of

the

technologies

used

to

accomplish

the

process

of

shrinking

the

data

traveling

over

these

protocols

include

traffic

prioritization,

compression,

caching,

wide
-
area

file

services,

server

load

balancing,

TCP

optimization

and

SSL

acceleration
.



Bluecoat


Secure Computing (Webwasher)

2008

Security Portfolio (Cont’d.)



Messaging Security


Messaging

security

products

includes

protection

from

spam,

viruses,

phishing

attacks,

spyware,

Trojans,

worms,

and

other

malware

on

both

the

inbound

and

outbound

e
-
mail

routes
.



Fortinet ( Fortimail )


Secure Computing ( Ironmail )






2008

Security Portfolio (Cont’d.)


Compliance Solutions


Network Access Control (NAC)


NAC

can

manage

users’

access

once

they’re

already

on

the

LAN

to

certain

servers,

applications,

and

data
.

Ensuring

a

user

is

who

they

say

they

are

is

typically

performed

by

captive

portals,

MAC
-
based

authentication,

port
-
based

authentication,

or

third
-
party

authentication
.

Set

policies

dictate

the

level

of

access

each

user

is

granted,

be

it

go/no
-
go

access,

VLAN
-
based

access

controls,

simple

packet

filters,

or

stateful

firewalling
.

Cisco (NAC)

Juniper (UAC)


Configuration control Solution

provides complete control of virtual and physical IT configurations, combining
configuration assessment with change auditing in a single software solution for
enterprise configuration control.

Configuration assessment policies assess and validate IT configurations against internal
policies, compliance standards and security best practices, reporting on out
-
of
-
policy
settings and providing detailed remediation guidance.

Tripwire Enterprise



2008

Security Portfolio (Cont’d.)


Event Management

Large enterprise networks generate an overwhelming amount of logs
and security events. Firewalls, intrusion detection systems, web servers,
authentication devices, and many other network elements contribute to
more and more logs which need to be analyzed and produce actionable
information.

Juniper


STRM

Customized
Syslog

Solution


2008

Security Portfolio

2008

Security Portfolio (Cont’d.)



Complying with security standards for
organization program .


Security Risk Assessment


ISO 27001 Preparation Services


Vulnerability assessment


penetration testing


Ethical hacking


PCI Compliance preparation.










2008

Security Portfolio (Cont’d.)



Complying with security standards for
organization program .


Security Risk Assessment


ISO 27001 Preparation Services


Vulnerability assessment


penetration testing


Ethical hacking


PCI Compliance preparation.










2008

QualysGuard Security and
Compliance Solutions




QualysGuard Vulnerability Management


Globally Deployable, Scalable Security Risk and Vulnerability
Management

QualysGuard Policy Compliance


Define, Audit, and Document IT Security Compliance

QualysGuard PCI Compliance


Automated PCI Compliance Validation for Merchants and Acquiring
Institutions

QualysGuard Web Application Scanning


Automated Web Application Security Assessment and Reporting
that Scales with your Business









2008

Security Portfolio

2008

Security Portfolio (Cont’d.)



WEB application Acceleration




Citrix®
NetScaler
® is a Web application delivery appliance that
accelerates performance, provides L4
-
7 traffic management, offers an
integrated application firewall and off loads servers to ensure
application availability, increased security and substantially lower
costs.



In addition to accelerating application performance, Citrix


NetScaler

offloads computing
-
intensive tasks like SSL encryption


and TCP connection management from Web servers. Servers


are then free to handle more application requests, increasing the


scalability of the application infrastructure and generating a high


return on investment (ROI).


CITRIX

2008

Security Portfolio (Cont’d.)



Wan optimization

WAN optimization products seek to accelerate a broad range of
applications accessed by distributed enterprise users via eliminating
redundant transmissions, staging data in local
Cahes
, compressing and
prioritizing data, and streamlining chatty protocols (e.g., CIFS).

WAN Optimization is a superset of WAFS in that it also addresses:


SSL
-
encrypted ASP and Intranet applications


Multimedia & e
-
learning applications

Bluecoat Mach5

2008

Security Portfolio (Cont’d.)



Traffic shaping & control

Traffic shaping (also known as "packet shaping") is any action on a set of
packets (often called a stream or a flow) which imposes additional delay
on those packets such that they conform to some predetermined
constraint (a contract or traffic profile).[2] Traffic shaping provides a
means to control the volume of traffic being sent into a network in a
specified period (bandwidth throttling), or the maximum rate at which the
traffic is sent (rate limiting), or more complex criteria such as GCRA.

Bluecoat
Packetshaper


2008

Summary

Security
Service

Endpoint Data
protection

McAfee

DLP ,
SafeBoot and
Device control

Lumension

End
Point Security

Endpoint total

protection

Kaspersky
workspace
security

McAfee total
Endpoint
security

Gateway
Security

Fortinet

-
Fortigate

Juniper

Cisco

Application layer
Firewall

Secure
Computing
-

Sidewinder

IPS/IDS

ISS

Proventia

Juniper
-
IDP

Tipping Point

Web Security
Gateway

Bluecoat Proxy
and caching

Webwasher proxy
and caching

2008

Summary

Security
Service

Products

Mail Security
Gateway

Secure

computing
-

Ironmail

Fortinet

-

Fortimail

Network Access
control

Cisco
-

NAC

Juniper
-

UAC

Web

application
Acceleration

CITRIX

Wan
optimization

Bluecoat Mach 5

Traffic shaping

,
Monitoring and
control


Bluecoat Packet
shaper

Security services

ISO 27001
preparation.

Policy

Compliance

Vulnerability
assessment

Risk assessment

PCI compliance.

penetration test

2008

2008

Thank You









8
El Gazaer St., New Maadi,
11435
, Cairo, Egypt

Tel.: +
202 2 516 9722
, +
202 2 754 6027

Fax.: +
202 2 516 9560

www.alkantelecom.com