Halo Solution Overview

apprehensiveheehawNetworking and Communications

Oct 26, 2013 (3 years and 10 months ago)

110 views

February 2012

Page:
1

February 2012

Page:
1

Halo
NS/CS

Solution Overview

February 2012

Producer of revolutionary

network and Cloud security devices

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
2

Welcome and Introductions

Current Security Solutions

Security Requirements

Overview of SafeMedia and our Solutions

Technology Overview

Customer Benefits

DEMO & Questions



Agenda

Solving tomorrow’s network security challenges Today

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
3

SafeMedia Overview

Solving tomorrow’s network security challenges Today


SafeMedia
is the
Next Generation of
Intelligent

IDPS Solutions


World
-
class team with strong security and networking
experience

-
I
nitial
customer July
2009, Version 1.3

-
Version 3.0 in 2011

-
Founding member, and executive team consists of top
-
tier industry leaders


Builds
next
-
generation
IDPS that
identify
1700
+ applications

-
Reestablishes
the
IDPS as
the core of the enterprise network security
infrastructure

-
Innovations:
Non
-
IP
C
entric, Protocol Behavior, Application
Behavior/Awareness, Cloud Encapsulation (Encapsulator
TM
)


SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
4

Emerging Network & Cloud Security

Network Security of Tomorrow Today

Cloud Security

Network Security

Application Security

Network DLP

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
5


New Requirements for the IDPS

1. Identify intrusions regardless of


port, protocol, evasive tactic or SSL

2. Identify users through integration
points

3. Granular forensically oriented UI


with real
-
time visibility & functionality

4. Protect in real
-
time against threats
embedded across all 7 layers of the
OSI Model

5. Up to 40 gigabit, in
-
line or on
-
tap


deployment with zero latency

Halo
NS/CS

Next Generation IDPS

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
6

1.
Minimize intrusion

2.
Maintaining a balance between open
networks & security controls

3.
Minimize sensitive information leakage

4.
Being compliant with federal & state
regulations

5.
Reduce remediation costs

6.
Reduce overall operating costs


Top Security
C
hallenges

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
7

Intuitive Technologies Transform the IDPS

Behavioral Analysis

Analyzes the application
and protocol behavior


Non
-
IP Centric

Not attackable, relies on
data not IP Addresses


Encapsulator
TM

Internal protection for
external resources

Protocol and Application Detection
and Protection Match
-
Makers

Protocol and Application Behavioral
Pathology

Packet “DNA” Forensics

Protocol and Packet Normalization

Social
-

Security

87 Targeted Groups

115 Variations

Cloud Security

Hybrid Cloud

Public Cloud


Dual Vector Protection


Data Loss Prevention


Powerful


Beyond Agent Based


Granular to the end
-
user Protection


Encapsulates in a secured mesh


Internal protection for external assets


Hybrid cloud usage while keeping up with compliancy


Integrate with cloud management platforms



Encapsulates in a secured mesh


Internal protection for external assets


Public cloud usage while keeping up with compliancy


Integrate with cloud API’s and management platforms

Wire
-
Speed
Operation

Not Attackable

Not Location
Address
Dependent

Silent to Users

Non
-
IP
Centric

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
8

SafeMedia Halo
NS/CS

IDPS and DLP Solutions

Innovative and comprehensive architecture


Streamlined Distributed Architecture


Portability


Sustainability


Dual Detection Engines


Seamless operation


Wire
-
speed operation


Intelligent libraries


87 rule groups


45,000 rules


Patented protocol behavior


Understand normal behavior


Captures abnormalities


Granular drill down interface


Widget based for ease of use and
customization


Forensic drill down in seconds


Patented Kernel


Seamless software
updates


High availability

Dual Engines


Wire speed operation


Granular cross
enterprise protection

Multiple Intelligent
libraries


45,000 rules


Dynamic rule
management

87 power rule groups


Powerful
streamlined
protection


Sensitive data
protection

Protocol Behavior


Understanding
normalization


Detecting
abnormality

Granular drill down
interface


Widget based for
ease of use


Forensic drill down
in seconds

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
9

NS
-
2050

Copper 1GB/Copper Bypass
/2
Probes

3 Ports/Fiber Adapter

Remote Update/Central Reporting

2TB
Storage/RAID
/32GB
RAM

NS
-
2000

Copper
1GB/
Copper
Bypass/2 Probes

3 Ports/Fiber Adapter

Remote Update/Central Reporting

1TB
Storage/RAID/16GB RAM

NS
-
3000

Copper
10GB/Fiber Bypass/2
Probes

3 Ports/Fiber Adapter

Remote Update/Central Reporting

4TB
Storage/RAID
/RAM (Configurable)

NS
-
1000

Copper 10/100/Copper
Bypass/1 Probe

3 Ports/Fiber
Adapter/CS Compatible

Remote Update/Central Reporting

600GB Storage/RAID/16GB RAM

NS
-
1050

Copper 10/
100/Copper Bypass/1 Probe

3
Ports/Fiber Adapter

Remote Update/Central Reporting

600GB
Storage
/RAID/16GB
RAM

NS
-
500

Copper 10/100

3 Ports

Remote Update/Central Reporting

500GB Storage/8GB RAM

CS
-
2050

Copper
10GB
/Copper Bypass/2 Probes

3 Ports/Fiber Adapter

Remote Update/Central Reporting

6
TB
Storage/RAID
/96GB
RAM

CS
-
2000

Copper 1GB/Copper Bypass/2 Probes

3 Ports/Fiber Adapter

Remote Update/Central Reporting

4TB
Storage/RAID
/64GB
RAM

CS
-
3000 (Orchestration)

Copper
10GB
/Copper Bypass/2 Probes

3 Ports/Fiber Adapter

Remote Update/Central Reporting

10TB
Storage/RAID
/RAM (Configurable)

SafeMedia NextGen IDPS Models

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

Carrier class machines are available upon request

February 2012

Page:
10

SafeMedia Managed Services

SafeMedia’s
experts
perform all security
management
of your LAN, WAN or Cloud:


Startup
configuration


Signature tuning & updates


Configuration
management changes


Security event
monitoring & alert advisory


Performance and availability
management


Managed Service Structure:


Eliminates hardware, software or maintenance costs


Monthly, quarterly or annual fee structure


SafeMedia Corporation

Confidential & Proprietary

February 2012

Page:
11

Halo
NS/CS

Features

Visibility and control of application, end
-
users, content, and sensitive data compliment
core IDPS features


Distributed architecture


Cross platform internalized protection
for internal LAN/WAN and Cloud
infrastructures


Strong networking foundation


-
1 to 40bigabit throughput



On
-
tap/In
-
line capabilities


Non
-
IP Centric environment


Copper/Fiber bypass


Wire
-
speed operation


Encapsulation(Encapsulator
TM
)


Ad
-
Hoc VPN encoding


Internal protection for external resources


Secure multiple resource pools with one
device


Secure internal and external resources
from a single architecture


Unprecedented
functionality


Operate at wire
-
speed with zero
packet loss


45,000 rules updated every 3 hours


Real
-
time bandwidth
monitoring


High availability


Available in select models


Active/active, active/passive


Configuration and session
Normalization


Path, link, and HA monitoring


Virtual systems


Establish multiple detection engines
in a single device (NS/CS
-
2060,
NS/CS
-
2050, and NS/CS
-
2000
Series)


Simple, flexible
management


Widget based drill down interface,
with forensic insight

NS
-
2000

NS
-
2050

NS
-
3000

CS
-
3000

CS
-
2050

CS
-
2000

NS1000

NS
-
500

NS
-
1050

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
12

Halo
NS
/
CS


Granular Widget Based UI


Single pane of glass
methodology


Visualize your entire
datacenter or Cloud
security platform from
one instance










Monitor you network real
-
time


Visualize you
infrastructure from a
grass roots level
featuring granular
controls and capabilities









Manage threat levels


Visualize current threat
levels in an easy to use
and manage web
console











Visualize threats


Drill down to provider,
location, reputation,
and forensic layer in
seconds

Visualize and drill down to the forensic level in seconds

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
13

SafeMedia Halo
NS/CS

IDPS and DLP Solutions

Innovative and comprehensive architecture

Granular widget based GUI

Currently 11 preprocessors & 12 legacy interfaces

Cloud Security Encapsulator® encapsulation using Ad
-
Hoc VPN Encoding Technology

Over 45,000+ Threat Rules Updated every 3 hours by SafeMedia’s Vulnerability Lab

Detection Technologies Utilizing Protocol Behavior Analysis & Intelligence Libraries

Dual Detection Engines with dual vectors deployed using Neural Network Technology

Tool
-
Chain Distributed Architecture for Portability with Embedded non
-
IP Kernel

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
14

Halo
NS/CS



For Network and Cloud Security

The
Halo
NS/CS

benefits


Increased network
availability
& performance


Substantial reduction in network interruptions


Significant
reduction of false positives and a
drastic
increase
in false
negatives


Established the foundation for network
-
security
compliance & legislative mandates


Reduction
of
remediation cost caused by malicious attacks
and unauthorized disclosure of information

Securing the assets of tomorrow
-

Today

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
15

SafeMedia Competition

Beyond next generation IDPS and network DLP solutions


First

Generation

Today’s

“Next Generation”

Packet “DNA”

Dual IPDS Engines

Intelligent “Protocol Behavior”

11 targeted preprocessors

Such as: HTTP, FTP, TCP, UDP…

Location

NetFlow

App

Protocol

Vulnerability

Application Awareness

Application Vulnerability

Identity (“DNA”)

Reputation Engine

Forensic Level

SafeMedia Next Generation IDPS
-

Halo
NS & CS

01001010

0101

1010

Alert/Drop


Drop/Alert


Alert


Drop
-

Configurability

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
16

Deployment

Halo
NS

deployed in an enterprise environment

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
17

Deployment

Halo
CS

deployed in an hybrid cloud environment

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
18

Innovative Architecture

Halo
CS
cross platform distributed architecture

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
19


Improve Detection & Productivity


Improved network availability and performance


Significant reduction of false positives


Reduce impact of malicious attacks


Reduce unauthorized use of bandwidth


Reduce Disruptions


Significantly fewer network performance and availability
interruptions


Legislative Compliance


Easier accommodation of information
-
security compliance
requirements


Lower procurement & Total Cost of Ownership


Fewer, higher performing components


Investment protection by migration portability

Halo
NS/CS



Value Proposition

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
20

SafeMedia Corp.

Confidential & Proprietary

Reduce Overall
Operations Cost

Drastically
reduce TCO

Reduce
Overhead
Expenditure


Capital cost


replace multiple devices

-
Legacy firewall, IPS, URL filtering device
(e.g. proxy, secure web gateway…)


“Hard” operational expenses

-
Support contracts

-
Subscriptions

-
Power and
HVAC


Save on “soft” costs too

-
Rack space, deployment/integration,
headcount, training, help desk calls

Drastically
Reduce Capital
Expenditure


Managed Services

-
Cost reduction on capital expenditure

Measuring Value in Network Security

February 2012

Page:
21

Risk Free Halo
NS

EVAL Appliance


No Purchase Order Necessary


Install Halo
NS

in parallel or behind your current
IPDS or Firewall


If EVAL is successful covert to purchase order


Otherwise return to SafeMedia


Conclusion: This is a
NO

risk!

Duration 30 days

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
22

Halo
NS/CS

Summary


Questions


DEMO


Sign up for
FREE

Halo
NS/CS

EVAL


Action items


Follow
-
up

Thank you

Be ready for future threats now!

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011

February 2012

Page:
23

1.
IP Address for Management Port

2.
Netmask

for Management

3.
Gateway for Management Port

4.
Static Public IP with translation for internal Management Port

5.
Internal DNS Server IP Address that Management Port can Query

6.
Reduce overall operating costs

7.
Firewall holes for IP Address 173.**0**.**0.**0 Port 4** with translation
to Management Port

8.
Firewall holes for IP Address 183.**0.**0.**0 Port 4** with translation
to Management Port

9.
IP Range of internal LAN HaloNS will be protecting i.e. 10.0.0.0/8

Note: Advise SafeMedia if you use fixed IP’s or DHCP

If you do use DHCP, advise how you use access control to track users

HaloNS Simple Installation Requirements

SafeMedia Corporation
-

Confidential & Proprietary

Copyright© 2011