Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
-
Upload
csa-argentina -
Category
Technology
-
view
132 -
download
2
Transcript of Csa summit 2017 - Plataforma de Seguridad para entornos Cloud
Marcelo Ezequiel ReySr. Sales Engineer, Palo Alto Networks
CORPORATE HIGHLIGHTS
• Founded in 2005; first customer shipment in 2007
• Safely enabling applications and preventing cyber threats
• Able to address all enterprise cybersecurity needs
• Exceptional ability to support global customers
• Experienced team of 3,800+ employees
• Q4 FY16: $401.8M revenue
Palo Alto Networks At-a-Glance
* Non-GAAP financial measures. See appendix for reconciliation to most comparable GAAP measure.
• Total revenue grew 34% year-over-
year to a record $398.1Mn
• Recurring services revenue grew
57% year-over-year to $234.3Mn
• Deferred revenue grew 69% year-
over-year to $1.4 billion
• Billings grew 33% year-over-year to
$516.9Mn*
• Generated free cash flow of $182
million*
Q1 FY’17 Highlights
REVENUE
ENT CUSTOMERS
2016 Magic Quadrant for Enterprise Network Firewalls
IMDLPIPS ProxyURLAV
Internet/WAN
Una Arquitectura “Accidental”
Red Organizacional
UTM
Evolucion de la seguridad al dia de hoy
Fallas en las arquitecturas de seguridad
Anti-APT for
port 80 APTs
Anti-APT for
port 25 APTs
Endpoint AV
DNS protection cloud
Network AV
DNS protection for
outbound DNS
Anti-APT cloud
Internet
Red Corporativa
UTM/Blades
Visibilidad Limitada Respuesta ManualSin correlación
Vendor 1
Vendor 2
Vendor 3
Vendor 4
Internet Connection
Malware Intelligence
DNS AlertEndpoint Alert
AV Alert
SMTP Alert
AV Alert
Web Alert
Web Alert
SMTP Alert
DNS Alert
AV Alert
DNS Alert
Web Alert
Endpoint Alert
Requerimientos de hoy y para el futuro
En el acceso a
Internet
Entre los
empleados y
dispositivos dentro
de la LAN
En el Datacenter y
entre maquinas
virtuales
Cloud
En el dispositivo
movil
DETECTAR Y PREVENIR AMENAZAS EN CUALQUIER PUNTO DE LA EMPRESA
Entre nubes
publicas, privadas
e hibridas
Plataforma de próxima generación….
Public Cloud Software as a Service
GLOBALPROTECT
APERTURE
WildFire
TRAPS
COMPLETE CLOUD SECURITY
Private Cloud
Traps
Innovacion continua
GlobalProtect
WildFire
AutoFocus
Aperture
Threat Prevention
URL Filtering
Plataforma unica y distintiva
Cloud Datacenter Enterprise perimeter Distributed/BYOD Endpoint
Next-Generation FirewallCybersecurity:
IDS / IPS / APTWeb gateway VPN Mobile security
Panorama, M-100 & M-500 appliances
PAN-OS™
Consistency
Products
Subscriptions
Use cases
Management system
Physical: PA-200, PA-220, PA-500, PA-800 Series, PA-3000 Series, PA-5000
Series, PA-5200 Series, PA-7000 Series
Virtual: VM-Series for ESXi, NSX, Hyper-V, AWS, Azure, KVM and Citrix
URL Filtering
GlobalProtect™
WildFire™
Threat Prevention
Operating system
Traps™Aperture™
Private Cloud (NSX, OpenStack)
EXPANDED DATA AND APPLICATION LOCATIONS
13 | ©2017, Palo Alto Networks. Confidential and Proprietary.
Private Cloud(NSX, OpenStack)
Software as a Service(SaaS)
Con grupos de direccionamiento dinámico y conciencia del contexto entre NSX Manager y PanoramaBeneficios de la Integración
Aplicar automáticamente
protecciones de Seguridad
Bajo Demanda
Movimiento de las cargas de trabajo con protección avanzada contra amenazas y políticas de
segmentación a nivel de las aplicaciones.
Reducir el área de la
superficie de ataque dentro
de su centro de datos
definido por Software
Proteger sus assets de
cyber-amenazas tanto
conocidas como
desconocidas
Mantener la seguridad en
sincronía con la creación
y movimientos de las
cargas de trabajo
Actualización Dinámica de Las Políticas de Seguridad…utilizando Tags de Seguridad en la VM-Series de Palo Alto Networks
ABUNDANT USE OF SAAS APPLICATIONS
Palo Alto Networks - RSA 2017
15
Remote users
On-prem users
Sanctioned
Tolerated
Unsanctioned
SAAS RISKS
MALICIOUS DATA EXFILTRATION
ACCIDENTAL DATA EXPOSURE
MALWARE PROPAGATION
OVERLAY APPROACH IS INSUFFICIENT AND DOES NOT SCALE
Sanctioned
Tolerated
Unsanctioned
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File Merge
Or Addt’l VPN Agent
Pac File Merge
CLOUD PROXY
CLOUD PROXY
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File Merge
Or Addt’l VPN Agent
Pac File Merge
Sanctioned
Tolerated
Unsanctioned
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File MergeOr Addt’l VPN Agent
Pac File Merge
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File MergeOr Addt’l VPN Agent
Pac File Merge
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File MergeOr Addt’l VPN Agent
Pac File Merge
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File MergeOr Addt’l VPN Agent
Pac File Merge
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File MergeOr Addt’l VPN Agent
Pac File Merge
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File MergeOr Addt’l VPN Agent
Pac File Merge
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File MergeOr Addt’l VPN Agent
Pac File Merge
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File MergeOr Addt’l VPN Agent
Pac File Merge
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File MergeOr Addt’l VPN Agent
Pac File Merge
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File MergeOr Addt’l VPN Agent
Pac File Merge
Remote users
On-prem users Log Forwarder
Traffic Forwarder
AD Connector
Pac File MergeOr Addt’l VPN Agent
Pac File Merge
Evasion tools
CLOUD PROXY
CLOUD PROXY
OVERLAY APPROACH IS INSUFFICIENT AND DOES NOT SCALE
OUR PLATFORM APPROACH
Remote users
On-prem users
Sanctioned
Tolerated
Unsanctioned
Complete visibility and
control for on premise
activity with PAN-OS
Next Generation Firewall
Monitor and control
in-cloud activity with
Aperture
Complete visibility and
control for remote
users via
GlobalProtect
Firewall provides critical visibility and control of saas apps• Next-generation firewall provides context and control
• Application or app function
• User or role
• Nature of content
• Core functionality of PAN-OS from the beginning
• On-prem users covered by gateway firewall policy
• Remote user traffic transparently routed through GlobalProtect
344 KBfile-sharingURL category
PowerPointfile type
“Confidential and Proprietary”
content
mjacobsenuser
prodmgmtgroup
canadadestination country
172.16.1.10source IP
64.81.2.23destination IP
TCP/443destination port
SSLprotocol
HTTPprotocol
slideshareapplication
slideshare-uploadingapplication function
Complete security for data in the cloud via SaaS application APIs• Advanced Data Classification• Prevent Sensitive Data Leakage• Eliminate Malware with WildFire
integration
INSTANTLY REMEDIATE RISKS WITH APERTURE
Quarantine
Limit Sharing
Notify
Log
APAC
BOX.COM
GITHUB
GOOGLE DRIVE
SFDC DROPBOX
YAMMER
SLACK SECURE DATA
SPACE
AMERICAS EMEA
JIVE SERVICENOW
EXCHANGE
ONLINE
AMAZON S3
SHAREPOINT
ONLINE
ONEDRIVE
FOR BUSINESS
EC2 / IAMG SUITE CONFLUENCE
CITRIX
SHAREFILE
APERTURE - Industry Leading App Support
Ransomware
Porque Palo Alto Networks?
Prevención
Zero
-DayReduce Risk
Policy
Visibility
Remediation
Detection
Endpoint
Data Center
Mobility
BYOD Management
Vulnerability
Responsiv
e
Exploit
Anti-Malware Forensics
Automation
Private Cloud
Public Cloud
Perfo
rman
ce
Scalability
Platform
Seg
men
tatio
n
Applications
Users
Control
Agile
Perimeter
Inte
gra
ted
Support
Web Security
Co
mm
an
d-&
-Co
ntro
l
Virtualization
Ecosystem
Context
Correlation
Services
People
Culture
Safe Enablement
Application
Por donde empezar?• Para aprender más
Visitehttps://downloads.cloudsecurityalliance.org/assets/research/collaborative/Security-Considerations-for-Private-vs-Public-Clouds.pdf
Por donde empezar?Para aprender más
Visite https://www.paloaltonetworks.com/products/secure-the-network/virtualized-next-generation-firewall/vm-series
Paper VMWare – Palo Alto Networks
Por donde empezar?Para aprender más
Pruebe el Hands-On-Lab (HOL-1723-SDC-1) enhttp://labs.hol.vmware.com/HOL/catalogs/lab/2727