@bmstdotnet©Copyright, BMST Co. 2009. http://bmst.net

Advanced Network Behavior Analysis , Record and Audit

Last Modified: Dec.8 2009

Introduction of BMST Technologies

Agenda

April 13, 2023 ©Copyright, BMST Co. 2009 2

1. Opportunity and Business Overview1. Opportunity and Business Overview

2. Technology and Products 2. Technology and Products

3. Scenarios and Solutions3. Scenarios and Solutions

4. Our Customers4. Our Customers

5. About BMST5. About BMST

What Gartner Top 10 and NSA Say?

Gartner TOP 10 2010 1 Cloud computing, 2 Advanced analytics, 3 Client computing, 4 IT for Green,5 Reshaping the data center 6 Social computing,

7 Security - activity monitoring. …Information security professionals face the challenge of detecting malicious activity in a constant stream of discrete events that are usually associated with an authorized user and are generated from multiple network, system and application sources. At the same time, security departments are facing increasing demands for ever-greater log analysis and reporting to support audit requirements...

8 Flash memory, 9 Virtualization for availability, 10 Mobile applications.

April 13, 2023 ©Copyright, BMST Co. 2009 3

Security is not just the perimeter; layered defenses must be inside of the network and on the applications and databases if we really want to protect information. We haven’t done nearly enough to protect applications and databases…and the magnitude of loses around insider threats are underreported.

William (Bill) Crowell – former Deputy Director of the NSA

Cloud Flight Needs Cyber “Black Box”

April 13, 2023 ©Copyright, BMST Co. 2009 4

• How to do forensics in case of a security incident?

• Are you outsourcing? How to handle potential contractual dispute in case of an IT issue?

• Don’t you need compliance? What to show external auditors on complete organization IT operation records?

• How to monitor and find the violation of authorized users in real time?

• How to guarantee the security policy are followed correctly?

Answers from BMST

April 13, 2023 ©Copyright, BMST Co. 2009 5

Complete record and replay

Real time monitoring

Smart behavior analysis and Audit

Comprehensive protocol support

Transparent deployment

Intuitive “flight” administration

Tampering-proof authentic “data” management

Session Auditor System Architecture

April 13, 2023 ©Copyright, BMST Co. 2009 6

Session Auditor Sensor

Transparent deployment Bridge-model run Session based data recording Complete protocol support Send recorded data to SAD

Session Auditor Datacenter

Sea-volume storage Respond to SAC orders Smart audit and search Security and maintenance

Session Auditor Console

Centralized operations and audit

Flexible reporting system Policy-based real-time

monitoring, alert and response

Session Auditor is consist of three components: SAS, SAD and SAC

Session-Auditor Deployment

企业应用(SAP, Oracle等 )

IT系统管理员 /兼职安全管理

Unix/Linux

Windows

Enterprise Apps(ERP/CRM)

Web App & Web Services

Servers

SSHRDP

TelnetICA

RloginVNCFTP

OracleSybase

……

SSHRDP

TelnetICA

RloginVNCFTP

OracleSybase

……

Network

Security

Administrator

Auditor

Traffic

Recorded

SAS

SAD

Console

Mission critical

Distributed and Hierarchical Deployment

AdministratorAdministrator

Critical SystemCritical SystemCritical System Critical System

Auditor

SAS

SAD

SAC

SASSASSAS

SAD

Unique Value of BMST SA Products

Transparent audit for RDP, SSH, Citrix/ICA, Oracle, DB2...

Complete recording and replay Transparent bridge deployment High availability and distributed

deployment

April 13, 2023 ©Copyright, BMST Co. 2009 9

For more details, please refer to http://bmst.net/product/features/

Great expandability by open SCRIPT INTERFACE

1

2

3

4

ENCRYPTED? NO PROBLEM!

GENERAL• HTTPS, HTTP, SMTP, POP3, FTP,

Telnet, CIFS, Samba...

REMOTE ADMIN• RDP, SSH, VNC,SFTP/SCP, Rlogin,

X11…

DATABASE• MSSQL, Oracle, Sybase, DB2…

INDUSTRY SPECIFIC• Citrix ICA, HP RGS…

It’s a long list and growing…

SAS and SAD support distributed and hierarchical deployment, bringing users

further flexibility

Session Auditor Product Family

April 13, 2023 ©Copyright, BMST Co. 2009 10

Network Throughput

Sto

rag

e

SAL-200 4GBE 320G

SAL-10000 8GBE/6GBE+2SFP Up to 2T

SAS-200 4GBE -

SAS-400E 4GBE + 4SFP -

SAS-1000 6GBE + 4SFP -

SAS-10000 8GBE/6GBE+2SFP -

SAD-400 2GBE 320Gx6

SAD-2000 2GBE 500Gx12

SAL-400E 4GBE + 4SFP 500G

SAL-1000 6GBE + 4SFP Up to 1T

Session Auditor Lite is one 2-in-1 appliance,

integrated SAS and SAD

Scenarios and Solutions

Cloud Computing and IT Outsourcing Complete and authentic organization records Potential contractual dispute in case of security

incident and IT issue

April 13, 2023 ©Copyright, BMST Co. 2009 11

Complianceo PCI-DSS, SOX, ISO27001, HIPAA, GLBA, SB1836, …o “Audit”, “Records”, “e-Discovery” are essential to all

of them

Virtual Asset Protection for Online Gaming Internal abuse and theft Potential lawsuit for virtual assets

Our Customers

Session Auditor has been widely adopted by industry leading customers from telco, finance, service providers, consulting firms, governments and etc. Please visit http://bmst.net/solution for more details.

April 13, 2023 ©Copyright, BMST Co. 2009 12

About BMST Co.

Founded at March 2006 BMST, which is located at ZGC

High-Tech District, Beijing, China, focuses on innovation and development on network security products and technologies.

The founders have profound experience at network security, telco, finance and various industries.

April 13, 2023 ©Copyright, BMST Co. 2009 13

http://maps.google.com/maps/place?cid=4135994384345121574&q=Bldg%2BA,%2BHuatong%2BMansion

⁻info@bmst.net (General query) ⁻sales@bmst.net (Sales) ⁻partners@bmst.net (Partnership)

@bmstdotnet

April 13, 2023 ©Copyright, BMST Co. 2009 14