“i7 Networks” Manjunath M Gowda CEO & co-founder, i7 Networks.
-
Upload
kenneth-strickland -
Category
Documents
-
view
231 -
download
0
Transcript of “i7 Networks” Manjunath M Gowda CEO & co-founder, i7 Networks.
“i7 Networks”
Manjunath M GowdaCEO & co-founder, i7 Networks
“If you are an Enterprise allowing BYODs (with or without MDM) to connect to corporate network, then follow me…..”
(else back to your emails on your phone )
“one SSH session from a mobile/tablet is all it takes to
breach your network”
Real story that happened in a US based publicly traded software
product company …..
….
Corporate Network
Firewall
SSH,FTP, ..
SSH, FTP…
Corporate Resources
Malicious APPs
Malicious Server
Reverse SSH Tunnel
SSH
Copyright i7 Networks, i7nw.com
There are 2 ways to protect your network from BYODs :
Copyright i7 Networks, i7nw.com
“To protect themselves against the BYOD threats, organizations:
• need Visibility into precisely • what are these devices, • what are they doing/accessing, and • how to enforce control over these access, • something that can’t be captured with
traditional technologies”
“Introducing i7’s Peregrine7”
Copyright i7 Networks, i7nw.com
Copyright i7 Networks, i7nw.com, [email protected]
Enterprise
MDM manage
d Devices
Unauthorized devices
Unmanaged devices
IoT devices
Unauthorized Apps
Apps from Alternate
Stores
Unsupported-OS devices Compromised
devices
Hot-spotted devices
Rogue/Insecure Devices
Vulnerable Devices
Authorized Apps
SSHSSH
FTP SVN
Copyright i7 Networks, i7nw.com, [email protected]
Enterprise
MDM manage
d Devices
Unauthorized devices
Unmanaged devices
IoT devices
Unauthorized Apps
Apps from Alternate
Stores
Unsupported-OS devices Compromised
devices
Hot-spotted devices
Rogue/Insecure Devices
Vulnerable Devices
Authorized Apps
Peregrine7
SSH
FTP
“We provide complete
Visibility
Unique Device, App & Protocol Fingerprinting
Security & Vulnerability Analysis
Multi-Tier Secure-Granular Access Controls
for all your smart devices and apps”Copyright i7 Networks, i7nw.com
“Our deployment is Super Simple….”
Copyright i7 Networks, i7nw.com
All done 100% Agentless & Non-Intrusive. No app or client to install on the device - Zero-touch/Zero Footprint”
“Appliance connected to span port - hence Zero Latency and hence Zero Risk for IT to try out too!!
Fits into any network
Zero Burden on the IT/Support staff.
Copyright i7 Networks, i7nw.com
Let’s see some of the screen shots of Peregrine7 ……
Copyright i7 Networks, i7nw.com, [email protected]
Copyright i7 Networks, i7nw.com
BYOD inventory analysis
Copyright i7 Networks, i7nw.com
BYOD inventory analysis
Integrates with
• 100% Agentless and non-intrusive (Zero-Footprint)
• Access control while being Offline/out-of-band (Zero Latency)
• Visibility via Hot-spotting & Wi-Fi Sniffing
• App Recognition on the Wire
• Device Compromise Check (Jailbroken/Rooted)
• Close Integration with Google Apps / Exchange / Office365 to provide MDM capabilities
Different from Competition
Copyright i7 Networks, i7nw.com, [email protected]
Paying Customers
Indian Conglomerate with more than 75,000 employees and a multi-billion dollar company; Managing 1500 users for now
Indian services company with more than 1,000 employees and a multi-million dollar company;Managing 1000 users
Indian data center with more than 3,000 employees and a multi-million dollar company;Managing 1000 users
Plus Dozens of large POC customers
Ideation – Jan 2013Released 1.0 – Sept
2013
Awards & Accolades
Investors & Advisors
Manju, CEO & Co-Founder23 yrs. second startupFirst one (s7) got acquired by Bluecoat (Jan 2010) for $8.4MnExtremely good in GTM, Marketing & ExecutingBE, MS (Computer Sc.)MD for Bristol India and Bluecoat IndiaBristol, Wipro, S7, Bluecoat
Sachin, Chief mNetwork Architect, Co-FounderFew patents in the security space12+ years; worked with the team in S7BE (Comp Sc.)S7, Bluecoat
Srinivas, Chief mSecurity Architect, Co-FounderExpert in Cyber security; MS from IIT-B12+ years of exp.Few patents in the security spaceHP, Bluecoat
Jagadish, Senior Principal Engineer5+ years of Exp.Worked in S7 S7, Bluecoat
Geeta, Content-Marketing, inside-sales5+ years of Exp.Iron Mountain, Autonomy, Bluecoat
Brian Nesmith, ex-CEO of Bluecoat Systems, USA
Sharad Sharma, ex-CEO of Yahoo R&D, India
Core Te
am
Team together for second time; 1st venture S7 Software, ran successfully for 6 years & was acquired by Bluecoat Systems from the valley for $8.4Mn
Ofer Elzam, Dir. Network Security Sophos, USA
“Additional Slides…..”
Copyright i7 Networks, i7nw.com
Copyright i7 Networks, i7nw.com, [email protected]
Copyright i7 Networks, i7nw.com, [email protected]
Copyright i7 Networks, i7nw.com, [email protected]
Copyright i7 Networks, i7nw.com, [email protected]
Copyright i7 Networks, i7nw.com
Single device in-depth Security Analysis
Tall Claims!!! but Let’s get drilled into details…..
Copyright i7 Networks, i7nw.com, [email protected]
Continuous Monitoring
2. Complete Visibility & Discovery
3. Detailed Fingerprinting of the device and the Apps
5. Vulnerability and malicious assessment (Intrusions, Trojans)
6. Granular policy enforcement (MULTI-
TIER)
8. Analytics, Log, Audit &
Compliance Reporting
1. Entry Verification – Corporate Wi-Fi or
VPN? Which Wi-Fi?
Deny
4. Compromised (Jailbroken/Rooted),
Unauthorized, Unmanaged, hot-spotting check (Devices & Apps)
Deny
7. Device Management with integration of
Google Apps/Exchange / office 365
Not what the device tells us what it is but we find out what the device it……
Copyright i7 Networks, i7nw.com, [email protected]
DHCP Fingerprinting
TCP/IP fingerprinting
User Agent Analysis
Our Device profile Database Analysis
The Secure Fingerprinting Process
Various other Networking Parameters
What access to allow and what not to allow based on MULTI-TIER:
D = DeviceU = UserA = AppsL = Location of the branch officeT = TimeI = Intrusions, malicious.E = End point integrity (compromised)?R = What Resource?
Copyright i7 Networks, i7nw.com
Granular Policy Enforcement
D
U A
L
TI
E
R
Let me get further deeper into our Security and Vulnerability details…..
Copyright i7 Networks, i7nw.com, [email protected]
Check for internal intrusions-using
BYOD specific internal IDS
Check for malwares n/w signatures, C&C servers against our database +
3rd party
Check for vulnerabilities – CVE and other databases
(DVI*)
Check for Anomalies, Patterns, Issues (port/protocol analysis, Blacklist, C&C, GeoIP) (DTI*)
Security and Vulnerability check
Check for EPP tools, & bad URLs
Check for Jailbroken/Rooted (again agentless)
Copyright i7 Networks, i7nw.com