Solving Compliance for Big Data
-
Upload
fbeckett1 -
Category
Technology
-
view
473 -
download
0
description
Transcript of Solving Compliance for Big Data
![Page 1: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/1.jpg)
![Page 2: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/2.jpg)
Solving Compliance for BIG DATAAndrew Walley – Sales DirectorIan Tinney – Technical Director
InfoSecurity Europe 24-26 April 2012
![Page 3: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/3.jpg)
SECURITY & COMPLIANCE with BIG DATA
Cyber attacks increasing
Regulations tighten
Skills shortage - By 2018, 190,000 too few people with analytical skills [McKinsey]
Tools, like SIEMs, don’t scale; inflexible; expensive
![Page 4: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/4.jpg)
BIG…
Daily log volumes >=petabytes
90% of data created in last 2 years
Data is pervasive email, pda, web-access, financial
transactions, systems access, network devices.
…DATA
90% is Unstructured data
Beyond capabilities of traditional Database technologies
Difficult to Search and report
What is BIG DATA?
![Page 5: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/5.jpg)
HOLDING BACK THE FLOOD OF BIG DATA
Volume Need to be able to cope with massive amounts of data
Variety Need to cope with unstructured data
Velocity Need to scale beyond today!
![Page 6: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/6.jpg)
YOU WANT SPLUNK ON YOUR SIDE Universal Indexing
ability to add new, unstructured data sources Unstructured Data
now accessible, usable, valuable… Unlocks the potential
expose a hidden treasure chest of information Ultimately Scalable
horizontally scalable
SPLUNK THINKS LIKE A
CRIMINAL
![Page 7: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/7.jpg)
Collects and Indexes ANY Machine Data
Customer Facing Data
Outside the Datacenter
ApplicationsWeb logsLog4J, JMS, JMX.NET eventsCode and scripts
NetworkingConfigurationssyslogSNMPnetflow
DatabasesConfigurationsAudit/query logsTablesSchemas
Virtualization & Cloud
HypervisorGuest OS, AppsCloud
Linux/UnixConfigurationssyslogFile systemps, iostat, top
WindowsRegistryEvent logsFile systemsysinternals
Logfiles Configs Messages Traps Alerts
Metrics Scripts TicketsChanges
Click-stream dataShopping cart dataOnline transaction data
Manufacturing, logistics…CDRs & IPDRsPower consumptionRFID dataGPS data
• Any amount, any location, any sourceNo upfront schema
No custom connectorsNo RDBMSNo need to filter/forward
![Page 8: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/8.jpg)
COMPLIANCE – Challenges
GPG13
Mandatory for anyone working with the Government on the GCSX network
Different technologies, logs and fields
Need to monitor the monitoring tools
PCI – DSS
Mandatory – for company processing CC payments
Myriad log formats
Daily Log Review is labour-intensive
Good Practice Guide 13 Payment Card Industry Data Security Standard
![Page 9: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/9.jpg)
WHAT DOES EQALIS PROVIDE?
Eqalis GPG13 app: Eqalis PCI app:
![Page 10: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/10.jpg)
Why Splunk? What’s wrong with my SIEM?
Good at raising a Red Flag but then what?
Why not an appliance-based solution?
Can your appliance scale? Can you improve performance?
Is it a Turn-key solution?
Do you all use the same OSs and make of Firewall?
Can it do anything else?
Splunk can be used for many things…
![Page 11: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/11.jpg)
BONUS FEATURES…So what else can Splunk do for me?Splunk for VMware
Collects performance metrics, tasks, events, logs to provide complete visibility into virtual environments
VMware vCenter Server
VMware vSphere
• Collects and persists data directly from hosts (to avoid the VC bottleneck)
• Integrates data with VC inventory information
• Collects and persists tasks & events from VC to maintain complete picture
• Initial set of views/dashboards as a starting point
Splunk for Enterprise SecuritySplunk for ExchangeSplunk for Cisco Security
![Page 12: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/12.jpg)
A Growing Family of Splunk Apps
Security
IronPort WSA
![Page 13: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/13.jpg)
HQ in Bracknell, Berkshire
Founded 2008
Largest Splunk VAR in UK
Premier Splunk Partner EMEA 2009
Splunk Partner of the Year 2011
10 Employees, UK and EMEA focus
120+ Customers
Real Time Operational Intelligence
Security Network
Ops Web
Compliance
BI
Professional Services
Splunk Authorised Training
![Page 14: Solving Compliance for Big Data](https://reader033.fdocuments.in/reader033/viewer/2022061115/5463178baf795926328b6606/html5/thumbnails/14.jpg)
www.eqalis.com0845 643 9180
EQALIS Ltd, Lily Hill Road,
Bracknell, Berkshire,
RG12 2SJ
QUESTIONS?
DEMONSTRATION?
Thank you