Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust...
Transcript of Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust...
![Page 1: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/1.jpg)
Win the Cyberwar With Zero Trust
John Kindervag
Field CTO
![Page 2: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/2.jpg)
The Four Levels of War
2 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
Grand Strategy (Political)
![Page 3: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/3.jpg)
Grand Strategy - WWII
3 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
![Page 4: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/4.jpg)
The Four Levels of War
4 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
Grand Strategy (Political)
Strategy
![Page 5: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/5.jpg)
Strategy - WWII
5 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
![Page 6: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/6.jpg)
Strategy - WWII
6 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
![Page 7: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/7.jpg)
The Four Levels of War
7 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
Grand Strategy (Political)
Strategy
Tactics
![Page 8: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/8.jpg)
Tactics - WWII
8 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
![Page 9: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/9.jpg)
The Four Levels of War
9 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
Grand Strategy (Political)
Strategy
Tactics
Operations
![Page 10: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/10.jpg)
Operations - WWII
10 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
![Page 11: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/11.jpg)
The Four Levels of Cyberwar
11 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
Grand Strategy (Political)
Strategy
Tactics
Operations
![Page 12: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/12.jpg)
Cyber Security Grand Strategy:Prevent Data Breaches
![Page 13: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/13.jpg)
13 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
![Page 14: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/14.jpg)
![Page 15: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/15.jpg)
15 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
![Page 16: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/16.jpg)
The Four Levels of Cyberwar
16 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
Grand Strategy (Political)
Strategy
Tactics
Operations
![Page 17: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/17.jpg)
Not a Strategy
Source: January 7, 2015, “Forrester's Targeted-Attack Hierarchy Of Needs: Assess Your Core Capabilities” Forrester report
![Page 18: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/18.jpg)
18 | © 2017 Palo Alto Networks. Confidential and Proprietary.
![Page 19: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/19.jpg)
Not a Strategy
![Page 20: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/20.jpg)
Not a Strategy
![Page 21: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/21.jpg)
Not a Strategy
![Page 22: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/22.jpg)
22 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
TRUST
VULNERABILITY
MALICIOUS
![Page 23: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/23.jpg)
Which one goes to the internet?
Untrusted Trusted
Source: October 22, 2014, “No More Chewy Centers: The Zero Trust Model Of Information Security” Forrester report
![Page 24: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/24.jpg)
Zero Trust
Untrusted Untrusted
Source: October 22, 2014, “No More Chewy Centers: The Zero Trust Model Of Information Security” Forrester report
![Page 25: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/25.jpg)
Zero Trust Design Concepts
• Focus on the business outcomes
• Design from the Inside > Out
• Start with the assets or data that need protection
• Determine who or what needs access
• Need to know/Least-privilege
• Inspect and log all traffic
![Page 26: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/26.jpg)
1. Who the President is…2. Where the President is…3. Who should have access to the President…
![Page 27: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/27.jpg)
Zero Trust
![Page 28: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/28.jpg)
Zero Trust is the answer!
![Page 29: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/29.jpg)
The Four Levels of Cyberwar
29 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
Grand Strategy (Political)
Strategy
Tactics
Operations
![Page 30: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/30.jpg)
DELIVERING THE NEXT-GENERATION SECURITY PLATFORM
30 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
![Page 31: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/31.jpg)
STRATEGIC PARTNERSHIPS
31 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
EXPANSIVE PARTNER ECOSYSTEM
Virtualization
Cloud
Networking
Mobility
Security Analytics
Enterprise Security
Identity and Access
Management
SD-WAN
Orchestration & Security Automation
Threat Intelligence
Over 120 Technology Integrations
Open APIs
Extensive Ecosystem of Partners Across Multiple Technologies
![Page 32: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/32.jpg)
21st Century Zero Trust Network
CHD
MCAP
DB MCAP
APPS
MCAP
WL MCAP
MGMT
server WWW MCAP
User MCAP
SIM NAVDAN MCAP
Segmentation
Gateway
Micro Core and
Perimeter
Source: November 15, 2012, “Build Security Into Your Network’s DNA: The Zero Trust Network Architecture” Forrester report
![Page 33: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/33.jpg)
IPS
Serverfarm
WWW farm
DB farm
IPS
IPSIPS
WAN
WAF
DAM
Augment Hierarchal Networks with Zero Trust
CHD MCAP MGMT
server
WL MCAP
User MCAP
SIM NAVDAN MCAP
Source: November 15, 2012, “Build Security Into Your Network’s DNA: The Zero Trust Network Architecture” Forrester report
![Page 34: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/34.jpg)
Public Cloud
PSY Switch
vSwitch
Hypervisor
Virtual Network
VSG
PSG
Security MGMT
PSY MGMT
Virtualization MGMT
PSY SwitchvSwitch
Hypervisor
Virtual NetVSG
Workload
SDD
C
Extend Zero Trust to the Public Cloud
Workload
PA Series NGFW
VM Series NGFW
VM NGFW
Panorama
![Page 35: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/35.jpg)
The Four Levels of Cyberwar
37 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
Grand Strategy (Political)
Strategy
Tactics
Operations
![Page 36: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/36.jpg)
Automation and Orchestration
![Page 37: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/37.jpg)
AUTOMATED SECURITY ACTIONS
Threat Prevention logs
Malware and phishing logs
Correlated Event logs
System logs
Data filtering logs
Traps logs
… ...
10.3.4.122 Compromised
Dynamic Address Group
Policy Source Action
Compromised
hosts
Dynamic
Address
Group
Enforce multi-factor
authentication
1. Granular log filtering 2. Automated actions on the NGFW
HT
TP
/S
AUTO-TAG
3. Automated actions on third party systems
Any REST API
Traps and Wildfire C2 alerts on
10.3.4.122
© 2017 Palo Alto Networks, Inc. Confidential
![Page 38: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/38.jpg)
The Four Levels of Cyberwar
40 | © 2017 Palo Alto Networks, Inc. Confidential and Proprietary.
Grand Strategy (Political)
Strategy
Tactics
Operations
![Page 39: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/39.jpg)
Rep. Jason Chaffetz on Zero Trust:
“Zero trust would have profoundly limited the attacker’s ability to move within OPM’s network and access such sensitive data.”
Source: Adopting a zero trust cyber model in government: http://federalnewsradio.com/commentary/2016/09/adopting-zero-trust-cyber-model-government/
![Page 40: Win the Cyberwar With Zero Trust - Lockdown 2017 · 2017-07-25 · Win the Cyberwar With Zero Trust John Kindervag Field CTO. ... Source: January 7, 2015, “Forrester's Targeted-Attack](https://reader030.fdocuments.in/reader030/viewer/2022040823/5e6d97f57c9ebc1cc379b28c/html5/thumbnails/40.jpg)
Thank You
John Kindervag
42 | © 2017 Palo Alto Networks. Confidential and Proprietary.
Field CTO
@Kindervag