Umbrella for MSPs: Cloud Security via N-able

Preview:

DESCRIPTION

Last week, at N-Able's Global Partner Summit, our Sr. Product Manager for MSPs,Dima Kumets, had a great session on "Cloud Security via N-able". During the presentation, he discussed how easy it was to deploy and monitor OpenDNS Umbrella for MSPs in N-able's Automation Manager. If you missed out on his awesome discussion, here is a recap.

Citation preview

Umbrella Con!dential

1_Title (1) UMBRELLA FOR MSPs: Cloud Security via N-Able Dima Kumets MSP Product Manager

#2

1_Light Title Only

#2 ! 29-Oct-13 ! Umbrella Con!dential

ASIA-PACIFIC

EUROPE, MIDDLE EAST & AFRICA

AMERICAS

COMPANY BACKGROUND

!   50M+ ACTIVE USERS DAILY !   19 DATA CENTER LOCATIONS !   ZERO DOWNTIME, SINCE 2006

!   50B+ REQUESTS DAILY !   160+ COUNTRIES W/USERS !   ZERO NET NEW LATENCY

GLOBAL SECURITY NETWORK 208.67.220.220 208.67.222.222

#3

1_Light Title Only

#3 ! 29-Oct-13 ! Umbrella Con!dential

CLOUD SECURITY SERVICE

PARTNERING WITH

TO MAKE DEPLOYMENT FAST AND SEAMLESS

#4

CHANGING THREAT LANDSCAPE

VELOCITY & PACE

#5 #5 ! 29-Oct-13 ! Umbrella Con!dential

TODAY

MALWARE HAS EXPLODED !   PROFIT MOTIVE + LIQUIDITY

CYBERCRIME AS A SERVICE

!  DISTRIBUTED CRIMINAL ORGANIZATIONS !   SPECIALIZED TALENT !  MORE EFFICIENT + MORE DANGEROUS

#6 #6 ! 29-Oct-13 ! Umbrella Con!dential

DISTRIBUTION VECTORS

#7 #7 ! 29-Oct-13 ! Umbrella Con!dential

DIY EXPLOIT KITS

DO-IT-YOURSELF EXPLOIT KITS !   PRE-PACKAGED SCRIPTS !   NO “HACKER” SKILLS NECESSARY

!   USES MANY ATTACK VECTORS TO INSTALL MALWARE

!   EMBED ON A WEBSITE – EASY TO USE !   RESULT

!   EXPANDS CYBERCRIME TO TRADITIONAL CRIMINAL ORGANIZATIONS

!   BIGGER PROFIT FOR BLACK-HAT HACKERS !  $200-$20,000

#8

1_Light Title Only

#8 ! 29-Oct-13 ! Umbrella Con!dential

DIY EXPLOIT KIT

#9

1_Light Title Only

#9 ! 29-Oct-13 ! Umbrella Con!dential

DIY EXPLOIT KIT

#10

1_Light Title Only

#10 ! 29-Oct-13 ! Umbrella Con!dential

EXPLOIT KIT REPORTING!

#11 #11 ! 29-Oct-13 ! Umbrella Con!dential

DISTRIBUTION VECTORS

!  ACTIVE/WIDE NET !  MALVERTISING !  SPAM

!  TARGETED !  SPEARPHISHING !  WATERING HOLE ATTACKS

!  EMERGING !  MOBILE THREATS ! SMiShing (SMS PHISHING)

#12 #12 ! 29-Oct-13 ! Umbrella Con!dential

MALWARE PAYLOAD

#13 #13 ! 29-Oct-13 ! Umbrella Con!dential

UNWITTING PARTICIPATION IN EXTORTION

DDOS BOTS

#14 #14 ! 29-Oct-13 ! Umbrella Con!dential

MALWARE RUINS EMAIL REPUATION

SPAMBOTS

#15 #15 ! 29-Oct-13 ! Umbrella Con!dential

MALWARE SEIZES COMPUTERS

FAKE ANTI-VIRUS

#16 #16 ! 29-Oct-13 ! Umbrella Con!dential

MALWARE HAS BECOME MORE DANGEROUS

RANSOMWARE

#17 #17 ! 29-Oct-13 ! Umbrella Con!dential

MALWARE CAN DESTROY SMBs

KEYLOGGERS AND BACKDOORS

#18 #18 ! 29-Oct-13 ! Umbrella Con!dential

ATTACKS INCREASINGLY TARGET SMBs UNDER 250 USERS

PROPORTION OF BREACHES BY ORG SIZE

15x

1x ORGS WITH 11-100 EMPLOYEES

ORGS WITH <11 or >100 EMPLOYEES

TARGETED ATTACKS AGAINST SMBS

36%

18%

2011 JUNE 2012

HAVE NO FORMAL WRITTEN INTERNET SECURITY POLICY FOR EMPLOYEES

HAVE NO INFORMAL INTERNET SECURITY POLICY FOR EMPLOYEES

THINK THEIR COMPANY IS SAFE FROM HACKERS, VIRUSES AND MALWARE

83%

77%

69%

SMBs NEED MANAGED ENTERPRISE-GRADE

SECURITY

#19 #19 ! 29-Oct-13 ! Umbrella Con!dential

HOW DO YOU PROTECT CUSTOMERS?

ANTI-VIRUS IS JUST

A SINGLE LAYER

IN A DEFENSE IN DEPTH STRATEGY “SIGNATURE-BASED TOOLS (AV, FW & IPS) ARE ONLY EFFECTIVE AGAINST 30-50% OF CURRENT SECURITY THREATS”

“CLOUD-BASED PROVIDERS SHOULD HAVE BETTER REAL-TIME TELEMETRY OF GLOBAL EVENTS AND THE ABILITY TO RESPOND TO THESE EVENTS RAPIDLY BY MODIFYING THE SOLUTION.”

#20

CLOUD SECURITY TO REDUCE

COMPLEXITY, TIME AND COST

#21

1_Light Title Only

#21 ! 29-Oct-13 ! Umbrella Con!dential

FOR MSPs

introducing…

#22 #22 ! 29-Oct-13 ! Umbrella Con!dential

ALLOWING AN MSP TO

Decrease Costs

50%-90% reduction in malware clean up time

Improve

Retention Improved customer uptime and value

reports

Increase Revenue

Per-user Web Filter as a value added

service

#23 #23 ! 29-Oct-13 ! Umbrella Con!dential

EASY TO DO BUSINESS WITH

VOLUME PRICING

MONTHLY BILLING

MULTI-TENANT DASHBOARD

MANAGE SEATS ON-DEMAND

BUSINESS PRACTICES ALIGNED WITH MONTHLY

RECURRING REVENUE MODELS

#24 #24 ! 29-Oct-13 ! Umbrella Con!dential

Improve

Retention Improved customer uptime and value

reports

HOW DO WE HELP MSPs TO

Increase Revenue

Per-user Web Filter as a value added

service

Decrease Costs

50%-80% reduction in malware clean up time

#25 #25 ! 29-Oct-13 ! Umbrella Con!dential

INFECTED DEVICES IMPACT MSP MARGINS

YOUR ENGINEER’S

TIME

CLIENTS’ EMPLOYEE DOWNTIME

MALWARE COSTS

#26

1_Light Title Only

#26 ! 29-Oct-13 ! Umbrella Con!dential

DECREASE MALWARE CLEAN UP EXPENSES

BLOCKS PHISHING ATTEMPTS & INAPPROPRIATE USAGE

PREVENTS MALWARE

CONTAINS BOTNETS

WEB

WEB (PORTS ???)

WEB & NON-WEB

ANY APP

ANY PROTOCOL

ANY PORT

! THE INTERNET YOUR CUSTOMERS" CLOUD SERVICE

WITH ZERO ADDED LATENCY

#27 #27 ! 29-Oct-13 ! Umbrella Con!dential

SECURE EVERYWHERE

!   COVERAGE FOR WORKERS ON AND OFF THE NETWORK !   COVERAGE FOR BYOD AND UNMANAGED DEVICES

#28

1_Light Title Only

#28 ! 29-Oct-13 ! Umbrella Con!dential

UMBRELLA BY OPENDNS

80M+ REQUESTS TO ADVANCED MALWARE, BOTNET & PHISHING THREATS BLOCKED DAILY

NEW THREAT ORIGINS DISCOVERED OR PREDICTED DAILY 100K+

THE ONLY CLOUD-DELIVERED AND DNS-BASED WEB SECURITY SOLUTION

#29 #29 ! 29-Oct-13 ! Umbrella Con!dential

ANALYZING DATA TO EXTRACT ACTIONABLE SECURITY INFORMATION

#30 #30 ! 29-Oct-13 ! Umbrella Con!dential

!   Goal: try to tell if a domain has been machine generated by malware !   Look at name: bigrams, trigrams, length, entropy, etc.

!   Look at timing: concentrated DNS queries with short life spans (temporal progression)

!   High level of activity at the time of domain generation -> fades over time

!   Result: Predict if a domain is a botnet command and control server and block it.

!   Bene!t: Malware is contained and doesn’t update or become part of a botnet

Instance 1 cso0vm2q6g86owao.thepohzi.su 5qloxxe.tohk5ja.cc k2s0euuz.oogagh.su Instance 2 v8ylm8e.thepohzi.su 2g24ar4vu8ay6.tohk5ja.cc d6vh5x1cic1yyz1i.oogagh.su Instance 3 t2250p29079m6oq8.thepohzi.su ngb0ef99.tohk5ja.cc nxdhetohak91794.oogagh.su

BIG DATA EXAMPLE – DGA ALGORITHM

#31 #31 ! 29-Oct-13 ! Umbrella Con!dential

LABS.UMBRELLA.COM http://labs.umbrella.com/2013/09/25/ripple-effect/

#32 #32 ! 29-Oct-13 ! Umbrella Con!dential

PREDICTING ADVANCED ATTACKS FROM HIGH-RISK SITES AND LOCATIONS: !   MALWARE HOSTS !   BOTNET CONTROLLERS !   PHISHING WEBSITES

#33 #33 ! 29-Oct-13 ! Umbrella Con!dential

Improve

Retention Improved customer uptime and value

reports

HOW DO WE HELP MSPs TO

Increase Revenue

Per-user Web Filter as a value added

service

Decrease Costs

50%-80% reduction in malware clean up time

#34 #34 ! 29-Oct-13 ! Umbrella Con!dential

PROFITABLE WEB FILTER

WEB FILTER AS A VALUE ADDED SERVICE !   60 CATEGORIES !   GRANULAR WHITELIST/BLACKLIST !   CUSTOM BLOCK PAGE

FEATURES TO CHARGE A PREMIUM PRICE !   PER-COMPUTER POLICY !   BYOD AND GUEST FILTERING !   BLOCK PAGE BYPASS CODES

REPORTING AND MONITORING !   REAL-TIME ACTIVITY REPORT !   TOP DOMAINS/TOP CATEGORIES/TOP USERS !   SAVED REPORTS WITH EXPORT

#35 #35 ! 29-Oct-13 ! Umbrella Con!dential

PROFITABLE WEB FILTER

FAST AND EASY TO MANAGE !  SPEND LESS TIME MANAGING FILTERING

!  EASY TO USE AND UNDERSTAND

!  CENTRALIZED WEB DASHBOARD !  REMOTE MANAGEMENT !  ALL IN THE BACKGROUND

!  MULTI-TENANT !  MULTIPLE CUSTOMER ORGANIZATIONS !  MSP ADMINS HAVE ACCESS TO ALL CUSTOMERS !  CUSTOMERS ARE ISOLATED TO THEIR OWN

ORGANIZATION

#36 #36 ! 29-Oct-13 ! Umbrella Con!dential

Improve

Retention Improved customer uptime and value

reports

HOW DO WE HELP MSPs TO

Increase Revenue

Per-user Web Filter as a value added

service

Decrease Costs

50%-80% reduction in malware clean up time

#37

1_Light Title Only

#37 ! 29-Oct-13 ! Umbrella Con!dential

IMPROVE RENEWALS AND RETENTION

IMPROVED UPTIME !  PROACTIVE SECURITY PROTECTION !  FEWER INFECTIONS = ALWAYS ON TECHNOLOGY

VALUE REPORTS !  INFECTIONS PREVENTED !  MALWARE CONTAINED !  PHISHING BLOCKED

VIRTUAL CIO !  ASSIST HR AND STAFFING DECISIONS !  ASSESS AND PLAN NETWORK USAGE

#38 #38 ! 29-Oct-13 ! Umbrella Con!dential

ENTERPRISE-CLASS MANAGEMENT WITHOUT THE ENTERPRISE COMPLEXITY

LIGHTWEIGHT AGENT WITH AUTOMATION POLICY TO DEPLOY

NETWORK-LEVEL PROVISIONING

(ALL DEVICES ON NETWORK INCLUDING BYOD AND UNMANAGED)

23.4.2.4/32 214.41.3.1/32 155.21.1.1/28

CLIENT-A:155.21.1.1/28 CLIENT-B: 214.41.3.1/32 CLIENT-C: 23.4.2.4/32

#39 #39 ! 29-Oct-13 ! Umbrella Con!dential

SUMMARY

CLOUD FIRST

!   MULTI-TENANT console for reports and policy con!g.

!   ON-DEMAND license re-allocation.

!   IMMEDIATE network-level provisioning.

!   RMM-compatible device provisioning.

!  SECURITY WITHOUT APPLIANCES to reduce infected devices.

!  VOLUME pricing for your entire license pool.

!  MONTHLY billing to reduce OpEx while aligning with billing cycles.

!   COVERAGE for all devices regardless of location.

!   VISIBILITY into all network traf!c regardless of port or protocol.

!   ACCURACY to prevent, contain and inform on the latest and most complex threats.

!   SCALABILITY to meet all traf!c throughput without bottlenecks.

!   RELIABILITY for 100% uptime, everywhere.

!   LATENCY to enforce policies & protections is as fast as direct Internet connections.

#40 #40 ! 29-Oct-13 ! Umbrella Con!dential

THANK YOU! ANY QUESTIONS?...

FOR MORE INFORMATION

EMAIL US MSP@OPENDNS.COM

OR VISIT US AT

umbrella.com/msp

OR JUST TWEET @OPENDNS

Recommended