Upload
jisc
View
1.632
Download
3
Embed Size (px)
Citation preview
A Need for Change. The Challenge for Organisations
Khipu
Simon CrockerSystems Engineering
Manager
2 | © 2015, Palo Alto Networks. Confidential and Proprietary.
A Need for Change.The Challenge for OrganisationsSimon CrockerSystems Engineering Manager
Palo Alto Networks at-a-glance
3 | © 2015, Palo Alto Networks. Confidential and Proprietary.
CORPORATE HIGHLIGHTS
• Founded in 2005; first customer shipment in 2007
• Safely enabling applications and preventing cyber threats
• Able to address all enterprise cybersecurity needs
• Exceptional ability to support global customers
• Experienced team of 3,000+ employees
• Q1 FY16: $297.2M revenue
$MM
REVENUES ENTERPRISE CUSTOMERS
FY09FY10FY11FY12FY13FY14FY15$0
$200
$400
$600
$800
$1,000
$13 $49$119
$255
$396
$598
$928
Jul-11 Jul-12 Jul-13 Jul-14 Jul-150
4,000
8,000
12,000
16,000
20,000
24,000
4,700
9,000
13,500
19,000
26,000
>28,000
Khipu Reference Customers
What’s changed?
5 | © 2015, Palo Alto Networks. Confidential and Proprietary.
THE EVOLUTION OF THE ATTACKER
$445CYBERCRIME NOW billion industry
100+ nations
CYBER WARFARE
What’s changed?
Known threats
Org
aniz
atio
nal r
iskIdentity compromise
Zero-day exploits / vulnerabilities
Evasive command-and-control
Unknown & polymorphic malware
Mobility threat
THE EVOLUTION OF THE ATTACK
4 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Business Drivers for the CIO
Social Networking CloudAnalyticsMobility
Different Security Strategies.
Current Security Thinking. Palo Alto Networks Thinking.
The Challenges for the Head of Security
9 | © 2015, Palo Alto Networks. Confidential and Proprietary.
• APPS• USERS• CONTENT
Research
Infiltration
Discovery
Capture
Exfiltration
£Market
AutomatedScalable
Specialised
ManualComplex
Expensive £+HC
Regulation Departments & Faculties
Counter Intel.
Volume of Threat Intel. SPAM?
BlockingComplex
Lack of CorrelationPoint Solutions.
SIEM Costly £ & PeopleComplex
Encryption Cumbersome and Impractical
Incident Response Costly £ & People
Blocking
Failure of Legacy Blocking Architectures
10 | © 2015, Palo Alto Networks. Confidential and Proprietary.
URLFirewall Network AV Anti-APT cloud
Internet
Limited visibility Manual responseLacks correlation
DNS AlertEndpoint Alert
AV Alert
SMTP Alert
AV Alert
Web Alert
Web Alert
SMTP Alert
DNS Alert
AV Alert
DNS Alert
Web Alert
Endpoint Alert
VPNIPS/IDS SandBox ….
Security Operations Centre
SIEM
£Market
AutomatedScalable
SpecialisedComplexity Security
Detection Architecture = Manual Response
URLFirewall Network AV IPS/IDS
UTM / NGFW
Next Generation Security Platform
11 | © 2015, Palo Alto Networks. Confidential and Proprietary.
• Application Aware• User Aware• Content Aware
12 | © 2015, Palo Alto Networks. Confidential and Proprietary.
URLFirewall Network AV Anti-APT cloud
Internet
Limited visibility Manual responseLacks correlation
DNS AlertEndpoint Alert
AV Alert
SMTP Alert
AV Alert
Web Alert
Web Alert
SMTP Alert
DNS Alert
AV Alert
DNS Alert
Web Alert
Endpoint Alert
VPNIPS/IDS SandBox ….
Security Operations Centre
SIEM
Detection Architecture = Manual Response
URLFirewall Network AV IPS/IDS
UTM / NGFW
Fully Integrated & Automated Blocking Architecture
Public Cloud
• ONE PLATFORM, ONE POLICY, DYNAMIC SECURITY
Advanced Endpoint
Threat Intelligence Cloud
Internet
Enterprise NetworkDNS AlertEndpoint AlertWeb AlertAPTEndpoint Alert
Detect unknown threats Detect everywhere in the network
Real-time “closed-loop” prevention
Traps
Traps
Traps
GlobalProtect
Security Operations Centre
PanoramaAutoFocus
Prevention Architecture = Automated Response
Fully Integrated & Automated Blocking Architecture
Traps
Palo Alto Networks - Rebalancing the Scales
14 | © 2015, Palo Alto Networks. Confidential and Proprietary.
• APPS• USERS• CONTENT
Research
Infiltration
Discovery
Capture
Exfiltration
£Market
AutomatedScalable
Specialised
Automated, Scalable &
Integrated - Prevention
Regulation Departments & Faculties
Counter Intel.
Volume of Threat Intel. SPAM?
SIEM Reduction of Events, reducing Cost £ & People
Encryption Integrated and Selective
Incident Response Reduction of Cost £ & People
BlockingSimplified, Automated and Fully Integrated for known
and unknown Threats .Blocking
Traps
Delivering continuous innovation
GlobalProtect
WildFire
Threat Prevention
URL Filtering
10 | © 2015, Palo Alto Networks. Confidential and Proprietary.
AutoFocus
Aperture
Why Palo Alto Networks.
16 | © 2015, Palo Alto Networks. Confidential and Proprietary.
• Application Control and Enablement
• Prevention Strategy
• Single Pass Architecture
• Predictable Performance
• Fully Integrated and Automated Solution
• Simplification / Consolidation
• Cost Savings & Staff Realignment
Why Palo Alto Networks?
17 | © 2015, Palo Alto Networks. Confidential and Proprietary.
Prevention
Zero-DayReduce RiskPolicy
Visibility
Remediation
Detection
Endpoint
Data Center
Mobility
BYOD Management
Vulnerability
Responsive
Exploit
Anti-Malware Forensics
AutomationPrivate Cloud
Public Cloud
Perform
ance
Scalability
Platform
Segmentation
Applications
Users
Control
Agile
Perimeter
Integrated
Support
Web Security
Com
mand-&
-Control
Virtualization
EcosystemContext
Correlation
Services
People
Culture
Safe Enablement
Application