A Need for Change. The Challenge for Organisations

Khipu

Simon CrockerSystems Engineering

Manager

2 | © 2015, Palo Alto Networks. Confidential and Proprietary.

A Need for Change.The Challenge for OrganisationsSimon CrockerSystems Engineering Manager

Palo Alto Networks at-a-glance

3 | © 2015, Palo Alto Networks. Confidential and Proprietary.

CORPORATE HIGHLIGHTS

• Founded in 2005; first customer shipment in 2007

• Safely enabling applications and preventing cyber threats

• Able to address all enterprise cybersecurity needs

• Exceptional ability to support global customers

• Experienced team of 3,000+ employees

• Q1 FY16: $297.2M revenue

$MM

REVENUES ENTERPRISE CUSTOMERS

FY09FY10FY11FY12FY13FY14FY15$0

$200

$400

$600

$800

$1,000

$13 $49$119

$255

$396

$598

$928

Jul-11 Jul-12 Jul-13 Jul-14 Jul-150

4,000

8,000

12,000

16,000

20,000

24,000

4,700

9,000

13,500

19,000

26,000

>28,000

Khipu Reference Customers

What’s changed?

5 | © 2015, Palo Alto Networks. Confidential and Proprietary.

THE EVOLUTION OF THE ATTACKER

$445CYBERCRIME NOW billion industry

100+ nations

CYBER WARFARE

What’s changed?

Known threats

Org

aniz

atio

nal r

iskIdentity compromise

Zero-day exploits / vulnerabilities

Evasive command-and-control

Unknown & polymorphic malware

Mobility threat

THE EVOLUTION OF THE ATTACK

4 | © 2015, Palo Alto Networks. Confidential and Proprietary.

Business Drivers for the CIO

Social Networking CloudAnalyticsMobility

Different Security Strategies.

Current Security Thinking. Palo Alto Networks Thinking.

The Challenges for the Head of Security

9 | © 2015, Palo Alto Networks. Confidential and Proprietary.

• APPS• USERS• CONTENT

Research

Infiltration

Discovery

Capture

Exfiltration

£Market

AutomatedScalable

Specialised

ManualComplex

Expensive £+HC

Regulation Departments & Faculties

Counter Intel.

Volume of Threat Intel. SPAM?

BlockingComplex

Lack of CorrelationPoint Solutions.

SIEM Costly £ & PeopleComplex

Encryption Cumbersome and Impractical

Incident Response Costly £ & People

Blocking

Failure of Legacy Blocking Architectures

10 | © 2015, Palo Alto Networks. Confidential and Proprietary.

URLFirewall Network AV Anti-APT cloud

Internet

Limited visibility Manual responseLacks correlation

DNS AlertEndpoint Alert

AV Alert

SMTP Alert

AV Alert

Web Alert

Web Alert

SMTP Alert

DNS Alert

AV Alert

DNS Alert

Web Alert

Endpoint Alert

VPNIPS/IDS SandBox ….

Security Operations Centre

SIEM

£Market

AutomatedScalable

SpecialisedComplexity Security

Detection Architecture = Manual Response

URLFirewall Network AV IPS/IDS

UTM / NGFW

Next Generation Security Platform

11 | © 2015, Palo Alto Networks. Confidential and Proprietary.

• Application Aware• User Aware• Content Aware

12 | © 2015, Palo Alto Networks. Confidential and Proprietary.

URLFirewall Network AV Anti-APT cloud

Internet

Limited visibility Manual responseLacks correlation

DNS AlertEndpoint Alert

AV Alert

SMTP Alert

AV Alert

Web Alert

Web Alert

SMTP Alert

DNS Alert

AV Alert

DNS Alert

Web Alert

Endpoint Alert

VPNIPS/IDS SandBox ….

Security Operations Centre

SIEM

Detection Architecture = Manual Response

URLFirewall Network AV IPS/IDS

UTM / NGFW

Fully Integrated & Automated Blocking Architecture

Public Cloud

• ONE PLATFORM, ONE POLICY, DYNAMIC SECURITY

Advanced Endpoint

Threat Intelligence Cloud

Internet

Enterprise NetworkDNS AlertEndpoint AlertWeb AlertAPTEndpoint Alert

Detect unknown threats Detect everywhere in the network

Real-time “closed-loop” prevention

Traps

Traps

Traps

GlobalProtect

Security Operations Centre

PanoramaAutoFocus

Prevention Architecture = Automated Response

Fully Integrated & Automated Blocking Architecture

Traps

Palo Alto Networks - Rebalancing the Scales

14 | © 2015, Palo Alto Networks. Confidential and Proprietary.

• APPS• USERS• CONTENT

Research

Infiltration

Discovery

Capture

Exfiltration

£Market

AutomatedScalable

Specialised

Automated, Scalable &

Integrated - Prevention

Regulation Departments & Faculties

Counter Intel.

Volume of Threat Intel. SPAM?

SIEM Reduction of Events, reducing Cost £ & People

Encryption Integrated and Selective

Incident Response Reduction of Cost £ & People

BlockingSimplified, Automated and Fully Integrated for known

and unknown Threats .Blocking

Traps

Delivering continuous innovation

GlobalProtect

WildFire

Threat Prevention

URL Filtering

10 | © 2015, Palo Alto Networks. Confidential and Proprietary.

AutoFocus

Aperture

Why Palo Alto Networks.

16 | © 2015, Palo Alto Networks. Confidential and Proprietary.

• Application Control and Enablement

• Prevention Strategy

• Single Pass Architecture

• Predictable Performance

• Fully Integrated and Automated Solution

• Simplification / Consolidation

• Cost Savings & Staff Realignment

Why Palo Alto Networks?

17 | © 2015, Palo Alto Networks. Confidential and Proprietary.

Prevention

Zero-DayReduce RiskPolicy

Visibility

Remediation

Detection

Endpoint

Data Center

Mobility

BYOD Management

Vulnerability

Responsive

Exploit

Anti-Malware Forensics

AutomationPrivate Cloud

Public Cloud

Perform

ance

Scalability

Platform

Segmentation

Applications

Users

Control

Agile

Perimeter

Integrated

Support

Web Security

Com

mand-&

-Control

Virtualization

EcosystemContext

Correlation

Services

People

Culture

Safe Enablement

Application

jisc.ac.uk

Simon Crocker

Systems Engineering ManagerKhipu