Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and Management by Francois Caron and Pat Motola

© 2013 BlueSpace Federal Corp. and SolarWinds Worldwide, LLC. All rights reserved.

Sentinel

SolarWinds® POC

Francois Caron Product Management Director

[email protected]

BlueSpace POC

Pat MotolaCEO

[email protected]

Multi-Cloud, Multi-Network Cyber Awareness, Monitoring and

Management

2© 2013 BlueSpace Federal Corp. and SolarWinds Worldwide, LLC. All rights reserved.

Overview

• Completely isolating mission critical clouds and networks is fundamental to maximize cyber security.

• However, this isolation negatively impacts the ability to monitor and manage the cyber environment.

• SolarWinds and BlueSpace provide compatible off the shelf products that meet the requirements of US Intelligence Community and Department of Defense requirements for Multi-Cloud, Multi-Network Cyber Awareness, IT Monitoring and Management solutions.


SolarWinds: Who We Are - What We do

• Who we are» More than 100,000 customers in 170 countries

» We sell to business of all sizes from SMB to Large Enterprise and Federal

» More than 425 of the Fortune 500 are customers

» 2012 revenue of over $290 million (+30% year-over-year growth)

» Named to “The Forbes® Fast Tech 25” in 2012 (Forbes magazine)

» More than one million users have downloaded our free tools

• Provide IT Management Software◦ Focused on the end user in all the markets in which we compete◦ Powerful. Easy to use. Affordable


SolarWinds Product Lines

Log & Event management Log and Event Manager

Network management Network Performance Monitor NetFlow Traffic Analyzer Network Configuration Manager IP Address Manager VoIP & Network Quality Manager Firewall Security Manager User Device Tracker

Application & Server management Server & Application Monitor Virtualization Manager Patch Manager Synthetic End User Monitor

Storage management Storage Manager

Remote management Mobile Admin® DameWare ®NT Utilities DameWare Mini Remote Control

IT help desk Web Help Desk™


SolarWinds EOC Capabilities• SolarWinds Enterprise Operations Console (EOC)

• Provides a unified, consolidated, command center on a single display to monitor SolarWinds Orion® instances* throughout the enterprise.

• Scales to monitor over 600,000 network elements

• Focuses attention on mission-critical issues with global top 10 views of bandwidth utilization, response time, CPU, memory, disk space utilization and more

* EOC consolidates views from IPAM, NCM, NPM, NTA, SAM, UDT, VNQM


EOC Home

Orion Instances from multiple

domains


EOC Network


domains


EOC Applications & Server


domains


Case Study


BlueSpace Federal

• Company◦ US Corporation, Small Business, Austin TX based, cleared

employees▪ CEO: Pat Motola, Chairman: Retired Admiral / NSA Director Bobby Ray

Inman◦ Mission: Cyber security solutions for mission critical clouds &

networks◦ How: Cross Domain Applications based on “SmartXD”

technology

• SmartXD – Why It Matters◦ Solves problems with previous cross domain application

architectures◦ Non-Disruptive – cross domain enables existing applications ◦ Simplified Certification – use certified data guards, transfer XML◦ Rapid Delivery – < 6 months to create new applications◦ Any Environment – clouds, networks, tagged data, guards.

• Business Model◦ Flexible, low TCO licensing for BlueSpace COTS applications◦ Easy, affordable to extend capabilities◦ Partner centric approach provides complete solutions


Sentinel

• Capabilities◦ SolarWinds provides

global cyber situational awareness, monitoring and management

◦ Sentinel cross domain enables SolarWinds Enterprise Operations Console (EOC)

◦ Sentinel enables Cross Domain Drill-Down to views & functions within SolarWinds modules

◦ Off the shelf & easy to deploy

◦ Easy to use

Cross Domain Cyber Situational Awareness, Monitoring and Management for SolarWinds software


Benefits

• NetOps Benefits • Easy to use - full function EOC user interface with high side drill

down.• Increased cyber situational awareness - resulting in faster

issue identification, analysis, response and resolution.• Improved IT efficiency - by reducing the number of different

displays and applications required to monitor multiple networks and multiple domains.

• Highly Secure – use of certified data guards and transferring only highly constrained XML low-to-high.

• Other Benefits• Simplified Certification – use of certified data guards (existing

or selected to best meet operational needs). Sentinel installs as a PL2 application in each domain. Low to high XML flow only.

• Low TCO, COTS Solution – eliminates the cost, time and risks associated with custom solution development.

• Flexibility – new capabilities can be rapidly developed, certified and deployed.


Solution Architecture


Extension Points

• Cross Domain Drill Down – enables EOC users to drill down into lower domain Orion detail and management functions.

◦ Smart Windowing – view windows from all domains on a single display using Citrix® Xen® Client technology or equivalent.

• IT Service Management / Help Desk Integration – Sentinel can create trouble tickets on any domain based on rules and policies tied to events, alerts and other IT information.

• Custom Cross Domain Reporting - Sentinel can gather additional information and create customized multi domain reports.

• Guard monitoring - Sentinel can provide information to the high side Orion server to monitor the health of the data guard.


Smart Windowing User Experience

◦ EOC with cross domain Orion drill down on a single display◦ Requires an AFRL SecureView 2.0 Trusted Workstation and

Lower Domain Drill Down extension.


SmartXD

Rapidly Build Smarter Cross Domain Applications

Architecture • VM in each domain • Use any data guard• Access tagged data• XD enable existing

apps

Common Services• Rapid development• Eliminate duplication

Application Design1. Access Data 2. Process Data 3. Communicate 4. Present Data5. User Interaction 6. Orchestration

65

3

2

1

1

1

2

2

33

4

6


SmartXD

Smarter Certification, More Secure

Certification Design1. Use Guard

Certifications2. SmartXD VMs are

PL2 (single domain)3. SmartXD only

transfers XML (Highly Constrained)

4. Use tagged data access certifications (CSG)

Security• Leverage guard and

tagged data security• Eliminate

unnecessary data duplication

• Eliminate risk of complex data trojans

• Guard XML schema checking and dirty word scans

4

3

3

2

2

2

1


Partners

Integration/Reseller

Technology

http://www.bluespace.com/www.solarwinds.com


• SolarWinds Worldwide, LLC’s trademarks, service marks, logos and copyrights are the exclusive property of SolarWinds Worldwide, LLC. For a complete list of SolarWinds trademarks, service marks, and logos, please visit www.solarwinds.com/trademarks. All other trademarks or works mentioned herein are the intellectual property of their respective companies. SolarWinds Worldwide, LLC is not affiliated with any of the respective companies.

http://www.solarwinds.com/trademarks