Cyber o Am Ut m Presentation
-
Upload
pinkesh-joshi -
Category
Documents
-
view
213 -
download
0
Transcript of Cyber o Am Ut m Presentation
-
8/18/2019 Cyber o Am Ut m Presentation
1/29
Cyberoam
Complete Network Security for Banks
-
8/18/2019 Cyber o Am Ut m Presentation
2/29
Cyberoam for Security in Banks
Dimensions of Banking Security
Cyberoam Solution
User Identity in Security
Solution Range
-
8/18/2019 Cyber o Am Ut m Presentation
3/29
Dimension - 1 – External threats
External Threats – Attackers are after financial gain
• Targeting the nternal !ser
• Blended threats over multile rotocol
• !mail" #ver $% & mail is sam carrying sy'are( hishing( viruses( 'orm
• )TT* + Drive+by do'nloads( *harming( Sy'are via *,* sites
• I-" -alicious links and attachments
• .T* / -alicious uloads 0 do'nloads
"1# $oint Solutions% & combination% or !T'%
-
8/18/2019 Cyber o Am Ut m Presentation
4/29
Dimension - ( – nsi)er Threats
nsi)er Threats – #ver 1%& threats are from insiders
• -ost attackers are current or former emloyees
• -a2ority of insiders lan their activities in advance using remote access
• -ethods /Using someone else3s comuter( Social engineering( Unattended terminal
• -alicious Intent" Selling cororate4customer data for financial gain
• User Ignorance" Indiscriminate surfing 5 -al'are( Sy'are
"*(* +oul) you settle for $lain Security if you ha) the choice of )entity-base) security%
-
8/18/2019 Cyber o Am Ut m Presentation
5/29
Dimension – , – emote .ffice Security
emote .ffice Security / 6reater 6ranularity and Control over system resources
• )igh Security 7evels at ar 'ith )ead #ffice
• !8ternal threats
• Internal threats
• 7imited Technical Resources at Remote #ffice
• Centrali9ed control and visibility re:uired
• e/ulatory Compliance" BS ;;$$4 IS# ,;%%
-
8/18/2019 Cyber o Am Ut m Presentation
6/29
Dimension – – Safe 2uar)in/ 3our En)$oints
-edical records of ;>< atients lost by a hosital
60% corporate data lies unprotected on endpoints
4ost !SBs
4ost 'ultime)ia Discs
+ron/ Email &ttachment
4ost i$o)s
*ersonal information of
-
8/18/2019 Cyber o Am Ut m Presentation
7/29
Dimension – –Safe 2uar)in/ 3our Network En)$oints
What Places Data At Risk?
&pplications+eb5 'ail5 '5 $($5 $rintin/5 6T$
emo7able De7ices!SBs5 CDs8D9Ds5 '$,5
Di/ital cameras
nsi)ers!nauthori:e) transfer of sensiti7e )ata;
'alware-la)en email for information access;Sensiti7e )ata sent to wron/ person
Data &t isk
-
8/18/2019 Cyber o Am Ut m Presentation
8/29
Core Banking SystemComponents
Datacenter
Network Administrators
CoreBankingApplication
!S" Data#ase
$nternetBanking
A&
Desktops" BranchSer'ers
WA("$nternet
WA("$nternet
BranchesApplication Developers
System Administratorsranch User/Admins
<ernati7e
Channels
-
8/18/2019 Cyber o Am Ut m Presentation
9/29
Challen/es
!8isting .ire'all ina)e>uate for
-
8/18/2019 Cyber o Am Ut m Presentation
10/29
-
8/18/2019 Cyber o Am Ut m Presentation
11/29
Confidentiality / #nly Authori9ed users may access Restricted Gonal access /User Identity( F7A=
Incident -anagement / Identity+based logging 0 reorting
Device Control / Block unauthori9ed file coies( USBs etc?
Alication Control / Authori9ed use of Alications #nly
Summary of Benefits
*revents unauthori9ed access( leakage 4 damage to information
Reduces the risk of human error( theft( fraud( misuse of infrastructure
Gero+hour threat detection and alerts 'ith username
!nsures uick and Suitable Resonse
#ngoing monitoring 'ith username reorts
Cy#eroam Security to ) Bank
-
8/18/2019 Cyber o Am Ut m Presentation
12/29
Cy#eroam
+ni,ed hreat&anagement
-
8/18/2019 Cyber o Am Ut m Presentation
13/29
+hat is Cyberoam%
1* Comprehensi7e Security with
• *erformance+!ffectiveness+6ranularity
• .ire'all+F*=+I*S
• 6ate'ay Anti+virus 0 Antisam
• Content .iltering 0 Band'idth -anagement
• )igh+Availability 0
-ultile 7ink -anagement
• #n+Aliance Reorting
(* )entity-base) Security
,* Comprehensi7e Branch .ffice Security
-
8/18/2019 Cyber o Am Ut m Presentation
14/29
-ire.all/P($PS
Dimension <
-
8/18/2019 Cyber o Am Ut m Presentation
15/29
+hy Cyberoam 6irewall-9$N-$S%
• !nterrise+class erformance
• 6bs .ire'all Throughut( ,?1 6bs I*S Throughut
Certifications
• ICSA certified .ire'all
• Checkmark certified !nterrise UT-
• Interoerability 'ith Jrd arty F*= + F*=C certified
Benefits
• *revents file uloads and data leakage via I-
• I*S signatures to revent abnormal activity
• Horks on 7ayer K / The )uman layer
• Allo's users to carry their access rights any'here in the net'ork
Dimension <
-
8/18/2019 Cyber o Am Ut m Presentation
16/29
Anti'irus AntiSpam
Dimension <
-
8/18/2019 Cyber o Am Ut m Presentation
17/29
+hy Cyberoam &nti-9irus an) &nti-Spam%
Anti+Firus"
$$ & Anti+Firus detection rateL Gero+hour rotection
Firus #utbreak Detection / Gero+hour rotection
Anti+Sam"
$K & Sam detection rate / 4ow 6alse $ositi7e
Scans S-T*( *#*J( I-A* 'ith Recurrent *attern Detection @R*DT-
Content+agnostic and language indeendent / Image sam and emerging sam
Certification
Checkmark certified Anti+virus and Anti+sam
Dimension <
-
8/18/2019 Cyber o Am Ut m Presentation
18/29
Content -iltering
Dimension <
-
8/18/2019 Cyber o Am Ut m Presentation
19/29
+hy Cyberoam Content 6ilterin/%
• Database of millions of sites / K, M categories
• )TT* uload control
• Categori9es 6oogle cached ages 'ith dynamic UR7s
• *revents *ro8y surfing eg" tunnel ro8y utility( oen ro8y( 'eb ro8y?
Certifications
• Checkmark certified Content .iltering
• =et'ork *roducts 6uide a'ard + ,%%K
Dimension <
Benefits
• *revents entry of mal'are through unrestricted surfing
• *olicies based on user identity
• *revents Data 7eakage
http://www.networkproductsguide.com/best/2008/Cyberoam.html
-
8/18/2019 Cyber o Am Ut m Presentation
20/29
Band.idth &anagement
&ultiple 1ink &anagement
-
8/18/2019 Cyber o Am Ut m Presentation
21/29
Committed and burstable band'idth Restricts band'idth usage by roer allocation on re:uirements basis
*revents Band'idth Choking
Controls cost / revents e8cessive band'idth usage
Why Cy#eroam? Band.idth &anagement
!ser )entity in Security
• Assigns band'idth to critical users and alications / suorts business agility
• Alication and Identity+based band'idth allocation
Dimension <
-
8/18/2019 Cyber o Am Ut m Presentation
22/29
&)7ance) 'ultiple 2ateway 6eatures
Auto gate'ay failover
Heighted round robin load balancing
*olicy routing er alication( user( source and destination
6ate'ay status on dashboard
=o restriction on number of HA= *orts
Schedule based band'idth assignment
+hat )oes it sol7e%
*rovides continuous connectivity
Security over multile IS* links
Dimension <
-
8/18/2019 Cyber o Am Ut m Presentation
23/29
Why Cy#eroam?
Dimension 2$dentity#ased Security
-
8/18/2019 Cyber o Am Ut m Presentation
24/29
Why $dentity? * AAA through Cy#eroam +&Security
!ser
&uthentication by Username / including Hi+.i &uthori:ation + Access Rights based on re+defined
cororate olicies
Username / =ot I* Addresses
=eed+to+Use basis
Across distributed locations
&ccountin/ / Centrali9ed 7ogging and Reorting
'ith Username
Sho's +ho is Doin/ +hat even in Dynamic
!nvironments
D)C* + Hi+.i + Shared -achine Scenarios
-
8/18/2019 Cyber o Am Ut m Presentation
25/29
-
8/18/2019 Cyber o Am Ut m Presentation
26/29
Data 4eaka/e Control = eportin/ @0TT$ !ploa)A
-
8/18/2019 Cyber o Am Ut m Presentation
27/29
Why Cy#eroam?
Dimension 3Branch !4ce Security
-
8/18/2019 Cyber o Am Ut m Presentation
28/29
+hy Cyberoam%
Branch .ffice Security
Comrehensive security
Branch user visibility and controls at )
*roven interoerability 'ith Jrd arty F*=s / 9$NC certifie)
HA= otimi9ation at branches
Band'idth efficiency
Simlified #erations / =o need for technical resource
Remote 'eb+6UI management
Dimension J
-
8/18/2019 Cyber o Am Ut m Presentation
29/29
Secure emote &ccess
• I*Sec 0 SS7 F*= on UT- Aliance
• Any'here Secure Access to telecommuters( road 'arriors(
artners
• Threat .ree Tunneling Technology / Scans endoint for
mal'are• Clientless F*=
• .ull or limited access based on user 'ork rofile
• )igh scalability
• !asy to use and manage
Dimension J