Cyber o Am Ut m Presentation

8/18/2019 Cyber o Am Ut m Presentation

1/29

Cyberoam

Complete Network Security for Banks


2/29

Cyberoam for Security in Banks

Dimensions of Banking Security

Cyberoam Solution

User Identity in Security

Solution Range


3/29

Dimension - 1 – External threats

External Threats – Attackers are after financial gain

• Targeting the nternal !ser

• Blended threats over multile rotocol

• !mail" #ver $% & mail is sam carrying sy'are( hishing( viruses( 'orm

• )TT* + Drive+by do'nloads( *harming( Sy'are via *,* sites

• I-" -alicious links and attachments

• .T* / -alicious uloads 0 do'nloads

"1# $oint Solutions% & combination% or !T'%


4/29

Dimension - ( – nsi)er Threats

nsi)er Threats – #ver 1%& threats are from insiders

• -ost attackers are current or former emloyees

• -a2ority of insiders lan their activities in advance using remote access

• -ethods /Using someone else3s comuter( Social engineering( Unattended terminal

• -alicious Intent" Selling cororate4customer data for financial gain

• User Ignorance" Indiscriminate surfing 5 -al'are( Sy'are

"*(* +oul) you settle for $lain Security if you ha) the choice of )entity-base) security%


5/29

Dimension – , – emote .ffice Security

emote .ffice Security / 6reater 6ranularity and Control over system resources

• )igh Security 7evels at ar 'ith )ead #ffice

• !8ternal threats

• Internal threats

• 7imited Technical Resources at Remote #ffice

• Centrali9ed control and visibility re:uired

• e/ulatory Compliance" BS ;;$$4 IS# ,;%%


6/29

Dimension – – Safe 2uar)in/ 3our En)$oints

-edical records of ;>< atients lost by a hosital

60% corporate data lies unprotected on endpoints

4ost !SBs

4ost 'ultime)ia Discs

+ron/ Email &ttachment

4ost i$o)s

*ersonal information of


7/29

Dimension – –Safe 2uar)in/ 3our Network En)$oints

What Places Data At Risk?

&pplications+eb5 'ail5 '5 $($5 $rintin/5 6T$

emo7able De7ices!SBs5 CDs8D9Ds5 '$,5

Di/ital cameras

nsi)ers!nauthori:e) transfer of sensiti7e )ata;

'alware-la)en email for information access;Sensiti7e )ata sent to wron/ person

Data &t isk


8/29

Core Banking SystemComponents

Datacenter

Network Administrators

CoreBankingApplication

!S" Data#ase

$nternetBanking

A&

Desktops" BranchSer'ers

WA("$nternet

WA("$nternet

BranchesApplication Developers

System Administratorsranch User/Admins

&lternati7e

Channels


9/29

Challen/es

!8isting .ire'all ina)e>uate for


10/29


11/29

Confidentiality / #nly Authori9ed users may access Restricted Gonal access /User Identity( F7A=

Incident -anagement / Identity+based logging 0 reorting

Device Control / Block unauthori9ed file coies( USBs etc?

Alication Control / Authori9ed use of Alications #nly

Summary of Benefits

*revents unauthori9ed access( leakage 4 damage to information

Reduces the risk of human error( theft( fraud( misuse of infrastructure

Gero+hour threat detection and alerts 'ith username

!nsures uick and Suitable Resonse

#ngoing monitoring 'ith username reorts

Cy#eroam Security to ) Bank


12/29

Cy#eroam

+ni,ed hreat&anagement


13/29

+hat is Cyberoam%

1* Comprehensi7e Security with

• *erformance+!ffectiveness+6ranularity

• .ire'all+F*=+I*S

• 6ate'ay Anti+virus 0 Antisam

• Content .iltering 0 Band'idth -anagement

• )igh+Availability 0

-ultile 7ink -anagement

• #n+Aliance Reorting

(* )entity-base) Security

,* Comprehensi7e Branch .ffice Security


14/29

-ire.all/P($PS

Dimension <


15/29

+hy Cyberoam 6irewall-9$N-$S%

• !nterrise+class erformance

• 6bs .ire'all Throughut( ,?1 6bs I*S Throughut

Certifications

• ICSA certified .ire'all

• Checkmark certified !nterrise UT-

• Interoerability 'ith Jrd arty F*= + F*=C certified

Benefits

• *revents file uloads and data leakage via I-

• I*S signatures to revent abnormal activity

• Horks on 7ayer K / The )uman layer

• Allo's users to carry their access rights any'here in the net'ork

Dimension <


16/29

Anti'irus AntiSpam

Dimension <


17/29

+hy Cyberoam &nti-9irus an) &nti-Spam%

Anti+Firus"

$$ & Anti+Firus detection rateL Gero+hour rotection

Firus #utbreak Detection / Gero+hour rotection

Anti+Sam"

$K & Sam detection rate / 4ow 6alse $ositi7e

Scans S-T*( *#*J( I-A* 'ith Recurrent *attern Detection @R*DT-

Content+agnostic and language indeendent / Image sam and emerging sam

Certification

Checkmark certified Anti+virus and Anti+sam

Dimension <


18/29

Content -iltering

Dimension <


19/29

+hy Cyberoam Content 6ilterin/%

• Database of millions of sites / K, M categories

• )TT* uload control

• Categori9es 6oogle cached ages 'ith dynamic UR7s

• *revents *ro8y surfing eg" tunnel ro8y utility( oen ro8y( 'eb ro8y?

Certifications

• Checkmark certified Content .iltering

• =et'ork *roducts 6uide a'ard + ,%%K

Dimension <

Benefits

• *revents entry of mal'are through unrestricted surfing

• *olicies based on user identity

• *revents Data 7eakage

http://www.networkproductsguide.com/best/2008/Cyberoam.html


20/29

Band.idth &anagement

&ultiple 1ink &anagement


21/29

Committed and burstable band'idth Restricts band'idth usage by roer allocation on re:uirements basis

*revents Band'idth Choking

Controls cost / revents e8cessive band'idth usage

Why Cy#eroam? Band.idth &anagement

!ser )entity in Security

• Assigns band'idth to critical users and alications / suorts business agility

• Alication and Identity+based band'idth allocation

Dimension <


22/29

&)7ance) 'ultiple 2ateway 6eatures

Auto gate'ay failover

Heighted round robin load balancing

*olicy routing er alication( user( source and destination

6ate'ay status on dashboard

=o restriction on number of HA= *orts

Schedule based band'idth assignment

+hat )oes it sol7e%

*rovides continuous connectivity

Security over multile IS* links

Dimension <


23/29

Why Cy#eroam?

Dimension 2$dentity#ased Security


24/29

Why $dentity? * AAA through Cy#eroam +&Security

!ser

&uthentication by Username / including Hi+.i &uthori:ation + Access Rights based on re+defined

cororate olicies

Username / =ot I* Addresses

=eed+to+Use basis

Across distributed locations

&ccountin/ / Centrali9ed 7ogging and Reorting

'ith Username

Sho's +ho is Doin/ +hat even in Dynamic

!nvironments

D)C* + Hi+.i + Shared -achine Scenarios


25/29


26/29

Data 4eaka/e Control = eportin/ @0TT$ !ploa)A


27/29

Why Cy#eroam?

Dimension 3Branch !4ce Security


28/29

+hy Cyberoam%

Branch .ffice Security

Comrehensive security

Branch user visibility and controls at )

*roven interoerability 'ith Jrd arty F*=s / 9$NC certifie)

HA= otimi9ation at branches

Band'idth efficiency

Simlified #erations / =o need for technical resource

Remote 'eb+6UI management

Dimension J


29/29

Secure emote &ccess

• I*Sec 0 SS7 F*= on UT- Aliance

• Any'here Secure Access to telecommuters( road 'arriors(

artners

• Threat .ree Tunneling Technology / Scans endoint for

mal'are• Clientless F*=

• .ull or limited access based on user 'ork rofile

• )igh scalability

• !asy to use and manage

Dimension J

Cyber o Am Ut m Presentation

Documents

Transcript of Cyber o Am Ut m Presentation