How to offer virtualization and keep your customer database safe Matias Cuba R i Regional l Director Di t Northern N th E Europe Agenda g 1 Threats, Consolidation and Regulators 2 Virtualized Security 3 Database Security 4 Summary Fortinet Confidential Fortinet Confidental E Evolving Ever E l i Security S it Threats… Th t Security threats lead to Content Filtering Anti- virus Application Th hreats Anti-spam IDS Business Downtime Monetary & Financial Losses Data loss / Identify theft Corporate Espionage Customer Churn Bad Publicityy Regulatory Fines Firewall Locks Netwo ork Threa ats VPN The motive has changed From notoriety to criminal intent Funded by organized crime Global in reach Cyber crime economics too compelling to subside “Bl d d attacks” “Blended tt k ” exploit l it gaps b between t point i t products d t Retail & Finance Security With Fortinet 3 Fortinet Confidental C Consolidation lid ti is i allll A Around dU Us Just a few examples: Mobile Phones Companies Telecommunications / Video Datacenters And most importantly: Network Security Fortinet Confidental C Consolidation lid ti M Market k t Drivers Di Dynamic threat landscape Slowing growth of IT budgets Reductions in Footprint Physical / Data Center Carbon Fortinet Confidental T d and Trends d Challenges Ch ll F Facing i IT Cut Power Consumption Better Support the Business Get a Better Return on Investments Today’s IT Dept. Address Technological Complexity Make IT More Secure Reduce Operating Costs How do I optimally manage and utilize my IT infrastructure? Fortinet Confidental D Dynamic i Threat Th t L Landscape d Evolving Threats Continued increase in sophistication and prevalence of threats require multiple security technologies Increased enterprise adoption of Web 2.0 applications and IP-based services provide new vectors for attack Regulatory compliance pressures (SOX PCI, (SOX, PCI etc.) t ) Fortinet Confidental Realities of Info Security Threat Average g reported p loss from internal attacks was $2.7M per incident 1 in 10 U.S.A. companies experienced a database breach — Evans Data Corp. — CSI/FBI surveyy 78% of perpetrators are authorized users: employees, vendors, etc. - CERT/Secret Service More than 51% are not reporting ti security it breaches to anyone in their Company — CIO Fortinet Confidential Data theft grew more than 650% over the th pastt 3 years — CSI/FBI Fortinet Confidental Fid lit FIS Fidelity Fidelity National Information Services Insider Theft Senior Database Admin A database administrator stole 2.3M customer records, including Credit Card numbers and Bank Account information,, from FIS subsidiary Certegy Check Services. Using privileged credentials, the thefts went undetected for several years. Corporate Databases 9 Fortinet Confidental Regulatory Environment – IT specific Cross-Vertical/Region regulations PCI SOX and EuroSOX Fortinet Confidential Fortinet Confidental 95/ /46/EC C Eu urope FIISMA Fe ederal CA S SB 138 86 Ca alifornia a custo omers HIIPAA Hea althcare e G GLBA Financial Servvices F 21 C CFR 11 1 Pharm maceutiical Vertical/Region specific regulations R t il & Finance Retail Fi Industry I d t Regulations R l ti For F S Security it "Protecting the [credit card processing] environment i t iis critical iti l tto ensuring i th the ffuture t growth of electronic payments. Mike Smith Senior Vice President of Enterprise Risk and Compliance Visa,, Inc. Regulations are being Mandated and Variously Enforced I Reaction In R ti to t the th Security S it Risks Ri k Retail & Finance Security With Fortinet 11 Fortinet Confidental Agenda g 1 Threats, Consolidation and Regulators 2 Virtualized Security 3 Database Security 4 Summary Fortinet Confidential Fortinet Confidental Benefits of Virtualization in Datacenters Provides method to consolidate multiple servers Simplifies Si lifi and d reduces d physical h i l hardware h d requirements i t ffor D Datacenters t t Allows one single server to host multiple customers on a common infrastructure Improves network performance Reduces management complexity Enables more granular usage policies Fortinet Confidental Virt ali ation Drivers Virtualization Dri ers Consolidation of Physical Resources Reduction in Power Consumption Control / Provide Growth Simplify System Maintenance Optimize Resource Utilization Source: The Economist,, Mayy 22nd 2008 Fortinet Confidental C Consolidated lid t d Virtualized Vi t li d N Network t kS Security it Reduces R d number b off vendors d and d appliances li Provides comprehensive security down time from individual threats Minimizes down-time Simplifies security management Coordinates security alerting, logging, and reporting Improves detection capabilities Fortinet Confidental Consolidate to Reduce TCO Lower capital expenditures (CapEx) Fewer devices to purchase, manage and maintain Virtualization to manage g up to thousands of security profiles from one platform Lower operational expenditures (OpEx) Simplified management, maintenance, renewals and threat update subscriptions Smaller investment on training and support Long-term investment protection Future-proof devices: Service activation as security needs grow Per-device license model Fortinet Confidental R d i Footprint Reducing F t i t = FortiGate Appliance ¼ Physical Space ¼ Power Consumption Firewall / VPN IPS = Antivirus Web Filtering Fortinet Confidental Challenges in Virtual Network Security Manageability and reporting Manage multiple applications and multiple servers from a single d i with device ihd domain i specific ifi administrative d i i i profiles fil ffor llog d data, reports, alerts, options and menus Putting all applications and servers in a virtualized environment puts increasing demands on reporting to be compliant Scalability Provides the performance to support hundreds of Virtual Systems and VLANs without impacting overall network throughput, specific users or applications Modular Security Requires equ es a complete, co p ete, VLAN & Virtual tua System-enabled Syste e ab ed security secu ty su suite te where specific solutions can be applied on a per customer or per application basis while providing a low cost of ownership Fortinet Confidental Complexities of Deploying Web Applications Web applications are a public bli interface i t f to t databases d t b storing sensitive information Writing secure web application code is difficult and is often not the priority of the developer Challenges to securing code: Switch DMZ Corporate LAN Web Application Servers New vulnerabilities Patching schedules Code revisions Code access Vulnerability identification Deployment timelines Databases Fortinet Confidental FortiWeb Secures, Balances, and Accelerates Web Applications Instead of attempting to secure web application code, FortiWeb provides an umbrella of protection for web applications and data Switch DMZ Web applications are free to change, be added, and exist in multiple p instances Web applications secured Deployment simplified Content accelerated Resources load balanced Compliance achieved Corporate LAN Web Application Servers Databases Fortinet Confidental Summary Virtual security beyond the offer of any other vendor Traditionallyy onlyy virtualized FW, IPsec and SSL VPN With Fortinet: modularity across a menu of 8 virtualized security services FW (SSL)VPN AV AntiSpyware IPS AntiSpam g Webfiltering Traffic Shaping Combined with centralized management, logging and reporting 2 platforms merging into 1 single Interface Per-VDOM granularity FortiWeb for XML and Web 2.0 Applications Fortinet Confidental Agenda g 1 Threats, Consolidation and Regulators 2 Virtualized Security 3 Database Security 4 Summary Fortinet Confidential Fortinet Confidental Business Challenges – Database/Application security Database keeps the most sensitive information (Financial, Customer, HR)-for Example SSN#, Credit card#, Revenue# etc. Mitigate Internal Threats (Security) Manage Database Vulnerabilities to prevent breaches Monitor and Detect Unusual Access and Rule Violations Compliance (PCI, SOX, Privacy Protection, HIPAA, GLBA, BASEL II …) Enterprises must provide individuals privileges and access to data in order for them to perform their duties DBA, IT operator and software engineers have super privilege to perform their duties Database may be accessed remotely Automate tracking of database changes Improve visibility of access policy security violations Create audit trail for database activities Assists with Compliance Reporting Low TCO IT Security budgets are tight/ Time to benefit is critical Fast implementation is becoming standard Fortinet Confidential Fortinet Confidental Two steps to secure your Database Automatically create baselines of normal behavior Continuously scan for suspicious end-user behavior Alert on suspicious data access patterns Monitoring & A diti Auditing Full history of user privilege and object / schema design changes, incl. data access / data update events Audit/Compliance reports for use by y DBA team, infosec or audit team Fortinet Confidential Fortinet Confidental Assu ures the con nfidentiality, integrrity and availab bility of criitical ente erprise datta Scan for Vulnerabilities Scans for security problems – provides advice to fix Built-in best practices and/or your own standards Ongoing scan of every DB in your enterprise Audit/Compliance reports for use by DBA team, infosec or audit team Event Manager g Reports Email SNMP Vulnerability Assessment EMS Software Risks Configuration Risks Operational Risks IBM Directory Microsoft CRM Oracle Finance Authorized Users 24 DBA and Power Users Sybase y Fortinet Confidental ERP Agenda g 1 Threats, Consolidation and Regulators 2 Virtualized Security 3 Database Security 4 Summary Fortinet Confidential Fortinet Confidental Fi Financial i l “Belt “B lt Ti Tightening” ht i ” Slowing growth of IT budgets driving higher demands for ROI Rising complexity and cost of managing and maintaining multiple security solutions Increased pressure to improve security service while reducing g TCO ROI = Return on Investment Fortinet Confidental Li ht att th Light the E End d off th the T Tunnell March 20, 2008 “Ongoing convergence in technologies, market models and organizational g processes offers enterprises a significant opportunity to reduce security costs costs, while improving security levels.” —Gartner G t Source: Cost Cutting While Improving Security. (2008, March 20). Gartner. (Document ID: G00155980) Fortinet Confidental Th F The FortiFamily tiF il D Datacenter t t NETWORK •Hardware Hardware Accelerated •Virtual Domains •Network Firewall •VPN C t t IInspection ti •Content •UTM solution Perimeter,, core,, or segmentation point deployment WEB SERVER •Web Application pp Firewall •XML Firewall •SSL/XML Acceleration •Load balancer •SSL SSL Offload Offl d •Single Appliance •Multiple protection profiles Deployed inline in front of web servers Fortinet Confidental DATABASE Vulnerability Scan •Vulnerability •Monitoring and Auditing •Multiple database instances •Remediation advice •Progress P tracking t ki •Preconfigured reporting Deployed out of band band, automatically scans for databases Security Solution for Datacenters You need to consider both Front End and Back End security to be compliant and to have a complete security picture of your datacenter DATA BASES One security policy per application DATA CENTER Applications Virtual Server FortiGate with VDOMs and FortiWeb Virtual Domain 1 Application-1…X WinOS Virtual Domain 2 Application-1…X A li ti Applications Virtual Domain 3 Application-1…X MacOS Applications UNIX FW, AV, IPS, CF, AS, XML etc. etc Fortinet Confidental Virtual Domain 4 Application-1…X Virtual Domain 5 Application-1…X Database security Two Questions for you! 1. Have you virtualized your security? 2 Do you have database security at all? 2. Th k You! Thank Y ! Fortinet Confidental
© Copyright 2024