A 2009 Retrospective and 2010 Predictions
by SonicWALL’s VP and General Manager, Douglas Brockett
* Reviewed : 1[o], 2[], 3[], 4[]
2009 : Change and Consolidation
More people watched a video than TV
1. Search Engines
2. General Interest Portals
3. Software Manufacturers
4. Social Networks/Blogs
5. Email
Social Networking = Business Networking
Social Networking Malware arrived too
Twitter, Facebook, LinkedIn
* 2010 Technology Trends
1. Virtualization
2. Data Center Consolidation
3. Cloud/SaaS
4. Mobile Devices
5. Converged Communications
6. Data Leakage
1. Virtualization
o Benefits
- Efficiency, Performance
o Implications
- Hypervisor threats, Inter application security
One strategy is to place a UTM Firewall "in-front" of the VM server to protect against attacks
Clean VM Networking
- Another strategy is to provide Inter-VM security, using in/out network routing
2. Data Center Consolidation
Power/Space - OPEX
o Benefits
- Reduces overhead equipments/power/staff
- Improves bandwidth between apps
o Implications
- Inter-data center security is lost
- Access and Disaster risk consolidation
Protecting a Data Center
-> SSL VPN -> UTM Firewall -> Server Groups
3. Cloud/SaaS
o Benefits
- Provides rapid scalability, redundancy
- Decreases CAPEX
o Implications
- Data and app move beyond your perimeter - direct access from mobile users to your data
- Latency/Bandwidth sensitive apps suffer
Clean VPN
-> SSL VPN -> UTM Firewall -> Cloud Service
4. Mobile Devices
86% phones are not smart phones but rapidly growing...
User Mobility
o Benefits
- Productivity : access from anywhere, anytime
- Disaster avoidance
o Implications
- Typing access rules to individuals just got a lot harder
- Many of the endpoints are unmanaged
-> SSL VPN -> UTM Firewall -> User Apps (Laptop, Mobile, Kiosk)
5. Converged Communications
VoIP, Video, Data
o Benefits
- Cheaper, simpler, more scalable network
- Single network vendor
o Implications
- Bandwidth competition, performance
- Risk consolidation
- Exposure to internet-borne threats
o Protecting Converged Communications
- Quality of Service : UTM Firewall
- Bandwidth Management : UTM Firewall (per apps and per user basis)
6. Data Leakage
PCI and EHR Implications
Mixing personal and work data
o Benefits
- Easy to make a mistake and accidently disclose data
- Even easier to intentionally steal data
o Implications
- Ubiquitous employee access to "outside" systems provides morale
and potential productivity benefits
- Employee access to rich data sets improves productivity
o Layered Data Leakage Protection
- Email Security
. Provides outbound compliance tools for spotting data leaving your network
- UTM Firewall
. Can block malware that may hunt for specific data
. Provides app control to limit common data leakage paths
. Application firewall in utilizes custom signatures to prevent data from leaving your network
2010 - Anything, Anywhere, Anytime
o Traditional IT controls fade
o As fast as these tools are adopted their weaknesses will be targeted by cybercriminals
o How do we prepare for these threats?
- Embrace change
- Focus policy on users, content and apps
- Leverage world-wide real-time threat information to stay ahead of the curve
by SonicWALL’s VP and General Manager, Douglas Brockett
* Reviewed : 1[o], 2[], 3[], 4[]
2009 : Change and Consolidation
More people watched a video than TV
1. Search Engines
2. General Interest Portals
3. Software Manufacturers
4. Social Networks/Blogs
5. Email
Social Networking = Business Networking
Social Networking Malware arrived too
Twitter, Facebook, LinkedIn
* 2010 Technology Trends
1. Virtualization
2. Data Center Consolidation
3. Cloud/SaaS
4. Mobile Devices
5. Converged Communications
6. Data Leakage
1. Virtualization
o Benefits
- Efficiency, Performance
o Implications
- Hypervisor threats, Inter application security
One strategy is to place a UTM Firewall "in-front" of the VM server to protect against attacks
Clean VM Networking
- Another strategy is to provide Inter-VM security, using in/out network routing
2. Data Center Consolidation
Power/Space - OPEX
o Benefits
- Reduces overhead equipments/power/staff
- Improves bandwidth between apps
o Implications
- Inter-data center security is lost
- Access and Disaster risk consolidation
Protecting a Data Center
-> SSL VPN -> UTM Firewall -> Server Groups
3. Cloud/SaaS
o Benefits
- Provides rapid scalability, redundancy
- Decreases CAPEX
o Implications
- Data and app move beyond your perimeter - direct access from mobile users to your data
- Latency/Bandwidth sensitive apps suffer
Clean VPN
-> SSL VPN -> UTM Firewall -> Cloud Service
4. Mobile Devices
86% phones are not smart phones but rapidly growing...
User Mobility
o Benefits
- Productivity : access from anywhere, anytime
- Disaster avoidance
o Implications
- Typing access rules to individuals just got a lot harder
- Many of the endpoints are unmanaged
-> SSL VPN -> UTM Firewall -> User Apps (Laptop, Mobile, Kiosk)
5. Converged Communications
VoIP, Video, Data
o Benefits
- Cheaper, simpler, more scalable network
- Single network vendor
o Implications
- Bandwidth competition, performance
- Risk consolidation
- Exposure to internet-borne threats
o Protecting Converged Communications
- Quality of Service : UTM Firewall
- Bandwidth Management : UTM Firewall (per apps and per user basis)
6. Data Leakage
PCI and EHR Implications
Mixing personal and work data
o Benefits
- Easy to make a mistake and accidently disclose data
- Even easier to intentionally steal data
o Implications
- Ubiquitous employee access to "outside" systems provides morale
and potential productivity benefits
- Employee access to rich data sets improves productivity
o Layered Data Leakage Protection
- Email Security
. Provides outbound compliance tools for spotting data leaving your network
- UTM Firewall
. Can block malware that may hunt for specific data
. Provides app control to limit common data leakage paths
. Application firewall in utilizes custom signatures to prevent data from leaving your network
2010 - Anything, Anywhere, Anytime
o Traditional IT controls fade
o As fast as these tools are adopted their weaknesses will be targeted by cybercriminals
o How do we prepare for these threats?
- Embrace change
- Focus policy on users, content and apps
- Leverage world-wide real-time threat information to stay ahead of the curve
반응형
'_IT 트렌드 > Vendors' 카테고리의 다른 글
| [펌] 이기종 타서비스간의 통합인증을 하려면? LDAP 이 답이다 ! (0) | 2010.10.08 |
|---|---|
| “네트워크 장비도 그린이 대세”...현황부터 팁까지 (0) | 2010.05.15 |
| 시스코, 아이폰용 보안 프로그램 출시 (0) | 2010.03.10 |
| HP, 3Com 을 인수하다 (0) | 2009.11.12 |
| Cisco 통합 서비스 라우터 (ISR) G2 소개 세미나 - 요약 (0) | 2009.10.27 |