© 2013 bradford networks. all rights reserved. rapid threat response from 7 days to 7 seconds
TRANSCRIPT
![Page 1: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/1.jpg)
© 2013 Bradford Networks. All rights reserved.
Rapid Threat ResponseFrom 7 Days to 7 Seconds
![Page 2: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/2.jpg)
Agenda
• Changing Threat Landscape• Evolution of NAC to Security Automation• Intro to Bradford Networks• Leveraging Integration and Correlation• Rapid Threat Response• Business Impact
![Page 3: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/3.jpg)
Profile of Today’s Advanced Cyber Threats
Data Consolidation
DataExfiltration
Internal Network
Scan
PhishingEmail on End User’s Device
User’s Device Compromised
Attack surface is now 3x what is was just a few years ago.
![Page 4: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/4.jpg)
The Enterprise Today … Dynamic, Complex
Datacenter
Network
Users
Devices
Secure
Risk
Network Access Control
Assessing the Risk of
Every User and Device
BACKDOOR
SAFESAFE
SAFE
SAFE
BLINDSPOT
Visibility
Policies
Enforcement
![Page 5: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/5.jpg)
Network Visibility
WHO WHAT WHEN
Real-TimeVisibility
SingleNetwork Sentry
Appliance
….
LOCATION 2
LOCATION N
LOCATION 1
WHERE
VPN
![Page 6: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/6.jpg)
Flexible Network Access Policies
WHO WHAT WHERE WHEN
TRUSTEDUSERS
TRUSTEDTIME
TRUSTEDDEVICES
TRUSTEDLOCATIONS
![Page 7: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/7.jpg)
Policy Enforcement
IdentifyUser
AssignNetwork Access
AssessRisk
IdentifyDevice
NoAccess
GuestAccess
RestrictedAccess
UnrestrictedAccess
![Page 8: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/8.jpg)
Endpoint Compliance
SafeConfiguration
MandatoryApplications
Required OS Patch Levels
EndpointProtection
MinimumApplication Version
VLANAssignment
DeviceRisk Assessment
![Page 9: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/9.jpg)
Network Access Control
Gaining and Removing Network Access
Endpoint Visibility & Compliance
Threat InvestigationWorkflows
Self-ServiceOnboarding
Threat / DeviceCorrelation
Isolate Investigate Block
ConnectReassign
Reconfigure
Network Access Policies
Security Information & Event Management
Intrusion Detection Systems
Security Intelligence & Big Data Analytics
Advanced Persistent Threat Detection
Active Directory
Antivirus
PatchManagement
Mobile DeviceManagement
ApplicationWhitelisting
Visibility
TrustedConfigurations
RiskIndication
Network ChangeAutomation
Rapid Threat Response
ControlNetworkAccess
Criteria for
GainingNetwork Access
Criteria for
RemovingNetwork Access
![Page 10: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/10.jpg)
Evolution of NAC
RapidThreat Response
Minimize Threat Think Time
ThreatInvestigation
Simplify Investigation Workflows
Consumerization/BYOD
Enable Safe Network Provisioning
EndpointCompliance
Ensure Safe Devices
Self-ServiceOnboarding
Enable Scalable Onboarding
NAC 1.0Safe Onboarding
NAC 2.0BYOD
NAC 3.0Security Automation
![Page 11: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/11.jpg)
© 2013 Bradford Networks. All rights reserved.
Rapid Threat Response
![Page 12: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/12.jpg)
Cyber Threat Lifecycle
AttackTo
Compromise
CompromiseTo
Detection
DetectionTo
Containment
Attack Detection ContainmentCompromise
Cyber Threat Lifecycle
![Page 13: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/13.jpg)
Why Detection to Containment Takes 7 Days
More Records Breached
Theft
EscalatingTotal Cost
More Impact on Brand
Impact
Threats Are Targeted and Complex
FragmentedIT Skills
Silos of SecurityInformation
Too Many Security Events
Detection to Containment Time
![Page 14: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/14.jpg)
Getting Threat Response Down to 7 Seconds
Visibility Prevention Detection Response
Cyber Security Strategy
Threat Containment Threat Intelligence
Restrict Access
Block Device
RemediateDevice
DetermineMotive
TraceMethod
UncoverMistakes
ManualAutomation7 SECONDS
![Page 15: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/15.jpg)
Live Inventory of Network Connections (LINC)
SmartEdge Integration Platform
Leader inRapid Threat Response
Network Analytics and Forensics
About Bradford Networks
Best Buy RatingFrom SC Magazine
![Page 16: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/16.jpg)
SmartEdge Platform
USER
DEVICE CONNECTION
TIME
NetworkFirewalls
Detection
BYOD
Endpoint Protection
SIEM
APPLICATIONS
![Page 17: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/17.jpg)
Rapid Threat Response (RTR) Essentials …
Live Inventory of Wired, Mobile and VPN Connections
Real-Time and Flexible Control of Network Access
Business-Criticality of User and Endpoints
Integrated High Fidelity Security Alerts
![Page 18: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/18.jpg)
Network Sentry/RTR in Action
Response
Restrict Access
ThreatContainment
7 SECONDS
Block Device
RemediateDevice
Detection
IP Address
+ User Name+ Security Group
+ Device Type+ Operating System+ Wired Adapters+ Wireless Adapters+ Installed Applications+ Network Location+ Connection Port
![Page 19: © 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds](https://reader038.vdocuments.us/reader038/viewer/2022110116/5517776455034645368b4e96/html5/thumbnails/19.jpg)
Business Impact with Bradford Networks
Reduce Threat Response Time From Days to Seconds
Automate Response and Reduce Burden on Security Staff
Quickly Contain Threats, Prevent Propagation
Minimize Cost , Protect Brand, Protect Assets