gtcw13 security silicon to seattle - stephen poeppe

7/27/2019 GTCW13 Security Silicon to Seattle - Stephen Poeppe

1/20

McAfee Delivers Intelligent SecuritySecurity: Silicon to Satellite foundation level requirements

for Services, Communication and Compliance

Stephen Poeppe

Sales Engineer


2/20

IT Forces Impacting Government 2.0

DATA CENTERTRANSFORMATION

NEXTGENERATION

ENDPOINT

WEB ANDIDENTITY

NEXT GENERATIONNETWORK

2


3/20

Inherent Complexity

Encryption

Next

Gen IPS

Identity andAccess Control

Data Protection

Data LossPrevention

Cloud

Virtualization

Servers /Networks

DatabaseSecurity

EmailProtection

Social MediaProtection

Identity Protection

WebProtection

BYOD / Mobile Enable the Workforce

Identity

Protect Devices

OS Protection (Legacy,Win 7/8, Android, Mac)

ReportingProtect IP

App Protection

Continuous Monitoring

Exploding Data

Achieve CyberReadiness


NEXTGENERATION

ENDPOINT

WEB ANDIDENTITY


3


4/20

Compounded by Business Constraints

Encryption

NextGen IPS

Identity andAccess Control

Data Protection

Data LossPrevention

Cloud

Virtualization

Servers /Networks

DatabaseSecurity

EmailProtection

Social MediaProtection

Identity Protection

WebProtection

BYOD / Mobile Enable the Workforce

Identity

Protect Devices

OS Protection (Legacy,Win 7/8, Android, Mac)

ReportingProtect IP

App Protection

Continuous Monitoring

Exploding Data

Achieve CyberReadiness


NEXTGENERATION

ENDPOINT

WEB ANDIDENTITY


DECREASED/FLATBUDGETS

LIMITED ORUNTRAINEDRESOURCES

UNPLANNEDCOMPLIANCE

AND REPORTINGREQUIREMENTS

CHANGINGBUSINESSDEMANDS


5/20

CAN?

The Security Dilemma


6/20

How to Optimize Your Investment

CAN?

HOW?


7/20

OPTI

(~4% of IT Bud

COMPLIANT/PROACTIVE

(~8% of IT Budget on Security)

REACTIVE

(~3% of IT Budget on Security)

SECURITY OPTIMIZATION

Security Posture

TCO (CapEx +)

The Drive to OptimizeThe Maturity Model of Enterprise Security

7


8/20

1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0

1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1

1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1

1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1

INTEGRATED AND

INTELLIGENTSOLUTIONS

REAL TIME

SITUATIONALAWARENESSAND RESPONS

Security ConnectedDelivering an Optimized Security Capability

8


9/20

McAfee


10/20

McAfee


11/20

McAfee


12/20

McAfee


13/20

McAfee

Use Case # 1 - Outage Prevention


14/20

McAfee

Use Case # 1 - Outage Prevention

" I now have the most

time view of theenvironment, rather talways looking l ike I wlast to know" .


15/20

McAfee

Use Case # 2- Blacklisted Applications

All systems now clea

blacklisted applicatio


16/20

McAfee

Use Case # 2- Blacklisted Applications

All systems now clea

blacklisted applicatio


17/20

McAfee

Other questions you can ask

Get Installed Applications contains * from a

Get OS from all machines

Who is logged in and running a particular p

What are the hashes of files that are conneknown bad IP address?

Get McAfee File reputation from all machin

Get McAfee HIPS Status from all machines

Get Open Port[80] from all machines

Get established connections to external IP


18/20

McAfee

and actions you can take

Stop and start processes or services

Add or delete files

Read or modify registry keys

Install, patch, update, or remove applicatio

Anything else you can think of that you canon a command line or shell!


19/20

Security Connected Platform Vision

COUNTERMEASURES

AND INTEGRATION

CONTEXT AND ORCHESTRATION

SECURITY MANAGEMENT

ANALYTICS

THREAT INTELLIGENCE

19


20/20

gtcw13 security silicon to seattle - stephen poeppe

Documents