march 2008 we think ahead, you go beyond… prepared by mona ramzy presales team leader...
TRANSCRIPT
March 2008 www.alkantelecom.com
We think ahead, You go beyond…
Prepared by Mona RamzyPresales team leader [email protected]
2008
Agenda
Company profile.
Introduction.
Endpoint protection.
Network protection.
Wan optimization & traffic shaping
(QOS).
Security Services.
Summary.
2008
Alkan Group Wholly Owned Subsidiaries
Established in 197412 companiesDiversified Business3,600 ProfessionalsYearly turnover exceeds 4 Billion EGPExistence in 16 countries in ME & Africa
2008
Introduction
2008
Security Portfolio
2008
Security Portfolio
Endpoint Data ProtectionI. Endpoint Encryption Protect your company’s mission-critical information with Endpoint Encryption. This
solution uses powerful encryption and strong access control to prevent unauthorized
access to your sensitive data and stop its loss.
McAfee Endpoint Encryption (SafeBoot Encryption)
Lumension End Point Security
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
II. Data loss prevention The point of these products is to monitor, document, and often prevent sensitive information from leaving an organization without authorization.
McAfee Data Loss Prevention (DLP)
III. Device Control Do you know where your data is? Device Control protects data from leaving your company’s control and falling into the wrong hands through removable media, such as USB drives, MP3 players, CDs, and DVDs.
McAfee Device Control
Lumension End Point Security
2008
Security Portfolio
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
FIREWALLS Stateful firewalls Maintain context about active sessions, and use that "state information" to
speed packet processing. Any existing network connection can be described by several properties, including source and destination IP address, UDP or TCP ports, and the current stage of the connection's lifetime (including session initiation, handshaking, data transfer, or completion connection).
Fortinet
Juniper
Cisco
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
FIREWALLS Cont’ Unified Threat Management Unified Threat Management (UTM) devices are dedicated appliances that include
integrated firewall, VPN, intrusion detection or intrusion prevention, and anti-virus capabilities.
Fortinet
Juniper Application-layer firewallswork on the application level of the TCP/IP stack (i.e., all browser traffic, or all telnet
or ftp traffic), and may intercept all packets traveling to or from an application. They block other packets (usually dropping them without acknowledgement to the sender). In principle, application firewalls can prevent all unwanted outside traffic from reaching protected machines.
Secure Computing (Sidwinder)
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
Intrusion prevention system Network Intrusion Prevention Systems NIPS are security devices that perform deep-packet inspection to identify and
block malicious traffic. NIPS look for signatures of known viruses and worms, and block that traffic accordingly, also include a rate-limiting feature that allows a network administrator to set a threshold of traffic that is allowed to pass at any one time.McAfee NIPS
Juniper
Cisco
Proventia® Network Intrusion Prevention System (IPS)
Tipping Point Host Intrusion prevention system preserves your desktops and servers with signature and behavioral
protection, and a system firewall.
McAfee HIPS
Proventi a Server Sensor
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
Total Endpoint ProtectionProtect your endpoints from malicious threats, mitigate risk, and lower costs
with our simplified, comprehensive, and powerful end-to-end solution .
Kaspersky Total Space Security
McAfee Total Protection for Enterprise
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
Identity Management Identity management defines a digital identity for each entity (human,
hardware, or process), associates attributes with the identity, and enforces the means by which the identity can be verified.
Digital Certificate services plus PKI integration plus smart card or token integration .
VASCORSACustomized Strong Authentication Solutions
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
Proxy And caching Some of the technologies used to accomplish the process of shrinking the data traveling over these protocols include traffic prioritization, compression, caching, wide-area file services, server load balancing, TCP optimization and SSL acceleration.
Bluecoat Secure Computing (Webwasher)
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
Messaging Security Messaging security products includes protection from spam, viruses,
phishing attacks, spyware, Trojans, worms, and other malware on both the inbound and outbound e-mail routes.
Fortinet ( Fortimail )
Secure Computing ( Ironmail )
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
Compliance Solutions Network Access Control (NAC) NAC can manage users’ access once they’re already on the LAN to certain servers,
applications, and data. Ensuring a user is who they say they are is typically performed by captive portals, MAC-based authentication, port-based authentication, or third-party authentication. Set policies dictate the level of access each user is granted, be it go/no-go access, VLAN-based access controls, simple packet filters, or stateful firewalling.
Cisco (NAC)
Juniper (UAC) Configuration control Solutionprovides complete control of virtual and physical IT configurations, combining
configuration assessment with change auditing in a single software solution for enterprise configuration control.
Configuration assessment policies assess and validate IT configurations against internal policies, compliance standards and security best practices, reporting on out-of-policy settings and providing detailed remediation guidance.
Tripwire Enterprise
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
Event Management Large enterprise networks generate an overwhelming amount of logs and
security events. Firewalls, intrusion detection systems, web servers, authentication devices, and many other network elements contribute to more and more logs which need to be analyzed and produce actionable information.
Juniper – STRM
Customized Syslog Solution
2008
Security Portfolio
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
Complying with security standards for organization program .
Security Risk Assessment
ISO 27001 Preparation Services
Vulnerability assessment
penetration testing
Ethical hacking
PCI Compliance preparation.
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
Complying with security standards for organization program .
Security Risk Assessment
ISO 27001 Preparation Services
Vulnerability assessment
penetration testing
Ethical hacking
PCI Compliance preparation.
2008
QualysGuard Security and Compliance Solutions
QualysGuard Vulnerability Management
Globally Deployable, Scalable Security Risk and Vulnerability Management
QualysGuard Policy Compliance Define, Audit, and Document IT Security Compliance
QualysGuard PCI Compliance Automated PCI Compliance Validation for Merchants and Acquiring
Institutions
QualysGuard Web Application Scanning Automated Web Application Security Assessment and Reporting
that Scales with your Business
2008
Security Portfolio
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
WEB application Acceleration Citrix® NetScaler® is a Web application delivery appliance that accelerates
performance, provides L4-7 traffic management, offers an integrated application firewall and off loads servers to ensure application availability, increased security and substantially lower costs.
In addition to accelerating application performance, Citrix NetScaler offloads computing-intensive tasks like SSL encryption and TCP connection management from Web servers. Servers are then free to handle more application requests, increasing the scalability of the application infrastructure and generating a high return on investment (ROI).
CITRIX
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
Wan optimizationWAN optimization products seek to accelerate a broad range of applications
accessed by distributed enterprise users via eliminating redundant transmissions, staging data in local Cahes, compressing and prioritizing data, and streamlining chatty protocols (e.g., CIFS).
WAN Optimization is a superset of WAFS in that it also addresses:• SSL-encrypted ASP and Intranet applications• Multimedia & e-learning applications
Bluecoat Mach5
2008
Security Portfolio (Cont’d.)Security Portfolio (Cont’d.)
Traffic shaping & controlTraffic shaping (also known as "packet shaping") is any action on a set of
packets (often called a stream or a flow) which imposes additional delay on those packets such that they conform to some predetermined constraint (a contract or traffic profile).[2] Traffic shaping provides a means to control the volume of traffic being sent into a network in a specified period (bandwidth throttling), or the maximum rate at which the traffic is sent (rate limiting), or more complex criteria such as GCRA.
Bluecoat Packetshaper
2008
SummarySecurity Service
Endpoint Data protection
McAfee DLP , SafeBoot and Device control
Lumension End Point Security
Endpoint total protection
Kaspersky workspace security
McAfee total Endpoint security
Gateway Security
Fortinet -Fortigate
Juniper Cisco
Application layer Firewall
Secure Computing - Sidewinder
IPS/IDS ISS Proventia Juniper -IDP Tipping Point
Web Security Gateway
Bluecoat Proxy and caching
Webwasher proxy and caching
2008
SummarySecurity Service ProductsMail Security Gateway
Secure computing- Ironmail
Fortinet - Fortimail
Network Access control
Cisco - NAC Juniper - UAC
Web application Acceleration
CITRIX
Wan optimization
Bluecoat Mach 5
Traffic shaping , Monitoring and control
Bluecoat Packet shaper
Security servicesISO 27001 preparation.
Policy Compliance
Vulnerability assessment
Risk assessment PCI compliance. penetration test
2008
2008
Thank You
8 El Gazaer St., New Maadi, 11435, Cairo, EgyptTel.: + 202 2 516 9722, +202 2 754 6027Fax.: +202 2 516 9560www.alkantelecom.com