Page 1

Agosto 2016

1

SEGURIDAD, VISIBILIDAD Y SDN: CONTROL TOTAL XAVIER MARTINEZ ELIZALDE DIRECTOR GENERAL


SEGURIDAD 2


Palo Alto Networks

3 | Š 2015, Palo Alto Networks. Confidential and Proprietary.


Palo Alto Networks at-a-glance CORPORATE HIGHLIGHTS • Founded in 2005; first customer shipment in 2007 • Safely enabling applications and preventing cyber threats

ENTERPRISE CUSTOMERS

REVENUES

26,000

$MM 24,000 $1,000

• Able to address all enterprise cybersecurity needs • Exceptional ability to support global customers

$928 20,000

$800

$598

16,000

13,500

$600

$396

12,000

9,000

$400

$255

• Experienced team of 3,300+ employees • Q2 FY16: $334.7M revenue

19,000

8,000

$119

$200

$13

$49

4,700

4,000

$0 FY09 FY10 FY11 FY12 FY13 FY14 FY15

0 jul.-11

4 | © 2015, Palo Alto Networks. Confidential

jul.-12

jul.-13

jul.-14

jul.-15


La Seguridad como un Habilitador de Negocios Administraciรณn de Riesgo

Eficiencia

Riesgo

Agilidad Evoluciรณn de TI


Nuestra diferencia: EL PODER DEL CONTEXTO


Failure of legacy security architectures Limited visibility

Lacks correlation DNS protection for outbound DNS

Manual response

DNS protection cloud Endpoint AV

DNS Alert SMTP Alert Web Alert AV Alert Endpoint Alert DNS Alert SMTP Alert AV Alert Endpoint Alert Web Alert AV Alert DNS Alert Web Alert

UTM/Blades

Internet

Enterprise Network

Anti-APT for port 25 APTs

Vendor 1

Vendor 3

Internet Connection

Vendor 2

Vendor 4

Malware Intelligence

7 | Š 2015, Palo Alto Networks. Confidential

Anti-APT for port 80 APTs

Network AV Anti-APT cloud


Una Arquitectura fundamentalmente diferente Palo Alto Networks: políticas de seguridad en un solo paso.

?

Clasificiación Total

Aplicación Usuarios Contenidos

Enforcement

Listo

?

Puertos Clasificación

User L1-4

Detección de Algunas Aplicaciones Filter

User L1-4

Archivos Clasificación Filter

User L1-4

Amenazas Match Filter

etc.

LOS DEMÁS

Competencia: Filtros secuenciales sin contexto


PORQUÉ ES IMPORTANTE? Ejemplo de escenario:

Política deseada Navegación Web

Bloquea todos los archivos

Respaldo Nube

Permite todos los archivo

SharePoint on line

Bloquea solo Ejecutables

Nosotros podemos!

Los demás no…


Single-Pass Parallel Processing™ (SP3) Architecture

10 | Š 2015, Palo Alto Networks. Confidential and Proprietary.


OUR PLATFORM FUNDAMENTALS

APP ID

USER ID

CONTENT ID


SAFELY ENABLE APPLICATIONS


THREAT INTELLIGENCE CLOUD

THE UNKNOWN

REMEDIATION Automatically prevented

Automatically identified

WildFire

Protections delivered automatically in

192,000

Anti-malware protections per day

24,000

URL protections per day

15 minutes

THREAT INTELLIGENCE CLOUD

Rich forensics and reporting for quick, detailed investigation

12,000

DNS protections per day Threat Prevention

URL Filtering

Forensics & Reporting


Requirements for the future DETECT AND PREVENT THREATS AT EVERY POINT ACROSS THE ORGANIZATION

Cloud

At the mobile device

At the internet edge

6 | © 2015, Palo Alto Networks. Confidential

Between employees and devices within the LAN

At the data center edge, and between VM’s

Within private, public and hybrid clouds


Unique platform offering Consistency

Cloud

Products

Aperture™

Datacenter

Enterprise perimeter

Distributed/BYOD

Endpoint

Traps™ Physical: PA-200, PA-500, PA-3000 Series, PA-5000 Series, PA-7050, PA-7080 WildFire: WF-500 Virtual: VM-Series for NSX, AWS, and KVM

Threat Prevention URL Filtering Subscriptions

GlobalProtect™ WildFire™ Use cases

Next-Generation Firewall

Cybersecurity: IDS / IPS / APT

Web gateway

VPN

Management system

Panorama, M-100 & M-500 appliances, GP-100 appliance

Operating system

PAN-OS™

15 | © 2015, Palo Alto Networks. Confidential and Proprietary.

16 | © 2015, Palo Alto Networks. Confidential

Mobile security


RESUMEN EJECUTIVO DE BENEFICIOS: FACILITA EL USO SEGURO DE LA RED SE REDUCE Y CONTROLA EL RIESGO EN LA RED

Remover las amenazas de los trรกficos permitidos

Permitir de manera segura solo las aplicaciones deseadas por usuarios o grupos. Visibilidad del uso de todas las aplicaciones y los usuarios en la red on the network

Cloud


VISIBILIDAD 1 7


¿Que problemas resuelve?

ANTES

DESPUÉS

1 8


Objetivos primarios

Seguridad

Penetraciรณn

Inteligencia

1 9


Las 12 razones para integrar la plataforma de Visibilidad de Gigamon

1. 2.

3. 4. 5. 6.

Elimina los problemas derivados de puertos SPAN 7. Monitoreo de puertos de alta velocidad con 8. herramientas de baja velocidad 9. Maximizar la utilizaciรณn de las herramientas de red 10. Prevenir la sobresuscripciรณn 11. de la s herramientas Incrementar la visibilidad de 12. la red Habilitar el monitoreo

centralizado Reducir la complejidad de administraciรณn Incrementar la agilidad operacional Reducir el costo operacional Reducir el costo de capital Facilitar la redundancia en seguridad Tener una arquitectura completamente abierta 2 0


¿Con quien trabajamos?

RED

HERRAMIENTAS

Herramientas centralizadas

2 1


¿Qué nos diferencia?

o Creador del mercado • Plataforma de entrega de seguridad y Fabric de visibilidad de trafico. Fundada en 2004

o Maquina de innovación • 31 patentes emitidas y 28 pendientes en USA

o Determinante de crecimiento • Esencial para la seguridad, los centros de datos, la nube y la movilidad

o Clientes lideres • 78 de Fortune 100 y 386 de los Fortune 1000

o Presencia Global • Red de ventas, experiencia técnica reconocida mundialmente y soporte local 2 2


Portafolio de la plataforma de visibilidad de Gigamon

2 3


SDN (Software Defined Networking) 2 4


Dell 2016

The Future of SDN is Open Changing the industry and encouraging innovation


Open Networking delivers choice Toward a software-defined data center

Overlay solutions NVO with VMware & Microsoft Open Stack - SDN and NFV Open Networking

Open Networking

Softwaredefined networks Open automation TCL, Perl & Python scripting REST-API, XML, OMI, Puppet, Chef

Programmable solutions

Open SDN controllers open standards, open source open protocol: Open Flow

Controller solutions


Speed Port density RU

Non Blocking Line rate


Now: Networking paradigm shift Traditional networking Proprietary architectures & mgmt tools

Hundreds of protocols

Future of networking Standard orchestration & automation tools Optional 3rd party SDN/NVO controller Any networking OS

Proprietary networking OS (e.g., Cisco IOS, Juniper OS)

Open standard hardware

Proprietary ASICs

Merchant silicon


Dell enables the Open Networking Ecosystem Leverage open, innovative and best-of-breed solutions Automation

Orchestration

Monitoring

Standard orchestration & automation tools Optional 3rd party SDN/ NVO solutions

Others

Any networking OS Open standard hardware Merchant silicon

Others

Others

Others


Software for the Open Networking era NetOps

DevOps

OS10 Open Networking Software

Native Linux Apps

3rd Party Apps

OS10 Apps

Management Tools

Automation Tools

Common Management Services (CMS)

IP Services

Fabric Services

L2/L3 Protocols

Linux Networking

Security Services

Policy Control

Premium package (Q316)

Development Environment via Control Plane Services (CPS)

Dell Networking OS10 Base (Native Linux) Platform Abstraction via OCP Switch Abstraction Interface (SAI)

Modern software for modern operations

Base package (Q216)


Dell Networking Operating Systems, Dell OS9, OS10

• Feature rich, mission critical, line rate performance Cumulus Linux

• Linux expertise and Linux standardized environments that value common Linux tools for server and network management; Tools and skills convergence Big Switch Networks Switch Light OS • Network tapping and monitoring for customers interested in adopting SDN • Big Cloud Fabric for fully automated, single pane management network fabrics IP Infusion

• Traditional Network Virtualization with MPLS; Rich L2/L3 feature set Pluribus Networks

• Controller less Distributed Fabric and Analytics


CONTROL TOTAL

NETJER CLOUD CONTROL TOTAL


ยกMuchas gracias! Xavier Martinez Elizalde Director General Netjer Networks xavier.martinez@netjernetworks.com Twitter: XavierMEL LinkedIn: https://mx.linkedin.com/in/xavier-martinez-elizalde-lugo-984659

SEGURIDAD, VISIBILIDAD Y SDN: CONTROL TOTAL  
SEGURIDAD, VISIBILIDAD Y SDN: CONTROL TOTAL  

Xavier Martínez Elizalde Director General NetJer Networks

Advertisement