security made in germany gateprotect
Post on 25-Jul-2015
58 Views
Preview:
TRANSCRIPT
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
4/3/2015
Reliableand Innovative
Network Security “Made in Germany”
Andrea Scattina, Sales Director Italia
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Agenda
The Company gateprotect GmbH
Challenges to IT Security Today
Our Response: Innovative Network Security “Made in Germany”
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
gateprotect Company Profile
▪ Founded in 2002, 100 employees ,24 developers▪ Now 2015 , 210 empoyees , 78 developers
▪ Headquarters: Hamburg and Liepzig
▪ Global Player with German roots
▪ Leading European manufacturer
▪ > 30,000 installations
▪ EAL 4+ certification of the BSI
▪ Member of the federal association TeleTrusT e.V.
▪ Member in the “Alliance for Cyber-Security”
Last update: 02/2014
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
gateprotect has been part of theRohde & Schwarz group since June 2014.
By acquiring gateprotect GmbH, Rohde & Schwarz is investing into the IT technology market and secures additional expertise in the segment of network security.
The electronics group Rohde & Schwarz is a leading provider of solutions in the areas of measuring technology, broadcasting, radiomonitoring and radiolocation as well secure communication. Founded 80 years ago, the standalone company with its services and a tight service network is meanwhile present in over 70 countries of the world and employs approximately 9,300 employees.
gateprotect – A Rohde & Schwarz Company
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
The Patriot Act
“In all cases where personal data is stored on servers of U.S. subsidiaries, this is a breach of European law”
“The provisions of the Patriot Act allow U.S. authorities such as the FBI, the NSA or the CIA not only to access the servers of U.S. companies without a judicial order. Foreign subsidiaries are as well obliged under the U.S. law to grant access to their servers; even if this is not permitted under local law.”
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Current Threats
“One single cyber-incident may cost a small company tens of thousands of Euros; a large case of data-theft may cost millions”, says EU Commissioner Neelie Kroes. “Nevertheless, most of such incidents could be avoided if users observed simple and low-cost precautions.”
“Under certain circumstances, reporting incidents to the public might even have adverse effects for the concerned companies”, says Michael Barth, expert for cyber-security.
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Targeted Attacks
▪ Blackmailing with stolen data
▪ Competitors accessing confidential data and information
▪ Stealing and misuse of passwords
Viruses via Internet and E-Mail
▪ Breakdown of the IT system
▪ Destruction of data/documents
▪ Installation of sniffer programs
▪ Identity and data theft
▪ Capture and use as a botnet computer
Companies’ Own Employees, Aware or Not
▪ Stealing of customer data
▪ Stealing of confidential documents
▪ Access to insecure websites, e.g. links via Facebook
▪ Distribution of viruses (USB stick, downloads)
The greatest risk is a company‘s own staff!
Current Threats
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
The Top 6 Cyber-Threats
DDoS attacks with botnets
Targeted hacking of web servers to place malware
Drive-by exploits, e.g. in advertizing banners
Targeted infiltration with malware by means of social engineering or via e-mail
Random distribution of malware via Spam
Multi-level attacks where, for example, security service providers or central certification units are compromised first
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
The Human Factor - Danger
98%Operator
Errors
2%Technical
Errors
The greatest risk is the complexity of the products and their operation …
“Altogether, both IT managers and executives consider human misconduct as the greatest danger for the company.”
Federal Officefor Information Security
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Security Systems Are Good Only If They …
▪ are easy to operate – avoidance of errors
▪ may react to new threats dynamically and quickly
▪ complex but still comprehensible
▪ are customer-focused and not restricted by an “Act”
▪ have no back doors
▪ are being developed in Germany
▪ have been certified by the BSI.
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Certification and Self-Commitment
gateprotect's Firewall Packet Filtering Core has been certified by the Federal Office for Information Security (BSI) in accordance with “Common Criteria Evaluation Assurance Level 4 Augmented (EAL 4+)”.
gateprotect has been a founding member of the initiative “IT Security made in Germany” that is supported by the Federal Ministry of Economics and Technology. We have committed ourselves to manufacture only products that have no hidden access mechanisms and back doors.
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
04 Marzo 2015
Product Overview”
Claudio Adami, Sale Engineering
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
- Differences between UTM Next Generation Firewall and Next Generation Firewall
- Product overview
- Implementation Examples / Multi-Layer Security Concept / P-A-P Concept
- Benefits Multi-Layer Security Concept
Agenda
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Differences – UTM Next Generation Firewall
In a UTM firewall, there are several perimeter security functions unified under a central management. Contrary to this, a next generation firewall supplements these functions by User Tracking and the App Filter.
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Intrusion Prevention(IDS & IPS)
Web Filter Anti Virus Traffic Shaping
Firewall Application Filter (for Facebook Apps,
Skype etc.)
Spam Filter(Zero-hour Spam Protection)
VPN IPSec & SSL
Reliable Features
The increasing number of threats and the growing influence of the Internet on our everyday lives (social media, Web2.0) are making more and more complex security mechanisms necessary.
Differences – UTM Next Generation Firewall
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
NETWORK PROTECTOR offers, Single-pass technology with the most advanced deep packet inspection method, which detects hundreds of applications and can decode a great variety of different protocols. The connection can be examined closely for all important applications. Traffic is screened rigorously for malware and undesirable content.
Differences – Next Generation Firewall
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
APPLICATION FILTER
PROTOCOL VALIDATION
TRAFFIC MANAGEMENT
FORENSIC TRAFFIC CAPTURE
ANTI-MALWAREINTRUSION
PREVENTION SYSTEM (IPS)
WEB FILTER PACKET FILTER
All Functionalities in One Single-Pass Engine
NETWORK PROTECTOR offers, besides classic port filtering on layers 2 and 3, filtering at the application level (layer 7) and furthermore includes anti-malware and IPS functions as well as a web filter in only ONE engine.
Differences – Next Generation Firewall
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Differences Next Generation-Firewall
Application Filter Web-Filter Anti-Virus Traffic shaping
DPI-Decoder IDS/IPS Anti-Malware Packet Filter
Next-Generation-Firewall
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
- Next-generation firewall with deep packet inspection, intrusion prevention and malware protection
- Context-based protocol analysis for uncovering threats posed by botnets, Web 2.0 applications and zero-day attacks
- Complete TCP re-assembly even detects hidden attacks on encrypted connections
- Powerful VPN concentrator for secure connection of external sites and mobile users
- Seamless integration in Active Directory and LDAP makes it possible to create user-specific rules
Key Facts – Next Generation Firewall
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
gateprotect Product Overview
Small Companies and Mid-Tier
Most Up-to-Date Unified Threat Management SolutionThe all-in-one solution for customers that wish to focus entirely on their core business, but want to be sure that their network, data and know-how are protected.
▪ Firewall
▪ Anti-virus
▪ Anti-spam
▪ Web content und application filter
▪ VPN
Mid-Tier and Enterprise Segment
Next Generation Firewall (Network Protector)The Enterprise solutions for complex networks with highest requirements as to throughput, flexibility and failure-safety fulfill highest security needs.
▪ High-performing firewall
▪ Intrusion Detection and Intrusion Prevention
▪ Application filter
▪ High availability
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Medium Enterprises
gateprotect Appliances Next Generation Firewalls
Product Overview
Users
Per
form
an
ce /
Thr
ou
ghp
ut
(Mb
ps)
10 25 50 100 250 500 1.0005.000 10.000
500
1 000
2.000
5.000
10.000
20.000
gateprotect NP-S50
gateprotect NP-M400Medium & Large Enterprises
gateprotect NP-S100
gateprotect NP-M200
gateprotect NP-L800Large Enterprises
gateprotect NP-L500
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Users
Per
form
an
ce /
Thr
ou
ghp
ut
(Mb
ps)
10 25 50 100 250 500 1.0005.000 10.000
500
1 000
2.000
5.000
10.000
20.000
Small & Medium Enterprises
GPA 300GPA 500
Midsize Enterprises
GPX 650
Large Enterprises
GPZ 2500
GPZ 5000GPZ 1000
GPX 850
GPO 150GPO 100
Small & Remote Offices
GPO 110
gateprotect Product Overview
UTM Firewalls
Next Generation Firewalls
Medium & Large Enterprises
gateprotect NP-S
gateprotect NP-M
gateprotect NP-L
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
gateprotect – how to implement
Ordinary SMB company network with reliable security and high-performance basic protection
Between the company‘s internal network and the external network, there is a high-quality UTM firewall located that unifies perimeter security functions and directly connects to the DMZ (Demilitarized Zone).
Not trustworthy network (INTERNET)
DMZ
(Core) Switchgateprotect Appliance
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Multi-Layer Security Concept for Flexible Security Requirements
Not trustworthy network (INTERNET)
Router (Packet filter)
DMZ NETWORK PROTECTOR
gateprotect – Multi-Layer Security Concept
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
Multi-Layer Security Concept for Flexible Security Requirements
Not trustworthy network (INTERNET)
Router (Packet filter)
DMZ NETWORK PROTECTOR
gateprotect – Multi-Layer Security Concept
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
P-A-P ConceptThe Federal Office for Information Security (BSI) recommends:
gateprotect – Multi-Layer Security Concept
gateprotect GmbH - Valentinskamp 24 - 20354 Hamburg - Germany
- Raise Performance
• Offloading the perimeter Firewall
- Raise Security Level
• Securing LAN-Segments
• Zero Day protection through full Protocol validation and application whitelisting
- Flexibility
• Different rules for every LAN-Segments
Benefit – Multi-Layer Security Concept
top related