giai phap va san pham bao mat thong tin - dass - r0.1
TRANSCRIPT
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
1/44
SN PHM V GII PHPBO MT THNG TIN
Trnh by bi
Ging Hn Ph
Gim c K ThutEmail: hugh!"a##$%n & Ph'n(: )*+ +** ,-).
2013
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
2/44
Ni dung Gii thiu
S!n "h#$S%"h%& 'nd"%int S()u*it+S%"h%& S,-(gu,*d 'nt(*"*i&(S%"h%& .ni-i(d Th*(,t M,n,g($(ntS%u*)(-i*( N(/tG(n(*,ti%n IPST*u&t,( SI'M,"id4 N(/"%&( 5 M(t,&"6%it
T7)h h8" h th9ng Gi!i "h:" t;ng th
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
3/44
GII THIU
== V>NG BO M?T THNG TIN
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
4/44
=:) @ng A!% $t thCng tin
S()u*it+ M,n,g($(nt
D""6i),ti%n S()u*it+
N(t%*E S()u*it+
=%nt(nt S()u*it+
'nd"%int S()u*it+
Fu!n 6 A!% $t
B!% $t ng dng
B!% $t $Jng
B!% $t ni dung
B!% $t thiKt AL)u9i
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
5/44
Th(% u: t*nh tn )Cng
TrcChnh sch & iu khin
h:$ "h: $Ci t*QRng
Th) thi )h7nh &:)ht*u+ )"
=ng )9 tUi ngu+n
TrongXc nh & Ngn chn
Ph:t hin
NgWn )hXn
SauPhn tch & Sa cha
Y:) ZLnh "hJ$ i
Ph[n t7)h & Ein
S\, )h], h th9ng
^i*(,66
D""6i),ti%n =%nt*%6Vu6n(*,Ai6it+ M,n,g($(nt
P,t)h M,n,g($(nt'n)*+"ti%n
IPS
Dntii*u&Dnti$,6,*(
I_S
SI'M 5 `%g Mg$t^%*(n&i)&
^u66 P,)E(t =,"tu*(
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
6/44
S!n "h#$ 5 Gi!i "h:" A!% $t
TrcChnh sch & iu khin
TrongXc nh & Ngn chn
SauPhn tch & Sa cha
Vu6n(*,Ai6it+ M,n,g($(nt
Vu6n(*,Ai6it+ M,n,g($(nt^i*(,66
Int*u&i%n P*((nti%n S+&t($
'nd"%int S()u*it+
N(/tG(n(*,ti%n IPS
SI'M5 `%g M,n,g($(nt
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
7/44
S!n "h#$ )a th< h%Jt Zng t*nnbn t!ng !% ha,
S%"h%& 'nd"%int -%* V&"h(*(
S%"h%& .TM S%u*)(-i*( N(/t G(n(*,ti%n IPS
,"id4 N(/"%&(
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
8/44
SOPHOS ENDPOINT SECURITY
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
9/44
S%"h%& 'nd"%int S()u*it+Anti-Ma!ar"
Ph:t hin U ngWn )hXn i*u&cT*%,nc %*$c &"+,*(c ,d,*(c*%%tEite
Intru#ion Pr"$"ntion S%#t"&
Ph:t hin U ngWn )hXn ):) tn)Cng tf An ng%Ui U% $:+ t7nhnhQ Au--(* %(*-6%e
Ci"nt 'ir"!a
angc $ ):) dL)h c gi,%th)c );ng $Jng t*n $:+ t*J$cth(% di 6ujng d] 6iu
(") Prot"ction*'it"ring
`k) ZL, )hl (Ac "h:t hinnh]ng t*,ng (A $,ng $m Z)hJi
D"$ic" Controi
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
10/44
S%"h%& 'nd"%int S()u*it+Data Encr%+tion
Mm ha, t%Un A Zs, )ng Z>6*>46
UTM 446 UTM ?46 UTM @4 UTM 4 UTM B4Muti+"
RED
EnvironmentSmall
networkMediumnetwork
Mediumnetwork
Largenetwork
Largenetwork
Largenetwork
Largenetworks
+ branches
Network ports q 5 2 S^P 10 5 S^P 10 5 S^P Mu6ti"6(
Max.recommendedfirewall users
10o0 300 00 1}00 3}00 }000 10000
Max.recommendedUTM users
10o3} 4} 200 q00 1300 2000 }000
Sot!ar"A++ianc" un& %n Int(6)%$",tiA6( P=& ,nd &(*(*&
2irtuaA++ianc"
VM,*( (,d+ 5 =it*i/ (,d+ )(*ti-i(dun& in H+"(*Vc VMc ,nd %th(* i*tu,6 (ni*%n$(nt&
*Pricing based #IPs/Users
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
24/44
T*i
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
25/44
SOURCE'IRE NEFT-GENERATION IPS
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
26/44
hCng th< A!% nh]ng nh]ng g $U
t, EhCng AiKt
Lnh hQng tiK" )n ), S%u*)(-i*( y
Dgi6( S()u*it+ a continuous process before, during & after an attackibu )hlnh )h7nh
&:)h t Zng
ehUnh Zngth(% thRi gi,n th)
Tt )! $ki thRi Zi
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
27/44
Gi!i "h:" A!% $t S%u*)(-i*( Dgi6( S()u*it+
COLLECTIVE
SECURITY
INTELLIGENCE
Management CenterAPPLIANCES | VIRTUAL
NEXT-GENERATION
FIREWALL
NEXT-GENERATION
FIREWALL
NEXT-GENERATIONINTRUSION
PREVENTION
NEXT-GENERATIONINTRUSION
PREVENTION
ADVANCEDMALWARE
PROTECTION
ADVANCEDMALWARE
PROTECTION
=ONT'YT.D` DD'N'SS=ONT'YT.D` DD'N'SS HOSTS VIT.D` MOBI`'
DPP`IDN='S VIT.D`
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
28/44
S%u*)(-i*( dn Zpu b )Cng ngh U
ZQ8) )Cng nhn"For the past five years, Sourcefire has
consistently achieved excellent results in
security effectiveness based on our real-
world evaluations of exploit evasions,
threat block rate and protection
capabilities!
2i0ra& P/ata0c ='O NSS `,A&c In)
Ratings*
d(t()ti%n 5 "*%t()ti%n
?@G)+# in&"()t(d th*%ugh"ut B6M )%n)u**(nt )%nn()ti%n&
> T=O o "*%t()t(d MA"&
Leadership* J> in d(t()ti%n
Ca## "a7"r in "(*-%*$,n)(
Ca## "a7"r -%* T=O
>66 (,&i%n -*((
#etworks looking to update their
defenses with a #ext-$eneration
Firewall would do well to consider
Sourcefire%s entry into the #$F 'arket
as a solid contender!
Ko) (a7"r NSS `,A&c In)
Ratings* "*%t()ti%n
>6G)+# in&"()t(d th*%ugh"ut
>M )%n)u**(nt )%nn()ti%n&
?? T=O o "*%t()t(d MA"&
Leadership*
J> in d(t()ti%n
J> in "(*-%*$,n)( J> in u6n(*,Ai6it+ )%(*,g(
>66 (,&i%n -*((
#SS (abs, #etwork )*S + .o'parative /est 0esults,! 1ece'ber +
#SS (abs, #etwork )*S *roduct Analysis Sourcefire 213+4 v5,! April ++
#SS (abs, #ext-$eneration Firewall *roduct Analysis 6 Sourcefire! 7ctober ++
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
29/44
S% &:nh gi], NGIPSNG^P/Ln oi 2 7 Sourc"ir"
NGIPS NG'(T%+ica
IPST%+icaNG'(
Th*(,t& Dtt,)E&c Dn%$,6i(&
.&(*& D_c `_DPc POP3 x
(A D""6i),ti%n& ^,)(A%%E =h,tc 'A,+ x
D""6i),ti%n P*%t%)%6& HTTPc SMTPc SSH x
=6i(nt D""6i),ti%n& ^i*(-%/c I'qc =h*%$( x x
N(t%*E S(*(*& D",)h( 231c IIS x x
O"(*,ting S+&t($& ind%&c `inu/ x x
%ut(*& 5 Sit)h(& =i&)%c N%*t(6 x x
i*(6(&& D))(&& P%int&`inE&+&c N(tg(,*
x xM%Ai6( _(i)(& iPh%n(c Dnd*%id x x
P*int(*& HPc Y(*%/c =,n%n x x
V%IP Ph%n(& D,+,c P%6+)%$ x x
Vi*tu,6 M,)hin(& VM,*(c Y(n x xS%u*)(y S%u*)(-i*(
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
30/44
=:) dng thiKt ALS%u*)(-i*(Sourc"ir" D""n#" C"nt"rQ
Sourc"ir" ?DQ
A++ianc"#
DC>66DC?66
DC6
?D665M!s
?D>666"5 M!s
?D4666 #$$M!s
?D4>66%5$ M!s
?D>>65$$ M!s
?D>46# !s
?D>?6" !s
?D>46% !s
?D>@6' !s
Sourc"ir"SS A++ianc"
?D46 #$!s
?D4B6 %$!s
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
31/44
TRUST(A2E SIEMS()u*it+ In-%*$,ti%n ,nd '(nt M,n,g($(nt
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
32/44
S()u*it+ M,n,g($(nt
SI'M
Fu: nhibu thiKt ALc u: nhibu d] 6iuc nhibu )Cng )c nhibu A:% ):%c nhibu & Eine
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
33/44
S()u*it+ M,n,g($(nt
SI'MEnterprise Management ConsoleSecurity Portal
Security Information and Event Management (SIEM)
Data Data
Global Treat Database po!ered by
Data
Security Platform Endpoint Security
Data
S%u*)(y T*u&t,(
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
34/44
S()u*it+ M,n,g($(nt
SI'Mog Manag"&"nt Thu th" 6%g i hiu &ut ),% )h%
nhibu thiKt AL `Qu t*] 6%gc nn 6%g Thu th" EhCng )pn ,g(nt h%X) )a
,g(nt
E$"nt Manag"&"nt Thu th" ((nt i hiu &ut ),% )h%
nhibu thiKt AL S" /K" 6Ji & Ein thCng $inh Z6 P(n(t*,ti%n T(&ting M'TDSP`OIT PO
>> 'nd"%int S()u*it+ S%"h%& 'nd"%int P*%t()ti%n
-
8/10/2019 Giai Phap Va San Pham Bao Mat Thong Tin - DASS - r0.1
44/44
H]I 2^ _`P
=H?N THNH =M N