rsa 2012 spo2-301_0306
TRANSCRIPT
-
7/30/2019 RSA 2012 SPO2-301_0306
1/13
Session ID:
Session Classification:
Mike Hamilton
BreakingPoint Systems
Firewall Fail: Live Next-Gen FirewallTesting to Expose Breaking Points
SPO2-301
Advanced
-
7/30/2019 RSA 2012 SPO2-301_0306
2/13
Agenda & Introduction
Todays Speaker:
Mike Hamilton Director of Global Sales Engineering
Todays Topics:
Why next-generation firewalls?
The truth about testing next-generation firewalls Three Truths to get you started
Live test of a next-generation firewall
-
7/30/2019 RSA 2012 SPO2-301_0306
3/13
Youruniquenetworktraffic,
application,anduserneeds
The Truth Hurts: Find It Before They Do
Testnextgenfirewallswithyour
actualnetwork
behavior
and
applications
Thetruthaboutperformance
andsecurityofanynextgen
firewall
-
7/30/2019 RSA 2012 SPO2-301_0306
4/13
Today You Will Learn:
Three mistakes in testing next-gen firewalls that will lead tofailures
How to stay ahead of testingstandards in order to measurethe true performance of a next-generation firewall
The best way to choose a next-gen firewall for your uniqueapplication, security, and
capacity needs
-
7/30/2019 RSA 2012 SPO2-301_0306
5/13
CriticalApps:PrioritizedBandwidth
AcceptableApps:ManagedBandwidth
UnacceptableApps:
Blocked
Users/Groups PolicyApplicationChaosManyonPort80/443
Visualize &
Manage Policy
ControlIdentify Categorize
Malware Blocked
DeepPacket
Inspection
Why Deploy Next-Generation Devices?
-
7/30/2019 RSA 2012 SPO2-301_0306
6/13
Next-Gen Firewall Demands Next-Gen Testing
6
Applicationidentification
Applicationaccesscontrol
ApplicationQoS
Applicationlayerattack
SSL/TLSinspection
Malwarefiltering
-
7/30/2019 RSA 2012 SPO2-301_0306
7/13
7
Three Initial Truths
-
7/30/2019 RSA 2012 SPO2-301_0306
8/13
Truth 1: HTTP Is NOT an Application
-
7/30/2019 RSA 2012 SPO2-301_0306
9/13
Truth 2: Todays Applications/Threats Will Change
New applications introduced eachday
Constant changes to popular
applications such as email, IM, etc. New threats introduced each day
Vulnerabilities
DDoS evolution
Malware
New devices introduced each day
Mobile malware
Wireless to wired traffic
-
7/30/2019 RSA 2012 SPO2-301_0306
10/13
-
7/30/2019 RSA 2012 SPO2-301_0306
11/13
11
LIVE TESTING:
Finding the truth
-
7/30/2019 RSA 2012 SPO2-301_0306
12/13
Wrap It Up: Six Questions To Find The Truth
Ask your vendor*:
1. Are you keeping up with emerging testing standards?
2. What application mixes and weights do you use during testing?
3. Do you combine applications and high-stress user load duringtesting?
4. What have the results been when you have tested using
malformed traffic?
5. How does the firewall perform against application-layer attacks?
6. Can I test your product with my unique network, application, anduser conditions?
*Vendors, ask yourself the same questions.
12
-
7/30/2019 RSA 2012 SPO2-301_0306
13/13
Q & A