summit 2010 infra services shahar

8/9/2019 Summit 2010 Infra Services Shahar

1/199

STKI Summit 2010

Israeli Infrastructure Services Market

Shahar Geiger Maor

CISSP, Senior AnalystInfrastructure Services(Security, Networking and Green IT)

www.shaharmaor.blogspot.com


2/199


3/199

Your Text hereYour Text here

Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 3

Presentations Agenda

Networking

Printing and Output Management

Information Security


4/199



LocalSupp

ort

Market Presence

Not a technological positioning, refers only to Israeli market

Represents current Israeli market and not our recommendation

Focused on enterprise market (not SMB)

Market Presence (X)

Market share - existing and new sales (more emphasis)

Mind share (how user organizations rate vendors)

Local Support (Y) is influenced by (X)

Experience & technical knowledge, localization,support, number and kind of integrators

Worldwide leaders marked, based on global positioning

Vendors to watch: Are only just entering Israeli market

so cant be positioned but should be watched

We will present data on products and integrators:

STKI Israeli Positioning

Vendor A

Vendor B

Worldwide

Leader

Vendors to Watch:

Vendor C


5/199


6/199


7/199



Networkings Agenda

General trends

Mergers and acquisitions

Datacenter convergence and infrastructure complexity

Application Delivery

Voice (IP Telephony, Contact Centers and Unified Communications)

Network Monitoring

Staffing, Spending and Employee Ratios


8/199

k l k


9/199



Enterprise Networking: Israeli Market Size(M$)

2009 changes 2010 changes 2011 changes 2012

LAN

equipment60.0 8.33% 65.0 15.38% 75.0 20.00% 90.0

WANequipment

40.0 12.50% 45.0 37.78% 62.0 12.90% 70.0VoIP

equipment32.0 9.38% 35.0 14.29% 40.0 12.50% 45.0

VOIP

Software35.0 28.57% 45.0 22.22% 55.0 27.27% 70.0

totals 167.0 13.77% 190.0 22.11% 232.0 18.53% 275.0


10/199



Emerg ng Tec no ogy Roa map T roug2013

Source: Infrastructure Executive Council


11/199


12/199



IP Traffic Growth

Morgan Stanley, 2009


13/199



Video related Traffic Growth

Morgan Stanley, 2009


14/199



Primary Technology Suitability

http://www.dbcde.gov.au/__data/assets/pdf_file/0003/54345/bro


15/199


16/199



Technologies Categorization 2009

Investmentto make money

Cut costs, Increase

productivity

Investmentfor regulations

Commodity IT

Services

Using Implementing Looking

Business Value

Market Maturity

Networking

Vir.

Business

Project

IT Project

Size of figure =complexity/cost of project

IPv6

Network

Security

UC

VOIPInfra.

Optimization

SAAS/

Cloud

Billing NGN


17/199



Technologies Categorization 2010

Investmentto make money

Cut costs, Increase

productivity

Investmentfor regulations

Commodity IT

Services

Using Implementing Looking

Business Value

Market Maturity

Networking

Vir. (DC

convergence)

Major

Changes

IT Project

Size of figure =complexity/cost of project

IPv6

Network

Security

UC

VOIPInfra.

Application

Delivery

SAAS/

Cloud

Billing


18/199



Networkings Agenda

General trends





Network Monitoring



19/199



Main Theme:Cloud infrastructure


20/199



Interesting M&As in the Networking Market

Buyer (For how much?) Acquisition Comments

HP (2.7B$) 3Com Strengthens HP's converged data centerproduct portfolio

To open up opportunities in China, where

3Com has a large presence

Avaya (900M$) Nortel (Enterprise

Solutions)

Large client base. Will try to leverage this

acquisition by using the Aura platform.What about Nortels data offerings???

Cisco (3.4B$) Tandberg To Push high-definition imaging systems

and videoconferencing

Logitech (405M$) LifeSize To offer HD video communications systems

for other settings besides the desktop

Riverbed (40M$) Expand Excessive demand for video compression

and to avoid Cisco from stealing Expand

Aman Computers (?) ArtNet Experts Small marketinteresting changes: 2009s

downturn had had its tolls


21/199



Networking Breaking News


22/199



Networkings Agenda

General trends





Network Monitoring



23/199



Main Theme:Complexity!


24/199



What have we had in mind?


25/199



What actually happened? Complexity!


26/199



10th grade mathematics reliability chain

99% %99 %99 %97


27/199



ERP CRM DataWarehouse

Database

Mail and Messaging

File, Print,Infrastructure

The Converged Datacenter

Cisco UCS

ResourcePool

HP BladeSystem Matrix

IBM CloudBurst


28/199



Future Datacenter Infrastructure

http://www.sincerelysustainable.com/buildings/google-utilizes-cool-climate-to-cool-its-


29/199



Giants Face-Off



30/199



Classic Infrastructure Department: Before


31/199



Classic Infrastructure Department: After

Infrastructure Department:


32/199



Infrastructure Department:After DC Convergence

Infra. Manager

PC System/Storage/Networking DBA

Local Area Network Vendors


33/199



Local Area Network Vendors- Israeli Market Positioning 1Q10

LocalSupport

Market Presence

Player

This analysis should be used with its

supporting documents

Alcatel-Lucent

Enterasys

WorldwideLeader

Avaya-Nortel

Juniper

3COM

Extreme

Cisco

Foundry

HP


34/199



Networkings Agenda

General trends





Network Monitoring



35/199



Main Theme:The Business is conquering the infrastructure

h ill f li i li


36/199



Three Pillars of Application Delivery

P

eople

P

rocess

Technology

li i li C ll ( C)


37/199



Application Delivery Controllers (ADC)

ADC are designed to improve the availability, efficiency,performance and security of web-based or IP-based

applications*

L4-L7redirection,

load-balancing

and failover

TCPconnection

multiplexing

Server off-load (SSL

termination,TCP

connection)

NATCaching,

compressionNetwork-

level security

* Gartner

l i ik hl hl


38/199



An ADC Player is Like ADecathlon Athlete

App cat on De very ontro ers:


39/199



App cat on De very ontro ers:What is the Pressure?

Globalization: Pushing business process to thenetworks edge

Centralization / Consolidation: Compliance, control,

Cost cutting, Security, Efficiencies / resource

utilization

Enterprise & WebMonster Application: Architectures,

Increased adoption of browser-based apps, Rich

clients (AJAX), Web 2.0 technologies, SOAService Provider Services Architectures: Next

Generation Networks, Video, Messaging

App cat on De very ontro ers:


40/199



App cat on De very ontro ers:What is the Pressure?

Application Delivery Controllers (ADC)


41/199



Application Delivery Controllers (ADC)- Israeli Market Positioning 1Q10

LocalSupp

ort

Market Presence

Player



WorldwideLeader

*Most CC in the market are Avaya

Radware

Citrix

F5

Cisco

Watch:Solutions to

Crescendo

Array

Brocade

Barracuda

WAN Optimization


42/199



WAN Optimization- Israeli Market Positioning 1Q10

LocalSupp

ort

Market Presence

Player



WorldwideLeader

Cisco

Citrix

Radware

Riverbed

Blue Coat

Juniper

F5

N t ki A d


43/199



Networkings Agenda

General trends





Network Monitoring



44/199



Corporate Telephony


45/199



Main Theme (again):The Business is conquering the infrastructure

Remember the Classic Infrastructure


46/199



Remember the Classic InfrastructureDepartment?

VOIP d UC T h l M t it


47/199



VOIP and UC -Technology Maturity

Source: Computer Economics

VOIP

UC

VOIP d UC T h l Ri k/R d A l i


48/199



VOIP and UC -Technology Risk/Reward Analysis

Source: Computer Economics

VOIP

UC

Why Move to IPTel?


49/199



Why Move to IPTel?

0% 10% 20% 30% 40% 50% 60% 70%

other

Current solution doesn't meet businessrequirements

inadequate local support

ROI analysis justifies IPTel

high management costs

upgrading the LAN/ moving to a newoffice

What is the Importance of VOIP?


50/199



What is the Importance of VOIP?

Contact Centers: Trends


51/199



Contact Centers: Trends

SIP (Session Initiation Protocol) age

The arrival of web/videoconferencing

Going home, literally Contact center mobilityThe live agent A true skill-based routing

Analyzed up the tailbone More use of

performance analytics and workforceoptimization tools

New Contact Centers: Focus on IP


52/199



New Contact Centers: Focus on IP

SIP

IP PBXes

MRCP

Speech Services

Application Services

Open Voice System

H.248

MGCP

Signaling GatewaysI

N

A

P

/

IS

U

P

RTP

Media Gateways

T

D

M

Source: Genesys

From Marketing driven Architecture
http://www.vecommerce.com.au/corporate.htmhttp://www.avaya.com/http://www.nortel.com/


53/199



From Marketing-driven Architecture

VoiceM

ail

A1forY

ou

EmailR

eader

A1VoiceService

CityGu

ide

CallCen

ter

PrepaidIVR

Telephony

IVR

Application

Interface

Billing, Customer Profile, CRM, Monitoring, Maintenance

To Service Driven Architecture


54/199



To Service-Driven Architecture

Telephony

VoiceXML Browser

Standardised Interfaces

VoiceMa

il

RingbackTone

s

MobileCampaignin

g

A1VoiceServic

e

MobilePB

X

CallCente

r

PrepaidIV

R

Billing, Customer Profile, CRM, Monitoring, Maintenance

Contact Centers


55/199



Contact Centers

http://www.genesyslab.com/system/files/Genesys_US_Survey09_screen.pdf

Preferred Communication Channels-Customers choice

United StatesItaly

ang ng t e Way Your Bus ness


56/199



ang ng t e Way Your Bus nessCommunicates

Moving on to Unified Communications


57/199



Moving-on to Unified Communications

Higher Employ Productivity

Long-Term Cost Savings

Unique Features

Higher User Experience

Better Team Work

23%

38%

54%

54%

62%

Which of the Following Justifies the Implementation of a UC

solution?

Who Should Manage UC?


58/199



Who Should Manage UC?

Networking Unit

54%Applications Unit

23%

Combined\Other

15%

Don't Know8%

F t T l h


59/199



Future Telephony

VOIP (Enterprise IP Telephony)


60/199



( p p y)- Israeli Market Positioning 1Q10

LocalSupp

ort

Market Presence

Player



WorldwideLeader

Alcatel-Lucent

Tadiran

3COM

Avaya-Nortel

Cisco

Contact Center Infrastructure


61/199



- Israeli Market Positioning 1Q10

LocalSupp

ort

Market Presence

Player



WorldwideLeader

Alcatel-LucentCosmocom

Avaya-Nortel

Aspect

Watch:Solutions toWatch:Solutions to

Siemens

Cisco

Genesys

Unified Communications


62/199



f- Israeli Market Positioning 1Q10

LocalSupp

ort

Market Presence

Player



WorldwideLeader

Alcatel-Lucent

Cisco

Avaya-Nortel

Microsoft

Networkings Agenda


63/199



Networking s Agenda

General trends





Network Monitoring



64/199



Main Theme:Availability and reachable service

Networ perat ons an Mon tor ng:


65/199



p gWhat are the Business Needs?

Network should be availableall the time

Highest level of service possible

(down goes the night timeslot)

Network failures should be located and responded-to ASAP!(money talks)

Future network topology planning must be optimal and consistentwith business growth

Voice/video monitoring and SLAs by the candidate solutionprovider must be checked-out, when opting for new solutions

Automatic discovery of all network devices: accounted and non-accounted for (who said NAC?!)



66/199



p gWhat is the Pressure?

Network Operation Centers


67/199



Network Operation Centers

http://www.netscout.com/docs/thirdparty/NetScout_3pv_Metzler_Application_Delivery_Handbook.pdf



68/199



p gWhat Kind of Solutions are Available?

Basic network monitors (SNMP based) SNMP-CollectorsUsually provide an on-line availability map

Mission centric

Usually provide one function: protocol analysis, VOIP monitoring,system monitoring etc.

Combined

systems that provide both basic network monitoring as well as

specific functions (mission centric)

Super Tools

general purpose, high volume (ESM solutions)

Network MonitoringMajor Players


69/199



Network Monitoring Major Players

Enterprise SystemManagement

BMC

CA

HP

IBM

Others

NetworkMonitoring

AvalonNet

CenterityEMC

Perform-Net

SolarWinds

Others

RSS Alert: Upcoming Round-Table


70/199



RSS Alert: Upcoming Round Table


71/199

Networkings Agenda


72/199



Networking s Agenda

General trends





Network Monitoring


Networking Staffing Ratios-Israel


73/199



Networking Staffing Ratios Israel

2-5 FTE >5 FTE0-1 FTE

Average IT size:

95 FTE

Networking Staffing Ratios


74/199



Networking Staffing Ratios

Ratios of data/voice

networking Personnel

(Israel)

Ratios of data/voice

networking Personnel

(Abroad)

6% of IT unit 7.7% of IT unit

Source for abroad figure: Computer Economics


75/199

Printing/Output Managements Agenda


76/199



Printing/Output Management s Agenda

Printing Consolidation

Output Management


77/199



Main Theme:Efficiency & technology

Printing: Israeli Market Size (M$)


78/199



Printing: Israeli Market Size (M$)


Departmenta

l Printers82.0 3.66% 85.0 7.06% 91.0 9.89% 100.0

PersonalPrinters

65.0 -7.69% 60.0 3.33% 62.0 4.84% 65.0

Output

Management38.0 5.26% 40.0 10.00% 44.0 9.09% 48.0

Printing VAS 30.0 16.67% 35.0 14.29% 40.0 12.50% 45.0

totals 215.0 2.33% 220.0 7.73% 237.0 8.86% 258.0

STKI Index-2009/2010


79/199



/

Output

Management

28%

Prices & Cost

Reduction

25%

Fax Services

18%

Miscellaneous

13%

Miscellaneous

11%

Distribution Tools

7%

Printing Maturity: Progress GraphTh Hi h li b Th M ffi i Y A


80/199



TheHigher you climb The More efficient You Are

0%

20%

40%

60%

80%

FollowersAverage

Leaders

Mainly

Financial/government

sectors

Mainly High-tech sector

Output efficiency

Optimize Infrastructure: The Beginning


81/199



p g g

Source: IPG, HP

Optimize Infrastructure: Assessment


82/199



p

Source: IPG, HP

Optimize Infrastructure: Solution


83/199



p

Source: IPG, HP

Manage Environment: The Beginning


84/199



g g g

Source: IPG, HP

Manage Environment: Assessment


85/199



g

Source: IPG, HP

Manage Environment: Find a Solution


86/199



g

Improve workflow!!

Source: IPG, HP

Manage EnvironmentRecommendations


87/199



Printer consumables are often ad hoc purchases made at

the departmental level Money can be saved if procurement is coordinatedCentralize procurement

Regular print jobs should use both sides of the

paperDuplexing

Dont go beyond the printer specificationsPrinters Specs

Establish some process controls and assessmentson when an outside vendor should be usedIn-house vs. Out-sourcing

First distribute, then printThink Digital!

Manage EnvironmentRecommendations


88/199



Printing Consolidation in Real-Life


89/199



g

Source: MalamTeam, 2009

Printing Consolidation in Real-Life


90/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 90Source: MalamTeam, 2009

Employees/printers ratio by months(target is 1 output device per 3 employees)

Total output cost:

2,634K Total output cost:

1,661K 37% savings

Printing/Output Managements Agenda


91/199



Printing Consolidation

Output Management

The Need for Output Management


92/199



Each application requires distinct business process definitions

Data Collection, Visual enhancement, Document distribution Duplicate effort - each separate output channels requires a new

design

Requires significant IT staff involvement

Document and Template design complex, time consuming, requires

expensive IT resources

1-5

>5

>10

>20

Source: Autofont

Number of different

output-generation

Platforms in Enterprise

organizations

Output Management Architecture -PrintBOS


93/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 93Source: Consist

Output Management Architecture -FreeForm


94/199



FreeForm

App3App2App1

Direct APIPrinter QueueWatched Folder Web ServiceLPR/LPDOthers

InterfacesInterfaces to any applicationplatform, enables gradual

implementation

DataDataData

XMLColumn & RowOffset & LengthXSFApplication NameOthers

DataData structures generated by

enterprise applications

AnalyzersModular analyzers fortreatment of any structured/unstructured data, open to

proprietary data structures

Templates

Channels

DistributionModular support for multipledistribution channels (print,

view, etc)

DesignRich design for dynamic outputgeneration, based ontemplates, data values and

quantity (+scripting)

DisplayEmail

Internet Fax MMS Pint Press

Other services

Print

FreeForm

Interactive

FreeForm InteractiveInteractive and mixed-mode

data feed into forms

Output Management Round-Table Insights


95/199



Output management is very closeto the business

Output management requirescross-unit thinking (IT and beyond)

Managing many different output

platforms have become too complex

Some organizations in Israel are

looking for holistic solutions

Output Management- Israeli Market Positioning 1Q10


96/199



Israeli Market Positioning 1Q10

LocalSupport

Market Presence

Player



WorldwideLeader

Consist(PrintBos)

Adobe(LifeCycle)

Autofont(FreeForm)

ISIS-Papyrus

Aman (FormIT)

HP

BMC

Bottomline(FormScape)

InfoPrint

Watch:Solutions to

SAP

OracleEMC

Output ManagementDigital Signature


97/199



Name:

ID:

Wiki: a mathematical scheme for demonstrating the

authenticity of a digital message or document

Source: Comsign



98/199



Digital signature hand-written

signature

Court admission? Yes Yes

Ease of use Single click Signing everyindividual page in

some cases

Archiving Digitalrelativelysmall storage.

Hard-copy. Storage

consuming.

Document can beforged?

Changes to theoriginal document

breaks the

signature

No real protection.Much easier to

forge than DS.

Non-repudiation Yes No

A comparison between digital signature

and hand-written signature:

Source: Comsign



99/199



Digital signature improve security, workflow and save

money!

Growing demand for Authentication and integrity in Israel

should push (at last) the use of DS forward


100/199



spam and other content security issues would be "solved" in a few

years (Bill Gates,2006)

"The security business has no future...The security industry is dead (IBMISS general manager, Val Rahamani 2008)

Securitys Agenda


101/199



General trends

Security Issues for Cloud Computing

Virtualization security

Mobile security

Network security

Anti-X protection

Data protection

Security Monitoring & Control

Best SU of 2009

Staffing and ratios

In ormat on ecur ty:Israeli Market Size (M$)


102/199



Israeli Market Size (M$)


Security

Software85.0 23.53% 105.0 4.76% 110.0 9.09% 120.0

GRC &BCP

50.0 50.00% 75.0 9.33% 82.0 9.76% 90.0

Security

VAS

85.0 11.76% 95.0 8.42% 103.0 6.80% 110.0

totals 220.0 25.00% 275.0 7.27% 295.0 8.47% 320.0

Whats on the CISOs Agenda?(STKI Index 2009)


103/199



( )

NAC

18%

Access/Authenti

cation15%

EPS/mobile

15%DLP

10%

DB/DC SEC

10%

Market/Trends10%

Encryption

9%

Miscellaneous

5%

SIEM/SOC5%

Sec Tools

5%

Some Interesting M&As in the Security Market


104/199



g y

Buyer (For how much?) Acquisition Why?

IBM (225M$) Guardium expand its portfolio in this areaAdded value ability to provide analytics

about IT business processes

Trend Micro (?) Third Brigade Trend is making Third Brigade a strategic

acquisition to assist in its data-center vision

CA (?) Orchestria Adds Orchestria's data leak preventiontechnology to CA's identity and access

management product suites

Oracle (7.3B$) Sun

Microsystems

Because of Suns IDM solutions

Some Interesting M&As in the Security Market


105/199



Active Acquirers: IT Security

M&A Deals Since 2004

http://updataadvisors.com/Advisors_Newsletters/Security/it_security_maupdat

Types of Incidents (2000-2010)


106/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 106http://datalossdb.org/statistics

Incidents by Vector (2000-2010)


107/199



Incidents by Vector (2009)


108/199



www.stki.infois in the Trend


109/199



STKI.INFO HAS

BEEN DEFACED

18.12.2009

Our Quick Response.


110/199



MODERN WORLD

STRIKES BACK!!!6.1.2010



111/199



Securitys Agenda


112/199



General trends



Mobile security

Network security

Anti-X protection

Data protection


Best SU of 2009

Staffing and ratios


113/199



Main Theme:Cautiousness

Cloud Computing


114/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 114http://www.powerpoint-search.com/what-is-cloud-computing-ppt.html

Cloud Characteristics


115/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 115http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-

Cloud Security


116/199



Source: http://csrc.nist.gov/groups/SNS/cloud-computing/

How Does C ou Comput ng A ect t eSecurity Triad?


117/199



y

Confidentiality

IntegrityAvailability

Cloud Risk Assessment


118/199



Probability

Impact

LOSS OF

GOVERNANCE COMPLIANCE

CHALLENGESRISK FROM

CHANGES OF

JURISDICTION

ISOLATION

FAILURE

CLOUD PROVIDER

MALICIOUS INSIDER -ABUSE OF HIGH

PRIVILEGE ROLES

MANAGEMENT INTERFACE

COMPROMISE (MANIPULATION,

AVAILABILITY OF

INFRASTRUCTURE)

INSECURE OR

INEFFECTIVE

DELETION OF DATA

NETWORK

MANAGEMENT

http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-

Cloud Regulations & Recommendations


119/199



No regulations so far.

Some sources of information and recommendations: Security Guidance for Critical Areas of Focus in Cloud Computing, V2.1

ENISA Cloud Computing Risk Assessment

OECD -Cloud Computing and Public Policy

World Privacy Forum Privacy In The Clouds Report

NIST -Effectively and Securely Using the Cloud

"Cloud Computing Security: Raining On The Trendy New Parade," BlackHat

AWS Security Whitepaper


120/199


121/199



Main Theme:Mind the gap

Bridging the Gap


122/199



Virtualization is moving rapidly into production

environments

Companies concerned about security issues and lack ofsecurity products

Virtualization opens up gaps in traditional physical network

analysis and security

Virtualization attacks


123/199



Root Partition

VirtualizationService

Providers(VSPs)

WindowsKernel

Server Core

Device

Drivers

Virtualization Stack

VM WorkerProcessesVM

Service

WMI Provider

Guest Partitions

Ring 0: Kernel Mode

VirtualizationServiceClients(VSCs)

EnlightenmentsVMBus

Server Hardware

Provided by:

Windows

ISV

VirtualizationGuest Applications

Attackers

OSKernel

VirtualizationServiceClients(VSCs)

Enlightenments

Ring 3: User Mode

Windows hypervisor

VMBus

What to Protect?


124/199



Both Guests and Host are subjected to attacks

Full disk encryption?

Some challenges of VM architecture:

separation of duties

Where, exactly, are my VMs located? How to manage old VM images?

How to retire Virtual Machines?

Hypervisor vulnerabilities

Lack of solid auditing capabilities

More and more

Virtualization Security Solutions: Altor


125/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 125http://altornetworks.com/news-events/rsa-10-most-interesting

Virtualization Security Solutions: CatBird


126/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 126http://www2.catbird.com/our_services/vmware.php

Virtualization Security Solutions: Reflex


127/199



Change Control & Configuration Monitoring

Virtual Infrastructure Discovery & Mapping

SoftwareAsset

Management

VirtualSecurity(FW

/IDS/IPS)

CPU,Memory,Ne

twork&StoragePerformance

Timeline & Alerts for Audit & Compliance

Virtual Infrastructure Alarms & Alerts

http://www.reflexsystems.com/Products/VMC

Virtualization Security Recommendations


128/199



Follow best practices:

VMWare:http://www.vmware.com/pdf/vi3_301_201_server_config.pdf

Microsoft:

http://www.microsoft.com/downloads/details.aspx?displaylang=

en&FamilyID=2220624b-a562-4e79-aa69-a7b3dffdd090 Citrix:

http://support.citrix.com/servlet/KbServlet/download/20639-

102-532852/user_security-1.0-5.5.0-en_gb.pdf

Explore (cautiously!!) third partys solutions

Securitys Agenda


129/199



General trends



Mobile security

Network security

Anti-X protection

Data protection

Security Monitoring & ControlBest SU of 2009

Staffing and ratios


130/199



Main Theme:Fast-growing

Remote Access -Customer Needs


131/199



Secure Access from Managed and Unmanaged Devices

Simplified and Granular Access Control

Application Interoperability Outside the Corporate

Network

Full Enablement of Mobile Devices

2 factor authentication for all applications


Connectivity Approach

E h i i t il d di t it d th d i i


132/199



Managed &Unmanaged Devices

Internal & ExternalUsers

PrivateResources

FinancialPartner or

Field Agent

Project ManagerEmployee

LogisticsPartner

RemoteTechnicianEmployee

CorporateManaged Laptop

Home PC

UnmanagedPartner PC

KioskWeb Apps

Client-Server Apps

Legacy Apps

Third-Party Apps

Homegrown Apps

File Access

Each session is tailored according to its user and the device in use,maximizing security and productivity for that session.

download.microsoft.com/documents/uk/.../IGA2009_UAG_Bill_Orme.pptx

Connectivity Approach

E h i i t il d di t it d th d i i


133/199



FinancialPartner orField Agent

Project ManagerEmployee

LogisticsPartner

CorporateLaptop

Home PC

Kiosk

Full Intranet

Payroll & HR

Legacy Apps

Custom Financials

Supply Chain

File Access

RemoteTechnicianEmployee

UnmanagedPartner PC Webmail Tech Support App

Limited Webmail:

no attachments

Limited Intranet

Each session is tailored according to its user and the device in use,maximizing security and productivity for that session.


Solution Architecture (UAG)

E change


134/199



Direct Access

Corporate Network

Business Partners /

Sub - Contractors

Internet

AD, ADFS,

RADIUS, LDAP.

HTTPS (443)

Home / Friend /

Kiosk

Employees Managed Machines

Internet / home / hotel / other company

Mobile

Exchange

CRM

SharePoint

IIS based

IBM, SAP,

Oracle

TS

Non web

Authentication

End-point health detection

Enterprise ReadinessEdge Ready

Information Leakage Prevention

Non-Windows


Secure Remote Access- Israeli Market Positioning 1Q10


135/199



LocalSup

port

Market Presence

Player



WorldwideLeader

Cisco

Microsoft

Checkpoint

F5

Juniper

Citrix

Array

SonicWall

Strong Authent cat on- Israeli Market Positioning 1Q10


136/199



LocalSupport

Market Presence

Player



RSA

WorldwideLeader

Vasco

Safenet-Aladdin

CidwayFastMovement

ANB

Watch:Solutions to

ANB

biometricsolutions*

* Biometric solutions are still

considered niche market in Israel

Atena

Mobile Security: What worries CISOs?


137/199



Internal users:

Central management

Corporate data on device (encryption, DLP)

Devices welfare (AV) ?

External users:

Sensitive traffic interception

Masquerading\ Identity theft

Mo e ecur ty: W at worr esCustomers?


138/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 138Source: Data Innovation, Inc. 2010

Secure Mobile-Device Control- Israeli Market Positioning 1Q10


139/199



LocalSu

pport

Market Presence

Player



Sybase

WorldwideLeader

Checkpoint

McAfee

FastMovement

Microsoft

Symantec

Sophos (Utimaco)

Trend Micro



140/199



Securitys Agenda


141/199



General trends



Mobile security

Network security

Anti-X protection

Data protection


Staffing and ratios

App cat ons Have C ange F rewa sHave Not


142/199



The gateway at the trustborder is the right place to

enforce policy control- Sees all traffic

- Defines trust boundary

Need to Restore Visibility and Control in the Firewall

BUTApplications Have Changed

- PortsApplications

- IP AddressesUsers

- PacketsContent

www.stallion.ee/.../Palo Alto Networks Stallion Autumn Seminar.pptx

Sprawl Is Not The Answer


143/199



Internet

More stuff doesnt solve the problem

Firewall helpers have limited view of traffic

Complex and costly to buy and maintain Putting all of this in the same box is just slow


Paloalto Architecture


144/199



L2/L3 Networking, HA, Config Management, Reporting

App-ID

Content-ID

Policy Engine

Application ProtocolDetection andDecryption

Application Protocol Decoding

Heuristics

Application Signatures

URL Filtering

Threat Prevention

Data Filtering

User-ID

Content-ID


Enterprise Network Firewall- Israeli Market Positioning 1Q10


145/199



LocalSup

port

Market Presence

Player



WorldwideLeader

Microsoft

Cisco

Checkpoint

Fortinet

Juniper

Watch:Solutions to

Palo-Alto

Intrusion Prevention/Detection Systems -Israeli Market Positioning 1Q10


146/199



LocalSup

port

Market Presence

Player



WorldwideLeader

McAfee

Cisco

Checkpoint

FortinetJuniper

IBM-ISS

Radware Sourcefire(Snort)

3Com (TippingPoint)

Application Firewall- Israeli Market Positioning 1Q10


147/199



LocalSup

port

Market Presence

Player



WorldwideLeader

Imperva

IBM*

Microsoft

F5

Breach

Barracuda

Citrix

* More of An XML FW

Radware

Applicure

ProtegrityCisco*

Network Access Control (NAC) Challenges


148/199



Vendor lock-in -Proprietary solutions require hardware

rip-and-replaceComplexity -Too many moving parts, both in your

network and in the solution

Project scope -Need to secure thousands of endpoints,

hundreds of remote offices, a variety of usercommunities

Disruption of business practices -Confusion, frustration,potential downtime

Support costs -User impact = helpdesk impactUncertain future -Relatively new technology - where is it

going?

NAC Insights


149/199



NAC has not been fully digested by Israeli

customers in 2008. 2009 was much better.

NAC may be deployed less expensively when it

is an embedded feature of an existing vendor

Israeli NAC Start-ups offer a cost effective

simple solutions Israeli SUs gain Israeli

clients trust

Israeli customers first priority: network

visibility and guest network control

W at s Your rgan zat on s tatusRegarding NAC?


150/199



Adequate solution

in place

7%

Inadequate

solution in place

21%

Evlauating

options/POCs

36%

No solution in

place

36%

Network Access Control- Israeli Market Positioning 1Q10


151/199



LocalSu

pport

Market Presence

Player


supporting documentsHP

Access Layers

Enterasys

ForeScout

Insightix

WorldwideLeader

McAfee

Microsoft

CiscoSymantec

Juniper

Check Point

Whats

cooking???

Securitys Agenda


152/199



General trends



Mobile security

Network security

Anti-X protection

Data protection


Staffing and ratios

Internet Security


153/199



87% E-mail Traffic in 2009 Detected as Spam (Symantec)

rank of the overall 2009 threat landscape (CA):

Infections of W32.Downadup/Conficker


154/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 154http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_downadup_codex_ed1.pdf

Top ten W32.Downadup/Conficker countries


155/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 155http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/the_downadup_codex_ed1.

Security Protection Suites- Israeli Market Positioning 1Q10 (Enterprise Leaders Only)

Endpoint SecurityS S it


156/199



LocalSupport

Market Presence

Local

Support

This analysis should be used with its supporting documents

Microsoft

McAfee

Symantec

Player

WorldwideLeader

Market Presence

Endpoint SecurityServer Security

Trend Micro

Safend

ControlGuard

Checkpoint

SymantecMcAfee

Trend Micro

MicrosoftPromisec

CA*

Calcom*

*Mostly server hardening

Spam: Regions of Origin


157/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 157http://eval.symantec.com/mktginfo/enterprise/other_resources/b-state_of_spam_report_01-2010.en-us.pdf

Region oforigin represents the percentage of spam messages reported coming from

certain regions and countries

Spam: Global Categories


158/199


Shahar Maors work Copyright 2010 @STKI Do not remove source or attribution from any graphic or portion of graphic 158http://eval.symantec.com/mktginfo/enterprise/other_resources/b-state_of_spam_report_01-2010.en-us.pdf

specifically offering or

advertising Internet or

computer-related goods

and services

named after the

section of the

Nigerian penal code:email that alerts an

end user that they are

entitled to a sum of

money

Email Security- Israeli Market Positioning 1Q10


159/199



LocalSu

pport

Market Presence

Player



WorldwideLeader

Websense

FastMovement

Microsoft

Hosted/Cloud Solutions:

McAfee

Symantec

Cisco

PineApp

Google (Postini)

Symantec (MessageLabs)

Cisco (Ironport)

McAfee (MX Logic)

Microsoft (Forefront)

Mirapoint SafeNet

Secure Web-Gateway (SAAS) -Zscaler


160/199



http://www zscaler com/how-it-works html#

Secure Web-Gateway- Israeli Market Positioning 1Q10


161/199



LocalSu

pport

Market Presence

Player



BlueCoat

WorldwideLeader

Cisco

Websense

FortinetFastMovement

SafeNet

Watch:Solutions to

Zscaler

McAfee

Symantec


162/199

Data Loss Database - 2009 yearly report


163/199



http://datalossdb org/yearly reports/dataloss-2009 pdf

NAANames/Addresses, SSNSocial Security Numbers, CCNCredit Card Numbers, EMAEmail Addresses,

DOBDate of Birth, MEDMedical, MISCMiscellaneous, ACCAccount Info (Financial), FINFinancial Info


164/199

DLP Scenario in Israel


165/199



No DataClassification

Problem #1

PoorSecurityPolicy

Problem #2

Project Fails Outcome

W at ou e Done n r er toSucceed?


166/199



Look for yourassets!

Classify andlabel!

Discover andprotectconfidential datawherever it isstored or used

Monitor all datausage

Automate policyenforcement

Safeguardemployeeprivacy

Data Leak/Loss Prevention- Israeli Market Positioning 1Q10


167/199



LocalSupport

Market Presence

Player



WorldwideLeader

FastMovement

Symantec

Verdasys

Websense

RSA

SafendCheckpoint

CAMcAfee

Watch:Solutions to

Microsoft (RMS)

Secure Islands

Covertix

ANB

Open Source DB Protection

G SQL Di


168/199



GreenSQL Diagram

http://www greensql net/community/docs

Database Protection-Israeli Market Positioning 1Q10


169/199



LocalSupport

Market Presence

Player



WorldwideLeader

Sentrigo

IBM(Guardium)

Imperva

Watch:Vendors to

Fortinet

Secerno

FastMovement

Securitys Agenda

G l d


170/199



General trends



Mobile security

Network securityAnti-X protection

Data protection


Staffing and ratios

SIEM\SOC Round Table Insights


171/199



One should know how to sell SIEM project to management

Knowing when NOT to start a project

Reporting Systems, Logging and parsing

Tracing the events (real-time?)

Who defines what is risk? How to translate it to HD?

Maintenance and operations: What does it take?

Outsourced SOC (must be taken under consideration)

Security Information & Event Management(SIEM/SOC)- Israeli Market Positioning 1Q10


172/199



LocalSupport

Market Presence

Player



Watch:Solutions to

NetIQ

WorldwideLeader

RSA

Symantec

IBM

CA

ArcSight

Cisco

IBM -MSS

TriGeo

Novell

Identity & Access Management (IAM)


173/199



Identity is a philosophical issuehttp://www.ynet.co.il/articles/0,7340,L-3850908,00.html

The Dubai Gang

Identity & Access Management (IAM)

Th l f IAM i till g i d d IAM i h t


174/199



The value of IAM is still recognized and IAM is here to

stayGovernance, Risk and Compliance is the main driver of

IAM

There are still significant gaps between the expected and

realized benefits of IAM

A lack of business buy-in is the main cause of IAM project

failure

Israeli organizations tend to prefer SSO and gap analysisrather than a whole IAM project

Causes of IAM projects failure


175/199



http://www kpmg com sg/publications/Advisory EuropeanIdenty AccessMgtSurvey09 pdf

Identity & Access Management- Israeli Market Positioning 1Q09


176/199



LocalSupport

Market Presence

IDM Player



WorldwideLeader

ProminentWAM Player

CANovell

BMC

Microsoft Velo (OS)

IBM

Oracle-Sun

SSO PlayerS

Passlogix S

Imprivata SQuest



177/199



Securitys Agenda

General trends


178/199



General trends



Mobile security


Data protection


Staffing and ratios

Local Security Vendors and CISOs DecisionMaking


179/199



CISO is always

consideringtechnology, localsupport and price

Is a local solutionavailable?

80% chance it willbe among lastthree bidders

Why Israeli CISOs Choose Israeli Info Sec SUs?


180/199



Best Security Start-Up of 2009(Customers Choice)


181/199



Security Consultants-Israeli Market Positioning 1Q10 (Leaders)


182/199



Security System Integrators-Israeli Market Positioning 1Q10 (Leaders)


183/199



Securitys Agenda

General trends


184/199



General trends



Mobile security


Data protection


Best SU of 2009

Staffing and ratios

Security Echo-System: Key Roles


185/199



Senior

Management

Custodian

Dataowners

CISO

ecur ty Ec o- ystem:Senior Management Roles


186/199



1. Define the scope, objectives, priorities and

strategies of the companys Security Program

2. Without managements support efforts mightbe doomed.

3.Ultimate liability

..Ultimate liability


187/199



CAGEY FELLOWS (from left) Countrywides Angelo Mozilo, Bear Stearns Jimmy Cayne, Lehman Brothers Dick Fuld, and

Merrill Lynchs John Thain

Common Organizational Structures:Financial Sector


188/199



VPTechnologies

CIO

Dev. Mng.

Security

Infra. Mng.

Security

VP

Operations

CISO

Regulations AccessNew

technologiesSec. Dev.

Common Organizational Structures:ISPs


189/199



VP of Integration

Security

CIO/VP

CISO

Staff

Infra. Mng.

Security

ommon rgan zat ona tructures:Telecom


190/199



VP

Operations

Physical

Security

Fraud, DLP

VP

Technologies

CIO

Infra. Mng.

Securitytechnologies

ommon rgan zat ona tructures:Defense


191/199



CEO

Kabbat

(CSO)

Fraud, DLP

CIO

Infra. Mng.

Securitytechnologies

ommon rgan zat ona tructures:Industrial Companies


192/199



Kabbat

(CSO)

VP

CIO

Infra. Mng.

CISO/SecuritySystem Network Storage

ommon rgan zat ona tructures:Services #1


193/199



CISO QACIO

Operations Production ERP, CRM Infrastructure

Security

ommon rgan zat ona tructures:Services #2


194/199



CISO

CIO

Projects DEV ERP, CRM Infrastructure

Security Security

Budget?

1. Usually very dynamic


195/199



y y y

2. In most cases: event/regulation driven instead of policydriven

3. Part of budget may be embedded within other IT units\

projects

4. Approximately 2%-7% of IT budget

Security Budgeting Ratios

8/9/2019 Summit 2010 In

summit 2010 infra services shahar

Documents