Bezpečnostní architektura Check Point (nejen) pro váš privátní cloud

•Download as PPSX, PDF•

1 like•877 views

Peter Kovalčík, SE Eastern Europe, Check Point Virtualization Forum 2014, Prague, 22.10.2014 Jestliže SlideShare nezobrazí prezentaci korektně, můžete si ji stáhnout ve formátu .ppsx nebo .pdf (kliknutím na tlačitko v dolní liště snímků).

What's hot

Top 9 Critical Findings - Dramatically Improve Your Organization's Security

Praetorian

As an information security consulting company, Praetorian has a unique ability to observe security programs across a wide range of companies. Based on the vulnerability patterns seen across organizations, a top ten list of common critical findings was created. The purpose of this presentation is to examine each of those critical findings and provide recommendations for mitigation. Examples from actual engagements are used to emphasize risk through real world scenarios. Some information from the screenshots provided has been redacted to protect confidentiality. Praetorian's goal is to help our clients understand minimize their overall security exposure and liability. Through our services, your organization can obtain an accurate, independent security assessment.

CODE BLUE 2014 : [ドローンへの攻撃] マルウェア感染とネットワーク経由の攻撃 by ドンチョル・ホン DONGCHEOL HONG

CODE BLUE

The document discusses Dongcheol Hong's work as CTO of SEWORKS Inc, including his experience with security events like DEFCON CTF and development of products like the HSDrone drone system. It provides details on the technical components, architecture and networking of the AR.Drone 2.0 drone platform, and describes methods for hacking and customizing the drone including exploiting services like Telnet, FTP and wireless access.

Check Point Virtual Systems

Group of company MUK

The document discusses Check Point Virtual Systems which provide consolidation, virtualization, and security capabilities. It highlights that Virtual Systems allow all software blades to run on every virtual system to simplify management. Performance is boosted through features like CoreXL, which leverages multiple CPU cores, and Virtual System Load Sharing which can distribute virtual systems across up to 12 cluster members for linear scalability. Memory and CPU resources can be monitored on a per virtual system basis and optimized through affinity settings.

Secure sigfox ready devices recommendation guide

Sigfox

In the Sigfox ecosystem, the design and manufacturing of Sigfox Ready devices and Sigfox Verified sub-systems is under the responsibility of third parties. These third parties could be OEMs, ODMs, Silicon vendors, module vendors or customers. This responsibility includes design and implementation of sufficient security measures to protect customer applications, network access credentials and data conveyed on the network. Therefore, the question arises of what measures should be mandatory and whether certification or verification of the device security should be required. This document studies the risks related to insufficient security in Sigfox Ready devices in order to raise awareness on this issue within Sigfox and throughout the Sigfox ecosystem. It is also a guide to decide what measures could be required in the design, implementation and manufacturing of Sigfox Ready devices.

Hacking a Professional Drone

Priyanka Aash

Professional drones are now actively used across various industries to perform daily critical operations. In this awareness session, Nils Rodday will perform a live hack which exploits vulnerabilities of the professional drone and effectively compromises the security of the system to take over control. His session will also discuss practical fixes and approaches for remediating these issues. (Source: RSA USA 2016-San Francisco)

Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010

Priyanka Aash

"Existing techniques for bypassing wired port security are limited to attacking 802.1x-2004, which does not provide encryption or the ability to perform authentication on a packet-by-packet basis [1][2][3][4]. The development of 802.1x-2010 mitigates these issues by using MacSEC to provide Layer 2 encryption and packet integrity check to the protocol [5]. Since MacSEC encrypts data on a hop-by-hop basis, it successfully protects against the bridge-based attacks pioneered by the likes of Steve Riley, Abb, and Alva Duckwall [5][6]. In addition to the development of 802.1x-2010, improved 802.1x support by peripheral devices such as printers also poses a challenge to attackers. Gone are the days in which bypassing 802.1x was as simple as finding a printer and spoofing address, as hardware manufacturers have gotten smarter. In this talk, we will introduce a novel technique for bypassing 802.1x-2010 by demonstrating how MacSEC fails when weak forms of EAP are used. Additionally, we will discuss how improved 802.1x support by peripheral devices does not necessarily translate to improved port-security due to the widespread use of weak EAP. Finally, we will consider how improvements to the Linux kernel have made bridge-based techniques easier to implement and demonstrate an alternative to using packet injection for network interaction. We have packaged each of these techniques and improvements into an open source tool called Silent Bridge, which we plan on releasing at the conference."

Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...

Honeywell

CCNP Security-Secure

mohannadalhanahnah

This document discusses network security technologies and Cisco solutions. It covers topics like 802.1X authentication, identity management with Cisco ACS, port security, DHCP snooping, and securing the network infrastructure with Network Foundation Protection. The document appears to be slides from a training course on Cisco's SECURE certification that provides an overview of various network security concepts and Cisco products.

checkpoint

Mayank Dhingra

This document provides an overview and objectives of a training course on VPN-1/FireWall-1 NG Management I. The course aims to teach students how to identify the basic components of VPN-1/FireWall-1 NG, configure and manage it, create and manage management objects, use key features like the security policy and log viewer, apply NAT rules and authenticate users. It outlines the modules to be covered, including the VPN-1/FireWall-1 NG architecture, security policy setup, advanced security policies, log management, and authentication parameters.

CCNP Security-IPS

mohannadalhanahnah

The document discusses Cisco IPSv7.0 and covers several topics: - An overview of the IPSv7.0 exam topics and preparation strategies. - Introduction to intrusion prevention and detection, including deployment options for Cisco IPS sensors. - Applying Cisco IPS security policies through configuration of virtual sensors and event actions. - Managing IPS sensors through the CLI, IDM, and IME and maintaining sensors through software updates.

IEEE MACSec and NSA ESS: How to Protect Your WAN, LAN and Cloud

Priyanka Aash

Mitigating worm attacks

dkaya

Mitigating Worm Attacks seminar discusses tools and techniques for responding to worm incidents in an enterprise network, including containment, inoculation, quarantine, and treatment methodology. Key tools covered are ACLs, NetFlow, sinkholes, and remote-triggered black hole routing to detect and isolate infected systems. Incident response processes including preparation, triage, analysis, reaction, and post-mortem are also reviewed.

Check Point: Security in virtual environment

ASBIS SK

This document discusses security in virtual and cloud environments. It begins by explaining the benefits of virtualization and private clouds for efficiency and cost reduction. It then addresses the growing problem of "VLAN sprawl" as more virtual machines are added. The document introduces Check Point's Security Gateway Virtual Edition as a solution to securely manage growing private clouds by automatically securing new virtual machines, inspecting traffic between VMs, and protecting from external threats. For public clouds, it discusses the need to securely connect, manage security within diverse cloud platforms, and secure the cloud itself with multi-tenant environments. Check Point provides unified management of physical and virtual systems as well as customized security policies to address these challenges of securing virtual and cloud computing.

CSIRS ICS BCS 2.2

David Spinks

This document summarizes a presentation on cyber security in real-time systems. It discusses threats to industrial control systems and SCADA systems, and the differences between traditional IT and industrial control system cultures. It provides examples of attacks on industrial control systems and poor monitoring of SCADA systems. It suggests that security operations centers may provide common ground between IT and ICS. Finally, it discusses recent media reports relating to hacking of rail signaling systems and aircraft systems.

Identify and mitigate high risk port vulnerabilities

GENIANS, INC.

With two thirds of Cyber Attacks occurring on three commonly enabled ports, active open Port Awareness is an essential feature. Without this knowledge it is impossible to assess the potential risk of exposure on a network. With Genian NAC Sensor technology deployed, a separate vulnerability scanner is not required. Less systems to manage means more time and efficiency for IT staff. Additionally, knowing that a network is at risk because these High Risk ports are enabled on various nodes is only half the battle. Being able to rapidly block nodes from the network if required without tracking down the location of a device is crucial. Genian NAC provides real-time open Port Awareness, a means to quickly and easily block a node from network access, the ability to monitor any time a new device with High Risk ports enabled connects to the network and built-in reporting so Admins can mitigate the risk in a timely manner.

Ccna sv2 instructor_ppt_ch2

SalmenHAJJI1

The document discusses securing network devices in CCNA Security v2.0. It covers securing device access through authentication and authorization. It describes monitoring and managing devices securely as well as using automated security features. It discusses securing the control plane through protocols like SNMP, SSH, NTP and routing authentication. The objectives are to configure administrative access, command authorization, secure management, use AutoSecure features, and implement control plane security.

Blackhat USA 2016 - What's the DFIRence for ICS?

Chris Sistrunk

Digital Forensics and Incident Response (DFIR) for IT systems has been around quite a while, but what about Industrial Control Systems (ICS)? This talk will explore the basics of DFIR for embedded devices used in critical infrastructure such as Programmable Logic Controllers (PLCs), Remote Terminal Units (RTUs), and controllers. If these are compromised or even have a misoperation, we will show what files, firmware, memory dumps, physical conditions, and other data can be analyzed in embedded systems to determine the root cause. This talk will show examples of what and how to collect forensics data from two popular RTUs that are used in Electric Substations: the General Electric D20MX and the Schweitzer Engineering Labs SEL-3530 RTAC. This talk will not cover Windows or *nixbased devices such as Human Machine Interfaces (HMIs) or gateways.

Mastering checkpoint-1-basic-installation

networkershome

The document provides an overview of Check Point's Gaia operating system. Some key points: - Gaia is Check Point's next generation operating system that combines the best of their SecurePlatform and IPSO operating systems. - It supports all Check Point security appliances and products, including Software Blades, Gateways, and Security Management. - Features include support for IPv4/IPv6, high connection capacity, load sharing, high availability, dynamic routing, easy CLI, and role-based administration. - Gaia allows for simple upgrades from IPSO and SecurePlatform and includes automated software updates for Check Point products.

DEF CON 23 - NSM 101 for ICS

Chris Sistrunk

Chris Sistrunk discussed implementing network security monitoring (NSM) on industrial control systems (ICS). NSM involves collecting network data through tools like Security Onion, analyzing the data to detect anomalies, and investigating anomalies to identify potential threats. While ICS networks pose different challenges than typical IT networks, the same NSM methodology of collection, detection, and analysis can be applied. Free and open source tools like Security Onion allow implementing NSM on ICS to hunt for threats without disrupting operations. The most important part of NSM is having knowledgeable people to interpret data and identify what is normal versus potentially malicious activity on the network.

Check Point sizing security

Group of company MUK

This document discusses sizing security gateways and selecting the appropriate appliance. It introduces the concept of SecurityPower as a new way to measure an appliance's performance under real-world traffic and multiple security functions. The document recommends using the Appliance Selection Tool to translate a customer's requirements into SecurityPower and suggest a suitable appliance that allows for future growth. It also describes the Performance Utility which collects real performance data to validate the appliance selection.

What's hot (20)

Top 9 Critical Findings - Dramatically Improve Your Organization's Security

CODE BLUE 2014 : [ドローンへの攻撃] マルウェア感染とネットワーク経由の攻撃 by ドンチョル・ホン DONGCHEOL HONG

Check Point Virtual Systems

Secure sigfox ready devices recommendation guide

Hacking a Professional Drone

Bypassing Port-Security In 2018: Defeating MacSEC and 802.1x-2010

Yokogawa & NextNine – Lessons Learned: Global Cybersecurity Management System...

CCNP Security-Secure

checkpoint

CCNP Security-IPS

IEEE MACSec and NSA ESS: How to Protect Your WAN, LAN and Cloud

Mitigating worm attacks

Check Point: Security in virtual environment

CSIRS ICS BCS 2.2

Identify and mitigate high risk port vulnerabilities

Ccna sv2 instructor_ppt_ch2

Blackhat USA 2016 - What's the DFIRence for ICS?

Mastering checkpoint-1-basic-installation

DEF CON 23 - NSM 101 for ICS

Check Point sizing security

Similar to Bezpečnostní architektura Check Point (nejen) pro váš privátní cloud

Zabezpečení softwarově definovaných datových center prostřednictvím Check Poi...

Bezpečnostní architektura Check Point (nejen) pro váš privátní cloud

Related slideshows

More Related Content

What's hot

What's hot (20)

Similar to Bezpečnostní architektura Check Point (nejen) pro váš privátní cloud

Similar to Bezpečnostní architektura Check Point (nejen) pro váš privátní cloud (20)

More from MarketingArrowECS_CZ

More from MarketingArrowECS_CZ (20)

Recently uploaded

Recently uploaded (20)

Bezpečnostní architektura Check Point (nejen) pro váš privátní cloud