UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
Presentation gdl
1. Reduzca costos y la complejidad de la seguridad en su negocio Juan Carlos Carrillo Security Sales Leader viernes 9 de julio de 2010
2. agenda 6 5 IBM ISS product solutions 4 IBM Security Framework 2 X-Force® 2008 Trend & Risk Report Highlights 1 3 IBM ISS service solutions IBM ISS security consulting solutions Q&A
15. IBM ISS Solutions 07/09/10 IBM has the unmatched local and global expertise to deliver complete solutions and manage the cost and complexity of security. In addition, X-force, IBM ISS’ security and development organization, is one of the best-known commercial groups in the world. It discovers 30-60% of all vulnerabilities and captures more than 2 billion events per day
22. Performance Flexibility: IPS beyond the perimeter “… It is important to mandate that all ingress (inbound) traffic run through a segment of inline network intrusion protection. Trace packet flows to ensure that each packet entering your network passes through at least one IPS sensor… ”
28. Case Study in Proventia ESC Savings: Financial Customer Moved from low 80% success rate to 95% success rate with real-time reporting ~5 minutes 1 4 1 week for all infrastructure 800 90,000 After Proventia ESC Key Matrix Before Proventia ESC The Results # of Managed Endpoints 40,000 out of 90,000 50K unknown endpoints Uncovered 50K previously unknown endpoints # of Locations 100+ Expanded locations by 700 Time to Install 8+ months for all infrastructure Saved more than 7 months for new agent installation # of Required Administrators 20 Reduced required admins by 1/5th # of Dedicated Servers 25 Reduced dedicated servers by 24 Time to complete an enterprise wide full discovery, remediation and reporting cycle ~7 days Saved 6 days, 23 hours, and 55 minutes for enterprise wide discovery…
32. Source: IBM Internet Security Systems, 2008 Security Management Monthly Annual Assumes full security staff of 10 providing 24x7x35 coverage, managing 12 HA Firewalls and 6 IDS engines, attending 2 training classes/yr, 20% employee turnover, equipment costs allocated over 3 years, and maintenance costing15% of total equipment costs. In this example, leveraging a managed protection provider yields a 55% savings over in-house security In-house ISS Managed Security Cost Savings $82,592 $37,671 $44,921 $995,102 $452,051 $543,051 Cost Savings at a Glance
To replace the title / subtitle with your own: Click on the title block -> select all the text by pressing Ctrl+A -> press Delete key -> type your own text
Speaker’s notes: We take data from a lot of various disciplines including the Web filtering database second only to Google that provides analysis for more than 9 billion Web sites and images, we also see what kind of intrusion attempts the managed services team sees across its customer base currently tracking at 150 million per day, we have more than 40 million documented spam attacks, and 40,000 documented vulnerabilities from both internal research and external disclosures. This report is unique in the fact that the sources listed above provide varying perspectives on the threat landscape to together provide a cohesive look at the industry based on factual data from the various research functions within the broader X-force team and databases.
To replace the title / subtitle with your own: Click on the title block -> select all the text by pressing Ctrl+A -> press Delete key -> type your own text
To replace the title / subtitle with your own: Click on the title block -> select all the text by pressing Ctrl+A -> press Delete key -> type your own text
Architecture of PAM (with highly efficient software) gives Proventia the capacity (CPU utilization) to add new modules of protection without degrading core IPS security effectiveness Client Benefits Security convergence eliminates the costs of deploying and managing point products Increasing value of existing Proventia IPS deployments Example: Proventia Content Analyzer added in Q1 2008 for data security Example: Proventia Web application security add Q2 2009
All of these security solutions have a specific role to play. And depending on your business, you may rely on certain best-of-breed security products to protect the assets that matter most. That’s a strategic approach. But there is a downside to all of the security innovation of the past 10 years…. You’re now dealing with multiple security agents on the endpoint—so many, that its bogging down the machines themselves, and diverting your IT staff from more critical endeavors. Just consider the average amount of security agents on the endpoint at a mid-size company: There’s data loss prevention, Encryption, Removable media control Intrusion prevention system for the host Anti-virus with spyware prevention An asset and data loss prevention solution to check back with the central console periodically And Computer forensics That’s eight agents for security alone. Eight solutions under management. Eight solutions rolling out periodic product updates. Eight solutions using up memory and computing power. In this diagram, we see the total memory usage at 146,172 KB for a single endpoint.
To replace the title / subtitle with your own: Click on the title block -> select all the text by pressing Ctrl+A -> press Delete key -> type your own text
There’s always something of our VSOC platform the customer can use… it’s just a question of asking him what they currently have in place security wise and adding our options. Some might have a NOC in place… NOC <> SOC NOC Merely handles fixed procedures, SOC looks at the possible impact and results of some events All customers’ answers can be address with some service… This is VSOC, the combination of all these concepts – it’s a whole platform. - Left side of the screen, all full blown services by managed products. Customer typically has nothing yet and needs it all. - Right side; the customer might have some products, people, procedures and need parts of the whole services. They’ll want to keep the existing services etc, but need something extra. You’re thus enabling the customer to do the work – whereas they can add something of VSOC Customer might have logs, but nothing to store/analyze them… then why bother keeping logs… We can offer them log management services where we can import logs from about anything. XFTAS is free when you buy anything else, this however might be the only thing they need. Governments love this as they already have something inhouse and can use the intelligence from ISS in addition to their internal service. - The middle part is the initial screen of the portal – don’t sell the customer a single part from the right or left, sell them what they need… The system is the same, same backend – can scale on to any other service.
This chart is just an example of the cost savings clients find they gain by choosing to partner with us for MSS vs. doing it in-house. Many clients calculate a savings of up to 55%.
To replace the title / subtitle with your own: Click on the title block -> select all the text by pressing Ctrl+A -> press Delete key -> type your own text
IBM ISS XFERS is intended to help customers prepare for, manage, and respond to computer security incidents, usually consisting of one or more occurrences (or suspected occurrences) of the following types of activity: Attack: Hostile action (or threats of hostile action) that has the intent to expose or publicize your confidential electronic data, or cause that data to become inaccessible. Computer Crime: Dishonest, fraudulent, malicious, or criminal use of your computer systems and networks to obtain financial benefit. Computer Malware: Introduction or spread of unauthorized malicious code (including “Trojan horses,” “worms,” and “logic bombs”), or the threat thereof, that propagates itself throughout your computer systems and networks. Extortion: Threat or connected series of threats to commit a computer crime, introduce or spread a computer virus, or adversely affect your reputation or public standing involving a demand for funds or property to be paid or delivered. Data Breach: Unlawful taking of your electronic data stored in a computer system, or the electronic data of a third party stored in a computer system for which you are legally responsible. Unauthorized Access: Access gained to your computer systems and networks by unauthorized persons, or by authorized persons in an unauthorized manner. Unauthorized Use: Use of the capacity (memory, bandwidth, etc.) of your computer systems and networks by unauthorized persons, or by authorized persons in an unauthorized manner.
To replace the title / subtitle with your own: Click on the title block -> select all the text by pressing Ctrl+A -> press Delete key -> type your own text