Post on 31-Dec-2015
description
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
HP Security Services
Svetlana Stepanova/ November 7th, 2014
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
PresentationHP Services Solution Architect
• More then 10 years in HP
• Strong technical background with onsite technical support as an engineer and Account Support Manager
• ITIL v3 Expert and Certified EXIN Instructor
• ISO/IEC 27001 Lead Auditor
• TOGAF 9 Certified
• HP, Microsoft product certifications
HP’s Approach to Information SecuritySecurity is in the top 5 IT Technology Priorities
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Challenges enterprises and governments are facing
Nature and motivation of attacks(Fame to fortune, market adversary)1
ResearchInfiltration Discovery
CaptureExfiltration
Transformation of enterprise IT(Delivery and consumption changes)2 Consumption
Traditional DC
Private cloud
Managed cloud
Public cloud
Virtual desktopsNotebooks TabletsSmart phones
Delivery
Regulatory pressures(Increasing cost and complexity)3 Basel III
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
HP Holistic security approach InformationSecurityServiceManagement (ISSM) MethodologySecurity is more than just technology and products
People
Determines if the right staff are performing the correct roles to oversee security
Policy & Procedures
Determines if the right set of policies and procedures are in place to govern the security and continuity
Processes
Determines if the proper security / continuity process models are in place to safeguard the transference of data between consumers and providers
Products
Determines if appropriate defense-in-depth technologies / solutions are in place to manage / mitigate risk
Proof
Determines if the correct validation methods, metrics, and / or Key Performance Indicators (KPIs) are used to track control effectiveness
P1
P2
P3
P4
P5
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Disrupt the adversary, manage risk, and extend your capabilities
HP Security
Disrupt the adversarySecurity technology
Reduce cost & complexityAdvisory & management
5000+
Manage riskRisk & compliance
HP’s Security Services
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
HP’s security services
Advise Transform Manage
Roadmap Operate / EvolveImplementDesignStrategy
Vulnerability Assessment
HP and 3rd party tools
Network Security Design Security Products
Implementation ServiceArcSight
TippingPoint
Maturity Assessment
HP P5 and CMM
Penetration Testing
HP and 3rd Party Tools
AuditISO 27001, PCI DSS
IS Strategy and architecture
Define Security Controls
HP and 3rd partyRisk Assessment
HP P5 and CMM
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Next-Generation IPS
Next-Generation Firewall
Network Protector SDN Application
Reputation Digital Vaccine
Secure the perimeter and mobile worker
Dynamic threat protection
Secure the data and apps that matter
Networking
Create a security offering no other company can duplicate
Our capabilitiesH
P S
ecu
rity
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Converging network and security trends
Network trends
• SLA requirements• Network visibility• Network
complexitySecurity trends
• Emerging threats• Scalability/
management • Regulatory
pressuresSoftware Defined Networking (SDN) with HP Networking and HP Enterprise Security Products can solve networking and security challenges
Pain points Required solutions
Changing infrastructure needs and network upgrades
Flexible solutions that scale with changing customer requirements
Evolving threats, increasing number of attack vectors and rising data breach costs
High-performing solutions with high degree of security effectiveness and a low TCO
New systems and applications deployed on the network
Complete visibility to monitor network behavior and provide actionable security intelligence
Mobile, BYOD and cloud trends adding network and security management complexity
Easy-to-use management system that deploys updated policy configurations to all devices on the network
Complicated management systems requiring overhead costs and dedicated resources
Integrated application control, user behavior and IP monitoring through single management interface
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Log management, security information and event management (SIEM)
A new approach: See everything with HP ArcSight
Collect Collect logs from any device, any source, and in any format at high speed
Consolidate Machine data is unified into a single format through normalization and categorization
Correlate Real-time, cross-device correlation of events
Collaborate Automate the process of event analysis, information sharing for IT GRC, IT security, and IT operations
Approach Benefit
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
AssessFind security vulnerabilities in any type of software
AssureFix security flaws in source code before it ships
ProtectFortify applications against attack in production
Software security assurance
Application assessment
Application protection
HP Fortify helps you protect your applications
In-houseOutsourcedCommercialOpen source
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
HP Security Solutions for Cloud Deployments
HP Arcsight SIEM
ArcSight connectors
On-premise data center
HP Fortify App.Scanning
HP TippingPointvController
SAASProviders
Private cloud
HP ArcSight SIEM
Off-premise data centerHP FortifyApp. Scanning
HP TippingPointvController Managed cloud
Off-premise service provider
Public cloud
HP ArcSight SIEM
HP FortifyApp. Scanning
HP TippingPointvController
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Thank you