10 Quick Wins with ITIL Webinar

“Documented Common Sense”

June 23, 2009

Matt McKinley, Senior Network Security AnalystStonesoft

matt.mckinley@stonesoft.com

Chris Johnson, PresidentMatt O’Buck, International Account Executive

Open Access Systems Corporation chrisj@oasyscorp.commatt@oasyscorp.com

http://www.oasyscorp.com/itilv3map.html

RACI Matrix - Focus on Security Activities

CONTROL

EVALUATEDetect security breaches

React to the incidents

MAINTAINRecover your systems

IMPLEMENT Protect your assets

PLANIdentify the risksRevise processes & protection

Security as a Process

Virtual FWVirtual FWVirtual FWVirtual FW

1. One-step Security Management

One-step Management

Events

Traditional Device ManagementFW Mgmt IPS Mgmt Incidents

Disparate consolesLabor intensive

Manual device updatesInherent human errorSlow threat mitigation

Single management consoleCreate once, deploy everywhereAutomatic policy/rule executionReal-time accelerated response

to threats

• Create once, use everywhere configuration• Common element database

• Stores all configurations – security policies to OS settings

• Component re-use = less human errors

• Always-on management• Built-in disaster recovery

• Repository backup & task automation

• Customizable roles, rights and actions

• Simultaneous administration

2. Central Repository (Service Knowledge Database)

3. Role-based Access Control (RACI Matrix)

• One administrator can have several roles• Access control lists enable grouping of

granted objects• Support for RADIUS authentication

4. Logs & Auditing (Reports, Compliance, Access)

• Use audit logs and element meta data to find out WHAT has been changed, WHO has changed it and WHEN has this happened

5. Next Generation Policy Management

• Efficient policy management with template-based rule bases and sub-rule bases

5. Next Generation Policy Management (cont.)

• Find unusued rules, undo/redo changes, create new rules from logs• View rule hit counts (within specified time) in the policy editor• Undo/redo the changes in the policy editor• Organize your policy with the help of collapsible rule comment sections• Create new rules directly from the logs • Search matching rules quickly

• Customizable dashboards & alerting chains

• Geographic pinpointing of IP addresses

• Web portal for monitoring security from any device

6. Real-time Monitoring & Alerting(Service Operations)

7. Accelerated Incident Management(Service Operations)

• Correlated view• Real-time & historical

views• Detailed audit histories

• Powerful data mining engine

• Drag & drop log filtering• Efficient & accurate data

retrieval• Statistical event analysis

• Incident case management

• Suspect activity centrally collected

• Investigation audit trail

8. Multi-Link™ Communication (Availability & Capacity Management)

• Seamless circuit failover• Active/active

• Eliminates costly failover systems or BGP management

• Low-cost alternative to Frame Relay, MPLS

• Scalable and secure • Unlimited number & types

of connections

• Support for emerging technologies • VoIP, video conferencing

Remote Office

Corporate Headquarters

MPLSINTERNET

DSLCable Modem

DSL

8. Drop-in Active Clustering (cont.) (Availability & Capacity Management)

Firewall/VPN Cluster

• Uniquely cluster up to 16 devices

• Achieve Five Nines availability

• Zero impact to network re-configuration• No maintenance window required

• Clusters managed as “single” instance

• Clustered VPN – provides seamless failover

Node 1

33%

Node 2

33%

Node 3

33%

8. Dynamic Server Load Balancing (cont.) (Availability & Capacity Management)

• Eliminates the need for external hardware• Unlimited server load balancing

• Intelligently monitor availability & health

• Optimized traffic

• Automatic corrective actions

• Transparent server maintenance

• Automatically distribute traffic• No restrictions on number of servers or

client connections

Server Pool

Load Balancing

9. Interactive Reporting

• Enhanced customizable graphical reports • Automated generation & distribution• System auditing reports & audit trails• Comparative analysis of security policies

• No forklift upgrades – phased-in approach• Always-on connectivity technologies

• Third-party event management

• Rule-base translation tools

• Turnkey solutions delivery

• Direct support vs. tiered support• Dedicated engineers, average 6+ years

experience

• Follow the sun – Atlanta and Helsinki

• Commitment to customer success throughout organization

• Track record of technology innovation• 38 patents & 28 patents pending

10. Stonesoft – Powered by Reliability

2008 Customer Satisfaction

Results

95% OverallSatisfaction

“The superior level of support provided by Stonesoft is the benchmark we use to measure all of our other vendors.”

- National City Bank

10 Quick WinsStonesoft ITIL Win

1. One-step Security Management Single pane of glass view Improves Security Management across the entire enterprise from core to edge.

2. Central Repository Current, correlated Service Knowledge Database shares information for reporting.

3. Role-based Access Control Centrally managed information access based on roles directly implemented by the SMC.

4. Logs & Auditing Easily accessible and ensures Compliance.

5. Next Generation Policy Management Standardized policies, consistency with less administration , SLA/OLA Management, at perimeter and internal.6. Real-time Monitoring & Alerting More efficient Service Operations.

7. Accelerated Incident Management Faster Troubleshooting & Resolution; feeds a knowledge error database.

8. Patented Multi-Link Communication,

Drop-in Active Clustering, Dynamic Server Load Balancing

Guaranteed High Availability at the component and link level for reliability, to ensure Always-on Connectivity; Enhanced and Secure Data Delivery.

9. Interactive Reporting Reports for Continual Service Improvements

10. Stonesoft Reliability Easy Implementation, Reliability, Maintainability & proven long-term Serviceability.

Thank You

(866) 869-4075info.americas@stonesoft.com

www.stonesoft.com