REGIONAL CLIMATE: PAST AND PRESENT REGIONAL CLIMATE: PAST AND PRESENT.
Advanced Authentication: Past, Present, and Future
-
Upload
secureauth2fasso -
Category
Software
-
view
153 -
download
4
description
Transcript of Advanced Authentication: Past, Present, and Future
© 2014 SecureAuth. All rights reserved.
2
Introduction……………………………………...…Steve Spaun
Channel Systems Overview and
The New Threat Landscape…………………..…Rick Geary
The Past, Present, and Future of
Authentication……………………………………..Milton Keath
Q&A……………………………………………...…Audience
Agenda and Speakers
© 2014 SecureAuth. All rights reserved.
©2012 Channel Systems, LLC. All Rights Reserved.
networking security storage mobility
Our Model Our Goal is to educate and take a true Trusted Advisor approach to
help our customers solve complex use cases.
Our Focus is to continually represent some of the fastest growing and
game changing manufacturer’s technologies in Networking, Security, Mobility and Storage.
Our Value is to help our customers reduce risk, reduce cost, improve
business processes, centralize with an attractive Return on Investment (ROI).
Our Vision is to continually be your analyst by doing research and due
diligence on new and upcoming Infrastructure technologies to add to our portfolio that may help our customers.
Our Commitment is to provide the best service and on time delivery
with the highest level of customer satisfaction.
.
Technology Clients
OUR SOLUTIONS We provide our clients with the best data center solutions in network, security, performance storage
and the endpoint.
Security Solutions Network Solutions
Advanced Malware Detection Access Control
Next Gen Firewall Wireless/WLAN
Database Firewall Load Balancers
Next-Gen NAC Core Network Services
Web App Firewall Gigabit Switches
Data Leakage Prevention Network Monitoring
Security Posture Management Change & Configuration Management
Security Information Event Mgmt Application Performance Monitoring
Identity Management WAN Optimization
Site-to-Site Encryption Routers and Switches
Mobility Performance Storage
Any Device; Any O/S; Any Application 100% Flash Array
Application Control NAS / SAN
Device Control 10X-50X Faster
Patch and Remediation 10X Smaller
Configuration Management 10X Less Power Consumption
Power Management 10X Easier
Antivirus Game-changing Performance
Disk Encryption Less Cost Than Spinning Disk
Identity & Threat Management Enterprise Reliability
Email & Content Management
The New Threat Landscape
© 2014 SecureAuth. All rights reserved.
2/3 of U.S. firms
report that
they have been the
victim of cyber attacks
40% of all IT executives expect a major cybersecurity incident
115% CAGR unique malware
since 2009
9,000+
malicious websites identified per day
00.01 Every second 14 adults become a victim of cyber crime
6.5x Number of cyber attacks since 2006
95 new vulnerabilities
discovered each week
The IT Problem
NEW THREAT LANDSCAPE
Dynamic, Polymorphic Malware Coordinated Persistent Threat Actors
Multi-Vector Attacks Multi-Staged Attacks
Not Secure! What’s Changed?
© 2014 SecureAuth. All rights reserved.
10
Lets go back in history
At One Time… early 90s
The Analyst/Experts felt the ONLY way to
solve software distribution was:
• System Management Services or
• Service Oriented Management Systems
That is:
A centralized software distribution server
That kept all the “Thick Clients’ up to date
For all your latest apps
• Borland
• Sybase
• dBase
• Powerbuilder
Then: • Every time the system needed to update
authentication and workflow: • The CENTERALIZED server
• PUSHED to all the CONTROLLED
CLIENTS
Pretty dated Stuff, eh?
1995 Chrysler K-Car
© 2014 SecureAuth. All rights reserved.
11
Lets go back in history (cont)
ISAPI (and other connectors) are old school
They cause real issues in web deployments:
o Performance – they really degrade performance
o Functionality – They often break existing web and
operating functionality
o Maintenance – They require to be upgraded when web
site/app server are upgraded
• THIS IS THE #1 COMPLAINT FROM ENTERPRISES
However, in Mid 90’s web agents such as ISAPI filters came out and WAM tools are still using them today.
1996 Hit
© 2014 SecureAuth. All rights reserved.
12
Lets go back in history (cont)
What Saved Us… mid 90’s and turn of the Century Was the Web
• Clientless Software
• Server Controlled Software
• No Thick Clients to update • No devices to manage
And:
• WAMs: (Web Access Management)
• Centralized/Abstracted Web:
• SSO • AuthN • AuthZ
The Solution
• Allowed for access control
• To MILLIONS of Users
• And quantified/ access
• AuthN, AuthZ, Audit
• NO CLIENT UPDATES
This is at least, better, no?
2002 Toyota Celica © 2014 SecureAuth. All rights reserved.
13
Lets go back in history (cont)
But, still have agents/connectors/filters.
This is where the ONESIES come in. Integrators come in and hack
a solution together. And what happens when a requirement changes
after 6 months?
Have to undo previous integration.
Have to pay for agent upgrades.
Authentication (2FA) and Trust (SSO) were treated as two
separate solutions.
© 2014 SecureAuth. All rights reserved.
TPAR (Target, Proxy, Authentication, Proxy)
© 2014 SecureAuth. All rights reserved.
15
3 Steps to Typical Enterprise Architecture
1. Development Team creates project
2. Enterprise Architecture Team designs workflow
A. You have to do SSO
B. What type of directory
C. How does it integrate into Apps and user Devices
D. All decisions are based on the 3 R’s
i. Roles
ii. Resources
iii. Regulations
3. Then the deployment guy has to do the integration
© 2014 SecureAuth. All rights reserved.
16
BUT
6 months later something changes
which can require major rewrite
© 2014 SecureAuth. All rights reserved.
17
AUTHENTICATION CHALLENGE
ENTERPRISES FACE
1X ID
DEVICE
PASSWORD
FEW APPLICATIONS
2005 ENTERPRISE USERS:
2014 ENTERPRISE USERS:
nX IDS
DEVICES
PASSWORDS
MANY APPLICATIONS
VS.
BYOD
© 2014 SecureAuth. All rights reserved.
18
Most have heard of the AAA’s of Security
Authentication Authorization Accounting
Now there are actually 5 A’s of Security
Accept Authorization Authentication Accounting Assert
We will go more
in depth later about
TRAR along with the 5 and 6 A’s
Authentication and Trust in One Solution
© 2014 SecureAuth. All rights reserved. 2014 Chevy Volt
TRAR (Target, Redirect, Authentication, Redirect)
{Without Agents or Proxies} Combining both
© 2014 SecureAuth. All rights reserved.
20
Present and very near Future
· Geo Fencing
· Geo Velocity
· IP Reputation
· Threat Intelligence
· TOR, Robot, Anonymizer proxy detection
Authentication, Risk Analysis, and Trust in One Solution
© 2014 SecureAuth. All rights reserved.
50th Anniversary
2015 Mustang
A classic just got better
Future of
Authentication
© 2014 SecureAuth. All rights reserved.
© 2014 SecureAuth. All rights reserved.
In a not too distant future
· Backend Attribute Exchange
Enterprise hosted data on demand through the cloud
· Combining Authentication, Big Data, Risk Analysis,
Business Intelligence and Trust together
Elio
Forward Thinking
© 2012 SecureAuth. All rights reserved. 23
You have an opportunity to win an Amazon gift card
towards a 3D phone.
Schedule, by July 18th 2014, a webinar/technical demo
with Channel Systems for a SecureAuth demo and your
name will be entered into a drawing for the phone.
Please send your request to [email protected].
Channel Systems Certified partner of SecureAuth
24
Q&A Who Title E-mail Phone
Steve Spaun Vice President
+1.817.475.5850
Rick Geary
President [email protected] +1.919.699.0180
Milton Keath
Sr. Sales
Engineer
+1.817.200.7566
SecureAuth
Sales
SecureAuth
Sales
+1.949.777.6959
Contest Entry Amazon 3D
Phone
© 2014 SecureAuth. All rights reserved.