Security and Application Control with HP Next Generation ...h41382. · • Set and forget security...
Transcript of Security and Application Control with HP Next Generation ...h41382. · • Set and forget security...
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Security and Application Control with HP Next Generation Firewall Julian Palmer HP TippingPoint, Enterprise Security Products
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 2
Today’s IT Security Manager • Often a dual role, responsible for networking and security • Pains include:
• Too much to do, not enough time to focus on security • Fears he’s not always ahead of the threats
Limited visibility,
across network
How to Keep the Network
Reliable
More applications & bandwidth
demands
Networking Worries Security Worries
New threats & threat vectors
Security without loss of network bandwidth
Multiple devices to
support and manage
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 3
HP NGFW is…
Effective • Enterprise FW+ NGIPS • Proven accuracy • Automatic updates • Zero Day threat protection • Protect users and disrupt
botnets with RepDV • Optimize network
performance with application and user policy
Simple • Deploys in minutes • Easy and powerful
management • Unified management of
NGIPS and NGFW • Set and forget security
Reliable • Inline deployment without
affecting network performance
• Active-passive 2-node high availability
• Transparent bypass • Built on HP’s proven
“seven 9s” NGIPS
Leverage the power of HP Enterprise Security with NGFW & ArcSight
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 4
HP NGFW portfolio
Branch Campus Data Center S1050F S3010F S3020F S8005F S8010F
FW only 500Mbps 1Gbps 2Gbps 5Gbps 10Gbps FW + IPS @512 bytes 250Mbps 500Mbps 1Gbps 2.5Gbps 5Gbps New Connections/second 10,000 20,000 20,000 50,000 50,000 Concurrent Connections 250,000 500,000 1M 10M 20M Aggregate VPN Throughput (big pkts) 250 Mbps 500Mbps 1Gbps 1.5Gbps 3Gbps VPN Tunnels 2500 5000 7500 7500 7500 Redundant Power Supply/Fans No Yes Yes Yes Yes Replaceable User Disk 8GB 8GB 8GB 32GB 32GB Integrated I/O 8xGbE 8xGbE
8xSFP 8xGbE 8xSFP
8xGbE 8xSFP
4x SFP+
8xGbE 8xSFP
4x SFP+
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 5
Security Simple
Set and forget security
Unified management of NGIPS and NGFW
Effective
Enterprise Firewall
Next Generation IPS
Zero day protection
Security updates
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Security Protect Your Network
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Firewall Profiles
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Inspection Profiles
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Keeping Security Current
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 10
Application Control Simple
Control apps
Application categories
Effective
Automatic app updates with DV subscription
Optimize network performance
Apply user and group policy
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Application Control Block or limit undesirable applications to protect your network
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 12
Reporting Simple
Dashboard view of security and traffic
Automatic report publication
Effective
Powerful reporting
Monitor critical security events
Monitor app behaviour
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Reporting At a Glance Security and Health Reporting
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Events Forensic Analysis of Security and Traffic
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Reports Trend Reporting, Compliance and Efficacy
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 16
Reliability Simple
Deploy high availability cluster
Effective
Shared security policy
Keep the network up
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Reliability Keep the network up with High Availability Clusters
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Configuring the Cluster Setting up Shared Settings and Basic Firewall Rules
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Cluster Failover Keeping the Network Up
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 20
“The NGFW interface is outstanding.” -- Beta customer quote
"We were impressed with how intuitive the LSM was and we configured it without much assistance once our SE had given us a brief tour of the interface and explained how the rules were processed.“ -- Beta customer quote
"Overall I was very impressed, combining your existing IPS platform with the new NGFW has made for an incredibly feature rich device. I only just managed to scratch the surface of all the features.” -- Beta customer quote
"Overall this is an excellent functional firewall, we will feedback some further information as we progress with the testing.” -- Beta customer quote
Beta customer quotes
50% internal 24 beta sites 2 partner sites
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Thank you
© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Security for the new reality