Layer 7: The Importance of Standards for Enterprise SOA and Cloud Security
Value, Impact, and Importance of a Geo-IP layer
-
Upload
francesco-trama -
Category
Technology
-
view
81 -
download
0
Transcript of Value, Impact, and Importance of a Geo-IP layer
Geo-IP Layer of SecurityValue, Impact, and Importance In Today's Security Environment
Francesco TramaCo-Founder PacketViper, LLC
Reluctance Of Use
• Management • Data Reliability/ Accuracy • Complexity • Increased Latency
• We’re A Global Company • Proxied Connections • Global Network Economy
?
Today’s Firewall’s
FTP
WWW
VPN
SSH
TELN
IMAP
FTP
WWW
VPN
SSH
TELN
!
!
!
!
Today’s Firewall’s
FTP
WWW
VPN
SSH
TELN
IMAP
(Outbound)
Unwanted Traffic Effects
• Burdens Performance • Increases Logging • Increases Alerting • Increases Management • Reduces Threat Visibility
Low Impact Probing From Many Location
Attacker Advantage: Bots/Proxy
Attacker Advantage: Bots/Proxy Connection Based DDoS
PROTECTED
Attacker Advantage: Bots/Proxy Millions Of Options
Alerting / Logging
Global Economy
Firewall’s With Geo-IP Layer
FTP
WWW
VPN
SSH
TELN
IMAP
FIREWALLFTP
WWW
VPN
SSH
TELN
IMAP
GEO-IP
Effects With Geo-IP Layer
• Burdens Performance • Increases Logging • Increases Alerting • Increases Management • Reduces Threat Visibility
• Improves Performance • Reduces Logging • Reduces Alerting • Less Management • Improved Threat Visibility
PROTECTED
CurrentDMZ
PacketViperGEO-IP LAYER
Allow 80
Allow 80
Allow 80Allow 80,443,25
Allow 80,443,25
Allow 80,443,25
Allow 80,443,25
Allow 80,443,25
Allow 25
Allow 25
Allow 25
Allow 80, 25
Tailor Country Traffic
Allow 80, 25
PROTECTED
PROTECTED
Reduce Proxy Effectiveness
PROTECTED
Combat Connection Based DDoS
Proper Geo-IP Filtering Effects on Proxy/Spoof
• Reduces The Attack Surface • Diminishes Their Effectiveness • Combat Connection Based DDoS Attacks • Improves Detection
Companies At Geo-IP Layer
FTP
WWW
VPN
SSH
TELN
IMAP
FIREWALLFTP
WWW
VPN
SSH
TELN
IMAP
GEO-IP
Effects of Company Filtering In TheGeo-IP Layer
• Tighter Controls To/From Countries • Reduces Risks/Exposures • Better End User Experience
Summary
• Geo-IP Filtering Tools Improve the entire security layer by eliminating the volume through it.
• Geo-IP filtering should are not as robust on Application Layer devices.
• Geo-IP filtering lowers the threat exposure for the entire environment by limiting who has access globally.
• Geo-IP Filtering helps security teams identify threats faster, while reducing management time.
Improve Everything, Replace Nothing
www.packetviper.com Toll Free: 855-758-4737