ZERO TRUST IDENTITY · 3:30 Adaptive Access Management for Enterprises SecureAuth / Netskope /...
Transcript of ZERO TRUST IDENTITY · 3:30 Adaptive Access Management for Enterprises SecureAuth / Netskope /...
ZERO TRUST IDENTITY
Identity is the Center of Security– The Future is Now!– Zero Trust Identity
• Users Data, and Devices are uniquely tied together
• Users and devices are untrustworthy
SESSIONSTime Session Partners
2:30 Access Management Verifies Enterprise Mobility Management Status of Mobile Device
Ping / Vmware
3:00 Complete Security for your AWS deployment Okta / Netskope / LogRhythm / CyberArk
3:30 Adaptive Access Management for Enterprises SecureAuth / Netskope / LogRhythm
4:00 Delegation of Access Management and trust elevation for privileged access
Gemalto / Ping / BeyondTrust
4:30 Access Management checks for Cloud Access Security Broker
Ping / Netskope / Optiv
5:00 Identity Governance Attestation of Privileged Account Management
SailPoint / CyberArk / LogRhythm
Adaptive Access Management for Enterprises
ADAPTIVE ACCESS MANAGEMENT FOR ENTERPRISES
• Problem
– Access Management systems also need to be able to respond to changing threats, while working more closely with other security layers, to prevent data loss.
• Zero Trust Capabilities
– Never trust the existing user session based on Fraud and Risk data
– Continually monitor behavior across systems
– Dynamically change users’s access based on behavior activity
• IDSA Use Cases
– Access Management Utilization of Risk Data
– Access Management Cloud Access Security Broker Security Policy Enforcement
+
Access Management
Identity Governance
Identity Administration
SIEM
EMMDLP
CASBPAM
GRC
Network Security
UEBA
Service Mgmt
Fraud & RiskDAG
IDENTITY SECURITY
Adaptive Access Management for Enterprises
ARCHITECTUREINFRASTRUCTURE
On-Premise
Managed Devices
SANCTIONED CLOUD APPS
A D
C o n n e c t o r
Netskope Cloud Tenant
1. Netskope consumes AD group info for RBAC
2. SecureAuth consume AD users and groups for AAA.
3. LogRhythmconsumes Netskope log data for analytics
4. SecureAuth consumes and creates risk data
5. LogRhythmAPI call to update risk and user groups with SecureAuth
6. Managed devices have Netskope client installed for traffic steering
7. SecureAuth provides SSO for sanctioned cloud applications
Secure AuthNON-SANCTIONED CLOUD
APPS
11
12
13
14
17
15
SecureAuthRisk Data
15
16
ARCHITECTUREUSER TRAFFIC
7
On-Premise
Managed Devices
SANCTIONED CLOUD APPS
A D
C o n n e c t o r
1. User logs into SecureAuth
2. SecureAuthauthorizes access based on risk criteria
3. Netskope enforces role based access controls
4. Allowed Traffic is sent to sanctioned or unsanctioned apps
Secure AuthNON-SANCTIONED CLOUD
APPS
11
12
13
14
14
a. IP Analysis & 2FAb. Syslog feedc. SmartResponse:
Identity & Risk Update
d. User Auth & Risk Data
e. Syslog feedf. Netskope Directory
Importerg. CASB Traffic
h. Authenticationi. User Traffic
Netskope Cloud Tenant
DEMO
FOLLOW UP• SecureAuth IDP is the centralized secure access management solution for user
identities across both Enterprise and Consumer use cases.
– Leverages the broadest set of Adaptive Risk Layers in the industry
• LogRhythm partnership allows utilization of UEBA and CloudAI intelligence– Ability to act on Risk Score via Adaptive Authentication Engine
• Integrations with Netskope provide access control to client’s sanctioned applications from unmanaged devices via reverse proxy
FOLLOW UP• Netskope is the enforcement for cloud services.
– Enforce policy on sanctioned services even for unmanaged devices without an agent
• Netskope’s Cloud XD generates rich, contextual and actionable data – log data can be used to decrease threat response time, mitigate risk
and increase security posture through automation
• Open Platform / Interoperability – Flexible deployment architectures and integrations provide the the
ability to address most use case with comprehensive automations that scale for the future.
QUESTIONS
MEMBERS