Submit Search
Upload
Harnessing the Power of Metadata for Security
•
Download as PPTX, PDF
•
1 like
•
527 views
J
John Pollack
Follow
Discover the power of network metadata to disrupt the attack chain.
Read less
Read more
Technology
Report
Share
Report
Share
1 of 20
Download now
Recommended
Visibility and Automation for Enhanced Security
Visibility and Automation for Enhanced Security
patmisasi
Zenith Live - Security Lab - Phantom
Zenith Live - Security Lab - Phantom
Zscaler
State of the Internet: Mirai, IOT and History of Botnets
State of the Internet: Mirai, IOT and History of Botnets
Rahul Neel Mani
Palo Alto Networks - Magnifier
Palo Alto Networks - Magnifier
Jisc
Gigamon Systems Case Studies
Gigamon Systems Case Studies
gigamon
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
centralohioissa
Top 5 predictions webinar
Top 5 predictions webinar
Zscaler
Netpluz corp presentation 2020
Netpluz corp presentation 2020
Netpluz Asia Pte Ltd
Recommended
Visibility and Automation for Enhanced Security
Visibility and Automation for Enhanced Security
patmisasi
Zenith Live - Security Lab - Phantom
Zenith Live - Security Lab - Phantom
Zscaler
State of the Internet: Mirai, IOT and History of Botnets
State of the Internet: Mirai, IOT and History of Botnets
Rahul Neel Mani
Palo Alto Networks - Magnifier
Palo Alto Networks - Magnifier
Jisc
Gigamon Systems Case Studies
Gigamon Systems Case Studies
gigamon
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
Ken Czekaj & Robert Wright - Leveraging APM NPM Solutions to Compliment Cyber...
centralohioissa
Top 5 predictions webinar
Top 5 predictions webinar
Zscaler
Netpluz corp presentation 2020
Netpluz corp presentation 2020
Netpluz Asia Pte Ltd
Accelerate your digital transformation
Accelerate your digital transformation
Cloudflare
Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?
Zscaler
Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...
shira koper
Overcoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the Cloud
Zscaler
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
Faster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in aws
Zscaler
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
AccuKnox
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Zscaler
Key Elements of a Security Delivery Platform
Key Elements of a Security Delivery Platform
John Pollack
Migration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscaler
Zscaler
The evolution of IT in a cloud world
The evolution of IT in a cloud world
Zscaler
Dissecting ssl threats
Dissecting ssl threats
Zscaler
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
MarketingArrowECS_CZ
Be the Hunter
Be the Hunter
Rahul Neel Mani
DDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & Information
jenkoon
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the Cloud
Zscaler
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Erin Sweeney
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
Zscaler
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)
Cloudflare
Optimizing your google local listing for search
Optimizing your google local listing for search
WebFX
Wireless Investigations using Xplico
Wireless Investigations using Xplico
Chris Harrington
More Related Content
What's hot
Accelerate your digital transformation
Accelerate your digital transformation
Cloudflare
Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?
Zscaler
Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...
shira koper
Overcoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the Cloud
Zscaler
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
Faster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in aws
Zscaler
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
AccuKnox
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Zscaler
Key Elements of a Security Delivery Platform
Key Elements of a Security Delivery Platform
John Pollack
Migration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscaler
Zscaler
The evolution of IT in a cloud world
The evolution of IT in a cloud world
Zscaler
Dissecting ssl threats
Dissecting ssl threats
Zscaler
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
MarketingArrowECS_CZ
Be the Hunter
Be the Hunter
Rahul Neel Mani
DDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & Information
jenkoon
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the Cloud
Zscaler
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Erin Sweeney
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
Zscaler
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
Zscaler
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)
Cloudflare
What's hot
(20)
Accelerate your digital transformation
Accelerate your digital transformation
Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?
Intent Based Networking: turning intentions into reality with network securit...
Intent Based Networking: turning intentions into reality with network securit...
Overcoming the Challenges of Architecting for the Cloud
Overcoming the Challenges of Architecting for the Cloud
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
Faster, simpler, more secure remote access to apps in aws
Faster, simpler, more secure remote access to apps in aws
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Virtualized Firewall: Is it the panacea to secure distributed enterprises?
Key Elements of a Security Delivery Platform
Key Elements of a Security Delivery Platform
Migration to microsoft_azure_with_zscaler
Migration to microsoft_azure_with_zscaler
The evolution of IT in a cloud world
The evolution of IT in a cloud world
Dissecting ssl threats
Dissecting ssl threats
Security as an Accelerator for Cloud Adoption
Security as an Accelerator for Cloud Adoption
Be the Hunter
Be the Hunter
DDos Attacks and Web Threats: How to Protect Your Site & Information
DDos Attacks and Web Threats: How to Protect Your Site & Information
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the Cloud
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
Rethinking Cybersecurity for the Digital Transformation Era
Rethinking Cybersecurity for the Digital Transformation Era
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)
Viewers also liked
Optimizing your google local listing for search
Optimizing your google local listing for search
WebFX
Wireless Investigations using Xplico
Wireless Investigations using Xplico
Chris Harrington
AFDC_Cyber2016_SponsorInfo
AFDC_Cyber2016_SponsorInfo
David Simpson
Giga vue hb1 event rolling presentation-final-1
Giga vue hb1 event rolling presentation-final-1
Christopher Lee
Eyeing the Onion
Eyeing the Onion
bsidesaugusta
Security Onion: peeling back the layers of your network in minutes
Security Onion: peeling back the layers of your network in minutes
bsidesaugusta
The Executive’s Guide to a Cohesive Internet Marketing Strategy
The Executive’s Guide to a Cohesive Internet Marketing Strategy
WebFX
Gigamon 1Q15 Investor Relations Presentation
Gigamon 1Q15 Investor Relations Presentation
InvestorRelations
Inside the circle of trust: Data management for modern enterprises
Inside the circle of trust: Data management for modern enterprises
Experian Data Quality
Detecting Malicious SSL Certificates Using Bro
Detecting Malicious SSL Certificates Using Bro
Andrew Beard
Presentationfor lnl
Presentationfor lnl
WebFX
The banking & Fintech app market in the United States
The banking & Fintech app market in the United States
AT Internet
Maximizing Your Online Presence
Maximizing Your Online Presence
WebFX
On-Page SEO Checklist
On-Page SEO Checklist
WebFX
WebEx Avago Presentation for Eccolo Media 2010
WebEx Avago Presentation for Eccolo Media 2010
Matthew McHale
Everything you wanted to know about cabling but were afraid to ask
Everything you wanted to know about cabling but were afraid to ask
Emulex Corporation
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...
Grant Swanson
Gigamon GigaVue 2404 Hardware Tour
Gigamon GigaVue 2404 Hardware Tour
Bill Sipovic
Fujitsu Iccad Presentation--Enable 100G
Fujitsu Iccad Presentation--Enable 100G
kennliu
Q1 fy15 earnings call slides draft 9-3-2014
Q1 fy15 earnings call slides draft 9-3-2014
Jo Thorgen
Viewers also liked
(20)
Optimizing your google local listing for search
Optimizing your google local listing for search
Wireless Investigations using Xplico
Wireless Investigations using Xplico
AFDC_Cyber2016_SponsorInfo
AFDC_Cyber2016_SponsorInfo
Giga vue hb1 event rolling presentation-final-1
Giga vue hb1 event rolling presentation-final-1
Eyeing the Onion
Eyeing the Onion
Security Onion: peeling back the layers of your network in minutes
Security Onion: peeling back the layers of your network in minutes
The Executive’s Guide to a Cohesive Internet Marketing Strategy
The Executive’s Guide to a Cohesive Internet Marketing Strategy
Gigamon 1Q15 Investor Relations Presentation
Gigamon 1Q15 Investor Relations Presentation
Inside the circle of trust: Data management for modern enterprises
Inside the circle of trust: Data management for modern enterprises
Detecting Malicious SSL Certificates Using Bro
Detecting Malicious SSL Certificates Using Bro
Presentationfor lnl
Presentationfor lnl
The banking & Fintech app market in the United States
The banking & Fintech app market in the United States
Maximizing Your Online Presence
Maximizing Your Online Presence
On-Page SEO Checklist
On-Page SEO Checklist
WebEx Avago Presentation for Eccolo Media 2010
WebEx Avago Presentation for Eccolo Media 2010
Everything you wanted to know about cabling but were afraid to ask
Everything you wanted to know about cabling but were afraid to ask
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...
Gigamon U - Real Time Real Clear, Real Time Solutions for Today’s Application...
Gigamon GigaVue 2404 Hardware Tour
Gigamon GigaVue 2404 Hardware Tour
Fujitsu Iccad Presentation--Enable 100G
Fujitsu Iccad Presentation--Enable 100G
Q1 fy15 earnings call slides draft 9-3-2014
Q1 fy15 earnings call slides draft 9-3-2014
Similar to Harnessing the Power of Metadata for Security
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITY
ETDAofficialRegist
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Cristian Garcia G.
Where in the world is your Corporate data?
Where in the world is your Corporate data?
Ashish Patel
In memory computing principles by Mac Moore of GridGain
In memory computing principles by Mac Moore of GridGain
Data Con LA
TechWiseTV Workshop: Cisco DNA Center Assurance
TechWiseTV Workshop: Cisco DNA Center Assurance
Robb Boyd
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Cloudera, Inc.
Security Delivery Platform: Best practices
Security Delivery Platform: Best practices
Mihajlo Prerad
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...
Keith Kraus
Big Data Analytics to Enhance Security
Big Data Analytics to Enhance Security
Data Science Thailand
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
Adelaide Hill
2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the Union
Cloudera, Inc.
Security Breakout Session
Security Breakout Session
Splunk
Cyber Security 101
Cyber Security 101
Cloudflare
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec
Protecting What Matters Most – Data
Protecting What Matters Most – Data
Fujitsu Middle East
Zero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOps
Araf Karsh Hamid
Graph Gurus Episode 22: Guarding Against Cyber Security Threats with a Graph ...
Graph Gurus Episode 22: Guarding Against Cyber Security Threats with a Graph ...
Amanda Morris
Extending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the Endpoint
Lancope, Inc.
Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?)
MITRE ATT&CK
Similar to Harnessing the Power of Metadata for Security
(20)
THE ESSENTIAL ELEMENT OF YOUR SECURITY
THE ESSENTIAL ELEMENT OF YOUR SECURITY
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Where in the world is your Corporate data?
Where in the world is your Corporate data?
In memory computing principles by Mac Moore of GridGain
In memory computing principles by Mac Moore of GridGain
TechWiseTV Workshop: Cisco DNA Center Assurance
TechWiseTV Workshop: Cisco DNA Center Assurance
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Delivering User Behavior Analytics at Apache Hadoop Scale : A new perspective...
Security Delivery Platform: Best practices
Security Delivery Platform: Best practices
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...
Streaming Cyber Security into Graph: Accelerating Data into DataStax Graph an...
Big Data Analytics to Enhance Security
Big Data Analytics to Enhance Security
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Symantec Webinar: What Cyber Threats Are Lurking in Your Network?
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
Enhancing Your Security Infrastructure with Infoblox Threat Intelligence Webinar
2016 Cybersecurity Analytics State of the Union
2016 Cybersecurity Analytics State of the Union
Security Breakout Session
Security Breakout Session
Cyber Security 101
Cyber Security 101
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Symantec Webinar | Security Analytics Breached! Next Generation Network Foren...
Protecting What Matters Most – Data
Protecting What Matters Most – Data
Zero-Trust SASE DevSecOps
Zero-Trust SASE DevSecOps
Graph Gurus Episode 22: Guarding Against Cyber Security Threats with a Graph ...
Graph Gurus Episode 22: Guarding Against Cyber Security Threats with a Graph ...
Extending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the Endpoint
Automation: The Wonderful Wizard of CTI (or is it?)
Automation: The Wonderful Wizard of CTI (or is it?)
Recently uploaded
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Rizwan Syed
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
DianaGray10
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Kalema Edgar
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Curtis Poe
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
Manik S Magar
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
Alfredo García Lavilla
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Miki Katsuragi
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
hariprasad279825
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Stephanie Beckett
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Dilum Bandara
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Mark Simos
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
comworks
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
RankYa
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Sergiu Bodiu
Recently uploaded
(20)
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
Harnessing the Power of Metadata for Security
1.
1© 2016 Gigamon.
All rights reserved. A Story about Metadata…......
2.
2© 2016 Gigamon.
All rights reserved. Harnessing the Power of Metadata for Security John Pollack Senior Sales Engineer, Gigamon
3.
3© 2016 Gigamon.
All rights reserved. First Some Context
4.
4© 2016 Gigamon.
All rights reserved. Consider First: There’s Too Much Data 4 Network Speed % of Data Consumable by Tools Signature- and Policy-Based Advanced AnalyticsSecurity Tools 1Gb 10Gb 40Gb 100Gb Network & Applications Infrastructure This is the BIG DATA problem: Volume of data accelerating faster than the ability of the tools to consume it
5.
5© 2016 Gigamon.
All rights reserved. Growth in the “Speed” of Data Time to process a single Ethernet frame on a 100Gbs link with minimum size packets 5©2016 Gigamon. All rights reserved.
6.
6© 2016 Gigamon.
All rights reserved. Real-time Threat Prevention Is Getting Harder PARTICULARLY FOR UNKNOWN THREATS Democratization of cyber threats! • 67.2 ns between packets at 10G • For unknown threats, just not enough time, knowledge, or context to make determination Too Little Time • Large established ecosystem of distributors for malware • Sophisticated kits &tools for rent • Front end, back end, and support infrastructure Too Many Bad Guys
7.
7© 2016 Gigamon.
All rights reserved. What Can Be Done?
8.
8© 2016 Gigamon.
All rights reserved. Remember The Attacker Lifecycle? GOAL IS TO BREAK THE CHAIN – NOT JUST TRY TO PREVENT IT 65432 Phishing & zero day attack Back door Lateral movement Data gathering Exfiltrate 1 Reconnaissance
9.
9© 2016 Gigamon.
All rights reserved. What Does It Take? TRIANGULATION THROUGH BIG DATA AND PREDICTIVE ANALYTICS • Specific to each organization • Requires data from across the entire organization Normal-ish Bad-ish Need to establish “Context” Need to understand “Intent” • Built from previous bad behavior, sandboxing, threat information feeds • Build out predictive models Triangulation against both Constant feedback loop
10.
10© 2016 Gigamon.
All rights reserved. BUT Context Is Hard To Derive A LABORIOUS AND INEFFICIENT EFFORT IN TODAY’S ENVIRONMENTS Slows Down Analysis, Slows Down Response, Slows Down The Feedback Cycle Consequences • Massive inefficiencies • Too much data • Less control • Performance impact • Different departments • Different access rights • Different formats • Agent requirements • Endpoints and servers • Applications • Switches, routers • Network appliances
11.
11© 2016 Gigamon.
All rights reserved. Leverage Network “Metadata”! CONTEXT AND ULTIMATELY FASTER TRIANGULATION User Device ApplicationCloud Virtual Physical The Network Is The Single Most Content Rich Source of Truth!
12.
12© 2016 Gigamon.
All rights reserved. Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and subject to change. The Case for Metadata Better Security Efficacy • Reduce massive volumes of data • Extract essential information for security tools to consume Faster Time to Detect • Analyze metadata versus raw packet streams over time • Discover suspicious threats and anomalous behavior Overcome Limited Reach • Security tools do not have access to valuable information in network • E.g.: access to AD server, authoritative DNS requests & responses Separate Signal from Noise • Security tools unable to decipher signal to noise in Big Data • Detect threats more efficiently
13.
13© 2016 Gigamon.
All rights reserved. How Can It Be Accomplished?
14.
14© 2016 Gigamon.
All rights reserved. The World of Network MetaData DNS query and response information User flow records and session information Kerberos and user login information Server, application connectivity information SSL certificate information HTTP request, response information DHCP query and response information URL access information
15.
15© 2016 Gigamon.
All rights reserved. Necessary and Sufficient? Metadata For Fast Approximation
16.
16© 2016 Gigamon.
All rights reserved. Necessary And Sufficient? Full Packet Stream For Homing In On Threats
17.
17© 2016 Gigamon.
All rights reserved. Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and subject to change. GigaSECURE’s Metadata Engine SPEEDING UP TRIANGULATION -> FASTER ANALYTICS Intrusion Detection System Data Loss Prevention Email Threat Detection IPS (Inline) Anti-Malware (Inline) Forensics GigaVUE-VM and GIgaVUE® Nodes Application Session Filtering SSL Decryption Inline Bypass Context and Intent-based Big Data Analytics NetFlow / IPFIX Generation Metadata Engine DNS query and response information DHCP query and response information URL access Information HTTP request, response information SSL certificate information Kerberos and user login information Server, application connectivity information User flow records and session information
18.
18© 2016 Gigamon.
All rights reserved. Consumers of Metadata NetFlow / IPFIX Generation Currently Available Currently Available In progress In progress In progress In progress
19.
19© 2016 Gigamon.
All rights reserved. Key Takeaways • Security will increasingly rely on building Context and Intent • Network based metadata followed by programmable packet data streams will become the simplest and most comprehensive approach to security analytics • Gigamon with its GigaSECURE® SDP is uniquely positioned to be the single, best source of both content rich metadata and programmable streams of packet data
20.
20© 2016 Gigamon.
All rights reserved. For More Information • GigaSECURE Security Delivery Platform - https://www.gigamon.com/products/technology/gigasecure • Metadata whitepaper – https://www.gigamon.com/sites/default/files/resources/whitepaper/wp- harnessing-the-power-of-metadata-for-security-4068.pdf
Download now