SlideShare a Scribd company logo

Data Consult Managed Security Services

Jad Bejjani, profile picture
Jad Bejjani

The document discusses cloud computing and network security, highlighting benefits like cost-effectiveness and faster deployments associated with owning versus leasing cloud infrastructure. It outlines various network security threats and introduces a Security Information and Event Management (SIEM) service for continuous monitoring and compliance. The document also details service packages, emphasizing features such as real-time monitoring, reporting, and forensic investigation support.

Technology
Related topics:
Managed Services Cloud Services Managed Services Cloud Services Managed Services Cloud Services Cloud ServicesNetwork Security
1 of 33
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
Services Description October 2014
AGENDA ● Cloud: ○ Own v/s Lease ○ Decentralization of IT ● Network Security: ○ Threats ○ Impact and Urgency ○ Cost of Breach ○ Logs ● Solution ○ Overview ○ Architecture ○ Packages ● Backup Slides
CLOUD
Cloud : Own versus Lease ● Own the asset: you can modify it as you please ● You can sell it whenever you want ● More economical on the long run ● High Investment - Depreciation ● Lower down payment ● Lower monthly payments ● Lower maintenance costs ● Ability to modify the offering at any time ● Ability to change asset every year or two ● Faster time to install ● No need for in-house expertise ● No rent space ● Increase or decrease capacity at will © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Cloud Services Deploy faster and easier Decrease budget and avoid vendor lock-in Lower footprint on your network Save on technology upgrades and maintenance Ensure compliance to regulatory mandates. Gartner defines cloud computing as “...a style of computing in which scalable and elastic IT-enabled © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission capabilities are delivered as a service using Internet technologies.”
Cloud: Decentralization of IT Users Data Application Tools Database Network OS Hardware On-Premises Users Data Application Tools Database Network OS Hardware IaaS Users Data Application Tools Database Network OS Hardware PaaS © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission Users Data Application Tools Database Network OS Hardware SaaS
SaaS: ROI Line item Cloud On-premise Initial license fee None Extensive Subscription fee Charged by usage None Maintenance fees Included Percentage of license fee Support costs Included Extra IT stang Significant reductions Significant Data center upkeep and maintenance None Large, ongoing Upgrade fees Included Significant © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
NETWORK SECURITY
Threats Trojan Horse File infection Spam email zero-day attacks Software vulnerabilities OS vulnerabilities Identify theft Mobile Loss © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission Phishing
Causes Ponemon Institute / Symantec - Cost of Data Breach Study 2014 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Impact and Urgency 4 3 2 3 2 2 1 1 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission 1 Business Process affected. Workaround available. Business Process stopped. Can bare minimal delay. Very hard workaround Business Process stopped. No work around Urgency Impact Any system minor degradation non-business critical. <50% of users impacted Any system degraded or partially unavailable. >50% of users impacted Any system unavailable. 100% of users impacted
Cost of Breach IBM Data Breach Statistics 2014 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Logs log /lôg läg/ - noun "a record of performance, events, or day-to-day activities" synonyms: record, register, logbook, journal, diary, chronicle, daybook, record book, ledger; SNMP ODBC WMI SDEE CPMI syslog netflow ssh native FIM Registry Monitor custom XML-based One Solution Vulnerability Scanner Configuration Management Asset Analytics Performance Monitoring Network Behaviour Analysis RDEP Forensics © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission Log Management
Log Management Functionality Log Management (LM) Security Information and Event Managment (SIEM) Log collection Collect all logs Collect security relevant logs + context data Log pre-processing Indexing, parsing Parsing (universal collection), normalization, categorization, enrichment Log retention Retain raw log data Retain parsed and normalized data Reporting Broad use reporting Focused reporting: security, asset, configuration... Analysis Full test analysis, tagging Real-time event correlation, threat scoring, event prioritization Alerting and notification Simple alerting on all logs Categorized focused alerting, user activity, dashboards, monitors, file integrity monitoring Other features High scalability of collection and storage Incident Management, analyst workflow, context analysis, forensics, configuration audit, application monitoring, compliance automation, vulnerability monitoring © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
SOLUTION SIEM as a Service
Solution Overview MSS is a Unified Security Management service that combines multiple security functions in a single console: ● SIEM (security information and event management) ● Secure Configuration Auditing ● Compliance Automation ● Contextual Forensic Analysis Network state and event data is collected continuously. The system deploys alert correlations schemes to identify suspicious activity that can develop into threats affecting your business. Network data collected is compressed and encrypted to avoid network congestion and ensure maximum security of your data. ‘... customers need to examine security event data in real time for internal and external threat management, and to collect, store, analyze and report on log data for incident response, forensics, and regulatory compliance…’ © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Architecture © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Key Components ● Full SIEM deployment with real-time security monitoring, historical analysis and event correlation ● 24x7 security and configuration device monitoring: IPS/Firewall/VPN/Servers/Virtual Environments; up to 160 different node types ● Customized web-portal dashboard to provide real-time reports and statistics ● Dedicated engineering consultants to support with forensic investigation and remediation ● Compliance and security risk reviews: PCI DSS, HIPAA, ISO27001/27002, COBIT, NIST800-53… ● Consulting Services - Security Posture Analysis and Recommendation ● Full Engineering and Management Services ‘...the technology provides real-time security monitoring, historical analysis, and other support for incident investigation and compliance reporting...’ © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Dashboards Online © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission Demo:
Summary Get Security Monitoring installed in minutes Low monthly subscription fees Scale very easily Leverage DataConsult’s expertise in security Ensure compliance to regulatory mandates. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Packages MSS feature MSS1 (Reporting) MSS2 (Premium) © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission MSSe (Consulting) MSSe+ (Managed) Log Collection X X X X Event Reporting X X X X Asset and Performance Monitoring X X X X Daily Security Status Reports X X X X Forensic Investigations X X X Configuration and Asset Management X X X Event Correlation X X X Network Behaviour Analysis X X X 24x7 Live Alert Monitoring & Notification X X X Monthly Health Reports X X X Compliance Automation X X Security Analysis and Recommendation X X Remediation and Control X Full Device Management X
Thank You
BACKUP SLIDES Screen Shots
Critical Events per Hour © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Denied Connections per Hour © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Alert Configuration © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Destination Blocking © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Destination Protocol © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
User by Protocol © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
BACKUP SLIDES References
MALicious softWARE Cisco Annual Security Report 2014 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Vulnerabilities Kaspersky Security Bulletin 2014 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
Mobile Device Theft Sophos Security Threat Report 2014 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission

More Related Content

PPTX
Data Consult - Managed Security Services
Jad Bejjani
 
PPTX
Network Security Offering by GSS America
Gss America
 
PDF
Open Source IDS Tools: A Beginner's Guide
AlienVault
 
PDF
Tips to Remediate your Vulnerability Management Program
BeyondTrust
 
PDF
SIEM brochure A4 8pp FINAL WEB
Merlin Govender
 
PDF
Assessing the Security of Cloud SaaS Solutions
Digital Bond
 
PDF
Unidirectional Security, Andrew Ginter of Waterfall Security
Digital Bond
 
PDF
How Linde identifies and tracks security incidents in its SAP systems. [Webinar]
akquinet enterprise solutions GmbH
 
Data Consult - Managed Security Services
Jad Bejjani
 
Network Security Offering by GSS America
Gss America
 
Open Source IDS Tools: A Beginner's Guide
AlienVault
 
Tips to Remediate your Vulnerability Management Program
BeyondTrust
 
SIEM brochure A4 8pp FINAL WEB
Merlin Govender
 
Assessing the Security of Cloud SaaS Solutions
Digital Bond
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Digital Bond
 
How Linde identifies and tracks security incidents in its SAP systems. [Webinar]
akquinet enterprise solutions GmbH
 

What's hot (20)

PDF
Gigamon U - Net Scouts Honor, Integrated Performance Monitoring & Forensic An...
Grant Swanson
 
PPTX
SAST Code Security Advisor for SAP [Webinar]
akquinet enterprise solutions GmbH
 
PDF
Micro-Segmentation for Data Centers - Without Using Internal Firewalls
ColorTokens Inc
 
PPTX
5 Essential Capabilities You Need to Tackle Cyber Threats
SolarWinds
 
PDF
Its Not You Its Me MSSP Couples Counseling
Atif Ghauri
 
PPTX
Information Security: Advanced SIEM Techniques
ReliaQuest
 
PPTX
Top 10 tips for effective SOC/NOC collaboration or integration
Sridhar Karnam
 
PDF
AccelOps &amp; SOC-NOC Convergence
Stephen Tsuchiyama
 
PDF
ITrust Security Operating Center (SOC) - Datasheet EN
ITrust - Cybersecurity as a Service
 
PPTX
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
SolarWinds
 
DOCX
Ambesh
Ambesh Sharma
 
PPT
Security Outsourcing - Couples Counseling - Atif Ghauri
Atif Ghauri
 
PPTX
Using Assessment Tools on ICS (English)
Digital Bond
 
PPTX
SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...
akquinet enterprise solutions GmbH
 
PPTX
Information Assurance Metrics: Practical Steps to Measurement
EnclaveSecurity
 
PPTX
PRESENTATION ON PLC AND SCADA
AnandKumarJha33
 
PDF
Unidirectional Network Architectures
EnergySec
 
PPTX
SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...
akquinet enterprise solutions GmbH
 
PPTX
Using a Network Model to Address SANS Critical Controls 10 and 11
Skybox Security
 
PPSX
Next-Gen security operation center
Muhammad Sahputra
 
Gigamon U - Net Scouts Honor, Integrated Performance Monitoring & Forensic An...
Grant Swanson
 
SAST Code Security Advisor for SAP [Webinar]
akquinet enterprise solutions GmbH
 
Micro-Segmentation for Data Centers - Without Using Internal Firewalls
ColorTokens Inc
 
5 Essential Capabilities You Need to Tackle Cyber Threats
SolarWinds
 
Its Not You Its Me MSSP Couples Counseling
Atif Ghauri
 
Information Security: Advanced SIEM Techniques
ReliaQuest
 
Top 10 tips for effective SOC/NOC collaboration or integration
Sridhar Karnam
 
AccelOps &amp; SOC-NOC Convergence
Stephen Tsuchiyama
 
ITrust Security Operating Center (SOC) - Datasheet EN
ITrust - Cybersecurity as a Service
 
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...
SolarWinds
 
Ambesh
Ambesh Sharma
 
Security Outsourcing - Couples Counseling - Atif Ghauri
Atif Ghauri
 
Using Assessment Tools on ICS (English)
Digital Bond
 
SAST Threat Detection: What you stand to gain from intelligent, SAP real-time...
akquinet enterprise solutions GmbH
 
Information Assurance Metrics: Practical Steps to Measurement
EnclaveSecurity
 
PRESENTATION ON PLC AND SCADA
AnandKumarJha33
 
Unidirectional Network Architectures
EnergySec
 
SAP Security Dashboards: Gain complete transparency for your SAP systems. [We...
akquinet enterprise solutions GmbH
 
Using a Network Model to Address SANS Critical Controls 10 and 11
Skybox Security
 
Next-Gen security operation center
Muhammad Sahputra
 
Ad

Viewers also liked (20)

PPTX
Managed Security Services Overview
Lordsview_industrial_park
 
PDF
Building a Security Architecture
Cisco Canada
 
PDF
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
PPTX
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
DataExchangeAgency
 
PDF
ICT Security: Defence strategies against targeted attack
Daniele Bellavista
 
PPTX
IDC Cloud Security and Managed Services Conference Riyadh KSA
Jorge Sebastiao
 
PDF
AGC Networks’ Profile
AGC Networks Ltd
 
PDF
Cisco contact center
Cisco Canada
 
PPTX
IBM Security Strategy
Camilo Fandiño Gómez
 
PDF
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Global Business Events
 
PPTX
Tapping into the Growth Goldmine: Why MSPs Should Join Peer Groups
eFolder
 
PPTX
Real Time Target Marketing
Brad Andersohn
 
PPTX
Pulseras de cuero
Agustin Flores
 
PDF
Promat Oil & Gas Brochure
Prasad Mandava
 
PPT
Europroperties Web Tv Presentation
UnitrustMedia
 
PPTX
Presentación monica botero
Ramón Mejía
 
PPTX
All about me gareth rollason
mdhih123
 
PDF
Presentacion Memoria Jung Mayo 2015
Escuela de Emprendedores Jung
 
PDF
Exploding Brand Value at the Local Level Revisited
Saepio Technologies
 
PDF
Loesungen fuer die Hydraulik
Christian Holder
 
Managed Security Services Overview
Lordsview_industrial_park
 
Building a Security Architecture
Cisco Canada
 
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
FROM STRATEGY TO ACTION - Vasil Tsvimitidze
DataExchangeAgency
 
ICT Security: Defence strategies against targeted attack
Daniele Bellavista
 
IDC Cloud Security and Managed Services Conference Riyadh KSA
Jorge Sebastiao
 
AGC Networks’ Profile
AGC Networks Ltd
 
Cisco contact center
Cisco Canada
 
IBM Security Strategy
Camilo Fandiño Gómez
 
Kevin Watkins, Enterprise Security Architect at BAT - BAT’s Managed Security ...
Global Business Events
 
Tapping into the Growth Goldmine: Why MSPs Should Join Peer Groups
eFolder
 
Real Time Target Marketing
Brad Andersohn
 
Pulseras de cuero
Agustin Flores
 
Promat Oil & Gas Brochure
Prasad Mandava
 
Europroperties Web Tv Presentation
UnitrustMedia
 
Presentación monica botero
Ramón Mejía
 
All about me gareth rollason
mdhih123
 
Presentacion Memoria Jung Mayo 2015
Escuela de Emprendedores Jung
 
Exploding Brand Value at the Local Level Revisited
Saepio Technologies
 
Loesungen fuer die Hydraulik
Christian Holder
 
Ad

Similar to Data Consult Managed Security Services (20)

PDF
SANS Log Management 1
laurenfortune
 
PDF
Big Iron to Big Data Analytics for Security, Compliance, and the Mainframe
Precisely
 
PPTX
Manage services presentation
Len Moncrieffe
 
PDF
Axxera Security Solutions
akshayvreddy
 
PDF
IBM Infosphere Guardium - Database Security
ebuc
 
PDF
SCOM 2007 & Audit Collection Services
OlivierMichot
 
PPTX
Security Information and Event Management (SIEM)
hardik soni
 
PDF
Securing your IT infrastructure with SOC-NOC collaboration TWP
Sridhar Karnam
 
PPT
Why Use Wes Tech Solutions
doughold
 
PPT
Why Use Westech Solutions
Jhugueno
 
PDF
IBM InfoSphere Guardium overview
nazeer325
 
PDF
Presentation topic for Philippines SAP user group forum
William Ho (何添福)
 
PDF
Maceo Wattley Contributor Infosec
Dr. Maceo D. Wattley
 
PDF
Preventing The Next Data Breach Through Log Management
Novell
 
PDF
Big security for big data
Giuliano Tavaroli
 
PPTX
It security cognic_systems
Cognic Systems Pvt Ltd
 
PPTX
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
IBM Security
 
PDF
Building Security Operation Center
S.E. CTS CERT-GOV-MD
 
PPTX
IBM i Security SIEM Integration
Precisely
 
PPT
Ch10 Conducting Audits
Information Technology
 
SANS Log Management 1
laurenfortune
 
Big Iron to Big Data Analytics for Security, Compliance, and the Mainframe
Precisely
 
Manage services presentation
Len Moncrieffe
 
Axxera Security Solutions
akshayvreddy
 
IBM Infosphere Guardium - Database Security
ebuc
 
SCOM 2007 & Audit Collection Services
OlivierMichot
 
Security Information and Event Management (SIEM)
hardik soni
 
Securing your IT infrastructure with SOC-NOC collaboration TWP
Sridhar Karnam
 
Why Use Wes Tech Solutions
doughold
 
Why Use Westech Solutions
Jhugueno
 
IBM InfoSphere Guardium overview
nazeer325
 
Presentation topic for Philippines SAP user group forum
William Ho (何添福)
 
Maceo Wattley Contributor Infosec
Dr. Maceo D. Wattley
 
Preventing The Next Data Breach Through Log Management
Novell
 
Big security for big data
Giuliano Tavaroli
 
It security cognic_systems
Cognic Systems Pvt Ltd
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
IBM Security
 
Building Security Operation Center
S.E. CTS CERT-GOV-MD
 
IBM i Security SIEM Integration
Precisely
 
Ch10 Conducting Audits
Information Technology
 

Recently uploaded (20)

PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
PDF
KodekX | Application Modernization Development
KodekX
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PPTX
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
KodekX | Application Modernization Development
KodekX
 
Cloud computing and distributed systems.
kkkkkhan
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Teaching material agriculture food technology
LiaRayya
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Understanding_Digital_Forensics_Presentation.pptx
ImranKhan423233
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
MYSQL Presentation for SQL database connectivity
Swati270511
 

Data Consult Managed Security Services

  • 2. AGENDA ● Cloud: ○ Own v/s Lease ○ Decentralization of IT ● Network Security: ○ Threats ○ Impact and Urgency ○ Cost of Breach ○ Logs ● Solution ○ Overview ○ Architecture ○ Packages ● Backup Slides
  • 4. Cloud : Own versus Lease ● Own the asset: you can modify it as you please ● You can sell it whenever you want ● More economical on the long run ● High Investment - Depreciation ● Lower down payment ● Lower monthly payments ● Lower maintenance costs ● Ability to modify the offering at any time ● Ability to change asset every year or two ● Faster time to install ● No need for in-house expertise ● No rent space ● Increase or decrease capacity at will © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 5. Cloud Services Deploy faster and easier Decrease budget and avoid vendor lock-in Lower footprint on your network Save on technology upgrades and maintenance Ensure compliance to regulatory mandates. Gartner defines cloud computing as “...a style of computing in which scalable and elastic IT-enabled © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission capabilities are delivered as a service using Internet technologies.”
  • 6. Cloud: Decentralization of IT Users Data Application Tools Database Network OS Hardware On-Premises Users Data Application Tools Database Network OS Hardware IaaS Users Data Application Tools Database Network OS Hardware PaaS © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission Users Data Application Tools Database Network OS Hardware SaaS
  • 7. SaaS: ROI Line item Cloud On-premise Initial license fee None Extensive Subscription fee Charged by usage None Maintenance fees Included Percentage of license fee Support costs Included Extra IT stang Significant reductions Significant Data center upkeep and maintenance None Large, ongoing Upgrade fees Included Significant © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 9. Threats Trojan Horse File infection Spam email zero-day attacks Software vulnerabilities OS vulnerabilities Identify theft Mobile Loss © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission Phishing
  • 10. Causes Ponemon Institute / Symantec - Cost of Data Breach Study 2014 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 11. Impact and Urgency 4 3 2 3 2 2 1 1 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission 1 Business Process affected. Workaround available. Business Process stopped. Can bare minimal delay. Very hard workaround Business Process stopped. No work around Urgency Impact Any system minor degradation non-business critical. <50% of users impacted Any system degraded or partially unavailable. >50% of users impacted Any system unavailable. 100% of users impacted
  • 12. Cost of Breach IBM Data Breach Statistics 2014 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 13. Logs log /lôg läg/ - noun "a record of performance, events, or day-to-day activities" synonyms: record, register, logbook, journal, diary, chronicle, daybook, record book, ledger; SNMP ODBC WMI SDEE CPMI syslog netflow ssh native FIM Registry Monitor custom XML-based One Solution Vulnerability Scanner Configuration Management Asset Analytics Performance Monitoring Network Behaviour Analysis RDEP Forensics © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission Log Management
  • 14. Log Management Functionality Log Management (LM) Security Information and Event Managment (SIEM) Log collection Collect all logs Collect security relevant logs + context data Log pre-processing Indexing, parsing Parsing (universal collection), normalization, categorization, enrichment Log retention Retain raw log data Retain parsed and normalized data Reporting Broad use reporting Focused reporting: security, asset, configuration... Analysis Full test analysis, tagging Real-time event correlation, threat scoring, event prioritization Alerting and notification Simple alerting on all logs Categorized focused alerting, user activity, dashboards, monitors, file integrity monitoring Other features High scalability of collection and storage Incident Management, analyst workflow, context analysis, forensics, configuration audit, application monitoring, compliance automation, vulnerability monitoring © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 15. SOLUTION SIEM as a Service
  • 16. Solution Overview MSS is a Unified Security Management service that combines multiple security functions in a single console: ● SIEM (security information and event management) ● Secure Configuration Auditing ● Compliance Automation ● Contextual Forensic Analysis Network state and event data is collected continuously. The system deploys alert correlations schemes to identify suspicious activity that can develop into threats affecting your business. Network data collected is compressed and encrypted to avoid network congestion and ensure maximum security of your data. ‘... customers need to examine security event data in real time for internal and external threat management, and to collect, store, analyze and report on log data for incident response, forensics, and regulatory compliance…’ © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 17. Architecture © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 18. Key Components ● Full SIEM deployment with real-time security monitoring, historical analysis and event correlation ● 24x7 security and configuration device monitoring: IPS/Firewall/VPN/Servers/Virtual Environments; up to 160 different node types ● Customized web-portal dashboard to provide real-time reports and statistics ● Dedicated engineering consultants to support with forensic investigation and remediation ● Compliance and security risk reviews: PCI DSS, HIPAA, ISO27001/27002, COBIT, NIST800-53… ● Consulting Services - Security Posture Analysis and Recommendation ● Full Engineering and Management Services ‘...the technology provides real-time security monitoring, historical analysis, and other support for incident investigation and compliance reporting...’ © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 19. Dashboards Online © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission Demo:
  • 20. Summary Get Security Monitoring installed in minutes Low monthly subscription fees Scale very easily Leverage DataConsult’s expertise in security Ensure compliance to regulatory mandates. © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 21. Packages MSS feature MSS1 (Reporting) MSS2 (Premium) © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission MSSe (Consulting) MSSe+ (Managed) Log Collection X X X X Event Reporting X X X X Asset and Performance Monitoring X X X X Daily Security Status Reports X X X X Forensic Investigations X X X Configuration and Asset Management X X X Event Correlation X X X Network Behaviour Analysis X X X 24x7 Live Alert Monitoring & Notification X X X Monthly Health Reports X X X Compliance Automation X X Security Analysis and Recommendation X X Remediation and Control X Full Device Management X
  • 24. Critical Events per Hour © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 25. Denied Connections per Hour © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 26. Alert Configuration © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 27. Destination Blocking © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 28. Destination Protocol © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 29. User by Protocol © Copyright 2012 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 31. MALicious softWARE Cisco Annual Security Report 2014 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 32. Vulnerabilities Kaspersky Security Bulletin 2014 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission
  • 33. Mobile Device Theft Sophos Security Threat Report 2014 © Copyright 2014 DATACONSULT All rights reserved. No part of this presentation in all its property may be used or reproduced in any form without a written permission