PACKETVIPERNEXT-GENERATION GEO-IP FILTER

WHAT YOU THINK YOUR FIREWALL CAN DO, BUT CAN’T.

STARTING SOON

PACKETVIPERNEXT-GENERATION GEO-IP FILTER

WHAT YOU THINK YOUR FIREWALL CAN DO, BUT CAN’T.

1. The Problem

2. How did we get here?

3. Getting a different perspective

4. Introducing Next-Gen Geo-IP Filtering

AGENDA

VOLUME: The volume of traffic which is entering the security environment is unprecedented and forces security professionals to pack on multitudes of security technologies in the effort to make sense of this traffic.

LIMITATIONS: Today even with all tools within firewalls there is much that is unknown and in many cases goes unnoticed for a long periods of time.

CHALLENGES

PORTS: Open ports are the doorways to your secure perimeter. Behind open ports, there are applications and services listening for inbound packets, waiting for connections from the outside.

VISIBILITY: The reality is, we do not know what open ports are on at given time. Consequently, it is difficult to assess the security risk associated with open ports, and even more difficult to mitigate them

CHALLENGES

A Firewall is considered a first line of defense; it cannot, be considered the only such line.

ATTACKER ACCESSIBILITY: Today there are large pools (millions and millions) of compromised hosts sitting in homes, schools, businesses, and governments around the world provide the ability for attackers to stay small, nimble, and are challenging to track.

GLOBAL ECONOMY: Today’s global economy makes it extremely challenging when placing geographical restriction. It forces security teams to permit most traffic to secure portals

CHALLENGES

No such thing as a silver bullet security solution!

‣ Forced to open ports for sensitive portals

‣ Increased restrictions become an administrative challenge or introduces latency

‣ Difficult to understand who or what is using port or if the port is needed.

‣ Logging, Alerting, Reporting with inability to act in a timely and decisive manner

‣ Quick determination of “good” from “bad”

‣ Not understanding the global economy footprint

PROBLEMS

‣ Staying on top of (rarely in front) the latest threats to a business can be a significant investment in resources and technology

‣ Cyber security is complex. Managing the myriad of security solutions within an

organization can be challenging to say the least.

‣ Organizations may not know whether a security breach has taken place for 30-45 days.

‣ This problem only grows as a business gets larger.

THREATS

There are no crystal balls which can identify threats of the future

‣ Zombies, bots, and proxies are located everywhere around in the world.

‣ The power of the attacker is their ability to stay small through the security environment.

‣ Hackers are using this ability to distract and destruct in mass amounts by using a bot army.

‣ It is true the best defense against bots, zombies, and proxies is intelligence, but firewalls can not reduce a bot army into a platoon size force.

ZOMBIES, BOTS, PROXIES

TODAYFTP

MAIL

WWW

VPN

SSH

TELN

IMAP

FTP

MAIL

WWW

VPN

SSH

TELN

IMAP

FIREWALL

L O G G I N G

TRAFFIC VOLUME

FTP

MAIL

WWW

VPN

SSH

TELN

IMAP

F W

I D S / I P S

S PA M /W E B F / W

S I E M

U T M

1. Reducing Traffic Volume

2. Simple Company Filtering

3. Actionable Reporting and Logging

4. Triggering and Honeypots

5. Rules Analysis

THE FIVE THINGS YOUR FIREWALL ISN’T DOING

TRAFFIC VOLUME

Problem: The volume of traffic which is entering the security environment is unprecedented and forces security professionals to pack on multitudes of security technologies in the effort to make sense of this traffic.

Benefits: Eliminating the volume has a ripple effective throughout the security environment.

‣ Less alerting ‣ Less storage ‣ Less risk ‣ Faster Detection and Visibility ‣ Less management time ‣ Higher percentage of legitimate traffic ‣ better firewall performance

COMPANY FILTERINGNot addressing the company aspects of geo-filtering makes it too cumbersome, clunky, and unmanageable. The fact is businesses can be located any where on the planet and you must have a tool that can address the global economy.

Being able to address to enable and disable global businesses, allows the user to turn off parts of the world, while allowing the select businesses through. This shrinks the risk from that country while not impeding with the users business.

‣ Granular Filtering ‣ Lessens Exposures ‣ Addresses Global Economy ‣ Block countries, allow businesses

ACTIONABLE REPORTING AND LOGGING

Today there are a multitude of reporting solutions which provide dynamic reporting. They come in all different shapes and colors. The problem has always been having the ability to instantly take a action from the reports or logs. Today most security devices are disconnected from the reporting and logging modules.

Attaching the reporting and logging systems to the rules engines gives instant operational control over the traffic in question. Providing the complete details of the traffic and not just an IP is vital in determining friend from foe.

‣ Immediate Traffic Understanding ‣ Better response ‣ Faster Operational Decisions

TRIGGERING AND HONEYPOTS

Today attackers use probes to identify exposures for vulnerabilities to launch attacks with. They complete network ranges to these gaps and test your limits. Being able to identify probes from none probes is vital in limiting their attack surface.

Having the ability to trigger based on probes, from anywhere around the world helps identify bots, zombies, and potential threats when this occurs. Lessening the attackers visibility provide a more difficult to network to breach.

This also provides valuable intelligence into where the hotspots are and provides an easier ability to restrict those areas further. Lower your risk.

RULES ANALYSIS

At times its difficult to understand or locate the rules which may be impeding or allowing traffic from within the security device. Getting to the root cause is vital and being able to react to the issue as quickly is just as important.

A simple method to identify rules geo-graphically with the security device and which is exposing or denying. A single method to bring you to complete understanding and the ability to act upon your discovery.

PACKETVIPERNEXT GENERATION GEO-IP FILTER

FRANCESCO TRAMA - CO-FOUNDER

PACKETVIPER - BASED IN PITTSBURGH PA

▸ Next Generation Geo-IP Filter

▸ Inline device that replaces nothing

▸ Bi-directional per-port company and country filtering

▸ 5 min install

▸ Patented Geo-IP filtering

WHAT IS PACKETVIPER?

Geo Location Data

Rules Management

Logging & Reporting Engine

WHERE DOES IT FIT?

DMZ

PACKETVIPER

ANY FIREWALL

PROTECTED LAN

COUNTRY / COMPANY / NETWORK / IP / PORT

COUNTRY / COMPANY / NETWORK / IP / PORT

HOW DOES IT WORK?

REDUCES LOADS THROUGH ENTIRE SECURITY PROCESS

FTP

MAIL

WWW

VPN

SSH

TELN

IMAP

FIREWALL

FTP

MAIL

WWW

VPN

SSH

TELN

IMAP

PACKETVIPER

5min

10days

25% Load, volume & threats reduction

Installation

Free use and audit

Try our FREE 5*10*25 Program

http://go.packetviper.com/5-10-25

PACKETVIPERwww.packetviper.com

855-758-4737

sales@packetviper.com