“The Enterprise Security Portfolio – from Virus Protection and Firewalls to Data Loss Prevention and Advanced Persistent Threats – A Technological Survey”
ABSTRACT: We all can certainly agree that the security landscape for the enterprise is becoming increasingly complex and is changing at a dramatic pace. Matters become even more so when adding the ubiquitous topics of virtualization and SDN (Software Defined Networking). This presentation seeks to offer a high-level customer perspective overview of the security tool landscape with an eye toward the virtualized environment. The idea is not to go in-depth into any one topic but to discuss how the pieces fit together and the risk versus reward proposition. The list of security layers to be discussed starts with antivirus, firewall with VLAN network segmentation, SSL (Secure Socket Layer) certs for encrypted communication, identity services and port level security, and continues with the more recent technologies of IPS (Intrusion Protection Systems), automated penetration and vulnerability analysis, DLP (Data Loss Prevention), zero day threat mitigation, Next Generation Firewalls for APT (Advanced Persistent Threat) protections. The full security portfolio rounds out with IPAM (IP Administration and Management), Secure DNS, password policies, multifactor authentication, password lockers, social engineering training, and development of an Enterprise Security Policy, including response management and escalation. Finally, the impact that virtualization, micro-segmentation, software defined networking, and monitoring has on your network security strategy.
Patrick Turner – Chief Information Officer, Schoolcraft College