Los ataques de baja y lentitud en el tráfico cifrado (HTTP sobre SSL / TLS) no son detectables por la mayoría de los dispositivos de mitigación de DDoS (o servicios), ya que para manejar eso necesitan A) tráfico simétrico; B) hardware de descifrado SSL; y C) las claves de cifrado privadas del sitio web.
Incluso cuando cumplen con los requisitos anteriores, los dispositivos de mitigación DDoS que funcionan en Bridge Mode no pueden lidiar con el cifrado basado en Perfect Forward Secrecy (PFS) que obliga a los sitios web a utilizar cifrados más antiguos y menos seguros, lo que afecta la clasificación de seguridad del sitio web y aumenta los riesgos .
32. Click to edit master title style
• Digital
Transformation
• Cloud
• Customer
Experience
• Next Generation
Security
33. Asi que…¿Qué debe hacer?
1. Defina una estrategia integral de seguridad de punta a
punta: no por partes
2. Asegurese de inspeccionar TODO el tráfico,
incluyendo SSL
3. Asegure la aplicación, no solo el perimetro
4. Evangelice & genere una cultura de seguridad:
• La seguridad es responsabilidad de TODOS, no solo el CISO
5. Establezca las Alianzas correctas
Notas del editor
Time is the most precious asset we have. And so first, I must sincerely thank you for investing your time here today. I do not make this imposition lightly. I believe that today marks a momentous time; a tipping point in our economy, our industry, and our careers. Today is not only relevant and important, but also very brief and so the quick decisions we make today will have an impact for our businesses to come.
Something big is happening.
You sense it in the workplace. You feel it in your bones when you talk to your kids. **can’t miss it when you read the newspapers or watch the news.
Our lives are being transformed – disrupted at a breathtaking pace.
We’ve been disrupted before.
Word processing disrupted the typewriter, Napster and Pandora and Spotify, the music industry
And, the Web – forever disrupted the newspaper industry. All these disruptions have allowed us to do many different things… but also, have pushed us to STOP doing many others!...
Adjusting the TV Antenna. Cable, Satellite, Netflix and Apple TV.
I no longer drive to the office to check my email. Remote access and VPN changed all of that.
I don’t pull over on the side of the road to make a call.
Apparently no one else does either.
And while I’d like to tell you that I no longer ask people for directions thanks to the miracle of my smartphone (or Google Maps)
This may be a bad example, my wife says that NEVER asked for directions, but you get the idea
You don’t carry those CD packs with either videos, music of information…
And, when was the last time you searched for an ethernet port on the wall to connect your PC?
And when it comes to work … For the last 15 years, I have been selling products and solutions and services to CIOs.
“Do you have five minutes so that I can show you my data center?”
To watch them beaming with pride as they talked about how many servers and switches and routers they supported.
Gushed about battery backup the chaotic patch panels, the wire trays the BTUs of cooling the fire prevention system and the raised floor and the plenum cables.
…that is until about a year ago when this pride suddenly turned to sheepishness. Having an exotic data center was no longer a badge of honor, but more often a mark of slow-footedness.
Today, if someone wants to take me on a tour of their data center, it’s usually to show me the newly empty racks.
Somehow the pride that one got from building these monuments of technology has somehow now been replaced with pride of their dismantlement.
Of course, the technology that is driving these changes is Cloud Computing.
But unlike other transformations the landline telephone to the smartphone
or the mainframe to the networked PC
these took 10-20-30 years
The cloud is coming at us much faster; really fast and feels more like a lightning strike than an evolution.
Of course, the technology that is driving these changes is Cloud Computing.
But unlike other transformations the landline telephone to the smartphone
or the mainframe to the networked PC
these took 10-20-30 years
The cloud is coming at us much faster; really fast and feels more like a lightning strike than an evolution.
It's an application world.
Applications drive your business, whether you are an enterprise, service provider, or cloud hosting service, your business runs on applications
So, when your applications get hacked, don’t work, or are too slow, business stops; you lose your customer’s trust, and the cost is tremendous, in fact
Our core belief is that applications are the gateway to your data.
Coupling app-centric-threats with this multi-cloud attack surface, attacker intend to disrupt your businesses applications, ultimately so they can impact the confidentiality, integrity, and availability of your applications and, most importantly, your data.
But data breaches are just a symptom of a larger problem.
The question is, why is security broken?
The answer:
We’re still approaching security with a decades-old mindset
that focuses on location-based protection—building walls and barriers.
(Note: the red circle represents a traditional perimeter-based approach to security.)
This has led many companies to invest heavily in network-based and specialized security solutions, for example, next generation firewalls, data loss prevention (DLP), Advanced Persistent Threat (APT) solutions, Intrusion detection and intrusion protection (IDS/IPS) systems; anti-virus solutions.
It’s not that these solutions aren’t useful or necessary; they are—each one has its purpose. But, by themselves, they just aren’t adequate anymore.
Many are blind to today’s threats, and they’re unable to provide insight into what’s happening with your application. That’s because they were never designed to do that.
And consider this: How many employees are directly connected to your corporate network anymore?
Very few. Virtually every worker is mobile at some point during the workday, and your fully-remote users are never directly connected.
With the prevalence of cloud-based and SaaS apps, many workers can complete an entire day’s work without ever connecting to the corporate network.
These users, who are mostly outside of your network now, pose an even greater risk to your company because they’re sharing company data using devices, networks, and applications that are beyond your control.
____________________________________________
What’s the result? (Where does that leave us today?)
We’re protecting the wrong things.
Today’s threat landscape has shifted:
[click]
The fact is, only 28% of today’s attacks target the network…
... yet 90% of today’s security budget still goes toward protecting the network.
Yet ECC is exactly what Firefox uses and Chrome and gmail and what the iPhone uses for messaging. It is also quickly becoming the media of choice for the world’s bad actors, black hats and hackers.
77% of traffic on the internet is encrypted according to Google.
Meaning the traditional perimeter is blind to 3/4s of the emerging application threats.
Encryption is a growing problem for many companies because the specialized security solutions they have invested so heavily in are not able to decrypt traffic at all (or not without degrading performance by up to 85%).
[click]
Hackers know this and use it to their advantage to hide malware and other threats.
[click]
That means traditional security solutions are blind to the majority of today’s threats.
[click]
And, without the ability to alert you to such threats, they’re virtually ineffective.
This is one of the primary reasons data theft continues to be such a challenge. ________________________________________________________
So, if:
the attack targets have shifted and we’re protecting the wrong things
our budgets are misaligned, and
our data is increasingly at risk because we’re blind to new threats…
[Click]
But the way that people deploy their applications is changing.
This is the future. I know this because if I take a realistic inventory of the things that my customers have told me over the years I’ve been selling. The things they told hated, no matter what company I was working for, that laundry list would sound like:
There are three essential elements you must have for security:
Visibility: A fundamental principle of security is that you can’t protect what you don’t know. To “know,” you first have to be able to “see.” That means you need visibility into all your application traffic.
[click]
Context: Visibility is essentially meaningless without context—an understanding of all the characteristics of the applications you’re protecting and the “outside forces” that can affect your ability to protect them. Context is what enables insight.
[click]
Control: Once you have context, it’s essential you have the ability to apply the right security controls. Without control, it doesn’t matter how much visibility or context you have.
So, it’s the combination of these three that enables effective security.
F5 provides all three.
F5’s unique architecture enables us to provide the visibility, context, and control that are required to secure your applications.
We are situated between users and applications and see all traffic that passes between them—no matter where the user is or where the application is. We’re not only able to see all traffic, we manage and control every interaction (session).
That gives us deep visibility into each interaction between a user and an application. For example, we verify:
who the user is
the type of device they’re using
the health of that device
The user’s location
the user’s typical behavior patterns
the type of network connection
the health and availability of the application
the “expected” behavior of the application, and more
We also look at:
the relative importance of an application
its impact to the organization
the sensitivity of the data it handles (for instance, credit card information, social security numbers, or medical records), and more
Together, these multiple data points provide context—an additional level of intelligence—that enables you to assess risk and make informed decisions about what kind of policies to create and security controls to apply based on that context.
The more context you have, the more accurately you can assess risk and apply the correct controls (for example, deciding whether to grant or deny a user access to an application based on their current context or requiring additional levels of access control to highly sensitive applications).
Partnerships are key to customer success, and that means F5 success. It’s important that F5 and partner technology solutions work together. We do the work so that customers don’t have to. One can see the breadth of our partnership here. We invest in specific areas: Network/SDN, Cloud, Security, Integrated Systems, Applications and Service Provider. How do we select partners?
By wanting market trends and talking to customers. Today we see customer needs shifting technological advances disrupting solution design, data center design and business models, manifesting in new opportunities (strategic imperatives?) for F5 partnering
Partnerships are key to customer success, and that means F5 success. It’s important that F5 and partner technology solutions work together. We do the work so that customers don’t have to. One can see the breadth of our partnership here. We invest in specific areas: Network/SDN, Cloud, Security, Integrated Systems, Applications and Service Provider. How do we select partners?
By wanting market trends and talking to customers. Today we see customer needs shifting technological advances disrupting solution design, data center design and business models, manifesting in new opportunities (strategic imperatives?) for F5 partnering
We are at an inflection point! This moment, the intersection of these macro trends, is happening. The actions you take today to protect your applications, your data…. Your business…. Will define if you are making history or becoming history. So the time is now: Protect your apps!
Thank You!