S E C U R E

Document Sample
S E C U R E Powered By Docstoc
					  The Next Generation
       Firewall
       Dan Thomsen
thomsen@securecomputing.com


  SECURE
  COMPUTING
SECURE
COMPUTING



    Gauntlet Acquisition Completed
    February 26, 2002
    Technology merger in progress




                       2
SECURE
COMPUTING

      What We                        What We
       Bought                         Didn’t
 § Approximately 4,000          § The e-ppliance 100
   new customer                   and under family
   relationships
 § Most are Solaris users       § The PGP VPN client
   30%+ of the total are
   e-ppliance users
                                § NAI Labs
 § A mix of license types
   perpetual,
                                § The NAI reseller
   subscription,
                                  contracts
   enterprise (TNS),
   source code, etc.
                                § No competition
 § 26 Gauntlet engineers
                                  (of course)
   hired (development
   and back-end support)


                            3
SECURE
COMPUTING              Analysts Comments
  “The Gauntlet acquisition presents Secure Computing with an
  opportunity to demonstrate the superior application protection
  offered by proxy firewalls.”
         Richard Steinnon
         Research Director Security
         Gartner

  “Secure Computing is the natural choice for Gauntlet customers.
  Sidewinder and Gauntlet are true peers in the enterprise firewall
  market …this acquisition enhances Secure Computing's security
  offerings, increases its market share, and provides it with a robust
  new partnership.”
         Charles Kolodgy
         Research Manager
         Internet Security Software
         IDC




                                      4
SECURE          Gauntlet Customer Support
COMPUTING



      Knowledge Base
      n   The Gauntlet customer “knowledge base”
          is available on our web site.
      Patch Services
      n   Secure Computing has released twenty
          Gauntlet patches since February 25th.
      n   Both old and new Gauntlet patches &
          upgrades are available on SCC web site.


                           5
SECURE
COMPUTING               Developing a plan
  In-Depth Consultations with
     Outside Experts

  § Industry analysts                       § Dell-Intel
        Aberdeen Group, Gartner, Giga
          Information Group, IDC,                  Hardware & processors
          META Group
                                            § Wind River
  § Financial analysts                             BSD OS and hardware
                                                   Driver support
  § Sun Microsystems                               Processor chip support
        Solaris OS & Sun hardware &                  (Intel, SPARC,
          processors                                 PowerPC, etc.)


                                        6
SECURE
COMPUTING             Developing a plan
    § Customer Meetings
       Hundreds of face-face meetings all over the world
       §



    § Channel Partner Meetings
       Fifty or more NAI channel partner discussions
       §



    § Market Research
       §   Our combined marketing teams - present SCC product
           marketing staff + former NAI staff …
       §   Jointly updated our research on the firewall market
       §   A new look at where we are, and where we want to be




                                  7
SECURE
COMPUTING              Firewall Forum
      n   Secure Computing contracted with specialty firm
          CompanyWay.com to host and moderate the
          event, and to summarize the results
      n   April 24 – May 8, 2002 (two weeks - 24 X 7)
      n   We invited over 400 of the largest Sidewinder &
          Gauntlet customers
      n   Following is a sample of the data …




                               8
SECURE
COMPUTING                Firewall Forum
   Organizational Roles                 Products Used
    53% Technical leads/senior
        engineers                     54% Gauntlet users
    33% Security administrators         43% Gauntlet software
        in IT                           11% E-ppliance users
     5% Corporate officers
     9% Other
                                      46% Sidewinder users
                                        43% Sidewinder software
                                         3% Sidewinder Appliance
                                             (just released)




                                  9
SECURE
COMPUTING        Firewall Forum
        According to our survey…

     Application Proxies - very important
     n 99% said important or very important


     Stateful Packet Filters – very important
     n 79% said important or very important




                       10
SECURE
COMPUTING        Firewall Forum
        According to our survey…
      HTTP Proxy – important and growing
      n 64% said important or very important

        today
      n 74% said important in the future




                       11
SECURE
COMPUTING          Firewall Forum
          According to our survey…
    Secure UNIX – very important
      n   82% said important or very important

                     …we wouldn’t think of
                     doing it any other way.


                         12
SECURE
COMPUTING                Firewall Forum
          According to our survey…
    Firewall Anti-virus Scanning
      n   38% said important or very important today
      n   35% said not Important today
      n   52% said important in the future
      A lot of Forum discussion on this topic
      “The firewall should be a firewall and that’s all.”
      But others say
      “Virus scanning on the firewall is essential.”



                                  13
SECURE
COMPUTING           Forum Summary
      n   Want both a powerful GUI and a powerful
          command line interface
      n   Want a single view for all firewall rules -
          packet to application proxy
      n   Want enterprise-class central management
      n   Overwhelming want a UNIX-based firewall
      n   Want help in securing and hardening the
          UNIX OS
      n   Want the best price/performance

                           14
SECURE
COMPUTING       Engineering Analysis
    Our combined engineering teams
    n   Sidewinder engineers
    n   Gauntlet engineers …
    n   Advanced Technology Division engineers
    Tested & debated many ideas and
    approaches
    Thoroughly reviewed all options


                          15
SECURE
COMPUTING           The solution
    Base the firewall on SecureOS™
    Incorporates type enforcement and
    Standard OS hardening techniques
    Start with Sidewinder proxies adding
    Gauntlet Proxies and features
    Use Gauntlet Enterprise Management
    concepts (GEM)
    Gauntlet Virus filtering (coming soon)
                        16
SECURE
COMPUTING   Next Generation Firewall
    A hybrid between an application proxy and
    a packet filter
    SecureOS™ Based on BSD Unix 4.3
    Enterprise management for multiple
    firewalls
    GUI and command line interface



                       17
SECURE
COMPUTING   Retained GEM concepts
    Location
    Site
    Firewall
    Rules
    Substitution
    Local administrators
    Partitioning of administration space

                        18
SECURE
COMPUTING                   Summary
   §   The two-phase NGF plan will include the best
       features of both Sidewinder, Gauntlet and many new
       features Q1 2003
   §   Many migration aids, both planning & technical, will
       be available to help.
   §   NGF will be hosted on Secure OS™
   §   The NGF will be a bundled hardware/software
       "appliance” on leading-edge high-performance
       platforms
   §   Hybrid packet-to-application security, manageability,
       and performance

                               19
SECURE
COMPUTING




            Q&A


             20

				
DOCUMENT INFO
Shared By:
Stats:
views:46
posted:4/5/2012
language:
pages:20
Description: Gartner is introduced to deal with the current and next generation network security threats that firewall must once again to upgrade to a" next generation firewall". An example, first generation firewall has been basically cannot detect the zombie network as transmission method of threat (see" case study: computer early detection function is zombie network client threat ."). Due to the current used is based on service-oriented architecture and Web2.0popularization, more communication amount just by a few ports ( such as: HTTP and HTTPS ) and the use of a limited number of protocol, which means based on port / protocol security policy relevance and efficiency are becoming more and more low. Deep packet inspection intrusion prevention system ( IPS ) according to the known attacks on the operating system and leakage deployed patch software inspections, but not effective recognition and prevent the application of abuse, not to mention the application specific characteristic protection.