13-04-2012, 11:53 AM
Self-Defending Networks
42450021-Self-Defending-Networks.ppt (Size: 653 KB / Downloads: 91)
Self-Defending Network (SDN)
A systems-based solution that allows entities to use their existing infrastructure in new ways to:
Reduce windows of vulnerability
Minimize the impact of attacks
Improve overall infrastructure availability and reliability
Why do we need SDN’s?
Evolution of network Evolution of attacks on networks
Traditional approach Defense-in-depth
Proactive defense mechanisms
SDN approach
Adaptive defense mechanisms
Why do we need SDN’s?
Key elements of an adaptive solution:
Remain active at all times
Perform unobtrusively
Minimize propagation of attacks
Quickly respond to as-yet unknown attacks
Admission Control
Not only core component of a SDN, but incorporated into other technologies by over 30 industry-leading vendors
Network Admission Control (NAC) assists in determining the level of access to grant an end-user system in accordance with the security policy when it initially joins the network
NAC also assists in managing end-user system’s compliance with security patches and updates
Application Security and Anti-X Defense
A menagerie of application layer security products that address the “ever-evolving” classes of threats which are not effectively addressed by traditional firewall and network IDS products
Threat examples:
E-mail based SPAM and phishing
Spyware
Unauthorized peer-to-peer activity
Summary
New phraseology NOT a new technology
Encompassing security solution that is proactive AND adaptive in nature that envelopes every level of network security rather than just specific layers
Key difference in SDN and traditional security solutions…ability of SDN’s to communicate and share information among different security products employed within the SDN