New Generation Network Security System Evolution and Implementation

The presentation outlines the evolution of network security systems, focusing on the transition from traditional firewalls to next-generation systems like intrusion detection systems. It highlights the limitations of current systems in detecting internal threats and the need for advanced solutions that can address modern security challenges. The proposed solution involves various functional blocks and technologies to enhance network security, including active policy enforcement and anomaly detection in real time. The emphasis is on adapting to EU information security standards and ensuring compliance with evolving cybersecurity requirements.

• Network Security
• Evolution
• Next-Gen Firewall
• Anomaly Detection
• EU Standards

memp_95 Follow

Uploaded on Oct 08, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

Presentation Transcript

1. Celtic-Plus Proposers Day 22 September 2016, Istanbul New Generation Network Security System (ENTRUST) Dr. Bar Bulut, Enforma Bili im A. . baris@enforma-tr.com 1

2. What we do Our ongoing work is based around ICT, telecommunications, data processing, telecoms regulations, product management & go-to-market, research and development consultancy, state funding and academia. We perform data analysis in various areas such as telecommunications, opinion polling and vehicle tracking, all of which lead to better business intelligence, higher customer retention, lower customer churn. We develop telecommunications systems software used within a number of nodes of such as RADIUS, telecommunications billing, SIP proxy, WebRTC server, telecomunications middleware software. We have been successfully receiving R&D grants at national level. We are in the look-out for partners we can work with in a cooperative and conducive successful collaboration. 2 2 Dr. Bar Bulut, Enforma, baris@enforma-tr.com

3. New generation network security system Network security evolved from access lists to firewalls to intrusion detection systems (IDS) Disadvantages: Threat assumed to be from outside, rather than inside. Ineffective against a Trojan horse or an infected user from inside SSL-encrypted malicious activity raises no direct alarm in IDS Also, known backdoors in leading non-EU manufacturers Need to: Establish baseline for traffic flow (both the load and to/from) Central or distributed probes Expert knowledge also accommodated Handle traffic in SSL-encrypted tunnel Detect anomaly in the pattern in real time Conform with EU information security standards 3 3 Dr. Bar Bulut, Enforma, baris@enforma-tr.com

4. Basic schematics Enterprise Network Elements UDP, TCP, TLS, WebSocket Universal Protocol Interpreter (TELNET, FTP, TFTP, SMTP, POP, IMAP, LDAP RADIUS, SIP, RTP, ICE, STUN, UPnP, SNMP, SMPP, DNS, ENUM, DHCP, HTTP ) Scenario Engine Behavioural / User Defined Patterns Monitoring API Network Activity Abstraction Active Policy Enforcer (NACAPE) Functional Blocks 4 4 Dr. Bar Bulut, Enforma, baris@enforma-tr.com

5. Evolution Stateless firewall: Packet Filters Application Layer Firewall with DPI Application Layer Firewall Stateful firewall Next Gen firewall, IDS Source considered Layer 7: The application layer + + + Layer 4: The transport layer + + + + Layer 3: The network layer + + + + + Packet content + Layer 3, 4, 7 Logs, incl. syslogs, event logs + 5 5 Dr. Bar Bulut, Enforma, baris@enforma-tr.com

6. Standardisation Data Sources Applications Users Network Equipment Application activity Network activity Server&Host logs Security devices Transactions User activity Event logs Email DB activity Behaviour Social activity Logs, Syslog Config data Threat info Store and Process Hot, warm, cold data Large scale machine learning Distributed infrastructure Big data capability Detection based on analysis of log and traffic data. Analysis Predictive & decison modelling Transaction analysis No common log format across the industry Incident Management 6 6 Dr. Bar Bulut, Enforma, baris@enforma-tr.com

7. Key selling points Proposed solution provides: An evolved security system that can address evolved risks currently undetectable by the IDS systems Machine learning ideas incorporated Kills threats from outside and inside Detects extended list of network activities such as an abnormally high number of MX lookup local email addresses, or DDOS A common log format for use in network equipment A European security system with zero backdoors Higher security of systems and personal information Worldwide network security and information security markets nearing $10b and $100b in size, respectively With 2-digit year-on-year growth Governments, datacentres, corporates, SMEs 7 7 Dr. Bar Bulut, Enforma, baris@enforma-tr.com

8. Partners & expertise Partners involved Enforma Missing partners / expertise A study of an exhaustive list of use cases and implementation of learning patterns need the following: Analysis of security threats Development Testing Therefore; Vendors, Partners with network traffic analysis experience, Partners with testing capability or a friendly customer status are welcome. 8 8 Dr. Bar Bulut, Enforma, baris@enforma-tr.com

9. Contact Info For more information and for interest to participate please contact: Dr. Bar Bulut, Enforma Bili im A. . baris@enforma-tr.com +90 212 932 7950 www.enforma-tr.com Your Photo 9 9 Dr. Bar Bulut, Enforma, baris@enforma-tr.com