SlideShare a Scribd company logo

IntelAdapt

Maggie Albrecht
Maggie Albrecht

The document discusses the evolving cyber threat landscape and the need for enterprises to adapt their security strategies. Traditional static defense models are being outpaced by new threats. Networks carrying sensitive data are at risk without complete monitoring, visibility and intelligent security controls that can adapt in real-time. The partnership between SAIC, CloudShield and McAfee aims to deliver solutions on hardened platforms with security services that can adapt to today's increasing cyber threats. This includes network security platforms, solutions and analytics that can intelligently detect and respond to threats while providing situational awareness.

1 of 2
Download to read offline
Today’s threat landscapes are notably sophisticated with personalized targeting attack methods producing a maximum amount of mayhem. Persistent targeted cyber-attacks infiltrate enterprise networks to steal financial data, personnel job records, health records and sensitive corporate secrets, disclosure of which is costly and traumatic to the corporate brand. The financial market impact of inadequate IT safeguards and dissemination of sensitive corporate records results in overwhelming financial loss. The immense breadth of this cyber compromise problem is exacerbated when critical, high-value data moves beyond the control of the corporate network to mobile endpoints. Corporations must take action to protect sensitive internal data that is remotely accessed by their wireless workforce and customers. With the ever-changing landscape of IT infrastructures—moving from static to mobile endpoints and the increasing shift to cloud-based environments—CIOs/CISOs have the daunting task of maintaining strict security compliance against the sheer amount of data that is created from multi-petabytes of information transmitted and stored within their environment. Networks carrying sensitive informa- tion are“at risk”without complete monitoring, visibility and security controls—ultimately jeopardizing business models. In order to identify, react and prevent threats from becoming data breaches, large enterprises need a full range of expertise, hardware, and software. Network security analysts must have flexibility and complete control over their security posture to adapt protection levels and take the proper defensive actions, in real-time, as attacks are unfolding. A new approach to securing the enterprise is overdue. The traditional model of embedded hardware with five-year refresh cycles is simply being outpaced by the evolving threat landscape and the associated legal liabilities faced by businesses around the world. Static defense models for high-value networks must intelligently adapt to succeed. Adaptation includes complete visibility, control, and the ability to accurately provide explicit information to policy-based analytics engines. Real-time intelligence drives adapting response that safeguards and secures against emerging threats. Incorporating improved analytics and visualization drives clear situational awareness of corporate networks. Advantages of this approach are manifested in the ability to predict and detect anomalous and malicious network traffic while actively deploying intelligent mitigation strategies. The key to this approach is to have real-time intelligence that adapts security profiles in advance of the next attack. SAIC and Cloudshield have partnered with McAfee to deliver a broad range of carrier-class cybersecurity solutions on hardened platforms backed by a full spectrum of tiered cybersecurity services that can adapt in real-time to today’s increasing business-damaging cyber threats. Solutions McAfee’s industry-leading security solutions can detect and react to attacks across networks without prior knowledge of suspicious profiles or attack payloads that are constantly evolving and transforming. Coupled with McAfee’s Global Threat Intelligence to detect and respond to common tactics, techniques, and procedures, IT professionals have a precise understanding of the full scope of threats to shut down all vectors of an attack. Armed with this knowledge, security teams have the ability to craft comprehensive protection strategies that intelligently adapt to future threats poised to jeopardize your enterprise. Platforms CloudShield’s CS-4000 Trusted Network Security Platform addresses the shortcomings of a network equipment market dominated by closed, fixed-function appliances. Architected for flexibility, the CS-4000 platform is an adaptable, active network device that combines
CloudShield’s patented L7 packet processing capabilities together with general purpose computing for scalable, flexible performance. CloudShield has leveraged IBM’s Blade Open Specification to implement its advanced packet processing architecture on IBM’s industry- leading bladed solution, the IBM BladeCenter®. The IBM BladeCenter is a highly integrated, flexible, and reliable system comprised of blade servers, storage, management, and networking options that help reduce management complexity while increasing performance and energy efficiency. By leveraging the IBM BladeCenter H for datacenter environments and the IBM BladeCenter HT for demanding telecommunications environments, companies have greater deployment flexibility to adapt to requirements for scalability and convergence of security services. Security Foundation Adversaries are persistent. If they can’t succeed on one path, they’ll try elsewhere until they finally breach network defenses. Don’t assume that you can protect a valuable network if the foundation upon which it is built can be compromised. The CloudShield platform has been architected and validated by the most demanding pool of security organizations and it is accredited in EAL4+ and DCID 6/3 PL4 environments. To help ensure that your company’s critical infrastructure solutions are secure and robust, the CS-4000 is hardened against attack, both at the operating system and with physical security countermeasures protecting the system itself. The CloudShield CS-4000 is a cyber assurance platform available for securing your infrastructure and protecting high value data. Analytics and Experience SAIC’s Center of Excellence for Cybersecurity, comprised of more than 600 information assurance specialists and engineers, provides full-spectrum security services and carrier-grade solutions for commercial and government clients worldwide. McAfee customers without dedicated resources or expertise can leverage SAIC’s security engineering operations and managed security services through a world-class security operations center monitoring thousands of security devices across dozens of customers. SAIC’s advanced forensics and analytics, based on decades of successful programs deployed, across government agencies help enterprises adapt security for advanced attacks. Realized Operational Benefits “Intelligently Adapt”is a concept that promotes awareness and enables rapid response to network threats. It provides the basis to evolve an enterprise’s security posture to a higher, more secure level. The benefits not only include a more robust ability to detect and react to threats but also a blueprint for a more efficient security infrastructure. Highly-flexible packet processing capabilities that can intelligently intercept, re-route, and mitigate traffic while making decisions on the fly, in real-time—provides for more efficiency for CPU cycles that are spent analyzing traffic easily tagged for specific actions (detect, stop or analyze). Front end analytics can also enable smart packet capture activity, a major benefit in efficient and effective forensic activity. CloudShield offers a powerful advantage to security independent software vendors—allowing them to quickly integrate and adapt their solutions for scalable and trusted cyber solutions. With the latest multi-core processing technologies on the market and zero to limited development impact, ISVs can rapidly deploy across the most sophisticated enterprise networks. CloudShield’s PN41 for IBM BladeCenter allows CIO’s and CISO’s to significantly reduce security appliance sprawl and lengthy hardware refresh models. It minimizes connection management overhead while providing a software-based consolidation approach for efficiently handling“defense in depth”of security to protect business critical information and services. In addition, this approach offers IT professionals an open environment to work with SAIC, CloudShield and our ISV partners in selecting the right security applications and capabilities that your network demands. CloudShield World Headquarters 212 Gibraltar Drive Sunnyvale, CA 94089 tel: 408.331.6640 fax: 408.331.6742 email: info@cloudshield.com Visit us online at cloudshield.com © SAIC 2011. All rights reserved. BladeCenter is a registered trademark of IBM Corp. in the United States and/or other countries.

More Related Content

IntelAdapt

  • 1. Today’s threat landscapes are notably sophisticated with personalized targeting attack methods producing a maximum amount of mayhem. Persistent targeted cyber-attacks infiltrate enterprise networks to steal financial data, personnel job records, health records and sensitive corporate secrets, disclosure of which is costly and traumatic to the corporate brand. The financial market impact of inadequate IT safeguards and dissemination of sensitive corporate records results in overwhelming financial loss. The immense breadth of this cyber compromise problem is exacerbated when critical, high-value data moves beyond the control of the corporate network to mobile endpoints. Corporations must take action to protect sensitive internal data that is remotely accessed by their wireless workforce and customers. With the ever-changing landscape of IT infrastructures—moving from static to mobile endpoints and the increasing shift to cloud-based environments—CIOs/CISOs have the daunting task of maintaining strict security compliance against the sheer amount of data that is created from multi-petabytes of information transmitted and stored within their environment. Networks carrying sensitive informa- tion are“at risk”without complete monitoring, visibility and security controls—ultimately jeopardizing business models. In order to identify, react and prevent threats from becoming data breaches, large enterprises need a full range of expertise, hardware, and software. Network security analysts must have flexibility and complete control over their security posture to adapt protection levels and take the proper defensive actions, in real-time, as attacks are unfolding. A new approach to securing the enterprise is overdue. The traditional model of embedded hardware with five-year refresh cycles is simply being outpaced by the evolving threat landscape and the associated legal liabilities faced by businesses around the world. Static defense models for high-value networks must intelligently adapt to succeed. Adaptation includes complete visibility, control, and the ability to accurately provide explicit information to policy-based analytics engines. Real-time intelligence drives adapting response that safeguards and secures against emerging threats. Incorporating improved analytics and visualization drives clear situational awareness of corporate networks. Advantages of this approach are manifested in the ability to predict and detect anomalous and malicious network traffic while actively deploying intelligent mitigation strategies. The key to this approach is to have real-time intelligence that adapts security profiles in advance of the next attack. SAIC and Cloudshield have partnered with McAfee to deliver a broad range of carrier-class cybersecurity solutions on hardened platforms backed by a full spectrum of tiered cybersecurity services that can adapt in real-time to today’s increasing business-damaging cyber threats. Solutions McAfee’s industry-leading security solutions can detect and react to attacks across networks without prior knowledge of suspicious profiles or attack payloads that are constantly evolving and transforming. Coupled with McAfee’s Global Threat Intelligence to detect and respond to common tactics, techniques, and procedures, IT professionals have a precise understanding of the full scope of threats to shut down all vectors of an attack. Armed with this knowledge, security teams have the ability to craft comprehensive protection strategies that intelligently adapt to future threats poised to jeopardize your enterprise. Platforms CloudShield’s CS-4000 Trusted Network Security Platform addresses the shortcomings of a network equipment market dominated by closed, fixed-function appliances. Architected for flexibility, the CS-4000 platform is an adaptable, active network device that combines
  • 2. CloudShield’s patented L7 packet processing capabilities together with general purpose computing for scalable, flexible performance. CloudShield has leveraged IBM’s Blade Open Specification to implement its advanced packet processing architecture on IBM’s industry- leading bladed solution, the IBM BladeCenter®. The IBM BladeCenter is a highly integrated, flexible, and reliable system comprised of blade servers, storage, management, and networking options that help reduce management complexity while increasing performance and energy efficiency. By leveraging the IBM BladeCenter H for datacenter environments and the IBM BladeCenter HT for demanding telecommunications environments, companies have greater deployment flexibility to adapt to requirements for scalability and convergence of security services. Security Foundation Adversaries are persistent. If they can’t succeed on one path, they’ll try elsewhere until they finally breach network defenses. Don’t assume that you can protect a valuable network if the foundation upon which it is built can be compromised. The CloudShield platform has been architected and validated by the most demanding pool of security organizations and it is accredited in EAL4+ and DCID 6/3 PL4 environments. To help ensure that your company’s critical infrastructure solutions are secure and robust, the CS-4000 is hardened against attack, both at the operating system and with physical security countermeasures protecting the system itself. The CloudShield CS-4000 is a cyber assurance platform available for securing your infrastructure and protecting high value data. Analytics and Experience SAIC’s Center of Excellence for Cybersecurity, comprised of more than 600 information assurance specialists and engineers, provides full-spectrum security services and carrier-grade solutions for commercial and government clients worldwide. McAfee customers without dedicated resources or expertise can leverage SAIC’s security engineering operations and managed security services through a world-class security operations center monitoring thousands of security devices across dozens of customers. SAIC’s advanced forensics and analytics, based on decades of successful programs deployed, across government agencies help enterprises adapt security for advanced attacks. Realized Operational Benefits “Intelligently Adapt”is a concept that promotes awareness and enables rapid response to network threats. It provides the basis to evolve an enterprise’s security posture to a higher, more secure level. The benefits not only include a more robust ability to detect and react to threats but also a blueprint for a more efficient security infrastructure. Highly-flexible packet processing capabilities that can intelligently intercept, re-route, and mitigate traffic while making decisions on the fly, in real-time—provides for more efficiency for CPU cycles that are spent analyzing traffic easily tagged for specific actions (detect, stop or analyze). Front end analytics can also enable smart packet capture activity, a major benefit in efficient and effective forensic activity. CloudShield offers a powerful advantage to security independent software vendors—allowing them to quickly integrate and adapt their solutions for scalable and trusted cyber solutions. With the latest multi-core processing technologies on the market and zero to limited development impact, ISVs can rapidly deploy across the most sophisticated enterprise networks. CloudShield’s PN41 for IBM BladeCenter allows CIO’s and CISO’s to significantly reduce security appliance sprawl and lengthy hardware refresh models. It minimizes connection management overhead while providing a software-based consolidation approach for efficiently handling“defense in depth”of security to protect business critical information and services. In addition, this approach offers IT professionals an open environment to work with SAIC, CloudShield and our ISV partners in selecting the right security applications and capabilities that your network demands. CloudShield World Headquarters 212 Gibraltar Drive Sunnyvale, CA 94089 tel: 408.331.6640 fax: 408.331.6742 email: info@cloudshield.com Visit us online at cloudshield.com © SAIC 2011. All rights reserved. BladeCenter is a registered trademark of IBM Corp. in the United States and/or other countries.