Presentation title goes here, up to two lines if needed
Sample three prong diagram
AWS division jumped 47% to $3.5B$926M OperatingIncome 71%
Amazons $1.3B Operating Income
Symantec Cited as The Clear Leader for Cloud Secure GatewaysTop
7 AWS Security IssuesSecurity and Compliance for Your AWS
Environment
.
Server products and Cloud Services revenue grew $577M or
12%Azure's revenue surged 93%
SUPPORTING ITEMSymantec Secures Office365 Optimizing O365 with
Symantec PacketShaper
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.
Inaugural Edition
FullDayFaeder on Fridays
My cyber community has been asking for me to put something
together to help sort through the fake news and noise these
thousands of small start-ups or even niche best of breed so called
players that simply dont improve their security posture.
Respected cybersecurity leaders value my transparent insight and
therefore I have acquiesced to their demands.
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.
2
I thought it pertinent to touch on the hot off the press
financial figures of the worlds 3 most impactful cloud companies in
my humble opinion.
Symantec, Amazon Web Services, and Microsoft Azure all had
outstanding quarters. It is becoming evident winners have been
chosen. Now only one of these companies is focused solely on
security.
AWS division jumped 47% to $3.5B
Azure's revenue surged 93%
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.
This week Symantec provided FullDayFaeder exclusive access to
our World Wide Solutions Architect, Mohammad Kaouk, who is a
genuine genius and dedicated to cloud security.
I personally witnessed some RSA sneak peaks as well current
general availability SKUs of the new:
Integrated Cyber Defense Platform
*Web Security Services, *Symantec CloudSOC, *Symantec DLP,
*On-Premise to Cloud DLP, *Malware Analysis Advanced Service (Full
Detonation Cloud Sandboxing), *SSL/TLS interception, managed
centrally via *Hosted Reporter 10 and *Management Center (riding on
a common operating environment), and lastly all backed by *VIP
multi-factor authentication. (WOW)
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.The great news is Symantec has
partnered with Amazon Web Services to provide our customers access
to easily spin up a controlled virtual environment to play with the
solutions for 2 weeks. Super easy to get going with our Symantec
Security Services Platform.
Giving this transformation to the cloud and the need for
seamless multi-factor authentication for this Inaugural edition I
chose to cover our CASB/WSS/VIP story to protect users and data
everywhere. Just ping me for a free trial...
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.
According to the Forrester report, Blue Coat/Symantec integrates
CSG with its on-premises secure web gateway.
The solution supports both proxy-based and API monitoring of
cloud platforms (both AWS and Azure) and cloud applications.
It has strong capabilities for Salesforce and other structured
data protection, including search, sort, and filtering operations,
and offers a wide selection of encryption and decryption policy
options.
The solutions built-in cloud application catalog, support for
Office 365, and mobile-device-based encryption lag.
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Cloud Access Security Broker
(CASB)
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Im Eric Andrews . . . .And on
stage with me is Leeron . . .. (over 1 year) 7
New Challenges
26% of Cloud Docs are Broadly Shared11 1H 2016 Shadow Data
ReportProliferation of Cloud AppsVariety of EndpointsShadow Data
ProblemCompromised AccountsRisk Assessment Intrusion
DetectionProxy/FirewallDLPIncident ResponseInvestigationsMalware
Detection
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Organizations are seeing a greater
amount of content migrating to cloud apps and servicesAnd this
content is being access be a variety of devices, laptops, mobile,
etc.. This communication is often direct-to-net, not hairpinning
back to HQ through the traditional security stack, creating a blind
spot.Even when youve adopted a sanctioned app, it is hard to track
how your users are using this app and what type of content they are
sharing. We call this problem Shadow DataFinally, with thousands of
credentials floating around in your organization, an increasing
concern is how a compromise of any one of these accounts may lead
to a costly data breach.
8
Proxy
Cloud Proxy
EventsOutsidePerimeter
Risk AssessmentIntrusion DetectionProxy/FirewallIncident
ResponseInvestigationsDLPMalware Detection
EnterprisePerimeter
Cloud API
StreamIQContentIQThreatScore
LIST (WEB)
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Describe solutionDescribe
differentiation, best in class, data science, UI
9
Management CenterAgent
Single Pane of Glass for Cloud Security
Visibility of Shadow ITProtection Against Malicious
AttacksGranular Control of Sensitive Data
10
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.We provide a range of solutions to
address these challenges, including visibility of Shadow IT,
Granular controls, and monitoring of user accounts to prevent
compromised credentials.
All of these solutions come bundled in an elegant platform,
often referred to as the best UI in the industry, even by our
competitors.
====Most important point is not that Skyhigh said this, but that
it is coming directly from customers. We here, but they are hearing
it too. Note Skyhigh had nasty things to say too.Not just pretty
looking, but functional. Well thought out. Designed to accommodate
workflows that real users want.Netskope has lots of information,
but clunky UI, no workflows, not thought through. Skyhigh
challenging to navigate.
Video
10
Cloud Secure Web Gateway
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.
Shadow Cloud IT
ConsumerInternet
Proxy
We supply employees with mobile devices. We need to govern their
use and protect information and users when they are out in the
world.Remote Sites, Mobile Devices and UsersHow to Protect
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Block web threats & ATP
C/CFeed documents to sandboxEnforce security policy
Symantec Web Security Service
ConsumerInternet
Shadow Cloud IT
Proxy
Extend Web & Cloud Governance to Mobile Take Remote Sites
SafelyDirect to Net
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Block web threats & ATP
C/CFeed documents to sandboxEnforce security policy
PRODUCTS
Dubai
https://www.bluecoat.com/cloud-data-center-locations/AMERICASAshburn,
VA *Santa Clara, CAChicago, IL *Miami, FLSeattle, WA *Toronto,
Ontario, CanadaDallas, TXDenver, COBuenos Aires, ArgentinaMexico
City, MexicoSao Paulo, BrazilNew York, NYMontreal, Quebec,
CanadaEMEALondon, UK (2x) *Frankfurt, Germany *Paris,
France*Zurich, SwitzerlandStockholm, SwedenMadrid, SpainHelsinki,
FinlandMilan, Italy Johannesburg, South AfricaOslo, NorwayTel Aviv,
IsraelDubai, UAEAPACSydney, AustraliaAuckland, New ZealandRepublic
of Singapore*Tokyo, JapanShanghai, ChinaHong Kong, ChinaTaipei,
TaiwanSeoul, KoreaMumbai, IndiaChennai, India* Core siteBlue Coat
Global Data Center FootprintSSAE16ISO 27001
Coverage across 6 continentsHosted at Top Tier infrastructure
providersRedundant within and between locationsConnect to any /
closest Data Center Fully meshed / redundant network40 Data
Centers
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Blue Coat has a fully meshed and
redundant infrastructure spanning 6 continents with over 40 data
centers.With many years and strong investment, Blue Coat offers
Core sites shown here with an asterisk. These sites have 10GB
throughput capacity already in place and infrastructure in place to
allow 4x expansion.All Blue Coat data centers are accessible by all
Blue Coat Cloud customers we dont advertise (or have) any data
centers that are not available to all customers unlike other
vendorsAnother critical requirement for a enterprise grade service
and supporting infrastructure are the ISO 27001 and SSAE16
certifications, which Blue Coat holds for all of its data centers,
infrastructure, controls and processes. We also require that all of
our tier 1 hosting partners carry the same certifications.Other
vendors will advertise global presence and data centers, but these
can typically be racks sitting in an SEs basement.Blue Coat stands
behind its secure and scalable global infrastructure
If you get a question around data privacy.Arch: store data
within region. separation.Config: dc primary/ backupAccess control:
ssae16/ iso2700114
Secure Web Access in the CloudProxy Enabled Web Security
Service
Proxy
Proxy All EndpointsTerminate and decrypt trafficEmulate all
device types Extract content for inspectionIntegrate
authenticationControl Web & Cloud GovernanceDiscover shadow IT
riskBlock web-borne threatsEnforce access policy & audit
usageof web & cloudWWW.WEBSITE.COM
Prevent Threats & Orchestrate ContentPre-filter sandbox with
advanced content inspectionSend content to DLP, sandbox, analytics,
etc.. Open integration architecture to quickly add new services
.JAR
.EXESandbox Malware to Identify Advanced ThreatsMulti-factor
file analysis Real time operation prevent file delivery until
sandbox analysis complete
Web
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Architecture for Content
Inspection, Tool Integration & Policy Control15
Web Security Service with Malware Analysis Service Add-On
Web Security Service (WSS)ProxySG Secure Web GatewayDual
Anti-Virus ScanningGlobal Intelligence NetworkURL Filtering and
CategorizationComprehensive ReportingSSL Interception /
Policy-Based DecryptionCASB Audit Integration
Malware Analysis Service (MAS)Static Code AnalysisYARA Rules
AnalysisBehavioral AnalysisEmulation of Windows ProcessesInline,
Real-Time BlockingFile and URL Reputation
MAS prevents first-client infection from unknown malware
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Malware Analysis Service: Standard
vs AdvancedKey CapabilitiesStandardAdvancedStatic Code AnalysisYARA
Rule AnalysisBehavioral AnalysisEmulation of Windows
PlatformInline, Real-time BlockingFile and URL Reputation Windows
EmulationFull Windows OS DetonationEXE and DLL SupportOffice
Documents and PDF Support+JAVA, MSI, RTF, ZIPFull Detonation
Report
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.
17
Email
Web Access
CloudApps
User SecurityInformation ProtectionAdvanced Threat
Protection
Protect Across Web, Mail and Cloud App Vectors
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Cloud Data Protection
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.
19
IN TRANSITAT RESTIN USE
ZZ
FIREWALLCloud Data Flow
TOKEN
TOKEN
TOKEN
TOKEN
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.20When regulated data starts to
move outside of the enterprises control, organizations run into
significant data compliance challenges. But sometime, the cloud app
use case requires that the data needs to be there. What can you
do?
Firstly, enterprises need to understand that data has multiple
lifecycle phases when it moves to the cloud in-transit to the
cloud, at-rest in a database, and in-use during cloud app
processingWhen data is exposed in any of these phases in apps like
Salesforce and Servicenow, it can create data privacy and
compliance challengesThe Symantec CDP solution ensures that
regulated data is never exposed in any of these phasesThe
enterprise sets policies that replaces sensitive data, using a
token in this example, so the enterprise can show its internal
compliance teams and external regulators that all
compliance-governed data is always completely in their control.
Symantec CDP Data Protection Process
SymantecCloud Data ProtectionGatewayCloud Data ProtectionToken
Map RepositoryUser Cloud AppCloudApplication
Example: enterprise defined a policy to protect FIRST NAME And
LAST NAME Fields In ServiceNowWithout impacting the cloud apps
functionality (e.g. search, sort e-mail)
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.This slide gives a quick overview
of the process.
Assume this is an HR app where First Name and Last Name fields
have been designated to be tokenized via the policies the
enterprise has defined.When a user enters a record for Brian Shaw,
the record transaction gets intercepted by the CDP gateway and a
replacement token is generated for both fieldsThe replacement
values are:What gets sent to the cloud application for storage and
processingStored locally in a CDP database to be used to bring
information back into the clear when authorized users access the
ServiceNow instance via the gatewayEnd users can still use the data
as if it was actually stored in the cloud. For example, they can
search and sort on data that has been encrypted or tokenized.
21
Cloud Data Protection Steps
Data GovernanceDetermines Info Sensitivity
ClassificationCross-Cloud Data ProtectionPolicies Defined CDP
Enforces Policies in Real-TimeWithout impacting the cloud
applications functionality (e.g. search, sort e-mail)
MobileUsersTokenization or EncryptionRemote
WorkersEnterpriseProtected Enterprise DataSaaSSaaSSaaSPaaS
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.There are three high-level steps
an enterprise takes when using CDP
The 1st step is determining what data elements need the
additional protection. For example, a healthcare provider may
choose to encrypt the handful of fields in their customer service
cloud application that are governed by HIPAA.Once the data
protection requirements are defines, a security analyst uses the
applications admin console to write the policies that need to be
enforced. Its a point and click exercise, tokenize this field,
encrypt al attachments, etc..From there the policies are deployed
into a run-time environment in the CDP gateway server, where the
data protection polices ae enforced real-time.
One final point the end users of the cloud application maintain
application functionality. For instance, they can perform searches
and send e-mails on data that has been tokenized.
22
Cloud Data ProtectionInfo Stored & Processed in the
Cloud
Unauthorized users see only tokenized replacement
valuesUnauthorized UsersDirect Connection to ServiceNow
Authorized users see all sensitive datain the clear
Makes the move to the cloud possible for all sorts of regulated
use cases
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Here is an interesting way to
illustrate the concept.
Imagine that data has been put up in your Servicenow instance
and you have some policies in place with CDP that protects various
fields and attachments.If any unauthorized users got a look at that
data directly in the cloud, all they would see is meaningless
replacement valuesBut now look at that same screen when viewed by
authorized users accessing the cloud org via the Symantec Cloud
Data Protection gateway. They see everything in the clear and have
full usability of the cloud app.
This critical capability opens up a whole host of new powerful
cloud application use cases for the enterprise, since it ensures
that regulated data uniquely remains in the hands of the enterprise
at all times (at-rest and in-use in the cloud). And the enterprise
maintains full physical control over encryption keys and token
vaults.
Note: Cloud provider-based solutions have two critical flaws:
(1) they only encrypt data while at-rest. It is fully exposed
during processing in the cloud app (2) the encryption/decryption
occurs in the cloud appso the keys, at some point, need to be in
the app providers infrastructure.
23
VIP and VIP Access Manager
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.
24
Symantec Identity Access ManagementTwo-Factor Authentication
(2FA) Single Sign On (SSO)For Enterprises, Consumers, & Cloud
Apps
VIP and VIP Access ManagerNetwork(Enterprise Gateway)
Cloud Applications(Access Manager)
Consumer (CDK/API)
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Every Organization Needs Strong
Authentication63% of Confirmed Data BreachesInvolve Leveraging
Weak, Defaultor Stolen Passwords
1.Somethingyou KNOW2.Somethingyou HAVE3.Somethingyou ARE
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.Traditionally, 2FA addresses
something know, have and are..
With VIP and added features, you can eliminate the dependency on
something you know (UN/PW), and simple rely on something you have
(phone) and something you are (fingerprint)26
Identity & Access Control
Secure Access for the Entire User Base
Identity &Access Control
SSOAccess ManagerInternal Users(Employees)External Users
(Partners/Contractors)Corporate NetworkCloud Apps
PKI
CustomersRemoteWorkers
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.The foundation of authentication
platform is the access control to make sure only the right person
can access your network. And it creates a central control point to
manage your users, set up your policies, and monitor your apps.
Symantec VIP Access Manager is an Enterprise Grade cloud
security access control platform, which leverages existing user
directories and allows internal/external users to single sign-on to
preconfigured web applications based on policy settings
On the one-hand, it helps reduce IT burden since IT can use
single console to monitor and control all the access points. On the
other hand, it helps improve user experience with just one
password, you can access all your applications. 27
VIP Deployment and Integration
Cloud-based and zero capital
investment(Bring-Your-Own-Credential)Easy DeploymentAll-in-one
pricing, many credential modalities, and even for consumersTap your
finger to authenticate: password-less authentication
Multi-platform SupportDesigned to IntegrateWith the security and
trust you expect from Symantec
APICDK
FIDOOATHPUSH
B2CB2E
RadiusSAML
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.End with why VIP is the clear
choice? Use this slide as more than just 3 reason to use VIP, but
help quantify the reason
Refer to the appendix and slide on IS RSA WORTH THE COST? where
we quantify a 33% savings using VIP which ties back to EASY TO
DEPLOYMobile APP is not only free but easy and convenient for user
which ties back to EASY TO USE. You may be able to quantify ease of
use be reducing PW reset which about $70/call or cost of
hardwareIntegration to a variety of use cases so investment in VIP
can give you return with integration with consumer app (CDK), cloud
apps (SSO) and network VPN (Radius), so rather than having separate
solutions and vendors for each of the use cases, you have one to
deliver all these!
---------------------------------------
Easy to deploy with zero backend infrastructure or hardware cost
(given solution is cloud based and credentials options can be
mobile which is free)
Easy to use whereby users can simple leverage their mobile
device as a credential and simple use your fingerprint or accepting
a push notification for authentication
Easy to integrate where your investment can extend to different
use cases such as SSO, VPN, B2C applications, etc.
------Provide strong authentication and easy access for
employees, partners and customers to corporate networks and
applications from any device or location while complying with
regulations, reducing risks to corporate assets, and keeping
infrastructure costs low.
Get the latest software without updates and upgrades always
relevant to protect you against attacks and provide the latest and
greatest.28
Data Loss Prevention Next Week
PRODUCTS
Blue Coat ConfidentialInternal Use Only#Copyright 2016 Blue Coat
Systems Inc. All Rights Reserved.