Date post: | 23-Jan-2015 |
Category: |
Business |
Upload: | grant-swanson |
View: | 890 times |
Download: | 0 times |
05/02/06 Reconnex Confidential
Ratinder Paul Singh Ahuja, Ph.DC.O.O & C.T.O
05/02/06 Reconnex Confidential
The ReconnexiGuard
Reconnex performs content monitoring, alerting, andforensic analysis
• Workplace Safety• Appropriate Use of
Corporate Resources
CorporateGovernance
• “Insider” Threats• Forensics• Social Engineering
CriticalInformation
Security
• IP theft• Defensibility of Trade Secrets• Competitive Intelligence
CompetitiveAdvantage
• SOX• GLBA• HIPAA
Compliance
• SB1386
Switch
05/02/06 Reconnex Confidential
Traditional Bottom UP Approach
BitsBits
PortsPorts
ProtocolsProtocols
CommunicationCommunication
• Firewalls/antivirus
• Networkintrusiondetection/protection
• Network flowtools
• limitedsessionreconstruction
05/02/06 Reconnex Confidential
The Bottom Up View:Bytes, Ports and Protocols
05/02/06 Reconnex Confidential
More Bottom Up
05/02/06 Reconnex Confidential
New Approach: Top Down
BitsBits
PortsPorts
ProtocolsProtocols
CommunicationCommunication
Objects, document Objects, document & applications& applications
WORD JPG GIF BMP TIFF C++
05/02/06 Reconnex Confidential
What Can You See? Over 150 contenttypes
E-Mail Microsoft Excel
ConfidentialDocuments
ProprietaryFormat
Microsoft PowerPoint
Schematics
Offshore Development
India Romania
Sourcecode
05/02/06 Reconnex Confidential
The ReconnexiManager
Reconnex has the ONLY Solution ThatAddresses the Known and Unknown Threats
Register — Detect — Remediate — Report
GigabitEthernet
The ReconnexiGuard
Executive Team
Off-Shore
InfoSec/IT
SignatureMatch
Finance
SalesDatabasesor Repositories
Integration Points• SIM• Storage• AD/LDAP• URL Filtering• Web & Mail Proxies
The ReconnexiController
Rule Match
Switchor Tap
“Reconnex’s forensicscapabilities are a key pieceof my compliance policy.”
CONFIDENTIAL - All RightsReservedReconnex Confidential
Reconnex Surveillance Types
• General Surveillance of all content, documentsand communications
• Document/Date/Time/Size/Watermarks/Sender/Recipient…
• Targeted Surveillance, powered by ReconnexDocument Registration
• Exact or Generic Phrases/Individuals…• “A Unique Solution to the Problem of False Positives”
• Can be operated on an ad hoc orscheduled basis
05/02/06 Reconnex Confidential
What does Reconnex iGuard do?
• Captures, classifies and stores in real time all content going in orout of a network
• Alerts are generated for policy violations in real time
• Allows for forensic searches over captured content for issues thatyou may become aware of in the future
Gigabit network
05/02/06 Reconnex Confidential
RCPE
The Reconnex Difference
Network Traffic RuleCreator
Real-TimeAlerts End User
HistoricalContent(RFS)
Content Summarization Look Up Table
Inbound capture(?)
Outbound capture
ForensicInvestigator
05/02/06 Reconnex Confidential
Why don’t other products do this?
HistoricalContent(RFS)
Content Summarization Look Up Table
ForensicInvestigator
!!Because it’s HARD!!
05/02/06 Reconnex Confidential
Easy to use Browser based access
05/02/06 Reconnex Confidential
Drill down to actual content
CONFIDENTIAL - All RightsReservedReconnex Confidential
Moments of Revelation from“Top Down” Work with Reconnex
05/02/06 Reconnex Confidential
www.reconnex.net