Scribd Logo
Upload

Welcome to Scribd!

  • Sangfor NGAF Introduction 8.0.5 Final

    Uploaded by

    Albarn Paul Alicante
    216 views24 pages
    Sangfor NGAF Firewall

    Original Title

    4. Sangfor NGAF Introduction 8.0.5 Final

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Sangfor NGAF Firewall

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    216 views24 pages

    Sangfor NGAF Introduction 8.0.5 Final

    Uploaded by

    Albarn Paul Alicante
    Sangfor NGAF Firewall

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 24

    Sangfor Next Generation

    Application Firewall

    Product and Marketing, Sangfor


    You Can’t Protect Against the Unknown

    Unknown & Exposed Devices

    Network and Application Threats

    Unknown & Non-Classified Traffic

    1
    Attacks Bypass Traditional Protection

    • WannaCry Ransomware infected • In a recent Barkly survey of companies who suffered


    200,000 machines in four days ransomware attacks in the past 12 months:
    across 150 countries. o 100% of customers were running anti-virus
    o 95% of attacks bypassed traditional firewall
    o 77% of attacks bypassed email security

    2
    Shortage of Cybersecurity Professionals is the #1 Concern for CSOs

    2016 2015 2014

    46% of respondents 25% of respondents 23% of respondents


    45% of
    claimed their claimed their claimed their
    respondents
    organization had a organization had a organization had a
    claimed their 2017 problematic shortage problematic problematic
    organization had
    of cybersecurity skills shortage of shortage of
    a problematic
    cybersecurity skills cybersecurity skills
    shortage of
    cybersecurity skills
    2018
    *ESG’s Annual survey of 620
    organizations for State of IT

    51% of respondents
    claimed their
    organization had a
    problematic
    shortage of
    cybersecurity skills
    3
    Shortage of People & Shortage of Time

    Vulnerability
    Assessment
    Process Alerts

    Trouble Tickets
    Log File Reviews
    Security
    Events Threat
    Correlation
    Maintenance
    Management

    Research IOC on TI
    4
    Ideal Protection

    Intelligent
    Efficacy* Understand business
    Able to stop all assets and risks.
    threats, known, Protection for
    unknown and zero- networks,
    day. applications and
    users.

    Simplify
    Simplify IT security
    operation.
    Easy to use and
    understand.
    Quick to discover
    issues.
    Fast response.
    *“ef·fi·ca·cy” ˈefəkəsē/
    noun
    1.the ability to produce a desired or intended result. 5
    Sangfor NGAF

    Prevention against Unknown Threats: Protect Business Assets Simplified Security Operation
    Converged security Asset Discovery Superior Visibility
    AI-Based Malware Inspection Vulnerability Assessment Unmatched Reporting
    Security Context WAF Guidance, wizard, alert

    6
    Stop Unknown Threats

    7
    Converged Security

    Comprehensive and Reliable Protection From L2 to L7

    The Worlds First AI Enabled NGAF


    Fully Integrated NGFW + NGWAF + Security visibility
    8
    Sangfor Engine Zero: Stop Malware Cold

    Sangfor Engine Zero:


    Deep Learning Neural Networks
    Deep Learning is Everywhere
    • Protection from both known and unknown
    malware
    • No reliance on signatures
    • Detects malware in approximately 30
    milliseconds
    • Extremely small footprint (under 60MB)
    • Works out of the box. No additional training
    required

    9
    Sangfor Engine Zero

    Coverage
    Both known and zero-day attacks.

    Efficacy
    In recent tests our malware detection rate scored the
    highest in terms of accuracy among other vendors.

    Fast
    Extremely efficient, utilizing very few resources while
    efficiently providing malware inspection on the
    network gateway with very little performance impact.

    10
    Neural-X

    White Hat Researchers

    Data Scientists Security Analysts

    11
    12
    Unknown Threat Detection: Sangfor Cloud Sandbox

    1. Suspected file is sent to ZSand for analysis

    2. Suspected file confirmed by Zsand

    3. NGAF blocks subsequent malware

    4. Malware added to Neural-X DB for all Sangfor Customers

    13
    Protect Business Assets

    14
    Discover, Scan & Protect

    Real-Time Scan
    • Asset Discovery
    • Vulnerability Assessment

    Proactive Protection
    • Application Hiding
    • Virtual Patching
    • Identify Weak passwords

    15
    Proven Success Protecting Web Applications
    Scanning Prevents port/server scanning
    Web Application
    Process Prevents app vulnerability scanning Servers
    Weak password protection
    Anti-brute force attack
    Core URL protection
    Website structure anti-scanning
    Web Crawler defense

    Attack Enhanced Web Defense


    Process • SQL injection defense
    • OS command injection
    defense
    • XSS attack & CSRF attack
    IPS Application Based
    • Server vulnerability defense
    • Terminal vulnerability defense

    Theft DOS attack


    Process Application layer DOS attack
    CC attack
    Authority control
    Users
    Exe file upload filtering
    Upload viruses & Trojan filtering
    Prevention of web shell dataflow Hackers 16
    Sangfor Next Generation WAF Engine
    NGWAF Engine
    Traditional Engine Traffic

    Whitelist forced filtering

    Protocol Analysis Automatic on-demand


    decoding
    Rules Abnormal protocol
    identification
    Signature
    Detection
    Based Static Traditional Engine

    Logging Engine

    • Unable to detect unknown threats and Machine Semantic


    exploits Learning Analysis

    • Easy to bypass • Comprehensively surpasses sort rules to identify


    • Common false positive SQL injection unknown threats and high-risk vulnerabilities
    detection • Automatically learns by modeling normal
    • Low-level performance business traffic, reducing false positives by 62.4%
    17
    Simplify Security Operation

    18
    Full Network Security Visibility

    With Total Visibility, Protection is more Efficient & Simplified

    Visibility of Assets
    • Identify core business system assets (examples:
    application software, users, devices, and content)
    Visibility of Threats and Risks
    • Identify vulnerabilities and risks to business assests.
    Visiblity of User Behavior
    • Distinguish between common and uncommon user
    behavior, identify potential risks and respond to
    threats in real-time.
    • Easy distinguish between legitimate users and
    malicious users accessing services

    19
    Reporting for Different Purpose

    Simplified Daily Operation Step by Step Incident Response Valuable Report to MGMT Team

    20
    In-Depth Threat Analysis
    1. View current security status
    2. Comprehensive analysis of network trends
    3. Analysis of application servers prone to critical or high-risk vulnerabilities & attacks
    4. Solutions for existing issues

    Timely analysis of
    severity ranking of
    potential risks

    Clear & concise


    information about
    attack source, target,
    impact & solutions

    22
    Summary

    Prevention against Unknown Threats: Protect Business Assets Simplified Security Operation
    Converged security Asset Discovery Superior Visibility
    AI-Based Malware Inspection Vulnerability Assessment Unmatched Reporting
    Security Context WAF Guidance, wizard, alert

    23
    THANK YOU !

    Product and Marketing

    You might also like