Verminderen van het risico op druggebruik op de weg Opleiding DrugWipe 5+
Risico op digitale bedreigingen maximaal verminderen - Bijdrage ASP4all voor Holland Strikes Back
-
Upload
asp4all -
Category
Technology
-
view
397 -
download
0
description
Transcript of Risico op digitale bedreigingen maximaal verminderen - Bijdrage ASP4all voor Holland Strikes Back
ASP4all
Use case : Risico op digitale bedreidingen maximaal verminderen
KNOWLEDGE. PERFORMANCE. SERVICE.
Marc
Marc Guardiola
Marc Guardiola
In IT sinds 1997
Lead Architect
Engineering & architecture met Linux, Networking & Security
CISSP-ISSAP, CEH
Bitbrains is gespecialiseerd in high performance computing en ultrasnelle levering van PoC’s
ASP4all is gespecialiseerd in migratie, hosting en beheer van bedrijfskritische applicaties.
ASP4all en Bitbrains
Top 3
200+Personeel Initiatieven
TNI NCSC PVIB
Voorkomen is beter dan genezen
REPUTATION
Secured
zones
Secured
Secured
web
Secured
systems
Contentscanning
Reverseproxy
Encryption
Disasterrecovery
Infrascaling
Bandwidthmgmt
DDoS
Intrusionprevention
Denial of service
Piek belasting
Malware
Content attack
SQL insertion
Compromitering
Calamiteit
Phishing
Virus
SPAM
Data leakage
Wasstraat
Basis infra
PublicInternet
Trustedpartners
InternalWAN
Zonering
PublicInternet
Trustedpartners
InternalWAN
Zonering
DC1 DC2
Encryption
Encryption
Encryption
Encryption
External
Internal
A
A
A
A
A
Zonering en componenten
Zonefirewall
Diensten
111213
VLAN TL2: Besloten
313233
212223
34353637
Forward ProxyResolving DNS
Authoritative DNS
VLAN TL1: PubliekVLAN AL1: Beperkt
File
2425
Forward Proxy
26
Forward Proxy AV
NTP
10G 10G
27
Authoritative DNS
Zonefirewall
Diensten
111213
VLAN TL2: Besloten
313233
212223
34353637
Forward ProxyResolving DNS
Authoritative DNS
VLAN TL1: PubliekVLAN AL1: Beperkt
File
2425
Forward Proxy
26
Forward Proxy AV
NTP
10G 10G
27
Authoritative DNS
Zone firewall
Diensten
10G 10G
212223
VLAN
2425
M ail
2627
A uthoritati ve D N S
N TP
AL1: Beperkt
Webbrowsing
Customer Wasstraat Internet
End-point security
App checkACL
BlacklistingCategorize
DLP
CONNECT www.google.nl:443
Session terminationApp check
ACL
App checkACL
Anti-VirusAnti-
MalwareAPT
Session termination
App checkACL
Customer Wasstraat Internet
App checkACL
DKIMSPF
DMARCDLP
App checkACLDLP
App checkACL
DKIMSPF
DMARCAnti-Virus
Anti-Malware
BlacklistingQuarantain
e
App checkACL
Anti-DDoS
Hosting
Webserver Wasstraat Internet
App checkACL
Anti-VirusAnti-Malware
Anti-VulnerabilityAPT
LoadbalancingWAF
CachingSSL Offloading
App checkACL
DDoS check
App checkACL
Caching App checkACL
Conclusie: Defence in-depth!
Policies, Procedures, Awareness
Physical
Perimeter
Internal network
Host
Application
Data
ISO27001, ISAE3402 type II
Tier3+ Datacenters
Anti-DDoS, L7 Firewall / IDP
WAF, Zoning/IDP, Web&Mail security
Hardened OS & Middleware
Standard frameworks, patched & audited
Enterprise storage
Meer weten ?
Marc Guardiola: [email protected]
Voorbeeld klantcase:
36000 end users
400 servers
75 koppelingen met externe netwerken
70TB storagehttp://www.asp4all.nl/over-asp4all/klantervaringen/ministerie-van-veiligheid-en-justitie