1 / 14

ISP’s privet customers security Secure ‘in-the-cloud’ Internet access for home users.

ISP’s privet customers security Secure ‘in-the-cloud’ Internet access for home users. Agenda. 1. Introducing today’s ISP’s privet customer. 2. Security problems and limitation for Home users. 3. Deployment Examples. Case Study – Bezeq International ISP. 4.

ince
Download Presentation

ISP’s privet customers security Secure ‘in-the-cloud’ Internet access for home users.

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ISP’s privet customers securitySecure ‘in-the-cloud’ Internet access for home users.

  2. Agenda 1 Introducing today’s ISP’s privet customer 2 Security problems and limitation for Home users 3 Deployment Examples Case Study – Bezeq International ISP 4

  3. Introducing ISP’s privet customer Biggest volume of throughput is being used by privet/home users. • Privet Home users internet usage has evolved beyond recognition last few years: • IM application provide easy to use file transfer. • P2P applications became a common usage. • Web sites intelligence growth (video, flash, dynamic, interactive, webmail, etc.) • VOIP / MOIP are becoming a standard. • Percentage of throughput being used by inappropriate content is growing rapidly : • Viruses distribution over various protocols growth • Web content - inappropriate and hostile content • SPAM distribution growing rapidly • Unapproved access

  4. Home users are aware of the Risks. • Multiple Threat Types • Various Application Entry Points • Different Functions • Threat Payload Intent Varies • Broad Range of Propagation Techniques • Application Threat Vector • Viruses & Spyware • Spam & Directory Harvest Attacks • Web Phishing • Network Threat Vector • Network Worms • DDOS/DOS • IP Packet Capture • Spoofing & Man-In-The-Middle Unified Management

  5. Internet access levels and layers Home users are getting massive throughput • Internet access has grown by bandwidth and technologies: • xDSL technologies – up to 12mb down stream, and 4mb up stream. • Cable technologies - .up to 8mn down stream, and 4mb up stream. • Ethernet / Fiber to the home – 10/100/1000mb access lines. • Wireless – current technologies up to 56mb and growing. • Additional services requires bandwidth growth : • VOIP – rooming phone number over ip phone applications. • Video On demand / Music on demand streaming portals. • TV over IP. • Online gaming / gaming networks • Interactive advanced on line e-buying.

  6. Agenda 1 Introducing today’s ISP’s privet customer 2 Security problems and limitation for Home users 3 Deployment Examples Case Study – Bezeq International ISP 4

  7. Home users security solution. Most host based security solutions are imperfect by design • Host based Security solution limitations (AV, FW, etc): • Running mostly on Windows operating system only. • Requires installation and may cause OS problems. • License purchase for each computer. • Creates massive performance degradation for older computers hardware. • Requires reinstallation every once in a while for new versions. • Protects against hostile traffic and data after reaching the computer. • ISP’s problems : • Endless growth of attacks from infected home users accounts. • Support centers over use by home users with problems with out sufficient knowledge. • User complains on speed (attacks reaching to the computers and from the computers using the bandwidth)

  8. Agenda 1 Introducing today’s ISP’s privet customer 2 Security problems and limitation for Home users 3 Deployment Examples Case Study – Bezeq International ISP 4

  9. Deployment of Home Users security solution. ISP’s can implement the solution in various methods. • Forwarding entire traffic to the FortiGate device: • Won’t require additional hardware for application switching. • Will give the ability to provide additional advanced services. • Will require higher range of a FortiGate device (entire traffic routed). • Forwarding only required ports for inspection: • Will require additional hardware for application switching. • A lower range of a FortiGate hardware will be sufficient. • Identification of paying customers by IP addressing is required. • limited options to inspect advanced services (random ports forwarding problem)

  10. Agenda 1 Introducing today’s ISP’s privet customer 2 Security problems and limitation for Home users 3 Deployment Examples Case Study – Bezeq International ISP 4

  11. Bezeq International - Home security Overview • Bezeq International ISP and Aladdin developed for 8 month business and technical case to provide home users Antivirus solution for HTTP. • Unexpected customers growth for the first 8 days after services announced collapsed the Aladdin system based on 5 x DL360 servers . • First 8 days after service launch, 5000 + home users both the service! <show’s home customers aware to security issues and whiling to pay!> • Fortinet with Bezeq International who is already a Fortinet MSSP for business customers with VDOM’s, used 1 VDOM to provide a solution As Soon As Possible. Solution is based upon: • Different set of context on the redback system.[ <username>#AV@IBezint ] • Users connected to this context are auto inserted into L3 MPLS VPN. • Redistributing IP addressing in to a VDOM with RIP • Republishing home users to the internet using the FortiGate over RIP • All traffic of home users is being routed thru the FortiGate’s VDOM and only required application checks are being preformed over the traffic (AV for now). • Opening a wide options for feature services for home users, (now being tested web filtering and AV over a different context using a different VDOM) • Order for a dedicated 5001 will be issued end of October 06.

  12. Bezeq International - Solution Redback Redback Solution implementation took 25 minuets!

  13. Every 24 hours Automatic report for the specific VDOM is initiated.

  14. Thank You! For more information please visithttp://www.fortinet.com

More Related