application usage and risk report 7 th edition, may 2011
TRANSCRIPT
![Page 1: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/1.jpg)
Application Usage and Risk Report
7th Edition, May 2011
![Page 2: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/2.jpg)
About Palo Alto Networks
• Palo Alto Networks is the Network Security Company
• World-class team with strong security and networking experience - Founded in 2005, first customer July 2007
• Builds next-generation firewalls that identify / control 1250+ applications- Restores the firewall as the core of the enterprise network security infrastructure
- Innovations: App-ID™, User-ID™, Content-ID™
• Global footprint: 4,000+ customers in 70+ countries, 24/7 support
![Page 3: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/3.jpg)
Applications Anytime, Anyplace!
© 2010 Palo Alto Networks. Proprietary and Confidential.Page 3 |
![Page 4: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/4.jpg)
Application Usage & Risk Report – May 2011
© 2010 Palo Alto Networks. Proprietary and Confidential.Page 4 |
http://www.paloaltonetworks.com/literature/forms/aur-report.php
![Page 5: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/5.jpg)
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 5 |
Methodology and Demographics
• Methodology- Analysis is based on live customer traffic – not a survey
- How are networks being used?
- What applications are running on enterprise networks?
- What are the risks associated with the existing application mix?
• Demographics - 1,253 organizations
worldwide, up from 723
- 1,042 applications found, up from 931
- 28 Exabytes of bandwidth
![Page 6: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/6.jpg)
Key Findings
• Organizations are blind to hidden application traffic - More than 40% of the applications can use SSL or hop ports;
consumes roughly 36% of the overall bandwidth
• Work is more social- Social networking and webmail use shows 5X growth, IM use
doubled over the past 6 months
• File transfer applications: will history repeat itself?- Browser-based file-sharing adapting same characteristics as P2P
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 6 |
![Page 7: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/7.jpg)
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 7 |
Hidden application traffic
• 41% of the applications (433) found can use SSL or hop ports
• Consuming roughly 36% of overall bandwidth
• Only 43% use the browser
Worldwide: Many Hidden Applications
![Page 8: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/8.jpg)
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 8 |
Can use SSL on 443 or any other port…
• 215 applications, 8% of bandwidth consumed
• Heavy emphasis on consumer, end-user applications; highest amount of business and security risk
• Many collaborative applications both business and personal
• Many P2P Filesharing, proxy, and social networking also fall into this group
• Examples: Most Google apps, Facebook, Twitter, several SW update apps
![Page 9: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/9.jpg)
Can use SSL on 443 Only…
• Small group of applications (29) – includes SSL proper
• Consumes 14% of bandwidth
• Business: Webex, NetSuite, a range of software updates
• Non-business: Tor, party-poker, google-location-service
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 9 |
![Page 10: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/10.jpg)
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 10 |
Can use SSL on any port except 443…
• Small group of applications (18) and 1% of bandwidth
• Business applications include Cisco VPN and Microsoft Exchange
• Non-business applications include Gnutella and icq
![Page 11: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/11.jpg)
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 11 |
Can Hop Ports…
• 171 applications; 14% of the bandwidth consumed
• Filesharing (30), photo-video (24) and VoIP (21) are most common in this group
• SharePoint, NetFlow and many storage applications also fit this definition
• The darker side: P2P, gaming, some encrypted tunnel (hotspot-shield, gbridge)
![Page 12: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/12.jpg)
Filesharing: Will History Repeat Itself?
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 12 |
• Browser-based filesharing; increasingly popular; more than 60 variants
• New business and security risks introduced through differentiation
• “Premium service” via a persistent client
• Repurposed technology: peer-to-peer, RTMPT
![Page 13: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/13.jpg)
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 13 |
Work Has Become More Social• Social Networking and webmail show
nearly 5X growth; IM use almost doubles
• Facebook, Linkedin, Twitter make up top 3
• Facebook extends dominance; usage remains “passive”
![Page 14: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/14.jpg)
Consumerization is driving business
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 14 |
![Page 15: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/15.jpg)
Business Use of Social Networking
Report : The state of corporate social media in 2011 from usefulsocialmedia.com.
• The majority of companies expect social media to become integrated into more than just marketing throughout 2011.
• 89% of the companies expect social media budgets to increase over 2011.
• The most common corporate social media use is for marketing (88%) and communications (93%).
• By the end of 2011, the biggest change in corporate use of social media will be the growth of companies using it for customer service (73%), employee engagement (59%) and product development (52%).
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 15 |
![Page 16: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/16.jpg)
Summary
• Organizations are blind to SSL - and the amount of SSL in use is forecast to continue growing- Policy and controls must address this
• Social networking is making the workplace MORE social- Use continues to expand
- It isn't replacing other modes of interaction – in fact, it may be helping them
• Browser-based filesharing is rapidly evolving – many now have the same characteristics as P2P- Some introducing clients, connecting peers
- Will they introduce the same types of risks?
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 16 |
![Page 17: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/17.jpg)
Applications Have Changed; Firewalls Have Not
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 17 |
Need to restore visibility and control in the firewall
BUT…applications have changed
• Ports ≠ Applications
• IP Addresses ≠ Users
• Packets ≠ Content
The gateway at the trustborder is the right place toenforce policy control
• Sees all traffic
• Defines trust boundary
![Page 18: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/18.jpg)
Technology Sprawl & Creep Are Not The Answer
• “More stuff” doesn’t solve the problem
• Firewall “helpers” have limited view of traffic
• Complex and costly to buy and maintain
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 18 |
Internet
• Putting all of this in the same box is just slow
![Page 19: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/19.jpg)
The Right Answer: Make the Firewall Do Its Job
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 19 |
New Requirements for the Firewall
1. Identify applications regardless of port, protocol, evasive tactic or SSL
2. Identify users regardless of IP address
3. Protect in real-time against threats embedded across applications
4. Fine-grained visibility and policy control over application access / functionality
5. Multi-gigabit, in-line deployment with no performance degradation
![Page 20: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/20.jpg)
© 2010 Palo Alto Networks. Proprietary and Confidential.
Beware of Imitators………..
![Page 21: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/21.jpg)
To Block or Not Block
© 2010 Palo Alto Networks. Proprietary and Confidential.Page 21 |
http://www.paloaltonetworks.com/cam/enterprise20/blockornot/
![Page 22: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/22.jpg)
Next Generation FW for Dummies at our Table
© 2010 Palo Alto Networks. Proprietary and Confidential.Page 22 |
http://www.paloaltonetworks.com
![Page 23: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/23.jpg)
Thanks!
Jeff Stiling
503-430-5272
© 2010 Palo Alto Networks. Proprietary and Confidential.Page 23 |
![Page 24: Application Usage and Risk Report 7 th Edition, May 2011](https://reader037.vdocument.in/reader037/viewer/2022110303/55167ba85503469d698b5bb1/html5/thumbnails/24.jpg)
© 2011 Palo Alto Networks. Proprietary and Confidential.Page 24 |