漏洞入侵与零时差攻击.ppt

最佳校園IPS方案— 國眾電腦 陳明瑜 在校園過濾P2P效能很重要ICSA N-IPS測試最佳成績--TippingPoint IPS Adobe遭零時差攻擊 客戶選擇TippingPoint IPS的理由擁有最佳效能與令人安心的穩定度最完整與最即時防禦功能,幾乎沒有誤差容易操作,毫不費力 Gartner:從研究IPS公司技術遠景與執行力的角度 TippingPoint是兼具遠見與執行能力的IPS領導廠商 “This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from TippingPoint.”* Magic Quadrant DisclaimerThe Magic Quadrant is copyrighted February 14, 2008 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 確認資安政策--P2P, Web App, SQL, Quarantine…確認安裝位置--Interface and Physical Settings, HA?處理流量?型號?Recommended, anything else? 最容易的佈署,最有效的保護 選擇適當的IPS型號 * * * * * * * 國眾電腦 * 國眾電腦 國眾電腦 國眾電腦 TippingPoint 資訊安全防禦介紹 阻擋P2P 侵權問題 占用頻寬,導致重要的服務緩慢 防火牆負荷不了 漏洞入侵與零時差攻擊 微軟Adobe漏洞ㄧ大堆 零時差攻擊滿天飛 電腦全成別人的禁臠 SQL Injection/XSS又來搗亂 端點管理與ISMS Log丟出 給我報告 Botnet與暴力密碼破解 電腦遭入侵成殭屍 被利用來為非作歹 暴力破解伺服器密碼 校園的資安拼圖 IPS Vendors 350 Mbps (398 μsec latency) 100 Mbps (441 μsec latency) 160 Mbps (375 μsec latency) BroadWeb Fortinet ISS TippingPoint 3 Gbps (84 μsec latency) ICSA Lab Test Results Highest Throughput = TippingPoint Lowest Latency = TippingPoint * Only 4 out of 13 tested vendors passed certification 阻擋P2P 侵權問題 占用頻寬,導致重要的服務緩慢 防火牆負荷不了 漏洞入侵與零時差攻擊 微軟Adobe漏洞ㄧ大堆 零