Defending the Castle – Back to the Future using Isolated Networks

Presented by

John Alexander, Director of Product Marketing, OPSWAT

About this talk

In industries where extreme security is a requirement, like the nuclear, energy, manufacturing, financial, and defense industries, an air gapped network can be an extremely powerful defense. Air gapped networks are like dealing with the past and present at the same time: they harken back to a time before the Internet, but they are also even more useful now because of the Internet, which provides a path for both good and bad activity. In this presentation, we’ll discuss the concept of the air gap, or isolated network, and explain what their weaknesses are and when they should or shouldn't be used. We’ll also discuss how, when used correctly, an air gapped network can be such a powerful defense. Even though air gaps are extremely powerful defense mechanisms, every defense has its weakness. The key is to minimize these weaknesses by establishing a secure work flow that at the same time reduces the operational productivity concerns that surround air gapped networks. The latter portion of this presentation covers one of the most critical defense measures that is required in an air gap network, "the Kiosk", and best practices in employing "kiosks" as a critical part of an air gapped network defense strategy. We’ll also talk about data diodes, and how they can be employed to help reduce the operational cost of using an air gapped network.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (6)
Subscribers (1473)
Enterprises today are beset by cyber attacks. Threat actors send attacks through any channel they can, and meanwhile, the cost of compromise is only going up. To solve the challenges faced by modern enterprises and to shut off major attack vectors, we offer two product platforms: MetaDefender for threat prevention and MetaAccess for cloud access control and endpoint compliance. Our guiding principles: Trust No File. Trust No Device. Why MetaDefender? Enterprises are investing more resources than ever in cyber security – and yet there are more and larger breaches every year. Thousands of threat prevention solutions are on the market, but most of them share one crucial flaw: they are based on detection, but detection is never 100% perfect. That's why our advanced threat prevention platform, MetaDefender, is not only based on detection. MetaDefender uses OPSWAT's unique data sanitization (Content Disarm and Reconstruction) to remove threats from files altogether by reconstructing the files and, in the process, stripping out potentially malicious active content and scripts. MetaDefender complements data sanitization with multi-scanning and vulnerability assessment. Why MetaAccess? The move by enterprises to cloud computing, SaaS applications, and bring your own device (BYOD) environments over the last decade has eliminated the traditional network perimeter, making most network access control (NAC) solutions obsolete. To meet the challenges of modern cloud-based environments and provide administrators with an access control solution for the cloud, we built MetaAccess. MetaAccess keeps SaaS applications and cloud data safe and secure. It allows access based on device health and compliance to help administrators block risky devices from connecting to sensitive cloud data and SaaS applications.