Compliance

Visualise
Availability &
Protect Manage
&
Compliance

INTEGRATED – UNIFIED – SCALABLE – COST - SECURE

Zero Trusts Access - Zero Downtime

1
Business Continuity & Disaster Recovery
Copyright © 2019 FieldFeet
 National Inst. of Standards & Tech. USA

NIST Cybersecurity Framework

Identify Protect Detect Respond Recover

Anomalies and
Asset Mgt Access Control Response Planning Recovery Planning
Events

Security Continuous
Business Env Gov and Training Communications Improvements
Monitoring

Governance &
Data Security Detection Process Analysis Communications
COMPLIANCE

Info protection
Risk Assessment Mitigation
Process

Risk Mgt Strategy Maintenance Improvements

2
Protective Tech
Integrated Threat Mgt

Zero Trust Secured Access

SSO and Life Cycle Mgt

SOC & SIEM

Compliance

3
A rapidly transforming IT landscape and the growing number of cyberattacks post
Covid-19 has necessitated a change in how organizations approach security
Traditional tools and approaches have been rendered ineffective in the new distributed and hybrid Digital environment

IoT World Shift to Cloud

Proliferation of To enable
billions of accelerated Digital
connected devices Transformation

Work from
Evolving Home/ROAMI
Regulation
Cybersecurity becomes Hybrid workingNG
is a
a key element of default across
compliance industries

The average total cost of a data breach in 2021 was $4.24 million, the highest ever recorded. 4
Source: Ponemon Institute, IBM
managed services complimented by best-in-class tools and team to assist you meet
compliance

COMPLIANCE
APPLICATION
WHITE LISTING
DATA LEAKAGE
ACCESS RIGHT
MGT

SOC & SIEM VULNERABILITY PATCH MGT

BACKUP

PROTECT
MOBILE DEVICE
MGT

ZERO TRUST
MITRE ATT&CK SECURED
ACCESS

5
INTEGRATED MGT

PATCH MGT ACCESS RIGHT DATA LEAKAGE MOBILE DEVICE BACKUP

INVENTORY ACCESS RIGHTS USER BEHAVIOUR CENTRALISED CONTROL CLOUD

THIRD PARTY APPS ACCIDENTAL DAMAGE INSIDER THREAT MGT APP MGT FILE & FOLDER
AUTOMATED HACKERS USB & EXT DEVICE BYOD COMP & DEDUP
PHYSICAL & VIRTUAL BAD ACTORS PRINTER GEO LOCATION INCREMENTAL

CENTRALISED STATUS SHAREPOINTS & FILE SYS MAIL & APP WORK PROFILE ENCRYPTED

JAVA VULNERABILITY PROTECT IP BROWSER PERSONAL NO INFRA

PROACTIVE DATA LEAKAGE BLUE TOOTH BACKUP RECOVERY

COMPLIANCE REPORT COMPLIANCE PERSONAL MAIL REMOTE DATA WIPE AUTOMATED

ENHANCES SECURITY AUDIT & REPORTS ATTACHMENTS KIOSK MODE IMAGE LEVEL

MANAGE COST CENTRLIASED MGT REPORTS & ALERTS ASSET MGT REPORTS & ALERTS
6
 The Zero-Trust Access &
Security Operation Center
Move from a “Trust but Verify” approach to “Don’t Trust, Always Verify”

Zero-Trust effectively means that

“Do not trust anyone, whether inside (for e.g. inside the perimeter) or outside”.
The same level of security checks and controls must be enforced irrespective of the location, device etc.
SOC & Managed Services Proactively Responds & Recover 7
 The Zero-Trust Access & Security Operation Center

Authenticate not just Trust level need not Micro-segmentation Logging and
Grant precise
be higher because to secure access and monitoring of
the user but also the network/application
application is accessed prevent lateral network traffic for
device access from inside the movement continuous visibility
perimeter

Block Armour’s holistic product’s deliver zero trust protection in five out of the seven areas recommended by Forrester’s Zero Trust Framework
8
Block Armour’s solution replaces four traditional point products while additionally delivering next-gen
Zero Trust Network Access and Server Protection

Key benefits:
- Can be deployed on-premise or in the Cloud

- Server Invisibility & Micro Segmenting

- Protection against malware / ransomware spreading to the

corporate network
- Device posture check to provide access only from trusted
and compliant devices
- A single pane of visibility for all network access

- Easy to implement and requires minimal changes to the

existing IT environment

The solution simplifies the implementation of Zero Trust across the organization and empowers Cloud adoption while reducing the 9
overall costs and complexity of providing secured access to users
 The Solution: Secure Shield Architecture
Unlike point products our award-winning Secure Shield architecture provides zero–trust security in a holistic manner

USER IDENTITY IMMUTABLE LOGS

BASED ACCESS
1
DEVICE IDENTITY INVISIBILITY
Mutual Authentication
Authenticate to establish Trust Secure Shield Controller
User & Devicec
MICROSEGMENTED
4 ACCESS CUSTOM APPS

VPN - RSA
4096 bit 5 2 On-prem
Head office User
3 Precise Encrypted Dynamic Network Access Invisible Systems

END TO END
Remote User VPN - RSA 4096 CONTEXT
User Device bit
MALWARE
CONTAINMENT
Application White-Listing DISTRIBUTED Cloud
Device Posture Check ECOSYSTEM
10
- Block Armour Agent
 Case Study – 1 : Unified Secure Access

DATA CENTER
Head Quarters
DATA CENTER
Secure Shield SWITCH
Gateway
LAN

Regional Office 1
WAN

Router
DMZ
FIREWALL
AD Integration
Authenticated & Regional Office 2
Encrypted Access

INTERNET
Secure Shield Controller On Cloud/On-
Prem for Authentication &
Authorization
11
WFH User WFH User - Secure Shield Agent
 Zero Trust Secured Access
Secured
Multifactor Device Posture Network Access
Communication Immutable Logs
Authentication Check Control
VPN

Identity & Access Invisible

Micro Application
Block Chain IOT, IT & OT PIM/PAM
Segmentation
End Users DC/DR/Cloud

Zero Trust Unified Platform

12
Copyright © 2019 FieldFeet
Block Armour has developed a next-gen Zero Trust security platform and delivers
integrated cybersecurity solutions for today’s hybrid enterprise/IOT environments

Corporate Unmanaged
devices IoT Devices
devices

Network Traditional 5G SatCom

Device Inventory Block Armour Secure Shield Platform Automation

Digital Users Policy Device

SDP Posture IoT
Active Directory Identity Map
Devices Check

Micro
SIEM / SOC
Segment- 4096-bit RSA Server / App Application

ation Encryption Protection

Threat
Intelligence Data/Content

Data Data Cloud Cloud Blockchain

Center -1 Center -2 Provider -1 Provider -2 Network

Infrastructure
13
Technical Features Key Risks Mitigated

Identity based encrypted network access Unauthorized User Access

IoT Device invisibility for threat protection

Unauthorized Device Access

Prevent Access from Rogue Devices

Reduction in Attack Surface
Server/Application Protection
Malware/Ransomware propagation to Corporate
network
4096-bit RSA Encryption
End Point does not become a part of corporate
Micro-segmented Access network

Log tampering Log Tampering & Meets Compliance

14
Technology Comparison Matrix

15
 WAY TOWARDS
COMPLIANCE
Increase visibility, improve operational efficiency and deliver powerful
experiences across the workplace device ecosystem Protect & Comply

16
 NIST Cybersecurity Framework

Identify Protect Detect Respond Recover

Anomalies and
Asset Mgt Access Control Response Planning Recovery Planning
Events
Security Continuous
Business Env Gov and Training Communications Improvements
Monitoring

Governance Data Security Detection Process Analysis Communications

Info protection
Risk Assessment Mitigation
Process

Risk Mgt Strategy Maintenance Improvements

Protective Tech
17
 Deploy a next-gen SOC platform to defend your modern, hybrid, and distributed
enterprise-IT environment against tomorrow’s advanced and sophisticated cyberattacks
Get the Block Armour Advantage!

Jupiter
Advanced Efficient
Integration with Threat Ready to deploy SOC
Intelligence and SOAR platform with built-in
to identify sophisticated Use Cases
breaches

Smarter Accurate
Reduced false positives with Better detection
Industry specific Use Cases accuracy with
Context Enrichment

18
Cost of data breach in 2021 was $4.24 million due to lack of visibility of data breach and
slower incident response.
Early detection of incidents help in containing the threats at a nascent stage reducing the overall cost of the breach.

Lack of visbility Overwhelming Expertise Huge TAT

Resulting in untimely Generic use cases Lack of practioner’s Time to deliver and
detection of security resulting in too many view of incident operationalize is too
incidents false positives detection and high
management

19
Block Armour provides a ready to deploy SOC with industry specific use cases for real-time
monitoring and early detection of security breaches

Log Sources
Vulnerability External
Threat MITRE
Deception Integrations
Intelligence ATT&CK
Network Management

Endpoint

Correlation, Alerts, Dashboards, Reports Identify

Server

App Contain
Event Collection, Parsing, Aggregation, Storage
Cloud Eradicate

User Cloud Data

Stores Recover
Infrastructure
Data

SOC Platform
20
 Alignment with the NIST Cybersecurity framework and context enrichment via the
MITRE ATT&CK framework ensures effective detection, containment, and remediation

21
Visualization

22
Device Posture

23
Compliance
Single Click
Dashboard
India Data Bill

Soon to be added is India Data Bill which is

going to be tabled in Parliament called DPDP
2022

24
Compliance Ready SOC
Compliance Protect Detect Auditing Respond
File
GDPR Visualization System Breaches
Usage/Del/Edit/Add

HIPAA Patches App Vulnerability Firewall Ransomware

NIST Ransomware Top Users Policies Integrity

Monitoring
CIS Benchmark Real Time
PCI Vulnerability Login Attempt Realtime Vulnerability View

Asset Config
TSC Devise Posture Firewall Real Tie Alert
Assessment

CERT IN API based Log Lateral Movement MTRE ATTA&K

Collection
India Data Real Time Vulnerability Sec Configuration
Protection Alerts Detection Assessment 25
 SECURITY
ZERO TRUST
DATA
PROTECTION AVAILABILITY

RESPOND
RECOVERY
DATA

26
KEY AREAS TO BE FOCUSED

ZERO DOWNTIME- REPLICATION – BCP & DR

RECOVERY –RPO & RTO

SECURITY
IMMUTABLE & AIR GAP
AVAILABI
LITY
COMPLIANCE – VISIBILITY – VULNERABILITY - GAPS

DATA PATCH, ACCESS, DATA LEAKAGE – APPLICATION WHITE LISTING

ZERO TRUST – MFA, MICROSEGEMNTATION - SW DEFINED PERIMETER

SOFTWARE DEFINED PERIMETER – IT, IOT & OT

27
 28
IMMUTABLE & RANSOMWARE PROTECTED STORAGE
How do these objects work?

Data divided into objects

Objects compressed

Objects deduplicated

Objects distributed

29
30
 31
© 2018 StorageCraft Technology Corporation. All rights reserved. StorageCraft Confidential. 31
What if I need even more space?
\\OneBlox\FileStorage

32
 OneXafe – Multisite Replication
• Mesh Networks
• Two or more rings connected for Mesh Network
purpose of replicating data
San Francisco New York
• OneXafe Replication
• Asynchronous between multi-
sites
• 1 to 1 London
Replication
• 1 to many
Germany
• Bidirectional
• Flash to HDD
• Replication done at share level
• Compressed and deduplicated
data replicated for faster
speeds 33
+5
 Policy Driven Compliance Storage
• Snapshots using Meta Data provide near Continuous Data Protection (CDP)
• Snapshots every 90 seconds for the first hour
• No Copy on Write, so no performance penalty

• Snapshots are immutable Block MetaData

• Fully protects the unstructured data stored Disk / TimeStamp/ Hash / Source

• Simply cannot be overwritten

Disk / TimeStamp/ Hash / Source

Disk / TimeStamp/ Hash / Source

• Retention Policy
Disk / TimeStamp/ Hash / Source
• 7 Days to 7 Years Or For Ever
Disk / TimeStamp/ Hash / Source

Disk / TimeStamp/ Hash / Source

• Easily recover from Snapshots
• 100 TB Snapshot Recovery in 10 Seconds
• Recover individual files, folder, or complete network share 34
34
 ZERO TRUST & ZERO DOWNTIME
PROTECTED FRAMEWORK

MULTI FACTOR MICROSEGMENTATION SECURED NETWORK ACCESS

AUTHENTICATION PRECISE ACCESS NETWORK, DC & CLOUD

DEVICE POSTURE CHECK RSA 4096 COMMUNICATION BLOCK CHAIN – IMMUTABLE LOGS

SOFTWARE DEFINED PERIMETER

PATCH MGT ACCESS RIGHT MGT DLP

CRITICAL APPLICATION STORAGE & FS IOT, IT & OT

ZERO DOWNTIME & HA BACKUP & RECOVERY REPLICATION & DISASTER RECOVERY

AIR GAP IMMUTABLE & RANSOMWARE PROTECTED STORAGE

SIEM

COMPLIANCE & SOC 35

 SOFTWARE DEFINED STORAGE

SvSAN Virtual Storage Appliance (VSA) – Lightweight software defined storage platform
Synchronous Mirroring – Between two or more hosts for high availability and protection
Stretch Cluster Support – Mirror across separate sites to protect against outages
Centralized Management – Simple management of all clusters from one location
Remote Shared Witness – Flexible cluster witness keeps storage in sync and available
Performance Caching – Utilizing SSD and system memory boosts performance
Flexible Scalability – Easily Scale-Up and Scale-Out 36
Unified Storage/SAN

37
 Continuous Replication

Availability Replication
• Application Availability – keep applications available and • Application-Aware Replication –replication of data for Exchange,
accessible through SQL, IIS, SharePoint, Oracle, Hyper-V
• Real-time replication on physical servers, VMware, Hyper-V, • Multi-Environment Replication – physical to virtual, virtual to
Amazon AWS EC2 or Microsoft Azure physical, and virtual to virtual
• Full System Availability for Windows and Linux – maintain • Continuous Data Protection – real-time LAN and WAN
up-to-date replicas of mission-critical systems; Windows
systems to physical servers, XenServer, VMware, Hyper-V, • WAN-Optimized Replication and Offline Synchronization –
Amazon AWS EC2 or Microsoft Azure; Linux systems to improve performance across high latency WAN connections with
physical servers, VMware, Hyper-V, KVM, Amazon EC2 or multi-stream replication and compression
Microsoft Azure • Encryption – AES-128, AES-256 or custom-level encryption between
• Scenario Management – replicate individual applications or local and remote locations without the need for a VPN or IPSEC
create group scenarios to replicate multiple applications at tunnel
once • Hardware Agnostic – move replicated systems from one server
• Dependency Mappings – set application failover triggers to hardware profile to a different server hardware profile Cross-
ensure application availability Hypervisor – replicate data in one hypervisor to a different
hypervisor (e.g. Hyper-V to vSphere; vSphere to Hyper-V)
• Data Rewind – rollback applications to a point in time before
a system crash, data corruption, or ransomware event
38
Local Backup & Recovery Recovery at Central Site

• Fast, Reliable, Trusted, Secure • Bare Metal Restore or Hardware Independent

Restore
• Physical and Virtual Machines
• Quick Mount of Volume in 10 Seconds
• Windows and Linux Systems

• Built-in Application Awareness and Database Support • Virtual Boot in Seconds - Only Booting time
required – 3-6 Minutes
• Complete Data and System Volume Protection
• Physical and Virtual - P2P / P2V / V2P / V2V
• Full, Incremental, Manual & Automated
• Virtual Failover - VMware / Hyper-V / VirtualBox
• Continuous Backups every 15 minutes
• Complete System Recovery or Volume recovery
• Sector Level Block Backup

• Backup On – NAS, SAN, USB Disk, Cloud, Server or • File/Folder Recovery

Workstation or on Google/OneDrive
• Granular Recovery for Exchange
39
 Offsite Replication & Centralised
Management
• Replicate • Remote Monitoring and Management
• To Remote Data Store for redundant offsite DR • Web-based Console
protection
• Discovery and Push Install to Protected Systems
• Replicate
• Policy-based Administration
• To 3rd Party Cloud for Backup Image Repository
• Amazon and Azure (BaaS) • Roll-up Reports and Dashboards
• Or Co Located Data Center (DRaaS)
• Collapse and Consolidate Recovery Points

• Customizable Alerts and Report Notifications

• Replicate to StorageCraft Cloud Services
• Seed & BMR Drives
• File/Folder Recovery
• Virtual Failover

40
 Production servers and workstations Forget Backup – its all
• Windows & Linux Virtual machines
• Physical Windows & Linux machines about Disaster Recovery

Offsite
ShadowProtect backup replication

Offsite DR

VirtualBoot
BDR Appliance (backup and disaster recovery server) StorageCraft Cloud Services
• ImageManager - verify, consolidate, retention • Instant boot critical machines
• QuickMount – granular file recovery • VPN, Public IP’s & Port Forwarding
• GRE - Granular Recovery for Exchange • Easily restore files and folders
• VirtualBoot – fast disaster recovery • Request BMR drive to revert back
HeadStart Restore Or your remote DR Site
• ImageManager
HeadStart Restore • VirtualBoot, HSR

VMware or Hyper-V
• Enterprise Disaster Recovery (Hyper-V or VMware)
• Near zero impact migrations (P2P, P2V, V2V, V2P) S3 for archive

41
AVAILABILITY
BACKUP & CONTINIOUS HYPERCONVERGE IMMUTABLE DISASTER
RECOVERY AVAILABILITY INFRASTRUCTURE & RANSOMWARE RECOVERY

BACKUP 15 MIN ONLINE REPLICATION ANY X86 SERVER NFS/CIFS PROTOCALL CLOUD

AUTOMATED/ENCRYPTED BUILT IN ENCRPTION VMWARE/H-V/KVM OBJECT STORAGE OFF - SITE

RPO/RTO
COMPRESSED ONSITE OR OFF SITE ZERO DOWN TIME CREATES 3 COPIES 5 MIN TO 60 MIN
IMAGE & VOLUME SCHEDULED SYNCRONIOUS MIRRORING COMPRESS & DEDUPLICATE INCREMENTAL

APPLICATION AWARE APPLICATION FAILOVER VIRTUAL STORAGE SCALE FROM 12 TB TO 1 PB ENCRYPTED

REPLICATION CLOUD/SITE VM & PHYSICAL SCALE OUT & UP ONE BOX TO 7 BOXES MIRRORING

QUICK MOUNT ASYNC MIRRORING SSD/NVME/HDD REPLICATION BUILT IN RECOVERY

10 SECONDS

VIRTUAL BOOT – 3-5 MIN AUTO TIERING NO RAID, SELF RECOVERY TESTING

CENTRAL MGT CENTRAL MGT CENTRAL MGT 2000 SERVERS 90 SECONDS SNAPSHOT

AIR GAP & RANSMWARE

RPO/RTO – 30 MIN RPO/RTO – 3/5 MINUTES RPO/RTO - ZERO PROTECTED REPORTS & ALERTS
42
 ZERO TRUST & ZERO DOWNTIME
PROTECTED FRAMEWORK

MULTI FACTOR MICROSEGMENTATION SECURED NETWORK ACCESS

AUTHENTICATION PRECISE ACCESS NETWORK, DC & CLOUD
DEVICE POSTURE CHECK RSA 4096 COMMUNICATION BLOCK CHAIN – IMMUTABLE LOGS
SOFTWARE DEFINED PERIMETER
PATCH MGT ACCESS RIGHT MGT DLP

CRITICAL APPLICATION STORAGE & FILE SYSTEM IT, IOT & OT

ZERO DOWNTIME & HA BACKUP & RECOVERY REPLICATION & DISASTER RECOVERY
AIR GAP IMMUTABLE & RANSOMWARE PROTECTED STORAGE
SIEM

COMPLIANCE & SOC 43

 • COMPLIANCE
• SOC & SIEM
• ZERO TRUST SECURED ACCESS
• PATCH, ACCESS RIGHT, DATA LEAKAGE, ASSET MGT

THANKS • AIR GAP IMMUTABLE STORAGE

• ZERO DOWNTIME & BUSINESS CONTINUITY
• REPLICATION & DR ON SITE & ON CLOUD
• BACKUP & RECOVERY MEETING RPO & RTO

44
Copyright © 2019 FieldFeet
 ZERO TRUST & ZERO DOWNTIME
PROTECTED FRAMEWORK

MULTI FACTOR MICROSEGMENTATION SECURED NETWORK ACCESS

AUTHENTICATION PRECISE ACCESS NETWORK, DC & CLOUD

DEVICE POSTURE CHECK RSA 4096 COMMUNICATION BLOCK CHAIN – IMMUTABLE LOGS

SOFTWARE DEFINED PERIMETER

PATCH MGT ACCESS RIGHT MGT DLP

CRITICAL APPLICATION STORAGE & FS IOT, IT & OT

ZERO DOWNTIME & HA BACKUP & RECOVERY REPLICATION & DISASTER RECOVERY

AIR GAP IMMUTABLE & RANSOMWARE PROTECTED STORAGE

SIEM

COMPLIANCE & SOC 45