Intelligent Cybersecurity for the Real World

Size: px

Start display at page:

Download "Intelligent Cybersecurity for the Real World"

Malcolm McKenzie
8 years ago
Views:

2 Intelligent Cybersecurity for the Real World Ali Fuat TÜRKAY

4 Ali Fuat Türkay: Security Sales Fuat Kılıç: Consulting System Engineer Hakan Tağmaç: Emerging Markets SE Manager Özgür Danışman: Security Services & Partner Enablement Mahmoud Rabi: Consulting System Engineer Sourcefire & AMP Özgür Civek: Security Channel Manager Hakan Nohre: Consulting System Engineer ISE / Secure Access Marcus Josefsson: Lancope Regional Director

5 Mobility Cloud Threat Customer centric market dynamics require an end to end security architecture 5

6 The Industrialization of Hacking Enterprise Response Intelligence and Analytics Anti-virus IDS/IPS Anti-malware (Host) (Network) (Host+Network) Viruses Worms Spyware & Rootkits APTs Cyberware Today + (Host+Network+Cloud)

7 IT Megatrends are creating the Any to Any problem Infrastructur e public Apps / Services hybrid tenants Workloads private Endpoint Proliferation Blending of Personal & Business Use Access Assets through Multiple Medians Services Reside In Many Clouds 7

8 Today s Security Multiple products, policies, unmanaged devices and cloud access SaaS Comm. / SMB / Branch Cellular Internet Web Security Gateway WWW CSR ASR Branch Campus ANY Connect WWW Edge Multiple Management Paradigms UCS Global Orchestr ation Enterprise DC Multiple Identity Stores SP Core/ Edge WWW SP-2 SP Cloud Edge Isolated Threat Intelligence SP-1 CSR Inconsistent Enforcement ANY 8

9 The Silver Bullet Does Not Exist FW/VPN AV Block or Allow PKI IDS / IPS UTM It matches the pattern No key, no access NAC Application Control No false positives, no false negatives. Sandboxing Captive Portal Fix the Firewall Detect the Unknown 9

10 Mapping Technologies to the Model A T T A C K C O N T I N U U M Control Enforce Harden Detect Block Defend Scope Contain Remediate Firewall Patch Mgmt IPS IDS AMD App Control Vuln Mgmt AV FPC Log Mgmt VPN IAM Anti-Malware Forensics SIEM VISIBILITY & CONTEXT 1 0

11 The New Security Model

12 Customer Value Proposition Unmatched Visibility Consistent Control Cisco Security Solutions Advanced Threat Protection Flexibility & Choice

13 Cisco s Strategy Integrated Platform for Defense, Discovery and Remediation Device Threat Aware Malware, APT Context Aware Identity, Data, Location Data Center Content Aware Applications Network Access Control Firewall Firewall Content Gateways Integrated Platform Virtual Cloud

14 The New Security Model A T T A C K C O N T I N U U M Control Enforce Harden Detect Block Defend Scope Contain Remediate Network Endpoint Mobile Virtual Cloud Point-in-Time Continuous

15 Cisco Security Products Mapped to New Security Model A T T A C K C O N T I N U U M Control Enforce Harden Detect Block Defend Scope Contain Remediate Firewall NGFW NAC + Identity Services VPN UTM NGIPS Web Security Security Advanced Malware Protection Network Behavior Analysis

16 Comprehensive Security Portfolio Cisco Sourcefire Firewall & NGFW Cisco ASA 5500-X Series Cisco ASA 5500-X w/ NGFW license Cisco ASA 5585-X w/ NGFW blade FirePOWER NGFW IPS & NGIPS Cisco IPS 4300 Series Cisco ASA 5500-X Series integrated IPS FirePOWER NGIPS FirePOWER NGIPS w/ Application Control FirePOWER Virtual NGIPS Advanced Malware Protection + Sandboxing FireAMP FireAMP Mobile FireAMP Virtual Threatgrid Dedicated AMP FirePOWER appliance Web Security Cisco Web Security Appliance (WSA) Cisco Virtual Web Security Appliance (vwsa) Cisco Cloud Web Security Security Cisco Security Appliance (ESA) Cisco Virtual Security Appliance (vesa) Cisco Cloud Security NAC + Anomaly Detection Cisco Identity Services Engine (ISE) Cisco Access Control Server (ACS) Lancope VPN Cisco AnyConnect VPN UTM Meraki MX

17 Yeni Güvenlik Sertifikasyonu - CCNP Cisco Bulut ve mobilite gibi günlük hayatımızı oldukça değiştiren trendlern ışığında, gereken güvenlik uzmanlığı ve eğitimi alanında aşağıdaki yenilikleri, uzmanların, mühendislerin ve operasyon ekiplerinin eğitimi için yayınlamıştır: Yenilenen CCNP Güvenlik sertifikasyon programı Yeni Cisco Sibergüvenlik Uzmanlığı Daha önceki Cisco Güvenlik Uzmanlığı sertifikasyonunun sonlanması Yeni ve güncellenmiş ürün eğitimleri Yeniden dizayn edilen CCNP Security sertifikasyonu, bugün çok daha geniş bir bkış açısıyla, uçtan uça mimari kurmaları gereken güvenlik uzmanlarını hedeflemektedir: Implementing Cisco Edge Network Security Solutions (SENSS) Implementing Cisco Threat Control Solutions (SITCS) Implementing Cisco Secure Access Solutions (SISAS) Implementing Cisco Secure Mobility Solutions (SIMOS)

18 Yeni Güvenlik Eğitimi Siber Güvenlik Uzmanlığı 20 Saatlik Online Eğitim Ücretsiz Tek Yapmanız gereken: Siber Güvenlik Uzmanlığı Eğitimi başlığıyla adresine kontaklarınızla beraber ulaşmanız!!

19 Strategic Imperatives Visibility Driven Threat Focused Platform Based Network Integrated, Broad Sensor Base, Context & Automation Continuous Advanced Threat Protection, Cloud-Based Security Intelligence Agile & Open Platforms, Built for Scale, Consistent Control, Management Network Endpoint Mobile Virtual Cloud 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19

20 Ecosystem and Integration Vulnerability Management Custom Detection Full Packet Capture NAC Incident Response BEFORE Policy and Control DURING Detection and Blocking AFTER Analysis and Remediation Network Access Taps Infrastructure & Mobility Visualization SIEM Combined API Framework 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20

21 Security Services Advisory Integration Managed Assessments Deployment Managed Security Architecture and Design Program Strategy Migration Optimization Hosted Security Product Support 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21

22 Based on our (Breach Detection Systems) reports, Advanced Malware Protection from Cisco should be on everyone s short list. So do any network security vendors understand data center and what s needed to accommodate network security? Cisco certainly does. Cisco is disrupting the advanced threat defense industry Vendor Rating for Security: Positive AMP will be one of the most beneficial aspects of the [Sourcefire] acquisition. The AMP products will provide deeper capability to Cisco's role in providing secure services for the Internet of Everything (IoE). Market Recognition 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22

24 Ali Fuat TÜRKAY

Cisco Security: Moving to Security Everywhere. #TIGcyberSec. Stefano Volpi 13-10-2015

#TIGcyberSec Cisco Security: Moving to Security Everywhere Stefano Volpi 13-10-2015 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco is All In with Security I expect security