Cisco ASA mit FirePower Services

Size: px
Start display at page:

Download "Cisco ASA mit FirePower Services"

Transcription

1 Cisco ASA mit FirePower Services Britta Paty und Manfred Brabec Cisco Security Juni 2015

2 If you knew you were going to be compromised, would you do security differently? Cisco Confidential 2

3 Cisco + Sourcefire = Better Together Attack Continuum Discover Enforce Harden Detect Block Defend Scope Contain Remediate Firewall VPN NGIPS Advanced Malware Protection NGFW UTM Web Security Network Behavior Analysis NAC + Identity Services Security Malware Sandboxing Security Services Cisco Confidential 3

4 ASA = Integrierter Schutz vor Bedrohungen im gesamten Angriffskontinuum Angriffskontinuum DAVOR Entdecken Durchsetzen Sichern WÄHREND Erkennen Blockieren Abwehren DANACH Bewerten Eindämmen Beseitigen Firewall/VPN Detaillierte Anwendungskontrolle Moderner Bedrohungsschutz NGIPS Security Intelligence Web Security Transparenz und Automatisierung Advanced Malware Protection Retrospective Security IoCs/Reaktion auf Zwischenfälle Cisco Confidential 4

5 Cisco Annual Security Report 2015 Cisco Annual Security Report Findings: Security is now a boardroom discussion. Incidence Response: 92% of midsize organizations have internal security teams. Executive Accountability: 94% of midsize organizations have an executive directly accountable for security. Data from Interviews with Hundreds of Security and IT Pros in Nine Countries Cisco Confidential 5

6 NEW: Cisco 2015 Annual Security Report Download Link: Cisco Confidential 6

7 Cisco Advanced Malware Protection Built on unmatched collective security intelligence Cisco Collective Security Intelligence Cisco Collective Security Intelligence Cloud WWW 1.6 million global sensors 100 TB of data received per day 150 million+ deployed endpoints 600+ engineers, technicians, and researchers 35% worldwide traffic 13 billion web requests 24x7x365 operations 40+ languages Endpoints Web Networks IPS Devices 180,000+ File Samples per Day AMP Community AMP Threat Grid Intelligence AMP Threat Grid Dynamic Analysis 10 million files/month Advanced Microsoft and Industry Disclosures Snort and ClamAV Open Source Communities AEGIS Program Private/Public Threat Feeds Automatic Updates every 3-5 minutes Cisco Confidential 7

8 Cisco AMP bietet laufend retrospektive Security Breite der Kontrollpunkte Endgeräte WWW Web Netzwerk IPS Geräte Telemetrie- Stream Datei-Fingerprint und -Metadaten Datei- und Netzwerk-E/A Kontinuierlicher Feed Prozessinformationen Durchgängige Analyse Cisco Confidential 8

9 Schutz vor, während und nach einem Angriff DAVOR Entdecken Durchsetzen Sichern WÄHREND Erkennen Blockieren Abwehren DANACH Bewerten Eindämmen Beseitigen Point-in-Time Durchgängig Mit herausragender Transparenz, Kontrolle und Reparaturfunktionen für komplexe Bedrohungen Cisco Confidential 9

10 Cisco AMP Everywhere Strategy Means Protection Across the Extended Network Virtual *AMP for Endpoints can be launched from AnyConnect AMP for Networks Windows OS Android Mobile MAC OS AMP for Endpoints AMP on Cisco ASA Firewall with FirePOWER Services AMP Advanced Malware Protection AMP Private Cloud Virtual Appliance AMP Threat Grid Malware Analysis + Threat Intelligence Engine Appliance or Cloud CWS AMP on Web and Security Appliances AMP for Cloud Web Security and Hosted Cisco Confidential 10

11 AMP Threat Grid Feeds Dynamic Malware Analysis and Threat Intelligence to the Cisco AMP Solution Actionable AMP Threat threat Grid content platform and intelligence correlates is generated the sample that can be packaged result 00 with and integrated millions in to a variety of other of existing samples systems and or used billions independently. of artifacts Low Prevalence Files Analyst or system (API) submits suspicious sample to Threat Grid Actionable Intelligence Threat Score / Behavioral Indicators Big Data Correlation Threat Feeds AMP Threat Grid platform correlates the sample result with millions of other samples and billions of artifacts Proprietary techniques for static and dynamic analysis Outside looking in approach 350 Behavioral Indicators An automated engine observes, deconstructs, and analyzes using multiple techniques Sample and Artifact Intelligence Database Actionable threat content and intelligence is generated that can be utilized by AMP, or packaged and integrated into a variety of existing systems or used independently. Cisco Confidential 11

12 Sicherheit und Transparenz für eine präzise und effektive Bekämpfung Wer? Was? Wo? Wann? Wie? Zuerst auf diese Benutzer konzentrieren DieseAnwendungen sind betroffen Die Sicherheitsverletzung betraf diese Bereiche Die Sicherheitsverletzung hatte dieses zeitliche Ausmaß Dies sind Ursprung und Entwicklung der Bedrohung Cisco Confidential 12

13 ASA mit FirePower Services: Erstklassiger integrierter und mehrschichtiger Schutz Cisco Collective Security Intelligence Die am häufigsten installierte Cisco ASA Stateful-Firewall Clustering und Hochverfügbarkeit Intrusion Prevention (Abonnement) FireSIGHT Analyse und Automatisierung Advanced Malware Protection (Abonnement) WWW URL-Filterung (Abonnement) Cisco Application Visibility and Control (AVC) mit detaillierten Kontrollfunktionen Branchenführendes Cisco FirePOWER Netzwerk-Firewall Routing Switching Anwendungstran sparenz und -kontrolle Integrierte Netzwerkprofilierung Identitätsbasierte Zugriffskontrolle und VPN Next-Generation IPS (NGIPS) Reputations- und kategoriebasierte URL-Filterung Cisco ASA Cisco Advanced Malware Protection (AMP) Cisco Confidential 13

14 Application Visibility and Control (AVC) Included (no extra license, requires SMARTNET) Visibility into applications and users Control what applications are used and who uses them Block Bittorrent and Dropbox Cisco Confidential 14

15 URL Filtering URL Subscription License Block (or warn) non-business-related sites by category Based on user and user group Block Gambling Warn non-business related Cisco Confidential 15

16 Intrusion Prevention (IPS) IPS Subscription License Blocks hacking attacks Based on industry leading and award winning SourceFIRE IPS - protects high security environments: Government, Finance, Defence... around the world Internet Cisco Confidential 16

17 Snort IPS: Analyse der Auswirkungen IMPACT FLAG MASSNAHMEN DES ADMINISTRATORS GRUND Sofortige Maßnahmen; Angreifbar Untersuchen; Potentiell angreifbar Wissenswert; Derzeit nicht angreifbar Ereignis deckt sich mit dem Host zugeordneten Schwachstellen Entsprechender Port offen oder Protokoll in Verwendung, aber keine Schwachstelle erkannt Entsprechender Port nicht offen oder Protokoll nicht in Verwendung 4 Wissenswert; Ziel unbekannt Überwachtes Netzwerk, aber Host unbekannt Korreliert alle Zugriffsversuchs-Ereignisse mit Auswirkungen auf das Ziel 0 Wissenswert; Netzwerk unbekannt Nicht überwachtes Netzwerk Cisco Confidential 17

18 ASA mit FirePower Service Portfolio ASA NGFW für alle Kundengößen ASA 5555-X ASA 5585-X ASA 5545-X ASA 5525-X ASA 5516-X ASA 5506-X ASA 5508-X ASA 5512-X ASA 5515-X FirePOWER ready FirePOWER ready FirePOWER Software module *requires SSD disc FirePOWER Hardware module Cisco Confidential 18

19 NEU: Cisco NextGen Firewalls for SMB, Distributed Enterprise, and Industrial Control Q2CY15 Q2CY15 Q2CY15 Q2CY15 Perfect for ASA 5505 Refreshes 5506-X 5506W-X 5508-X 5516-X 1RU Models 5506H-X Desktop Model Integrated Wireless AP Higher Performance; Upsell Opportunity Ruggedized 100% NGFW ships with FirePOWER Services Enables additional small office/home office deployments 5508-X: A new priceperformance point Extends NGFW into industrial control and critical infrastructure Cisco Confidential 19

20 Cisco Desktop ASA 5506-X Parameters CPU Accelerator RAM/Storage Management ports Console port Value Multicore CPU at 1.25 GHz Hardware crypto accelerator 4 GB/64 GB msata 1 management port with 10/100/1000 Base-T RJ45, mini USB USB port Type A supports 2.0 Data ports 8 * 1 Gb interface, all Layer 3 interfaces Cooling Convection 7.92 in. x 8.92 in. x 1.73 in. Power AC external, no DC Cisco Confidential 20

21 Cisco Wireless Desktop ASA 5506W-X The 5506W-X configuration is the same as the desktop 5506-X. Wireless information follows. Parameters Wireless access point Value ASA5506_AP702, IEEE n, 2 x 2 MIMO Dual band access point, 2.5 GHz and 5 GHz Port 8 x external data ports, 1 access point (attached to 1 internal data port - g1/9) Management port Any-data data port of g1/1 - g1/8, management 1/1 is used only for firewall management 7.92 in. x 8.92 in. x 1.73 in. Management Autonomous (AP onbox GUI) or a Cisco wireless LAN controller Cisco Confidential 21

22 Ruggedized 5506H-X *The 5506-H configuration is the same as the desktop 5506-X, except the parameters are listed below. Parameters Data ports 4 x data ports Value Management 1 port, 10/100/1000 Base T, 100Base-FX, 1000Base-X, SFP Voltage 5 V (*5506 is 12 V) Operating temperature Mounting IP rating C to +60 C Wall mount, horizontal desk, rack mount, and DIN rail mount 9 in. x 9.2 in. x 2.5 in. Certifications Tested for heat, extended vibe, and shock Cisco Confidential 22

23 Rack Mount 5508-X and 5516-X Parameters CPU Accelerator Value Multicore 5508-X at 2 GHz 5516-X at 2.4GHz Hardware crypto accelerator RAM/Storage Ports Console port 8 GB Intel/120 GB SSD 1 management port with 10/100/1000 Base-T RJ45, mini USB USB port Type A supports 2.0 Data Ports 8 * 1 GE Interface, all Layer 3 interfaces Cooling Power FAN AC internal, no DC 17.2 in. x in. x 1.72 in. Cisco Confidential 23

24 Key Enhancements of the Cisco ASA 5505 Category 5505 New ASA with FirePOWER Services NGFW - FirePOWER Services Hardware security Simplified Purchase Experience Application Visibility and Control No Yes AMP, NGIPS, URL filtering, subscriptions Cisco Trust Anchor Module Hardware Anti-Tamper Unlimited user (node) support No Yes No No Yes Yes 5506-X More Secure More Scalable More Flexible VPN Enhanced mobility support No Yes Throughput Over 2.5X steteful performance Additional Features Integrated wireless access point No Yes (5506W-X variant) Ruggedized option No Yes (5506H-X variant) Power over Ethernet (PoE) Yes No Cisco Confidential 24

25 New Extended Performance ASA5585-X new Cisco ASA5585-X appliance models for use with ASA with FirePOWER Services: S10F40 - ASA5585-S10F40-K9 S20F60 - ASA5585-S20F60-K9 Cisco Confidential 25

26 Centralized Management Provides Security Teams with: Management for multiple devices Comprehensive visibility and control over network activity Optimal remediation through infection scoping and root-cause determination BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Centralized Management: Same as Larger Models - Uses CSM and FireSIGHT Cisco Confidential 26

27 NEW - Integrated Onbox Management The Cisco Adaptive Security Device Manager (ADSM) 7 combines control of access policy and advanced threat defense functions The enhanced UI provides quick views on trends and the ability to navigate to more details Centralized management is optionally available with FireSIGHT + Cisco Security Manager Cisco Confidential 27

28 Cisco FirePOWER Provides Superior Visibility for Accurate Threat Detection and Adaptive Defense Cisco Confidential 28

29 FireSIGHT Full Stack Visibility Information Superiority CATEGORIES EXAMPLES SOURCEFIRE FireSIGHT TYPICAL IPS Threats Attacks, Anomalies Users AD, LDAP, POP3 Web Applications Facebook Chat, Ebay Application Protocols HTTP, SMTP, SSH File Transfers PDF, Office, EXE, JAR Malware Conficker, Flame Command & Control Servers C&C Security Intelligence Client Applications Firefox, IE6, BitTorrent Network Servers Apache 2.3.1, IIS4 Operating Systems Windows, Linux Routers & Switches Cisco, Nortel, Wireless Mobile Devices iphone, Android, Jail Printers HP, Xerox, Canon VoIP Phones Avaya, Polycom Virtual Machines VMware, Xen, RHEV TYPICAL NGFW Contextual Awareness Cisco Confidential 29

30 Performance Comparison ~1.5x to 2x ~1.5x to 2x Category Features ASA 5506-X/5506H- X/5506W-X ASA 5508-X ASA 5516-X Maximum stateful firewall throughput 750 Mbps 1 Gbps 1.8 Gbps VPN throughput 100 Mbps 175 Mbps 250 Mbps Maximum AVC throughput 250 Mbps 450 Mbps 850 Mbps Performance Maximum AVC and NGIPS throughput AVC or IPS sizing throughput [440 B] 125 Mbps 250 Mbps 450 Mbps 90 Mbps 180 Mbps 300 Mbps Maximum concurrent sessions 50, , ,000 Maximum CPS Cisco Confidential 30

31 Functional Distribution of Features URL Category and Reputation NGIPS Application Visibility and Control Advanced Malware Protection File Type Filtering *File Capture FirePOWER Services TCP Normalization TCP Intercept IP Option Inspection IP Fragmentation NAT Routing ACL VPN Termination ASA Cisco Confidential 31

32 An unknown file is present on IP: , having been downloaded from Firefox Cisco Confidential 32

33 At 10:57, the unknown file is from IP to IP: Cisco Confidential 33

34 Seven hours later the file is then transferred to a third device ( ) using an SMB application Cisco Confidential 34

35 The Cisco Collective Security Intelligence Cloud has learned this file is malicious and a retrospective event is raised for all four devices immediately. Cisco Confidential 35

36 At the same time, a device with the FireAMP endpoint connector reacts to the retrospective event and immediately stops and quarantines the newly detected malware Cisco Confidential 36

37 8 hours after the first attack, the Malware tries to re-enter the system through the original point of entry but is recognized and blocked. Cisco Confidential 37

38 What Cisco Offers the NGFW Space Sandboxing NG Sandbox for Evasive Malware URL and IP Reputation Malware File Trajectory Host Trajectory Open APP-ID Correlated SIEM Eventing² Incident Control System¹ Vulnerability Management¹ 2 1 Collective Security Intelligence (Talos) Adaptive Security NGIPS Threat Hunting User Identity AV and Basic Protections Web URL Controls Application Visibility Gen1 IPS Classic Stateful Firewall NGFW Forensics and Log Management Auto-Remediation / Dynamic Policies Dynamic Outbreak Controls Contextual Device, Network and End-Point Visibility Retrospective Analysis Retrospective Detection SNORT Open IPS Behavioral Indications of Compromise Network Anti-Malware Controls (AMP) *Client Anti-Malware (AMP) Integrated Threat Defense System ¹ Passive Vulnerability Management and Basic ICS Customer may still choose to invest in a commercial product ² FMC is NOT itself a SIEM, while it does provide Correlated SIEM eventing and integrates natively into the SIEM used by the customer BEFORE DURING AFTER n *Agent Cisco Only Cisco and Our Competitors Management Interfaces Cisco Confidential 38

39 NSS Labs: Next-Generation Firewall Security Value Map The NGFW Security Value Map shows the placement of Cisco ASA with FirePOWER Services and the FirePOWER 8350 as compared to other vendors. All products achieved 99.2 percent in security effectiveness. Now customers can be confident they ll get the best protections possible, regardless of deployment. Source: NSS Labs 2014 Cisco Confidential 39

40 Cisco Confidential 40

41 So arbeitet die integrierte Abwehr von Bedrohungen Durch intelligente Schutzlösungen konnte die umfassende Malware-Kampagne String of Paerls erkannt und gestoppt werden Cisco erkennt, analysiert und schützt gegen bekannte und neue Bedrohungen Wichtigste Verfahren Nutzung von Datenquellen aus , Internet und Advanced Malware Protection-Produkten Verknüpfung verschiedener Ereignisse und Malware- Aktivitäten durch Big Data-Analysen Ergebnis: Malware-Infektion wurde durch mehrere Indications of Compromise (IoCs) erkannt Weitere Informationen: Cisco Confidential 41

42 Cisco Positioned as Leader in the 2014 Gartner Magic Quadrant for Intrusion Prevention Systems Link: y/reprints.do?id=1-26vh860&ct=150105&st=sb Cisco Confidential 42

43 Cisco AnyConnect Comprehensive Secure Endpoint Access Cisco AnyConnect Context Posture Secure Access Connectivity Security User type, broad device support, and access method insight Check and remediate for latest OS, AV, etc. VPN Wired Wireless Cellular Always-on connectivity, clientless, 802.1X Web inspection, encryption, and secure access All-in-One Endpoint Services Simple Management: IT and User Cisco Confidential 43

44 Additional Resources At-a-Glance Document Data Sheet series-next-generation-firewalls/datasheet-c html Cisco Talos Security Intelligence and Research Cisco Confidential 44

45

Cisco ASA und FirePOWER Services

Cisco ASA und FirePOWER Services Cisco ASA und FirePOWER Services 1 Die Abwehr von Bedrohungen ist ein Prozess Attack Continuum BEFORE Control Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Firewall/VPN Applikations-Kontrolle

More information

SourceFireNext-Generation IPS

SourceFireNext-Generation IPS D Ů V Ě Ř U J T E S I L N Ý M SourceFireNext-Generation IPS Petr Salač CCNP Security, CCNP, CICSP, CCSI #33835 petr.salac@alefnula.com Our Customers Biggest Security Challenges Maintaining security posture

More information

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.

More information

Deploying Next Generation Firewall with ASA and Firepower services

Deploying Next Generation Firewall with ASA and Firepower services Deploying Next Generation Firewall with ASA and Firepower services Dragan Novaković Security Consulting Systems Engineer March 2015. Threat Landscape Demands more than Application Control 60% of data is

More information

Threat-Centric Security Solutions. György Ács Security Consulting Systems Engineer 3 rd November 2015

Threat-Centric Security Solutions. György Ács Security Consulting Systems Engineer 3 rd November 2015 Threat-Centric Security Solutions György Ács Security Consulting Systems Engineer 3 rd November 2015 The Problem is Threats About Angler Exploit Kit http://www.networkworld.com/article/2989827/security/cisco-disrupts-60m-ransomware-biz.html

More information

Cisco ASA with FirePOWER Services. October 2014

Cisco ASA with FirePOWER Services. October 2014 Cisco ASA with FirePOWER Services October 2014 What We Are Announcing September 16, 2014 Industry s First Threat-Focused NGFW Proven Cisco ASA firewalling + Industry leading NGIPS and AMP Cisco ASA with

More information

Requirements When Considering a Next- Generation Firewall

Requirements When Considering a Next- Generation Firewall White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a nextgeneration

More information

Cisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016

Cisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016 Cisco Advanced Malware Protection Ross Shehov Security Virtual Systems Engineer March 2016 The Reality Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious

More information

Cisco Advanced Malware Protection

Cisco Advanced Malware Protection Solution Overview Cisco Advanced Malware Protection Breach Prevention, Detection, Response, and Remediation for the Real World BENEFITS Gain unmatched global threat intelligence to strengthen front-line

More information

Belgacom Security Convention. Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve

Belgacom Security Convention. Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve Belgacom Security Convention Tuesday 15 October 2013, Aula Magna, Louvain-la-Neuve Belgacom Security Convention The new, continuous security model Hans De Raeve Product Manager Belgacom Sean Newman Product

More information

Cisco Web Security: Protection, Control, and Value

Cisco Web Security: Protection, Control, and Value Cisco Web Security: Protection, Control, and Value Benefits Strong protection: Protects every device through a sophisticated global threat-intelligence infrastructure, which includes Cisco Talos Security

More information

Cisco and Sourcefire. AGILE SECURITY : Security for the Real World. Stefano Volpi

Cisco and Sourcefire. AGILE SECURITY : Security for the Real World. Stefano Volpi Cisco and Sourcefire AGILE SECURITY : Security for the Real World Stefano Volpi SOURCEfire Worldwide John Chambers statement Security is the TOP issue for Cisco and many of the CIO s in the industry. We

More information

Protection Against Advanced Persistent Threats

Protection Against Advanced Persistent Threats Protection Against Advanced Persistent Threats Peter Mesjar Systems Engineer, CCIE 17428 October 2014 Agenda Modern Threats Advanced Malware Protection Solution Why Cisco? Cisco Public 2 The Problem are

More information

REV: 0.1.1 (July 2011) McAfee Security: Intrusion Prevention System

REV: 0.1.1 (July 2011) McAfee Security: Intrusion Prevention System McAfee Security: Intrusion Prevention System REV: 0.1.1 (July 2011) 1 Contents 1. McAfee Network Security Platform...3 2. McAfee Host Intrusion Prevention for Server...4 2.1 Network IPS...4 2.2 Workload

More information

Cisco Security: Moving to Security Everywhere. #TIGcyberSec. Stefano Volpi 13-10-2015

Cisco Security: Moving to Security Everywhere. #TIGcyberSec. Stefano Volpi 13-10-2015 #TIGcyberSec Cisco Security: Moving to Security Everywhere Stefano Volpi 13-10-2015 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco is All In with Security I expect security

More information

Cisco Cybersecurity Pocket Guide 2015

Cisco Cybersecurity Pocket Guide 2015 Cisco Cybersecurity Pocket Guide 2015 Why Security Security investment: A top priority Security: A critical boardroom topic Why Security? Security Investment: A Top Priority Figure 1 How Enterprises View

More information

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY Dean Frye Sourcefire Session ID: SEC-W05 Session Classification: Intermediate Industrialisation of Threat Factories Goal: Glory,

More information

Cisco Advanced Malware Protection for Endpoints

Cisco Advanced Malware Protection for Endpoints Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection

More information

Network Security Solution. Arktos Lam

Network Security Solution. Arktos Lam Network Security Solution Arktos Lam Dell Software Group(DSG) 2 Confidential Trend Dell Software addresses key trends Cloud Big data Mobility Security Management Security 3 Software We deliver security

More information

Braindumps.700-295.50.QA

Braindumps.700-295.50.QA Braindumps.700-295.50.QA Number: 700-295 Passing Score: 800 Time Limit: 120 min File Version: 6.0 http://www.gratisexam.com/ Comprehensive, easy and to the point study material made it possible for me

More information

Cisco Advanced Malware Protection for Endpoints

Cisco Advanced Malware Protection for Endpoints Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview With today s sophisticated malware, you have to protect endpoints before, during, and after attacks. Cisco Advanced Malware Protection

More information

Network as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats

Network as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats Network as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats Dragan Novaković Consulting Systems Engineer Security November 2015. New Networks Mean New Security Challenges

More information

Intelligent Cybersecurity for the Real World. Cisco Cybersecurity Pocket Guide

Intelligent Cybersecurity for the Real World. Cisco Cybersecurity Pocket Guide Intelligent Cybersecurity for the Real World Cisco Cybersecurity Pocket Guide EMEA 2015 Content What an Opportunity! Security Investment is a Top Priority Why Cisco? Cisco is the Leading Security Company

More information

Sourcefire Next-Generation IPS

Sourcefire Next-Generation IPS Sourcefire Next-Generation IPS Key NGIPS Capabilities Snort IPS detection engine Network intelligence Impact assessment User identification Automated policy tuning Network behavior analysis Packet-level

More information

Comstor Security Initiative. Comstor Security Initiative

Comstor Security Initiative. Comstor Security Initiative Comstor Comstor Work in partnership with Comstor and Cisco to unlock the potential of Cyber security Cyber security is projected to be a $170 billion market by 2020. There are 10 billion connected sensors

More information

Cisco Cloud Web Security

Cisco Cloud Web Security Data Sheet Today s highly connected and fast-moving world is filled with complex and sophisticated web security threats. Cisco delivers the strong protection, complete control, and investment value that

More information

Cisco Security Strategy Update Integrated Threat Defense. Oct 28, 2015

Cisco Security Strategy Update Integrated Threat Defense. Oct 28, 2015 Cisco Security Strategy Update Integrated Threat Defense Oct 28, 2015 Breaches are the New Normal FDA Wards of Security Flaw in Infusion Pump Cisco Confidential Cisco s Covers the Threat-Centric Entire

More information

Five Steps For Securing The Data Center: Why Traditional Security May Not Work

Five Steps For Securing The Data Center: Why Traditional Security May Not Work White Paper Five Steps For Securing The Data Center: Why Traditional Security May Not Work What You Will Learn Data center administrators face a significant challenge: They need to secure the data center

More information

Why Use Big Data for a Security Service?

Why Use Big Data for a Security Service? Using Big Data for Good Advanced Malware Protection as a Cloud Service Gary Spiteri Security Engineer 17 July 2012 Why Use Big Data for a Security Service? Because the traditional way is broken Industry

More information

The Hillstone and Trend Micro Joint Solution

The Hillstone and Trend Micro Joint Solution The Hillstone and Trend Micro Joint Solution Advanced Threat Defense Platform Overview Hillstone and Trend Micro offer a joint solution the Advanced Threat Defense Platform by integrating the industry

More information

McAfee Network Security Platform

McAfee Network Security Platform McAfee Network Security Platform Next Generation Network Security Youssef AGHARMINE, Network Security, McAfee Network is THE Security Battleground Who is behind the data breaches? 81% some form of hacking

More information

Sourcefire Next-Generation IPS

Sourcefire Next-Generation IPS Sourcefire Next-Generation IPS Sourcefire Next-Generation IPS sets a new standard for advanced threat protection, integrating real-time contextual awareness, intelligent security automation, and unprecedented

More information

Cisco Email Security: Layered Protection from Blended Threats

Cisco Email Security: Layered Protection from Blended Threats Cisco Email Security: Layered Protection from Blended Threats Benefits Faster, more comprehensive email protection, often hours or days ahead of the competition The largest network of threat intelligence

More information

Simple security is better security Or: How complexity became the biggest security threat

Simple security is better security Or: How complexity became the biggest security threat Simple security is better security Or: How complexity became the biggest security threat Christoph Litzbach, Pre-Sales Engineer NSG 1 What do they have in common? DATA BREACH 2 Security is HARD! Components

More information

Welcome to Your Cisco Connect & Grow Series: Heat Up Your Sales with Cisco Security for SMB

Welcome to Your Cisco Connect & Grow Series: Heat Up Your Sales with Cisco Security for SMB Welcome to Your Cisco Connect & Grow Series: Heat Up Your Sales with Cisco Security for SMB BEFORE WE TAKE OFF This webinar is being recorded and will be available 48 hours after the event at www.ingrammicro.com/ciscowebinars

More information

Extreme Security Threat Protection G2 - Intrusion Prevention Integrated security, visibility, and control for next- generation network protection

Extreme Security Threat Protection G2 - Intrusion Prevention Integrated security, visibility, and control for next- generation network protection DATA SHEET Extreme Security Threat Protection G2 - Intrusion Prevention Integrated security, visibility, and control for next- generation network protection HIGHLIGHTS Delivers superior zero-day threat

More information

Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention

Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention Effective IDS/IPS Network Security in a Dynamic World with Next-Generation Intrusion Detection & Prevention Your Security Challenges Defending the Dynamic Network! Dynamic threats 䕬 䕬 䕬 䕬 Many threats

More information

Who s Endian? www.cloudrouter.dk

Who s Endian? www.cloudrouter.dk Who s Endian? Endian was founded in 2003 at Appiano, Italy, by a team of experienced network specialists and Linux enthusiasts. Endian s goal and path of development are immediately clear: creating sophisticated

More information

Cisco Small Business ISA500 Series Integrated Security Appliances

Cisco Small Business ISA500 Series Integrated Security Appliances Q & A Cisco Small Business ISA500 Series Integrated Security Appliances Q. What is the Cisco Small Business ISA500 Series Integrated Security Appliance? A. The Cisco Small Business ISA500 Series Integrated

More information

Cisco ASA with FirePOWER Services

Cisco ASA with FirePOWER Services Data Sheet Cisco ASA with FirePOWER Meet the industry s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco ASA with FirePOWER

More information

BEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR

BEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR BEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR The IndustrializaBon of Hacking SophisEcated AFacks, Complex Landscape Hacking Becomes an Industry Phishing, Low

More information

Cisco ASA 5500-X Series Next-Generation Firewalls

Cisco ASA 5500-X Series Next-Generation Firewalls Data Sheet 5500-X Series Next-Generation Firewalls Product Overview How do you deliver enterprise-class security for small offices while meeting their network, budgetary, and performance requirements?

More information

Cisco Web Security Appliance

Cisco Web Security Appliance Data Sheet Cisco Web Security Appliance In our highly connected and increasingly mobile world, more complex and sophisticated threats require the right mix of security solutions. Cisco delivers security

More information

Synchronized Security and Security Heartbeat

Synchronized Security and Security Heartbeat Synchronized Security and Security Heartbeat Revolutionizing Advanced Threat Protection George Kouimintzis NSS Commercial Director 1 What we re going to cover What s the problem? It s time for a security

More information

Company Profile. 1344 S Flores #205 San Antonio, TX 78204 210-694-2797 www.thomasontech.com

Company Profile. 1344 S Flores #205 San Antonio, TX 78204 210-694-2797 www.thomasontech.com Company Profile 1344 S Flores #205 San Antonio, TX 78204 210-694-2797 www.thomasontech.com Trusted Security Advisor For Industrial Control Systems Thomason Technologies provides world-class security solutions

More information

you us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services

you us MSSP are a Managed Security Service Provider looking to offer Advanced Malware Protection Services MSSP you us are a Managed Security Service Provider looking to offer Advanced Malware Protection Services Lastline is the only company with 10+ years of academic research focused on detecting advanced

More information

聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 職 稱 : 技 術 顧 問

聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 職 稱 : 技 術 顧 問 聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 主 講 人 : 廖 國 宏 Jerry Liao 職 稱 : 技 術 顧 問 Each attack instance can be slightly different 攻 擊 模 式 有 些 微 的 不 同 Domains are rotated in days, even hours 攻 擊 主 機 位 置

More information

IBM Security. Alle Risiken im Blick und bessere Compliance Kumulierte und intelligente Security Alerts mit QRadar Security Intelligence

IBM Security. Alle Risiken im Blick und bessere Compliance Kumulierte und intelligente Security Alerts mit QRadar Security Intelligence IBM Security Alle Risiken im Blick und bessere Compliance Kumulierte und intelligente Security Alerts mit QRadar Security Intelligence Peter Kurfürst Vertrieb IBM Security Lösungen Enterprise-Kunden Baden-Württemberg

More information

FROM PRODUCT TO PLATFORM

FROM PRODUCT TO PLATFORM FROM PRODUCT TO PLATFORM DATA EQUIPMENT 2016 Mikkel Bossen Agenda Today s Challenges Data Growth, SSL encryption, Application Growth & SaaS What s hiding in under the surface? Legacy Security is that really

More information

Stallion SIA Seminar 2.12.2015 PREVENTION FIRST. Introducing the Enterprise Security Platform. Sami Walle Regional Sales Manager

Stallion SIA Seminar 2.12.2015 PREVENTION FIRST. Introducing the Enterprise Security Platform. Sami Walle Regional Sales Manager Stallion SIA Seminar 2.12.2015 PREVENTION FIRST Introducing the Enterprise Security Platform Sami Walle Regional Sales Manager CYBER THREATS ARE GETTING MORE ADVANCED Advanced Persistent Threat Uses a

More information

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE

Game changing Technology für Ihre Kunden. Thomas Bürgis System Engineering Manager CEE Game changing Technology für Ihre Kunden Thomas Bürgis System Engineering Manager CEE Threats have evolved traditional firewalls & IPS have not Protection centered around ports & protocols Expensive to

More information

Security Intelligence Services. www.kaspersky.com

Security Intelligence Services. www.kaspersky.com Kaspersky Security Intelligence Services. Threat Intelligence Services www.kaspersky.com THREAT INTELLIGENCE SERVICES Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats

More information

Sourcefire Defense Center TM

Sourcefire Defense Center TM Sourcefire TM Sourcefire Capabilities Store up to 100,000,000 security & host events, including packet data Centralized policy & sensor management Centralized audit logging of configuration & security

More information

Advantages of Consolidating Network Security with Wireless for Small & Mid-Size Businesses

Advantages of Consolidating Network Security with Wireless for Small & Mid-Size Businesses Advantages of Consolidating Network Security with Wireless for Small & Mid-Size Businesses Patrick Bedwell VP, Product Marketing 1 Copyright 2014 Fortinet Inc. All rights reserved. Today s Agenda Security

More information

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET DATASHEET Security Information & Event Manager (SIEM) Compliance through Security Information and Event Management, Log Management, and Network Behavioral Analysis Product Overview Delivers fast, accurate

More information

Sophos Roadshow. Complete Security Vision

Sophos Roadshow. Complete Security Vision Sophos Roadshow Complete Security Vision Reconized leader Over 25 years of experience Data protection experts Global company with local presence 100 million users trust Sophos Reputation for highest quality

More information

Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET

Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET Product Factsheet MANAGED SECURITY SERVICES - FIREWALLS - FACT SHEET ELITE S NEXT GENERATION MANAGED SECURITY SERVICES Security risks to business information systems are expanding at a rapid rate; often,

More information

Addressing Advanced Web Threats. Addressing Advanced Web Threats: Protect Your Data and Brand

Addressing Advanced Web Threats. Addressing Advanced Web Threats: Protect Your Data and Brand Addressing Advanced Web Threats: Protect Your Data and Brand What You Will Learn From collaboration to communication to data access, the web is a mission-critical business tool. Enterprises rely on the

More information

Astaro Gateway Software Applications

Astaro Gateway Software Applications Astaro Overview Astaro Products - Astaro Security Gateway - Astaro Web Gateway - Astaro Mail Gateway - Astaro Command Center - Astaro Report Manager Astaro Gateway Software Applications - Network Security

More information

Cisco ASA 5500-X Series Next-Generation Firewalls

Cisco ASA 5500-X Series Next-Generation Firewalls Data Sheet 5500-X Series Next-Generation Firewalls Product Overview Cisco ASA 5500-X Series Next-Generation Firewalls integrate the world s most proven stateful inspection firewall with a comprehensive

More information

Cisco Email Security Appliances

Cisco Email Security Appliances Data Sheet Cisco Email Security Appliances Product Overview Over the past 20 years, email has evolved from a tool used primarily by technical and research professionals to become the backbone of corporate

More information

Making sense out of the Security Operations

Making sense out of the Security Operations Gaweł Mikołajczyk gmikolaj@cisco.com Making sense out of the Security Operations Cisco Public 1 CONFidence 2012 https://www.youtube.com/watch?v=ebi1xlmg5xe Cisco Public 2 CONFidence 2016 Network Security

More information

IT Sicherheit im Web 2.0 Zeitalter

IT Sicherheit im Web 2.0 Zeitalter IT Sicherheit im Web 2.0 Zeitalter Dirk Beste Consulting System Engineer 1 IT Sicherheit im Web 2.0 Zeitalter Cisco SIO und Global Threat Correlation Nach dem Webinar sollte der Zuhörer in der Lage sein:

More information

Content Security: Protect Your Network with Five Must-Haves

Content Security: Protect Your Network with Five Must-Haves White Paper Content Security: Protect Your Network with Five Must-Haves What You Will Learn The continually evolving threat landscape is what makes the discovery of threats more relevant than defense as

More information

Next-Generation Intrusion Detection & Prevention. Manuel Minzoni, Brand Manager ITWAY VAD

Next-Generation Intrusion Detection & Prevention. Manuel Minzoni, Brand Manager ITWAY VAD Next-Generation Intrusion Detection & Prevention Manuel Minzoni, Brand Manager ITWAY VAD Today s Reality Begin the transformation to context-aware and adaptive security infrastructure now as you replace

More information

Security Information & Event Manager (SIEM)

Security Information & Event Manager (SIEM) DATA SHEET Security Information & Event Manager (SIEM) Compliance through Security Information and Event Management, Log Management, and Network Behavioral Analysis Benefits Enables NOC and SOC staff to

More information

OVERVIEW. Enterprise Security Solutions

OVERVIEW. Enterprise Security Solutions Enterprise Security Solutions OVERVIEW For more than 25 years, Trend Micro has innovated constantly to keep our customers ahead of an everevolving IT threat landscape. It s how we got to be the world s

More information

Next Generation IPS and Reputation Services

Next Generation IPS and Reputation Services Next Generation IPS and Reputation Services Richard Stiennon Chief Research Analyst IT-Harvest 2011 IT-Harvest 1 IPS and Reputation Services REPUTATION IS REQUIRED FOR EFFECTIVE IPS Reputation has become

More information

High Performance NGFW Extended

High Performance NGFW Extended High Performance NGFW Extended Enrique Millán Country Manager Colombia emillan@fortinet.com 1 Copyright 2013 Fortinet Inc. All rights reserved. D I S C L A I M E R This document contains confidential material

More information

Cisco Email Security Appliances

Cisco Email Security Appliances Data Sheet Cisco Email Security Appliances Over the past 20 years, email has evolved from a tool used primarily by technical and research professionals to become the backbone of corporate communications.

More information

What s Next for Network Security - Visibility is king! Gøran Tømte March 2013

What s Next for Network Security - Visibility is king! Gøran Tømte March 2013 What s Next for Network Security - Visibility is king! Gøran Tømte March 2013 Technology Sprawl and Creep Aren t the Answer More stuff doesn t solve the problem Firewall helpers have limited view of traffic

More information

2012 North American Enterprise Firewalls Market Penetration Leadership Award

2012 North American Enterprise Firewalls Market Penetration Leadership Award 2012 2012 North American Enterprise Firewalls Market Penetration Leadership Award 2012 Frost & Sullivan 1 We Accelerate Growth Market Penetration Leadership Award Enterprise Firewalls North America, 2012

More information

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET

Benefits. Product Overview. There is nothing more important than our customers. DATASHEET DATASHEET Security Information & Event Manager (SIEM) Compliance through Security Information and Event Management, Log Management, and Network Behavioral Analysis Product Overview Delivers fast, accurate

More information

Cisco ASA 5500-X Series Next-Generation Firewalls

Cisco ASA 5500-X Series Next-Generation Firewalls Data Sheet 5500-X Series Next-Generation Firewalls Product Overview Cisco ASA 5500-X Series Next-Generation Firewalls integrate the world s most proven stateful inspection firewall with a comprehensive

More information

The Cisco ASA 5500 as a Superior Firewall Solution

The Cisco ASA 5500 as a Superior Firewall Solution The Cisco ASA 5500 as a Superior Firewall Solution The Cisco ASA 5500 Series Adaptive Security Appliance provides leading-edge firewall capabilities and expands to support other security services. Firewalls

More information

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager

Why it's time to upgrade to a Next Generation Firewall. Dickens Lee Technical Manager Why it's time to upgrade to a Next Generation Firewall Dickens Lee Technical Manager Dell History 2 Confidential Dell s legacy Became leading provider of subscription services on optimized appliances Shipped

More information

Cisco Cloud Web Security Datasheet

Cisco Cloud Web Security Datasheet Cisco Cloud Web Security Datasheet October 2014 Table of Contents Table of Contents... 1 Overview... 2 Features and Benefits by License... 3 CWS Essentials License... 3 CWS Premium... 4 Advanced Threat

More information

Delivering Control with Context Across the Extended Network

Delivering Control with Context Across the Extended Network Delivering Control with Context Across the Extended Network Agenda Current Challenges Cisco ISE Overview Introducing Cisco pxgrid Customer Success Stories Only Cisco ISE Delivers 2013-2014 Cisco and/or

More information

Security Without Compromise: Context-Aware and Adaptive Next-Generation Firewalls

Security Without Compromise: Context-Aware and Adaptive Next-Generation Firewalls Fast Facts In 2012, 9 billion devices were connected to the Internet, and 50 billion are projected to be connected by 2020. Global data center traffic is expected to quadruple over the next five years,

More information

Intelligent. Data Sheet

Intelligent. Data Sheet Cisco IPS Software Product Overview Cisco IPS Software is the industry s leading network-based intrusion prevention software. It provides intelligent, precise, and flexible protection for your business

More information

Implementing Cisco IOS Network Security

Implementing Cisco IOS Network Security Implementing Cisco IOS Network Security IINS v3.0; 5 Days, Instructor-led Course Description Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles

More information

Cisco ASA 5585-X Next-Generation Firewall

Cisco ASA 5585-X Next-Generation Firewall Data Sheet Next-Generation Firewall Today s enterprise networks must deal with an increasingly mobile workforce requiring anywhere, anytime access from a variety of company and personal devices. These

More information

Your Security Partner of Choice

Your Security Partner of Choice Your Security Partner of Choice 6/16/14 2 About WatchGuard 100% CHANNEL 5,000 partners in 120 countries Ø Firewall appliance pioneer Ø Nearing 1,000,000 appliances shipped to business customers worldwide

More information

Move over, TMG! Replacing TMG with Sophos UTM

Move over, TMG! Replacing TMG with Sophos UTM Move over, TMG! Replacing TMG with Sophos UTM Christoph Litzbach, Pre-Sales Engineer NSG 39 Key Features of TMG HTTP Antivirus/spyware URL Filtering HTTPS forward inspection Web Caching Role based access

More information

Sophos Ltd. All rights reserved.

Sophos Ltd. All rights reserved. Sophos Ltd. All rights reserved. 1 Sophos Approach to Unified Security Integrated Security for Be9er Protec;on James Burchell & Greg Iddon, Sales Engineers UK&I, Technology Services What we re going to

More information

SolarWinds Network Performance Monitor powerful network fault & availabilty management

SolarWinds Network Performance Monitor powerful network fault & availabilty management SolarWinds Network Performance Monitor powerful network fault & availabilty management Fully Functional for 30 Days SolarWinds Network Performance Monitor (NPM) is powerful and affordable network monitoring

More information

Symantec Advanced Threat Protection: Network

Symantec Advanced Threat Protection: Network Symantec Advanced Threat Protection: Network Data Sheet: Advanced Threat Protection The Problem Today s advanced attacks hide themselves on legitimate websites, leverage new and unknown vulnerabilities,

More information

Решения HP по информационной безопасности

Решения HP по информационной безопасности Решения HP по информационной безопасности Евгений Нечитайло ynechyta@hp.com Mobile: +380 67 464 0218 Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject

More information

Paul Cochran - Account Manager. Chris Czerwinski System Engineer

Paul Cochran - Account Manager. Chris Czerwinski System Engineer Paul Cochran - Account Manager Chris Czerwinski System Engineer Next-Generation NAC Fast and easy deployment No infrastructure changes or network upgrades No need for endpoint agents 802.1X is optional

More information

Next Generation Enterprise Network Security Platform

Next Generation Enterprise Network Security Platform Next Generation Enterprise Network Security Platform November 2014 Lyndon Clough - Territory Sales Manager Derran Guinan Systems Engineer Agenda The Palo Alto Networks story Today s Threat Landscape The

More information

McAfee Next Generation Firewall

McAfee Next Generation Firewall McAfee Next Generation Firewall Services solutions for Managed Service Providers (MSPs) McAfee Next Generation Firewall offers the advanced security, flexibility, and multitenant control needed to protect

More information

Cisco & Big Data Security

Cisco & Big Data Security Cisco & Big Data Security 巨 量 資 料 的 傳 輸 保 護 Joey Kuo Borderless Networks Manager hskuo@cisco.com The any-to-any world and the Internet of Everything is an evolution in connectivity and collaboration that

More information

Symantec Messaging Gateway 10.5

Symantec Messaging Gateway 10.5 Powerful email gateway protection Data Sheet: Messaging Security Overview Symantec Messaging Gateway enables organizations to secure their email and productivity infrastructure with effective and accurate

More information

IINS Implementing Cisco Network Security 3.0 (IINS)

IINS Implementing Cisco Network Security 3.0 (IINS) IINS Implementing Cisco Network Security 3.0 (IINS) COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using

More information

Cisco Identity Services Engine

Cisco Identity Services Engine Cisco Identity Services Engine Secure Access Stefan Dürnberger CCIE Security Sourcefire Certified Expert Most organizations, large and small, have already been compromised and don t even know it: 100 percent

More information

Huawei Eudemon200E-N Next-Generation Firewall

Huawei Eudemon200E-N Next-Generation Firewall Huawei 200E-N Next-Generation Firewall With the popularity of mobile working using smartphones and tablets, mobile apps, Web2.0, and social networking become integral parts of works. This change in IT

More information

Market Segment Definitions

Market Segment Definitions Market Segment Definitions Author Joshua Mittler Overview In addition to product testing, NSS Labs quantitatively evaluates market size for each of the product categories tested. NSS provides metrics that

More information

Sophos SG Series Appliances

Sophos SG Series Appliances Unleash the full potential of your network With bandwidth requirements constantly increasing, network security appliances need to do more than ever before. The Sophos SG Series appliances are built to

More information