BEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR

Similar documents
Cyb T er h Threat D f e ense S l o uti tion Moritz Wenz, Lancope 1

Cisco Security: Moving to Security Everywhere. #TIGcyberSec. Stefano Volpi

Intelligent Cybersecurity for the Real World

Cisco and Sourcefire. AGILE SECURITY : Security for the Real World. Stefano Volpi

Cisco Advanced Malware Protection. Ross Shehov Security Virtual Systems Engineer March 2016

Cisco Cyber Threat Defense Solution: Delivering Visibility into Stealthy, Advanced Network Threats

Cisco Cybersecurity Pocket Guide 2015

Protection Against Advanced Persistent Threats

Network as a Sensor and Enforcer Leverage the Network to Protect Against and Mitigate Threats

Delivering Control with Context Across the Extended Network

Cisco Security Strategy Update Integrated Threat Defense. Oct 28, 2015

Cisco & Big Data Security

SourceFireNext-Generation IPS

Cybersecurity Before - During - After An Integrated Security Strategy

Braindumps QA

EXTENDING NETWORK SECURITY: TAKING A THREAT CENTRIC APPROACH TO SECURITY

Cisco Advanced Malware Protection

Requirements When Considering a Next- Generation Firewall

Threat-Centric Security Solutions. György Ács Security Consulting Systems Engineer 3 rd November 2015

The Art of Modern Threat Defense. Paul Davis Director, Advanced Threats Security Solution Architects

CYBERSECURITY for ENTERPRISE INFRASTRUCTURE: Protecting your DataCenter. Marco Mazzoleni Consulting Systems Engineer, Cisco GSSO

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Cisco Cyber Threat Defense - Visibility and Network Prevention

Deploying Next Generation Firewall with ASA and Firepower services

Content Security: Protect Your Network with Five Must-Haves

Unified Security Management and Open Threat Exchange

The Hillstone and Trend Micro Joint Solution

CONTENTS. Cisco Cyber Threat Defense v2.0 First Look Design Guide 2

McAfee Network Security Platform

STEALTHWATCH MANAGEMENT CONSOLE

聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 職 稱 : 技 術 顧 問

OVERVIEW. Enterprise Security Solutions

EMERGING THREATS & STRATEGIES FOR DEFENSE. Stephen Coty Chief Security

Threat-Centric Security for Service Providers

Readiness Assessments: Vital to Secure Mobility

Cisco RSA Announcement Update

bersecurity fore - During - After Integrated Security Strategy r Romness ness Development Manager ic Sector Cybersecurity o Systems Inc.

Network Performance + Security Monitoring

Security and Privacy

Five Steps For Securing The Data Center: Why Traditional Security May Not Work

應 用 SIEM 偵 測 與 預 防 APT 緩 攻 擊

Das sollte jeder ITSpezialist über. Automations- und Produktionsnetzwerke wissen

Modular Network Security. Tyler Carter, McAfee Network Security

How To Protect Your Network From Intrusions From A Malicious Computer (Malware) With A Microsoft Network Security Platform)

Data Center security trends

The Critical Role of Netflow/IPFIX Telemetry in the Next- Generation Network Security Infrastructure

Cisco ASA with FirePOWER Services. October 2014

Cisco Threat Defense for Borderless Networks

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Unified Security, ATP and more

Defending Against Data Beaches: Internal Controls for Cybersecurity

Trends in Malware DRAFT OUTLINE. Wednesday, October 10, 12

Cisco Master Security Specialization Practice Areas Summary. June 2015

Cisco Secure BYOD Solution

Network that Know. Rasmus Andersen Lead Security Sales Specialist North & RESE

Practical Steps To Securing Process Control Networks

Advanced Threats: The New World Order

overview Enterprise Security Solutions

Cisco ASA und FirePOWER Services

End-user Security Analytics Strengthens Protection with ArcSight

Sourcefire Next-Generation IPS

Symantec Advanced Threat Protection: Network

Combating a new generation of cybercriminal with in-depth security monitoring. 1 st Advanced Data Analysis Security Operation Center

Network as an Sensor & Enforcer

Mitigating Web Threats with Comprehensive, Cloud-Delivered Web Security

Cisco Cloud Web Security Key Functionality [NOTE: Place caption above figure.]

How To Buy Nitro Security

The Cyber Threat Landscape

Endpoint Threat Detection without the Pain

Cisco Advanced Malware Protection for Endpoints

RETHINK SECURITY FOR UNKNOWN ATTACKS

Close the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle

Cisco Advanced Malware Protection for Endpoints

Addressing the Full Attack Continuum: Before, During, and After an Attack. It s Time for a New Security Model

Cisco Identity Services Engine

The Advanced Attack Challenge. Creating a Government Private Threat Intelligence Cloud

Agenda , Palo Alto Networks. Confidential and Proprietary.

IINS Implementing Cisco Network Security 3.0 (IINS)

BUILDING A SECURITY OPERATION CENTER (SOC) ACI-BIT Vancouver, BC. Los Angeles World Airports

External Supplier Control Requirements

Combating a new generation of cybercriminal with in-depth security monitoring

Incident Response. Six Best Practices for Managing Cyber Breaches.

Stallion SIA Seminar PREVENTION FIRST. Introducing the Enterprise Security Platform. Sami Walle Regional Sales Manager

By John Pirc. THREAT DETECTION HAS moved beyond signature-based firewalls EDITOR S DESK SECURITY 7 AWARD WINNERS ENHANCED THREAT DETECTION

STEALTHWATCH MANAGEMENT CONSOLE

How To Create Situational Awareness

Chapter 1 The Principles of Auditing 1

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

Jort Kollerie SonicWALL

Automated Protection on UCS with Trend Micro Deep Security

Transcription:

BEFORE. DURING. AFTER. CISCO'S INTEGRATED SECURITY STRATEGY NIALL MOYNIHAN CISCO EMEAR

The IndustrializaBon of Hacking SophisEcated AFacks, Complex Landscape Hacking Becomes an Industry Phishing, Low SophisEcaEon 1990 1995 2000 2005 2010 2015 2020 Viruses 1990 2000 Worms 2000 2005 Spyware and Rootkits 2005 Today APTs Cyberware Today +

Today s Reality All are smart, all had security, All were seriously compromised.

2014 Cisco and/or its affiliates. All rights reserved. 6

Modern networks are like candy; a hard crunchy shell around a so9 chewy centre. Bill Cheswick, 1986

The IndustrializaBon of Hacking SophisEcated AFacks, Complex Landscape Hacking Becomes an Industry Phishing, Low SophisEcaEon 1990 1995 2000 2005 2010 2015 2020 Viruses 1990 2000 Worms 2000 2005 Spyware and Rootkits 2005 Today APTs Cyberware Today +

MoBvated and Targeted AXackers Hack/vists Organised crime Na/on States 25% of a:acks targeted at a specific individual or company Verizon Data Breach report 2013

Email Spear Phishing is Prime AXack Vector Bypassing defences by IdenBfying Individuals to target - - - www.companywebsite.com/about/ Switchboard/RecepBonist Social Media Using Social Engineering Phishing.. Phishing gets the hacker behind the firewall In the majority of these incidents, the axacks targeted corporate workstabons NOT devices Gives him access of a user Popular with low level scammers This is where the hack starts

Well Planned, Stealthy AXacks 100% of corporate networks surveyed, showed signs of malicious traffic 66% of the breaches in our 2013 report took months or even years to discover Verizon Data Breach Inves/ga/ons Report, 2013 Cisco Annual Security Report, 2014 Mandiant APT1 Report, Feb 2013

Cisco is Serious about Security. GSSO is Transforming to Harness the Opportunity. The TransformaEon of Hacking u OrganizaBons face tens of thousands of new malware samples per hour u Smarter, well funded hackers u Resources to compromise your organizabon u Cyber crime costs: $445B Cisco is Transforming u Investment & Momentum u AcquisiBons creabng broad solubon porfolio u Complete service and product plaform u Regain market credibility u Improve compebbve posibon GTM TransformaEon u Empowered, dedicated security architecture u Trusted security advisors u Strategic customer engagement u We sell full technology and services solubons

Comprehensive Security Porfolio Firewall & NGFW Cisco ASA 5500- X Series Cisco ASA 5500- X w/ NGFW license Cisco ASA 5585- X w/ NGFW blade FirePOWER NGFW IPS & NGIPS Cisco IPS 4300 Series Cisco ASA 5500- X Series integrated IPS FirePOWER NGIPS FirePOWER NGIPS w/ ApplicaBon Control FirePOWER Virtual NGIPS Advanced Malware Protection FireAMP FireAMP Mobile FireAMP Virtual AMP for FirePOWER license Dedicated AMP FirePOWER appliance Cyber Threat Defense Cisco Sourcefire Web Security Cisco Web Security Appliance (WSA) Cisco Virtual Web Security Appliance (vwsa) Cisco Cloud Web Security Email Security Cisco Email Security Appliance (ESA) Cisco Virtual Email Security Appliance (vesa) Cisco Cloud Email Security NAC + Identity Services Cisco IdenBty Services Engine (ISE) Cisco Access Control Server (ACS) VPN Cisco AnyConnect VPN UTM Meraki MX

The Problem is Threats

The Silver Bullet Does Not Exist Sandboxing ApplicaBon Control Detect the unknown IDS / IPS UTM NAC CapBve portal Fix the firewall FW/ VPN Block or allow AV PKI It matches the paxern No key, no access No false posibves, no false negabves. Cisco focuses on the totality of defending against threats

Today s advanced malware is not just a single enbty 100 percent of companies surveyed by Cisco have Missed by Point-in-time conneceons to domains that are Detection known to host malicious files or services. (2014 CASR) It is a Community that hides in plain sight

Impact of a Breach Breach occurs 60% data in breaches is stolen in hours 54% of breaches remain undiscovered for months InformaBon of up to 750 million individuals on the black market over last three years START HOURS MONTHS YEARS Source: Verizon Data Breach Report 2014

Why?

ConfiguraBon and OrganizaBonal Problems IT professionals don t know what they re protecbng They can t see or recognize what s in their environment They can t deal with unknown axacks Even if technologies are purchased, in many cases, IT profesionals cannot use them properly Complexity and fragmentabon OperaBonal challenges

If you knew you were going to be compromised, would you do security differently?

The Threat- Centric Security Model ATTACK CONTINUUM Discover Enforce Harden Detect Block Defend Scope Contain Remediate Firewall Patch Mgmt IPS IDS AMD App Control Vuln Mgmt AnBvirus FPC Log Mgmt VPN IAM/NAC Email/Web Forensics SIEM Services Visibility and Context

The New Security Model ATTACK CONTINUUM Discover Enforce Harden Detect Block Defend Scope Contain Remediate Network Endpoint Mobile Virtual Cloud Point- in- Time ConBnuous

Covering the EnBre AXack ConBnuum Discover Enforce Harden Detect Block Defend Scope Contain Remediate ASA VPN NGIPS Advanced Malware ProtecBon NGFW Meraki ESA/WSA CogniBve Secure Access + IdenBty Services CWS ThreatGRID Advisory, IntegraBon and Managed Services FireSIGHT & PXGrid

Today s Security Appliances TradiBonal Firewall FuncBons VPN FuncBons Context- Aware FuncBons IPS FuncBons WWW Malware FuncBons

Strategic ImperaBves to Improve Security Visibility- Driven Threat- Focused Pla`orm- Based Network- Integrated, Broad Sensor Base, Context and AutomaBon ConBnuous Advanced Threat ProtecBon, Cloud- Based Security Intelligence Agile and Open Plaforms, Built for Scale, Consistent Control, Management Network Endpoint Mobile Virtual Cloud

Comprehensive Security Porfolio Cisco Sourcefire Firewall & NGFW Cisco ASA 5500- X Series Cisco ASA 5500- X w/ NGFW license Cisco ASA 5585- X w/ NGFW blade FirePOWER NGFW IPS & NGIPS Cisco IPS 4300 Series Cisco ASA 5500- X Series integrated IPS FirePOWER NGIPS FirePOWER NGIPS w/ ApplicaBon Control FirePOWER Virtual NGIPS Advanced Malware Protection FireAMP FireAMP Mobile FireAMP Virtual AMP for FirePOWER license Dedicated AMP FirePOWER appliance Cyber Threat Defense Web Security Cisco Web Security Appliance (WSA) Cisco Virtual Web Security Appliance (vwsa) Cisco Cloud Web Security Email Security Cisco Email Security Appliance (ESA) Cisco Virtual Email Security Appliance (vesa) Cisco Cloud Email Security NAC + Identity Services Cisco IdenBty Services Engine (ISE) Cisco Access Control Server (ACS) VPN Cisco AnyConnect VPN UTM Meraki MX

Mobility Is Changing The Future Of Work How we work Who we work with When we work Where we work What tools we use ACCESS POLICY IS MORE CRITICAL THAN EVER

IdenBty Services Engine (ISE) WHO Security Policy AXributes IdenEty Context WHAT WHERE ISE Business-Relevant Policies WHEN Wired HOW Wireless VPN VM client, IP device, guest, employee, remote user Replaces AAA & RADIUS, NAC, guest management & device iden/ty servers

Key ISE Use Cases BYOD Users get safely on the internet fast and easy GUEST ACCESS It s easy to provide guests limited time and resource access SECURE ACCESS ON WIRED, WIRELESS & VPN Control with one policy across wired, wireless & remote infrastructure TRUSTSEC NETWORK POLICY Rules written in business terms controls access

BYOD & ISE Automated self- service portal Get Users On- Net in Minutes, Not Hours Simple self- service portal for any user to get quickly on- net without help or hassle Reduce Burden on IT & Help Desk Staff Reliable automabon reduces user problems to near zero so Immediate Secure Access Rigorous IdenBty and Access Policy Enforcement

Cyber Threat Defense SoluBon NetFlow Enables Security Telemetry + NetFlow-enabled Cisco switches and routers become security telemetry sources Cisco is the undisputed market leader in Hardware-enabled NetFlow devices Cisco Network NetFlow Network Components Provide Rich Context Unites NetFlow data with identity and application ID to provide security context Cisco ISE Cisco ASR 1000 or ISR G2 + NBAR Cisco ASA Cisco NGA User? Device? Posture? Vulnerability AV Patch Events? 65.32.7.45 Application? Lancope Partnership Provides Behavior-Based Threat Detection + + FlowSensor FlowCollector StealthWatch Management Console Single pane of glass that unifies threat detection, visibility, forensics analysis, and reporting

Cyber Threat Defense SoluBon Components StealthWatch Management Console Other tools/ collectors hxps hxps Cisco ISE StealthWatch FlowReplicat or StealthWatch FlowCollector NetFlow NetFlow StealthWatch FlowSensor NBAR Cisco Network NSEL StealthWatch FlowSensor VE Users/Devices

NetFlow Security Use Cases DetecEng SophisEcated and Persistent Threats. Malware that makes it past perimeter security can remain in the enterprise waibng to strike as lurking threats. These may be zero day threats that do not yet have an anbvirus signature or be hard to detect for other reasons. IdenEfying BotNet Command & Control AcEvity. BotNets are implanted in the enterprise to execute commands from their Bot herders to send SPAM, Denial of Service axacks, or other malicious acts. Uncovering Network Reconnaissance. Some axacks will probe the network looking for axack vectors to be ublized by custom- crased cyber threats. Finding Internally Spread Malware. Network interior malware proliferabon can occur across hosts for the purpose gathering security reconnaissance data, data exfiltrabon or network backdoors. Revealing Data Loss. Code can be hidden in the enterprise to export of sensibve informabon back to the axacker. This Data Leakage may occur rapidly or over Bme.

Cisco Dominates the Security Gartner Magic Quadrants Intrusion PrevenBon Web Security Email Security Network Access Control

NSS Labs Next- GeneraBon Firewall Security Value Map The NGFW Security Value Map shows the placement of Cisco ASA with FirePOWER Services and the FirePOWER 8350 as compared to other vendors. All three products achieved 99.2 percent in security effectiveness and now all can be confident that they will receive the best protections possible regardless of deployment. Source: NSS Labs 2014

Market RecogniBon Cisco is disrupting the advanced threat defense industry. Based on our (Breach Detection Systems) reports, Advanced Malware Protection from Cisco should be on everyone s short list. The AMP products will provide deeper capability to Cisco's role in providing secure services for the Internet of Everything (IoE). So do any network security vendors understand data center and what s needed to accommodate network security? Cisco certainly does. 2014 Vendor Rating for Security: Positive AMP will be one of the most beneficial aspects of the [Sourcefire] acquisition.

THANK YOU

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information