聚 碩 科 技 主 題 : 如 何 幫 企 業 行 動 商 務 建 立 安 全 機 制 主 講 人 : 廖 國 宏 Jerry Liao 職 稱 : 技 術 顧 問
Each attack instance can be slightly different 攻 擊 模 式 有 些 微 的 不 同 Domains are rotated in days, even hours 攻 擊 主 機 位 置 轉 移 十 分 的 快 速 Content mutates and mimics legitimate traffic and content 突 變 且 善 於 模 仿, 就 像 是 合 法 的 流 量 與 內 容
Command and Control 指 揮 控 制 Networked, Persistent 從 網 路 全 面 且 持 續 的 50% of attacks are from serial offenders 80% of spam is from infected hosts 70% of bots use dynamic IP addresses
A Seismic Shift 震 撼 的 轉 變 2000-2008: IT security products look deeper 2009: Security products look around, respond faster
Cisco Security Intelligence Operations Satellite View of Internet 一 舉 一 動, 無 所 遁 形 Cisco SensorBase Threat Operations Center Analytics and Algorithms Security Infrastructure That Dynamically Protect Against the Latest Threats Through: Cisco SensorBase The Most Comprehensive Vulnerability and Sender Reputation Database Threat Operations Center A Global Team of Security Researchers and Analysts Analytics and Algorithms Automatic Updates and Best Practices Powered by Global Correlation
Global Correlation 全 球 關 聯 防 禦 Unmatched Breadth Largest Footprint Greatest Breadth Full Context Analysis Email Security IPS Web Security Firewall Identifying a global botnet requires complete visibility across all threat vectors
Global Correlation 全 球 關 聯 防 禦 SensorBase: World s Largest Traffic Monitoring Network Largest Footprint Greatest Breadth Full Context Analysis SIO 全 球 資 安 戰 情 中 心 One million security devices per year Ten million secure clients per year > 500 GB of data per day > 30% of the world s email traffic 8 of the top 10 Global ISPs 152 3 rd -party feeds
Security Intelligence Operation
Cisco Security Solutions Threat Intelligence: SIO Secure Network and Branch Secure Access Secure Mobility Secure Data Center and Cloud Firewall IPS VPN Security management Router and Switch integrated security Security modules Policy Management 802.1x NAC Posture assessment Device profiling Identity Services Confidentiality VPN Mobile security client Wireless IPS Remote worker Virtual office Mobility security Email Security Web Security Cloud-based content security services
Mobility: Opportunity and Challenge Location More People, Working from More Places, Device Using More Devices, Accessing More Diverse Applications and Passing Sensitive Data Application
Traditional Remote Access VPN Limited Predominantly PC-based Client Support ASA 5500 Manual Numerous clicks Non-persistent Connection No Security or Visibility Intranet Corporate File Sharing Security Rarely-On Only connected if / when absolutely necessary
Traditional Mobile Web Security Limited Clients Predominantly PC-based Client Support Data Loss Prevention Acceptable Use Threat Prevention Access Control Limited Security URL-filtering client unable to address key use cases Access No Access Intranet Corporate File Sharing No Access Not integrated, requires separate VPN client
Cisco Secure Mobility 安 全 遠 端 存 取 方 案 AnyConnect + ASA SSLVPN/ IPsec VPN + Web Security Choice Diverse Endpoint Support for Greater Flexibility Data Loss Prevention Threat Prevention Acceptable Use Access Control Security Rich, Granular Security Integrated Into the network Access Granted Intranet Corporate File Sharing Experience Always-on Intelligent Connection for Seamless Experience and Performance
Cisco AnyConnect 3.0 Multifunctional security client Multiple VPN Connectivity Options Supports IPsec VPN (IKEv2) and SSL VPN in one client Supports Windows 7 (including 32 and 64 bit), Mac, Linux, Apple iphone/ipad, Android Hybrid secure mobility deployment options ScanSafe cloud security with Anywhere+ client Web Security Appliance on-premises Unified client for identity-based networking 802.1x and MACsec Integrated connection manager Enables productivity anywhere, anytime Increase productivity Lower costs Embrace secure mobility
新 世 代 的 網 頁 安 全 解 決 方 案 Web Security Appliance 使 用 Cisco IronPort 之 後 Internet Internet Firewall IronPort S-Series Users
IronPort AsyncOS for Web 無 與 倫 比 的 網 頁 防 護 系 統 平 台 MANAGEMENT TOOLS L4 Traffic Monitor 惡 意 網 站 監 控 Web Usage Control 內 容 使 用 控 制 Web Reputation Filter 名 譽 資 料 庫 Anti-Malware System 惡 意 軟 體 防 堵 THE IRONPORT ASYNCOS EMAIL PLATFORM IronPort AsyncOS Web Security Platform 7*24* 全 年 無 休, 全 面 監 控 惡 意 軟 體 變 種 與 感 染, 有 效 防 堵 惡 意 軟 體 預 防 內 部 電 腦 遭 受 到 惡 意 軟 體 的 攻 擊, 避 免 個 人 / 企 業 的 資 料 因 而 外 洩 針 對 使 用 者 的 傳 輸 內 容 有 效 控 制, 避 免 不 當 內 容 上 傳 / 下 載 增 進 員 工 生 產 力, 提 高 網 路 頻 寬 可 用 資 源
Threat Protection In a Cisco Secure and Protected Borderless Network On-Line Trading for Business Fake Site Phishing Phishing Link Received from IM
Acceptable Use Policy In a Cisco Secure and Protected Borderless Network Acceptable Use Policy Access Control Violation Employee in Finance Instant Messaging File Transfer over IM
Acceptable Use Policy In a Cisco Secure and Protected Borderless Network Acceptable Use Policy Access Control Violation Employee in Marketing Department
Data Security In a Cisco Secure and Protected Borderless Network Data Security Policy Data Security Violation Employee at Unmanaged Device
Gartner Magic Quadrant for Secure Web Gateway (May 2011)
Cisco Secure Mobility 安 全 遠 端 存 取 方 案 AnyConnect Secure Mobility Client Simplified remote access Connection and app persistence Always-on VPN enforcement Web Security Appliance Richer Web Controls Location-aware policy Application controls SaaS Access Control 3 Combined Solution End-to-End Seamless Security Information Sharing Between Cisco ASA and Cisco WSA News Email AnyConnect ASA Cisco Web Security Appliance Corporate AD Social Networking Enterprise SaaS
Thank you.