cs-mars presentation

download

of 35

  • date post

    29-Mar-2015
  • Category

    Documents
  • view

    117
  • download

    2

Embed Size (px)

transcript

Cisco Security Management Suite Cisco Security Manager Overview

EBC Presentation Presenter:

205523.Y_C97-60001-00

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

1

Self-Defending Network DefinedEfficient security management, control, and response

PolicyBased Management and Enforcement

Advanced technologies and security services to Mitigate the effects of outbreaks Protect critical assets Ensure privacy

Threat Control and Containment

Secure Transactions

Confidential Communications

Security as an integral and fundamental network featureSession Number 205523.Y_C97-60001-00 Presentation_ID 2006 Cisco Systems, Inc. All rights reserved.

Secure Network Infrastructure

Cisco Confidential

2

Cisco Self-Defending Network:

Using the Network to Identify, Prevent, and Adapt to Threats

IntegratedEnabling every element to be a point of defense and policy enforcement

CollaborativeCollaboration among the services and devices throughout the network to thwart attacks

AdaptiveProactive security technologies that automatically prevent threats

Session Number 205523.Y_C97-60001-00 Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

3

Cisco Security Management Suite Monitoring, Analysis, and MitigationHow to control access to network assets Who can do what

Identity

Branch

Too much meaningless raw data...

Analysis

Branch Data Center Branch Data Center SOHO Partner

Need to monitor Multivendor networks

Monitoring

Patch ManagementImage, inventory, signature

Data Center

Partner

How to use network to eliminate threats

Mitigation

How to rapidly deploy new policies

Configuration

Session Number 205523.Y_C97-60001-00 Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

4

Ciscos Security Management EvolutionFrom Network and Security Management Separate Vendor-Specific monitoring Device-Level Management Only Siloed Operations Teams Point Solutions for Configuration, Monitoring To Managing Networks with Embedded Security Monitoring of Multi-Vendor System-Wide, End-to-End, Policy-Based Management Support of Integrated NetOps and SecOps Closed Loop Management

Session Number 205523.Y_C97-60001-00 Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

5

Cisco Security Management Value Summary

Cisco Management Best-of-breed applications which are integrated, collaborative and adaptive Reduced TCO Simplified service management Integrated policy management and log monitoring Greater visibility of threats Set once, deploy network wide Integrated SecOps and NetOps

Session Number 205523.Y_C97-60001-00 Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

6

Cisco Security Management Framework VisionThe Operational Framework

Network Access

SDN Security Solutions:

NAC

Clean Access

Partners Configuration Management Monitoring, MitigationIdentity Management

Anti-X

Outbreak prevention Intrusion Prevention CSA Desktop/Server

Policy

Vulnerability Assessment

Foundation

Firewall VPN SSL VPN

Identity/RoleBased Access

Patch Management

Auditing and Compliance

Data Archiving and Reporting

SDN Network Fabric:ASDM AppliancesSession Number 205523.Y_C97-60001-00 Presentation_ID 2006 Cisco Systems, Inc. All rights reserved.

SDM TIDP Routers

CVDM Switches Svc Modules

CSA MC End PointsCisco Confidential 7

TodayCisco Security Management SuiteCisco Security ManagerSimplified Policy Administration End-to-End Configuration Network wide or Device SpecificFABRIC

Cisco Security MarsRapid Threat Identification and Mitigation Topology Awareness Data Correlation

Integration to Cisco Secure Access Control ServerRole Based access control Privileged based access to management functionality

With the Context of Auditing ServicesSession Number 205523.Y_C97-60001-00 Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

8

Transition from CiscoWorks VMSCisco Security Manager CS ManagerNEW

CiscoWorks VPN/Security Management Solution Firewall Management Center Router Management Center IDS Management Center Management Center for Performance Resource Manager Essentials Cisco Security Agent Management Center SecurityMonitorADVANCED SDN SOLUTIONSFABRIC

CSA Manager

Cisco Security Monitoring, Analysis, and Response System CS MARS

Session Number 205523.Y_C97-60001-00 Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

9

Cisco Security ManagerOverviewSuperior UsabilityAdminister policies visually on tables or topology map

VPN AdministrationVPN Wizard setup site-to-site, hub-spoke, and full-mesh VPNs with a few mouse clicks Configure remote-access VPN, DMVPN, and Easy VPN devices

Centralized Policy AdministrationCentrally provision policies for firewalls, VPNs, and IPS Very scalable Policy inheritance feature enables consistent policies across enterprise Powerful device grouping options

Jumpstart help: an extensive animated learning tool Flexible management views: Policy-based Device-based Map-based VPN Manager IPS Manager Deployment Manager

Firewall Administration

Configure policies for ASA, Cisco PIX FW, FW SM and Cisco IOS Software Single rule table for all platforms Intelligent analysis of policies Sophisticated rule table editing Compresses the number of access rules required

IPS AdministrationAutomatic updates to the IPS sensors Support for outbreak prevention services

Session Number 205523.Y_C97-60001-00 Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

10

Security Management EBC

Cisco Security MARSOverviewVisualization Reduced Complexity

Visualize attack paths and identify network hot spots Identifies valid incidents and minimizes false positives Higher network availability Identify day-zero attacks, reduce resolution time

Lower TCO Appliance based Simple to install solution

MultivendorPowerful monitoring, analysis, response system Multivendor support Correlate events from multiple sources such as vulnerability assessment and NetFlow data to detect anomalies

Mitigation of Attacks

No hidden customization costs Simple licensing, no software agents

Mitigate attacks by isolating switch ports and applying ACLs closest to source Know what, where, and how of threats Leverage the intelligence in the network to enforce security policies

Session Number 205523.Y_C97-60001-00 Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

11

Cisco Security ManagementValue SummaryBest of breed applications which are integrated, collaborative and adaptive

Differentiating Capability Policy abstraction, sharing and inheritance Domain-based policy enforcement through device abstraction Operations workflow

Value/Benefit Reduces complexity, do more with fewer resourcesReduce OPex Enforce policies based on organizational needsReduce Opex Enable collaboration between SecOps and NetOpsAdvanced flexibility and control Faster deployment, ensure latest polices are on the deviceHigher network availability Greater visibility of threats, faster problem isolation and remediation Improved network resiliencyCisco Confidential 12

Scaleable distributed deployment Security event log to policy lookup, real time event viewerSession Number 205523.Y_C97-60001-00 Presentation_ID 2006 Cisco Systems, Inc. All rights reserved.

Cisco Security Management Suite Cisco Security Manager

EBC Presentation Presenter:

205523.Y_C97-60001-00

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

13

Distributed Protection CS MARS detects an incident CS Administrator updates a shared policy in one place A single deploy to protect the network Scale through use of distributed deployment using CNS Configuration Engine

CS MARS and CS Manager in ActionProtectedBranch Office Branch Office

Corporate LAN

Data Center

CNS-CE4

1Branch Office

3

Branch Office

CS-MARS

2

CS Manager

Session Number 205523.Y_C97-60001-00 Presentation_ID

2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

14

Cisco Security ConfigurationAgenda Focuses on Configuration Management of Security Polices in the Network Usability is KeyProvides multiple views to fit the operational needs Easy-to-use, visually appealing user interface Wizards to reduce complexity Advanced tools for the sophisticated user

Core-Differentiating ConceptsPolicy sharing and inheritance Domains-based policy enforcement Decision support workflow for NetOps/SecOps Rolls-based access control for scaled operations Distributed large-scale deploymentSession Number 205523.Y_C97-60001-00 Presentation_ID 2006 Cisco Systems, Inc. All rights reserved.

Cisco Confidential

15

Cisco Security Manager Feature Rich front-end Different views for different administration preferenceDevice View Topology View Policy View

CS Manager

It Has to be Easy to Use and FlexibleTopology View

Policy View

Unified securit