Oriol Madriles

Security Virtual Systems Engineer

March 2016

Fully Integrated, Threat-Focused Next-Generation Firewall

Cisco NGFW

In our live Security Experts Webinars discover all the items needed to help set up the best security architecture.

Get ahead of attackers with threat-centric security solutions

What a Next Generation

Firewall should be Advanced Malware

Protection

Protect your email

and web gateways ISE/Access Control

And many other hot security topics so check our Security Experts Page

and register to our upcoming webinars- ww.cisco.com/go/securityexperts

Title Goes Here Digital Transformation on a Massive Scale

Attack

Sophistication

Threat

Actors

Attack

Surface

Global Cybercrime Market: $450B to $1T

15B

500B

$19T Opportunity

Next 10 Years

Devices

In 2030

Devices

Today

Title Goes Here

Focused on apps, not threats Another silo to manage

Content

Network

Access

Web Security

Email Security

VPN

Access Control

Malware Protection

Malware Analysis

IPS

NGFW

Firewall

Threat

Threat

Threat

Typical NGFWs are focused too narrowly

and are too hard to manage

Attack Continuum

GAP

They protect before an attack but are less effective during or after one

Enable applications

Typical NGFW

BEFORE AFTER DURING

Silos

DDoS Sandbox URL IPS Incident

Response

John Chambers

Executive Chairman, Cisco

April 2015

Security is Cisco’s number 1 priority.

We are going big and making

strategic investments to become our

customers’ and partners’ most

trusted security advisor.

“ We are committed to addressing this problem

In the last 18 months, we invested over $3.7B in security

“

Detect earlier,

act faster

Gain more

insight

Reduce

complexity

Get more from

your network Stop more

threats

Enable your business with a fully integrated, threat-focused solution

Threat Focused Fully Integrated

Cisco NGFW

Stop more threats across the entire attack continuum

Remediate breaches and

prevent future attacks

Detect, block, and defend

against attacks

Discover threats and enforce

security policies

Cisco NGFW

BEFORE AFTER DURING

“You can’t protect what you can’t see”

Gain more insight with increased visibility

Malware

Client applications

Operating systems

Mobile devices

VoIP phones

Routers and switches

Printers

Command

and control

servers

Network servers

Users

File transfers

Web

applications

Application

protocols

Threats

Typical IPS

Typical NGFW

Cisco NGFW

Cisco: 17.5 hours Industry TTD rate:* 100 days

Detect infections earlier and act faster

• Automated attack

correlation

• Indications of

compromise

• Local or cloud

sandboxing

• Malware infection

tracking

• Two-click containment

• Malware analysis

Source: Cisco® 2016 Annual Security Report

*Median time to detection (TTD)

JAN

MONDAY

1

JAN

FEB

MAR

APR

Cisco Firepower™ Management Center

Reduce complexity with simplified, consistent management

• Network-to-endpoint visibility

• Manages firewall, applications, threats, and files

• Track, contain, and recover remediation tools

Unified

• Central, role-based management

• Multitenancy

• Policy inheritance

Scalable

• Impact assessment

• Rule recommendations

• Remediation APIs

Automated

Shared intelligence

Shared contextual

awareness

Consistent policy

enforcement Cisco Firepower™ Management Center

Get more from your network through integrated defenses

Talos

Firepower 4100 Series Firepower 9300 Platform

Visibility Radware

DDoS Network analysis Email Threats

Identity and NAC DNS Firewall URL

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13

100 TB

Intelligence

1.6M sensors

150 million+

endpoints

35%

email world wide

FireAMP™, 3+

million

13B web req

AEGIS™ &

SPARK

Open Source

Communities

180,000+ Files per

Day

1B SBRS Queries

per Day

3.6PB Monthly

though CWS

Advanced Industry Disclosures

Outreach Activities

Dynamic Analysis

Threat Centric Detection Content

SEU/SRU

Sandbox

VDB

Security Intelligence

Email & Web Reputation

Email Endpoints Web Networks IPS Devices

WWW

10I000 0II0 00 0III000 II1010011 101 1100001 110

110000III000III0 I00I II0I III0011 0110011 101000 0110 00

I00I III0I III00II 0II00II I0I000 0110 00

101000 0II0 00 0III000 III0I00II II II0000I II0

1100001110001III0 I00I II0I III00II 0II00II 101000 0110 00

100I II0I III00II 0II00II I0I000 0II0 00

Research Response

[Talos]

Threat

Intelligence

Threat Focused

With Cisco NGFW, security can be a business growth engine

Detect earlier,

act faster

Gain more

insight

Reduce

complexity

Get more from

your network Stop more

threats

Threat Focused Fully Integrated

Cisco NGFW

Product and Services

Fully Integrated Threat Focused Unified Management

• FW / applications / IPS

• Cisco® AMP – network /

endpoint

• Analysis and remediation

• Cisco security solutions

• Networkwide visibility

• Industry-best threat

protection

• Known and unknown

threats

• Track / contain / recover

• Across attack continuum

• Manage, control, and

investigate

• Automatically protect

Introducing Cisco NGFW

Cisco NGFW Platforms

*5585-X management available 2H CY16

All* Managed by Cisco Firepower Management Center

Cisco Firepower™ 4100

Series and 9300

Cisco FirePOWER™ Services

on ASA 5585-X

Cisco ASA with Firepower

Services on ASA 5500-X

New Appliances

Cisco Firepower 4100 Series Introducing four new high-performance models

Performance and

Density Optimization Unified Management

Multiservice

Security

• Integrated inspection engines

for FW, NGIPS, Application

Visibility and Control (AVC),

URL, Cisco Advanced

Malware Protection

(AMPRadware DefensePro

DDoS)

• ASA and other future

third party

• 10-Gbps and 40-Gbps

interfaces

• Up to 80-Gbps throughput

• 1-rack-unit (RU) form factor

• Low latency

• Single management interface

with Firepower Threat Defense

• Unified policy with inheritance

• Choice of management

deployment options

Cisco Firepower 9300 Platform

Benefits • Integration of best-in-class security • Dynamic service stitching

Features* • Cisco® ASA container • Cisco Firepower™ Threat Defense

containers: • NGIPS, AMP, URL, AVC

• Third-party containers: • Radware DDoS • Other ecosystem partners

Benefits • Standards and interoperability • Flexible architecture

Features • Template-driven security • Secure containerization for

customer apps • RESTful/JSON API • Third-party orchestration and

management

Benefits • Industry-leading performance:

• 600% higher performance • 30% higher port density

Features • Compact, 3RU form factor • 10-Gbps/40-Gbps I/O; 100-Gbps

ready • Terabit backplane • Low latency, intelligent fast path • Network Equipment-Building

System (NEBS) ready

* Contact Cisco for services availability

Modular Carrier Class Multiservice

Security

High-speed, scalable security

Features

Context

and Threat

Correlation

Automated, Integrated Defenses

Context and Threat Correlation

Priority 1

Priority 2

Priority 3

Impact Assessment

Automated, Integrated Defenses

Dynamic

Security Control

WWW WWW WWW http://

http:// WWW WEB

Dynamic Security Control

Adapt Policy to Risks

Automated, Integrated Defenses

Multivector

Correlation

PDF Mail

Admin

Request

PDF

Mail

Admin

Request

Host A

Host B

Host C

3 IoCs

5 IoCs

Multivector Correlation

Early Warning for Advanced Threats

Advanced Malware Protection - Preventive

Reputation Filtering and File Sandboxing

All detection is less than 100%

Dynamic

Analysis

Machine

Learning

Fuzzy

Finger-Printing

Advanced

Analytics

One-to-One

Signature

Automated, Integrated Defenses

Retrospective

Security

Retrospective Security

Shrink Time Between Detection and Cure

Enterprise

Capabilities

Continuous &

Zero-Day Detection Advanced Analytics

And Correlation

Expanding Advanced Malware Protection Everywhere

Dedicated FirePOWER

Appliance

Web & Email Security

Appliances

Private Cloud

Cloud Based Web Security

& Hosted Email ASA

NGIPS /NGFW on

FirePOWER

PC / MAC

Virtual Mobile

John Chambers

Executive Chairman, Cisco

April 2015

Security is Cisco’s number 1 priority.

We are going big and making

strategic investments to become our

customers’ and partners’ most

trusted security advisor.

“ We are committed to addressing this problem

In the last 18 months, we invested over $3.7B in security

“