Security @ Cisco Roadshow 2017
-
Upload
cisco-greece -
Category
Business
-
view
85 -
download
2
Transcript of Security @ Cisco Roadshow 2017
![Page 1: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/1.jpg)
Cisco Roadshow 2017
Nikos Mourtzinos, CCIE #9763
Cisco Security Product Sales Specialist
Cisco Integrated Threat Defense
![Page 2: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/2.jpg)
Security as a Business Enabler
![Page 3: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/3.jpg)
The Security Problem
Changing Business Models
Dynamic Threat Landscape
Complexity and Fragmentation
![Page 4: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/4.jpg)
Digital Disruption Drives the Hacker EconomyThere is a multi-billion dollar global industry targeting your prized assets
Social Security
$1
MobileMalware
$150
$Bank
Account Info>$1000 depending
on account type and balance
FacebookAccounts$1 for an
account with 15 friends
Credit CardData
$0.25-$60
MalwareDevelopment
$2500(commercial
malware)
DDoS
DDoS asA Service~$7/hour
Spam$50/500K
emails MedicalRecords
>$50
Exploits$1000-$300K
$450 Billion
![Page 5: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/5.jpg)
World’s biggest data breaches
http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/
![Page 6: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/6.jpg)
Recent Breaches
![Page 7: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/7.jpg)
Failure of Legacy Security Architectures
Limited Visibility
Endpoint AV
UTM ServicesIPS
Network AV
Web Security
EmailSecurity
Edge Firewall
Lacks Correlation Manual Response
internet
Endpoint Alert
Email AlertWeb Alert
IDS AlertAV Alert
Vendor 1
Vendor 2
Vendor 3
Vendor 4
Vendor 5
NAC
Vendor 6
Complexity and Fragmentation
![Page 8: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/8.jpg)
Customer Questions
WHAT Cisco Security DO ?
HOW WE DO IT ?
WHAT MAKES US DIFFERENT ?
WHAT OTHER Customers SAY ?
![Page 9: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/9.jpg)
What Cisco Security do ?only company with security product revenue exceeding a $2 billion annualized run rate with double-digit growth
Market Recognition : Focus on NSS, acquisitions, integration, Market Recognition
BEST SECURITYCOMPANY
Security Value Map Leader:NGFW, NGIPS and Breach Detection Systems (AMP) Cisco’s Security Everywhere...
“that’s pretty brilliant”
Interop 2016
Cisco Best NGFW awardCisco’s Network Security Portfolio finally stands on its own merit
![Page 10: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/10.jpg)
Cisco is Investing in Security Growth
1995
•• PIX Firewall which was foundation of current ASA-X •• Top Leader of
contents security
2007 2009 2013 2014
•• Leading Dynamic Malware Analysis (Sandbox)
•• Currently Integrated to AMP
•• Top Leader of Cloud-based Web Security
•• Snort®, ClamAV®, Open source projects Founder
•• VRT World-class research
•• Top Leader of IPS
•• Top Leaders of security advisory services
•• Provides risk management and compliance to Fortune 500 customers
2015
•• Leading securityanalytics platform to defend against advanced cyber threats
•• Cloud based DNS security service
2016
![Page 11: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/11.jpg)
Packet Brokering Network Infrastructure & Policy Management
Performance Management &
VisualizationMobility
Packet Capture & Forensics
SIEM & Analytics
Remediation & Incident Response
Vulnerability Management
Custom Detection
Firewall/Access Control
DiscoverEnforceHarden
DetectBlockDefend
ScopeContain
Remediate
IAM/SSO
Ecosystem and Integration
Combined API Framework
![Page 12: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/12.jpg)
HOW WE DO IT ?
![Page 13: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/13.jpg)
Security Architecture
TALOS ThreatIntelligence Cloud
1. ASA 5500X
1. FMC Management, Reporting,Analytics
1. ASA Firepower
![Page 14: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/14.jpg)
Security Architecture
TALOS ThreatIntelligence Cloud
Windows OS Android Mobile Virtual MAC OS
CentOS, Red Hat Linux for servers and datacenters
2. AMP for Endpoints
2. AMP for Endpoints
Remote Endpoints
AMP for Endpoints can be launched from Cisco AnyConnect®
1. ASA 5500X
1. FMC Management, Reporting,Analytics
1. ASA Firepower2. AMP for endpoint
![Page 15: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/15.jpg)
Security Architecture
TALOS ThreatIntelligence Cloud
Windows OS Android Mobile Virtual MAC OS
CentOS, Red Hat Linux for servers and datacenters
2. AMP for Endpoints
2. AMP for Endpoints
Remote Endpoints
AMP for Endpoints can be launched from Cisco AnyConnect®
1. ASA 5500X
3. Email Security
1. FMC Management, Reporting,Analytics
1. ASA Firepower2. AMP for endpoint3. Email Security
![Page 16: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/16.jpg)
Security Architecture
TALOS ThreatIntelligence Cloud
Windows OS Android Mobile Virtual MAC OS
CentOS, Red Hat Linux for servers and datacenters
2. AMP for Endpoints
2. AMP for Endpoints
Remote Endpoints
AMP for Endpoints can be launched from Cisco AnyConnect®
1. ASA 5500X
3. Email Security4. Cisco Identity Services Engine(Cisco ISE)
1. FMC Management, Reporting,Analytics
1. ASA Firepower2. AMP for endpoint3. Email Security4. Cisco ISE
![Page 17: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/17.jpg)
Malware Protection
Cisco ASA Firepower
Network Profiling
CISCO COLLECTIVE SECURITY INTELLIGENCE
URL Filtering
Integrated Software - Management
WWW
Identity-Policy Control
Identity Based Policy Control
Network Profiling
Analytics & AutomationApplication
Visibility &Control
Intrusion Prevention
High Availability
Network Firewall and
Routing
![Page 18: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/18.jpg)
Enhanced Security & Simplifies Operations & Cost Savings
Superior Network Visibility
Servers, hosts, Mobiles Applications, OS, Vulnerabilities,
Impact Assessment & Correlation
Threat correlation reduces actionable events by up to 99%
Automated Tuning
Adjust IPS policies automatically based on network changes
World Class Research Center
Security Intelligence
Indications of Compromise
Warning indicator to more rapidly remediate threats
Advanced Malware Protection
Analyses files to block malware
![Page 19: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/19.jpg)
Superior Network VisibilitySuperior Network
Visibility
Rogue hosts, Vulnerabilities,Applications, OS, Servers, Mobiles
Categories
Hosts üNetwork Servers üRouters & Switches üMobile Devices üPrinters üVoIP Phones üVirtual Machines üOperating Systems üApplications (Web , Client etc) üUsers üFile Transfers üCommand & Control Servers üThreats üVulnerabilities ü
You can’t protect
what you can’t see”
Real-time notifications of changes
![Page 20: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/20.jpg)
Security IntelligenceWorld-Class Threat Research
19.7BThreats Per Day
1.4M
1.1M
1.8B
1B
8.2B
Incoming Malware Samples Per Day
Sender Base Reputation Queries
Per Day
Web Filtering Blocks Per Month
AV Blocks Per Day
Spyware Blocks Per Month
250Threat Researchers
100TBThreat Intelligence
World Class Research Center
Security Intelligence
http://blog.talosintel.com
![Page 21: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/21.jpg)
Automated TuningAdjust IPS policies automatically
based on network changes
Automated Tuning
• Automated Recommended Rules based on Organization’s Infrastructure
• Automated IPS Policies based on Changes
• Simplifies Operations & Reduces Costs
NSS IPS Test Key Findings:Protection varied widely between 31% and 99%. Tuning is required, and is most important for remote attacks against servers and their applications. Organizations that do not tune could be missing numerous “catchable” attacks.
![Page 22: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/22.jpg)
Impact Assessment & CorrelationImpact Assessment &
Correlation
Automatically Correlatesall intrusion events
ImpactAssessmentThreatcorrelationreducesactionableevents
Threat correlation reduces actionable events by up to 99%
1
2
3
4
0
IMPACT FLAG ADMINISTRATOR ACTION WHY
Act Immediately; Vulnerable
Event corresponds with vulnerability mapped to host
Investigate; Potentially Vulnerable
Relevant port openor protocol in use, but no vulnerability mapped
Good to Know; Currently Not Vulnerable
Relevant port not open or protocol not in use
Good to Know; Unknown Target
Monitored network,but unknown host
Good to Know; Unknown Network
Unmonitored network
![Page 23: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/23.jpg)
Advanced Malware ProtectionAnalyses files to block malware
Advanced Malware Protection
Analyses files to detect and block malware
• File Reputation
• Big data analytics
• Dynamic Analysis with Sandboxing (outside-looking-in)
• Continuous analysis
![Page 24: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/24.jpg)
Cisco Confidential 24© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Advanced Malware Protection
Network Traffic
1) File Capture
![Page 25: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/25.jpg)
Cisco Confidential 25© 2013-2014 Cisco and/or its affiliates. All rights reserved.
TALOSCisco Collective
Security Intelligence
1) File Capture
Advanced Malware Protection
Network Traffic
2) Send File Fingerprint SHA256
![Page 26: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/26.jpg)
Cisco Confidential 26© 2013-2014 Cisco and/or its affiliates. All rights reserved.
1) File Capture
Advanced Malware Protection
Malware Alert!
3) File look-up returns "malware”File dropped immediately
Network Traffic
2) Send File Fingerprint SHA256
TALOSCisco Collective
Security Intelligence
![Page 27: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/27.jpg)
Cisco Confidential 27© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Advanced Malware Protection
Network Traffic
AMP File Reputation =Unknown
AMP Dynamic Malware
Analysis
4
5
![Page 28: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/28.jpg)
Sandboxing
![Page 29: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/29.jpg)
Cisco Confidential 29© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Network Traffic
AMP File Reputation =Unknown
AMP Dynamic Malware
Analysis
Retrospective Incidents
AMP Retrospection
TALOS
4
5
6
Advanced Malware Protection
![Page 30: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/30.jpg)
Indications of Compromise (IoCs) Indications of Compromise
IPS Events
Malware Backdoors CnC Connections
Exploit Kits Admin Privilege Escalations
Web App Attacks
SI Events
Connections to Known CnC IPs
MalwareEvents
Malware Detections
Malware Executions
Office/PDF/Java Compromises
Dropper Infections
Warning indicator to more rapidly remediate threats
Early warning indicator to rapidly remediate threats before they spread
![Page 31: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/31.jpg)
31© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Correlation
![Page 32: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/32.jpg)
32© 2013-2014 Cisco and/or its affiliates. All rights reserved.
![Page 33: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/33.jpg)
33© 2013-2014 Cisco and/or its affiliates. All rights reserved.
![Page 34: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/34.jpg)
AMP Protection Across the Extended Network
AMP ThreatIntelligence Cloud
Windows OS Android Mobile Virtual MAC OS
CentOS, Red Hat Linux for servers and datacenters
AMP for Endpoints
AMP for Endpoints
Remote Endpoints
AMP for Endpoints can be launched from Cisco AnyConnect®
![Page 35: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/35.jpg)
What do you get with AMP for Endpoints?inspect processes and files,
Track malware’s spread and communications
Identifies Known and unknown threats
Quarantine Threats on the Endpoint
Includes Antivirus and 0day threat detection
![Page 36: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/36.jpg)
Where did the malware come from?Where has the malware been?What is it doing?
What happened?
How do we stop it?
Automatically Quarantine Threats on the Endpoint
What do you get with AMP for Endpoints?
![Page 37: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/37.jpg)
Email is still the #1 threat vector
Phishing
Spoofing
Ransomware
Messages contain attachments and URL’s
Socially engendered messages are well crafted
and specific
Credential “hooks” give criminals access to your
systems
94% of phish mail has malicious attachments1
30% of phishing messages are opened1
$500M
Loss incurred due to phishing attacks in a year by US companies2
12016 Cisco Annual Security Report22016 Verizon Data Breach Report, Kerbs on Security
![Page 38: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/38.jpg)
Cisco Email Security (Overview)
BeforeAfterDuring
Tracking User click Activity
(Anti-Phish)
ReportingMessage Track
Management
Allow Warn
AdminHQ
File Sandboxing & Retrospection
Anti-Spam and
Anti-Virus
Mail Flow Policies Data Loss
Protection Encryption
Before During
X X XX
X XXX
X
Inbound Email
Outbound Email
ContentControls
Block Partial Block
X
EmailReputation
AcceptanceControls File
ReputationAnti-SpamAnti-Virus Outbreak
Filters
X
Mail FlowPolicies Forged
EmailDetection
X
Incoming Threat
HIPAAOutbound Liability
Anti-PhishThreatGrid URL Rep & Cat
CiscoAppliance VirtualCloud
Talos
![Page 39: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/39.jpg)
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
Identity Services Engine
Who/What is currently connected on the Network ?
How Do I Control Who and What Access the Network/Resources?
ComplianceInsider ThreatOnce inside, threats can spread quickly
How to Quarantine a User ?
![Page 40: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/40.jpg)
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
Who What Where When How
Virtual machine client, IP device, guest, employee, and remote user
Policy Controller
Wired Wireless VPN
Business-Relevant Policies
Identity ContextPolicy Management Increases Operational Efficiency
Onboarding & MDM Integration Increases Productivity and Improves User Experience
Device Profiling & Posture RemediationProvides Comprehensive Secure Access
Network Enforcement Decreases Operational Costs
All-in-One Enterprise Policy Control
![Page 41: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/41.jpg)
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
Enterprise Mobility
Who?
When?
Where?
How?
What?
Employee Guest
Personal Device Company Asset
Wired Wireless VPN
@ Vessel Headquarters
Weekends (8:00am – 5:00pm) GMT
![Page 42: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/42.jpg)
42© 2013-2014 Cisco and/or its affiliates. All rights reserved.
ASA Firepower & Cisco ISE
Next Gen Intrusion Prevention &Advanced Malware Protection
Threat Detection Quarantine Action
SpeedsTime-to-ContainmentsoinfectedendpointsarequicklyandautomaticallyremovedasthreatsLowerscostsasoperationaloverheadandmalware-relatedcostsareminimized,whileenablinguseofalready-deployedCisconetworkingdevicesforenforcement
Network
Cisco® ISE
Visibility
Correlation
Automated Actions
![Page 43: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/43.jpg)
Protect users wherever they access the internet
Malware Phishing
C2 Callbacks
![Page 44: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/44.jpg)
DNS is used by every device on your network.
![Page 45: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/45.jpg)
First line of defense against internet threatsUmbrella OpenDNS
SeeVisibility to protect access everywhere
LearnIntelligence to see attacks
before they launch
BlockStop threats before
connections are made
![Page 46: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/46.jpg)
Key pointsVisibility and protection everywhere
Deployment in minutes
Integrations to amplify existing investments
208.67.222.222
Umbrella OpenDNS
The fastest and easiest way to block threats
MalwareC2 Callbacks
Phishing
![Page 47: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/47.jpg)
Global prevention withCisco Umbrella and AMP
AMP
![Page 48: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/48.jpg)
CloudLock API Access (Cloud to Cloud)
Public APIs
Cisco ASA NGFW
ManagedUsers
ManagedDevices
ManagedNetwork
UnManagedUsers
UnManagedDevices
UnManagedNetwork
ADMINOAUTH
ACCESS
![Page 49: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/49.jpg)
Users/Accounts Data
What CloudLock Protects
Applications
![Page 50: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/50.jpg)
Addressing the Top Threats in the Cloud
Top Threats CloudLock
Data Breaches
Weak Identity, Credential and Access Management
Insecure Interfaces and APIs
Account Hijacking
Malicious Insiders
Source: Cloud Security Alliance (CSA), 2016
![Page 51: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/51.jpg)
51© 2013-2014 Cisco and/or its affiliates. All rights reserved.
What makes us Different ?
Visibility “You can’t protect what you can’t see”
Automated Tuning of NGIPS Automated Impact AssessmentIndications of Compromise (IoCs)
Enhances Security, Simplifies Operations & Reduces Costs
Dynamic Analysis with Sandboxing
NSS Labs Detection Results (100% breach detection rate, Fastest time to detection)
Continuous analysis Retrospection and integration of ASA Firepower AMP & ESA AMP with AMP for Endpoint(key differentiator that caused serious issues to Competitors)
Unified Management (Firepower Management Center)
NGFW configuration & event management, vulnerability management, impact assessment, retrospective analysis & correlation
![Page 52: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/52.jpg)
52© 2013-2014 Cisco and/or its affiliates. All rights reserved.
What makes us Different ?
Email Threats #1,Spear Phishing, Spoofed emails, Randsomware
Protect #1 Enhance Email Security
Who/What is currently connected How Do I Control Who and What Access the Network/Resources?How to Quarantine a User ?
ISE and ISE / Firepower Integration
Integration with AMP for Endpoint
inspect processes and files,Track malware’s spread and communicationsAutomatically Quarantine Threats
![Page 53: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/53.jpg)
53© 2013-2014 Cisco and/or its affiliates. All rights reserved.
![Page 54: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/54.jpg)
54© 2013-2014 Cisco and/or its affiliates. All rights reserved.
§ A leader for 3rd year in a row in BDS test – detecting 100% of malware, exploits & evasions.
§ Faster time to detection than any other vendor
§ Cisco delivers breach detection across more platforms and attack vectors than any other solution - blocking more threats, faster.
A Leader in Security EffectivenessOnly Cisco with its architectural approach to security can provide an integrated solution that can see a threat once and block it everywhere.
Figure1.NSSBreachDetectionTestResultsforCisco- August2016
![Page 55: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/55.jpg)
WHAT OTHER Customers SAY ?
http://www.cisco.com/c/en/us/products/security/customer-case-study.html
![Page 56: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/56.jpg)
![Page 57: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/57.jpg)
Case Study
George Venianakis, CCIE™ #8418Head, Global MSS & GX Operations
SpeedCast
February 7th 2017, Divani Caravel
![Page 58: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/58.jpg)
Who are we and what we doA leading Global Communications and IT Service Provider
ASX:SDA – HQHK - 1200 Employees – 90 CountriesMaritimeEnergy
EnterpriseTELCOMining
GovernmentNGOMedia
![Page 59: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/59.jpg)
Challenge
• Create an Inmarsat-enabled DataCenter and PoP• Close to a hundred percent network availability• Deliver ISP and connectivity to maritime vessels• Remotely and Centrally managed• State of the art security offerings• Simplified and fully programmable approach• Single Vendor platform• Limited ICT staff resources.
![Page 60: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/60.jpg)
Solution
• Cluster of ASA-X NGFW w/FirePOWER® and FireSIGHT®• REST API management approach• Quad ASR4K• Simplified Operations, Management And Support• IPS, AMP, AVC, URL Filtering• Full Reporting• Small-to-Moderate CAPEX• Small OPEX• Rigid, Unified, Security Services offerings
![Page 61: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/61.jpg)
Visibility through FireSIGHT
![Page 62: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/62.jpg)
Protocols, Events, Risk
![Page 63: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/63.jpg)
Files Dispersion
![Page 64: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/64.jpg)
Geolocation Information
![Page 65: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/65.jpg)
File Trajectory
![Page 66: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/66.jpg)
BenefitsSimplified, REST API-based, centralized management available to the involved staff while maintaining low headcount for operations.
State of the art automated services, availability and reliabilityof the networking services as well as robust scalability to meet future needs.
Low OPEX
![Page 67: Security @ Cisco Roadshow 2017](https://reader031.fdocuments.in/reader031/viewer/2022021919/58b88fcd1a28ab3e3a8b57c1/html5/thumbnails/67.jpg)
Why Cisco Now
With Cisco, there’s never been a better time to know what’s happening in our entire network. There’s never been a better time to be protected as the threats are stopped before, during and after the attacks. We can automate security, even after attacks, across physical, virtual and cloud to reduce complexity and quickly remediate attacks.
“We have achieved all of our predefined targets with no surprises.
With ASA-X Next Generation Firewalls we operate a complete, transparent and rigid security infrastructure with unparalleled resilience, availability and scalability”