Best Security and deployment strategies SMB NGFW deployment
|
|
- Theodore Robinson
- 6 years ago
- Views:
Transcription
1
2 Best Security and deployment strategies SMB NGFW deployment Anant Mathur, Manager Technical Marketing
3 Cisco Spark How Questions? Use Cisco Spark to chat with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space Cisco Spark spaces will be available until July 3, cs.co/ciscolivebot# 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
4 SESSION ID SESSION DESCRIPTION SPEAKER BRKSEC-1020 Cisco Firewall Basics Mark Cairns BRKSEC-2020 Firepower NGFW Deployment in Data Center and Enterprise Steve Chimes Best Security and deployment strategies SMB NGFW Deployment Anant Mathur BRKSEC-2050 Firepower NGFW Internet Edge Deployment Scenarios Jeff Fanelli BRKSEC-2058 A Deep Dive into using Firepower Manager Will Young BRKSEC-2064 NGFWv and ASAv in Public Cloud (AWS and Azure) Anubhav Swami BRKSEC-2501 Deploying AnyConnect SSL VPN with ASA and FTD Hakan Nohre BRKSEC-3020 NGFW Clustering Deep Dive Kevin Klous BRKSEC-3035 Firepower Platforms Deep Dive Andrew Ossipov BRKSEC-3300 Advanced IPS Deployment Gary Halleen BRKSEC-3455 Dissecting Firepower NGFW Installation & Troubleshooting Veronika Klauzova 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
5 Agenda Types of security threats and attacks in SMB Technologies used to mitigate and stop attacks Best practices to a use security technologies with Cisco NGFW for SMB And how to choose right NGFW for your requirement.
6 How we define SMB?
7 What is SMB SMB often refers to companies with less than 100 employees, while mediumsized business often refers to those with less than 500 employees. Cisco defines SMB pretty much along the lines of the EU definition Gartner definition Small Organizations have less than 100 employees and Medium Organizations have employees between 100 and 1000 Small Organizations have revenue less than $50 m and Medium Organizations have revenue less than $ 1billion 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public
8 News SMBs have not historically been the target of cybercrime but in 2015 something drastically changed The latest Government Security Breaches Survey found that nearly 74% of small organization reported security breach in About half of all cyberattacks target small businesses Cyber Attacks on Small Businesses on the Rise Cisco and/or its affiliates. All rights reserved. Cisco Public 8
9 Why SMBs 90% Admins in SMB are not security experts Lack in Security Infrastructure Lack of Security knowledge Constraint by budget and resources Compromise on security for network performance 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
10 Courtesy: Cisco and/or its affiliates. All rights reserved. Cisco Public 10
11 Common Attacks in SMB
12 Client Side Attacks Bob receives an from what appears to be a legitimate user in your network. The explains it is important for you to visit the new customer service link for your organization. You click on the link and are presented with a web site appearing to be legitimate (malicious web sites are pretty easy to make look legitimate). At this point your system may have already been exploited and the attacker has access to your operating system. How you ask? 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
13 Client Side attacks Client machines running software like PDF, MS Office etc.. might be vulnerable to exploits Use bait the user techniques. Piggy back on Social Media requests Tools and techniques to execute these are getting better day by day Vulnerable software (due to lack of upgrades and patches) Buffer Overflow Session Hijacking SQL Injections Cross Site Scripting 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
14 Fake App Attacks Attackers are using fake applications to bait the user. There can be fake AV applications, ex Fake AV Website 32. Fake Apps try to connect to CNC server, Open remote shell to the server. Mobile platforms are susceptible to such kind of attacks 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
15 Virus A computer virus is a program or piece of code that is loaded onto your computer without your knowledge or permission Viruses are usually hidden in a commonly used program, such as a game or PDF viewer, or you may receive an infected file attached to an or from another file you downloaded from the Internet ILoveYou, Code Red etc.. are known viruses Virus is a legacy code, not used by hackers/attackers a lot Cisco and/or its affiliates. All rights reserved. Cisco Public 15
16 Malware Malware is a malicious software that is specifically designed to gain or damage computer and information asset without knowledge of the owner Malware are highly sophisticated behavior based attacks. Files, Software downloaded from the internet usually carries malware Malwares are binary code that cannot be inspected static tools Malware examples Virus Adware Spyware Botnets 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
17 Some News Bytes 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
18 Security Technologies
19 Intrusion Prevention System (IPS) Stops attacks like DOS Exploits (buffer Overflow, session high jacking, Cross site scripting, etc...) Worms Virus Signature based engine that sniff packets to find abnormalities Signatures are regular expression that matches the pattern in the traffic. Classic IPS generates alerts based on signature match, result is enormous events. NGIPS is a game changer Cisco and/or its affiliates. All rights reserved. Cisco Public 19
20 Gateway Anti Virus Anti Virus are traditional way to fight against computer malware Anti virus are signature based, and sometimes combined with heuristic engine. Use deep packet inspection to find tools used to exploit hosts. Cannot detect sophisticated Malwares 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 20
21 Protection against Malware Cannot be stopped by legacy Anti Virus, or IPS technologies There are many technologies that used to identify Malware. Sandboxing, Reputation of network connection, IOC There is no silver bullet to kill the Malware SMBs/Branches are very much prone to Malware attack Cisco and/or its affiliates. All rights reserved. Cisco Public 21
22 Sandboxing Method to run executable code in isolated environment to analyze the behavior Sandbox runs the Malware in the isolated machines, and reads the behavior of the file installed. Based on the execution patterns it verdicts. These days Malwares are also very much aware of Sandbox Environment 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
23 Security Intelligence Assigns reputation to the IP and Domains. There are different levels of reputation. Saves lots of computational power on the box. Blocks bad domains, CnC servers Cisco and/or its affiliates. All rights reserved. Cisco Public 23
24 Access Control: Application Visibility and Control (AVC) Capabilities to control Applications and Microapplications. Reduces attack surface Improves business productivity Application visibility is like IPS, a deep packet inspection that looks for application patterns in the traffic 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
25 URL Filtering and Protection Method to block the web page based on reputation. Block URL and Categories to control business requirements Ex Adult Content, Gambling, Job portals etc.. Also reduce attack surface 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
26 Key Products covering Security Technology
27 Unified Threat Management Unified threat management (UTM) is a converged platform of point security products Typical set of AV, Web gateway security, Anti Spam, URL filtering, IPS, Firewall. Though not very optimized to run all features. UTM is known for all feature convergence not for Security effectiveness. UTM solely compete on price 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 27
28 Next Generation Firewall Provide superior security with high detection rate Extends beyond policy enforcements Provides greater contextual data for use in policy decision NGIPS, Malware, Analytics, etc Cisco and/or its affiliates. All rights reserved. Cisco Public 28
29 Courtesy: Cisco and/or its affiliates. All rights reserved. Cisco Public 29
30 Cisco Next Generation Firewall for SMB/Branch Office
31 Extend the value of your NGFW Start with the hardware option that fits best All with built-in Application Visibility and Control (AVC), network firewalling, and VPN capabilities Desktop 5506-X Wireless AP 5506W-X Ruggedized 5506H-X Rackmount 5508-X/5516-X 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
32 Offering extensive contextual visibility The more you see, the better you can protect Client applications Operating systems Threats Typical IPS User s Applicatio n protocols File transfers Web applications C & C Servers Malware Router and switches Mobile Devices Printers Typical NGFW Network Servers Cisco Firepower NGFW VOIP phones 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
33 Block or allow access to URLs and domains Web controls Filtering NGFW Security feeds URL IP DNS Safe Search Cisco URL Database gambling Allow Block Allow Block DNS Sinkhole Category-based Policy Creation Admin Classify 280M+ URLs Filter sites using 80+ categories Manage allow/block lists easily Block latest malicious URLs 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
34 Provide next-generation visibility into app usage Application Visibility & Control Cisco database 4,000+ apps 180,000+ Micro-apps 1 Network & users Unmapped 2 Prioritize traffic See and understand risks Enforce granular access control Prioritize traffic and limit rates Create detectors for custom apps 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
35 Understand threat details and quickly respond Next-Generation Intrusion Prevention System (NGIPS) App & Device Data ISE Blended threats 1 2 Prioritize response Automate policies Block Data packets Communications Network profiling Phishing attacks Innocuous payloads Infrequent callouts 3 Accept Scan network traffic Correlate data Detect stealthy threats Respond based on priority 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
36 Uncover hidden threats in the environment Advanced Malware Protection (AMP) File Engines c File & Device Trajectory AMP for Endpoint Log AMP for Network Log? Known Signatures Fuzzy Fingerprinting Indications of compromise Threat Grid Sandboxing Advanced Analytics Dynamic analysis Threat intelligence Threat Disposition Uncertain Safe Risky Sandbox Analysis Enforcement across all endpoints Block known malware Investigate files safely Detect new threats Respond to alerts 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 36
37 Get real-time protection against global threats Tales Threat Intelligence Security Coverage Research Response 1.5 million daily malware samples WWW Endpoints Web 250+ Researchers 600 billion daily messages Networks NGIPS Jan 24 x 7 x 365 Operations 16 billion daily web requests Devices Identify advanced threats Get specific intelligence Catch stealthy threats Stay protected with updates 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
38 Choosing the Right Manager
39 Firepower Device Manager & Firepower Management Center Designed for SMB customers Easy Deployment Single Device Manager Intuitive GUI Simplified User policies Contextual Visibility Extensive Eventing and Reporting Deeper configuration tunings Multi Device Manager Automation IOC, Impact Analysis 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
40 Quick Recommendation to choose right manager Centralized- FMC Local - FDM Multiple Device Deployment Tuning Security Policies like IPS rule tuning, Custom Signatures File Policy tuning to detect and block files, white listing, leverage engines like machine learning, Dynamic analysis, and visibility into patient zero Visibility into network is required Extensive Eventing and Reporting capabilities. Network Operation managing Security Rely on pre-canned profiles for IPS and File policies Wanted to block malware, not interested in advance inspection Rely on intuitive GUI and wizard to create policies Requirement is simplicity Cisco and/or its affiliates. All rights reserved. Cisco Public 40
41 Cisco Defense Orchestrator Defense Orchestrator Helps You Manage All of Your Security Policy Change management: Get visibility into the impact of change on affected security services and devices Change Impact Modeling Object and Policy Analysis Cisco Defense Orchestrator Auditing: Gain policy awareness and identify issues Security Policy Management Reports Device Onboarding Import from offline Discover directly from device Optimization: Adjust security policy rule sets to optimize performance OOB Notifications Monitoring: Track policy implementation and activity across all affected security services and devices 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 41
42 NGFW deployments using FDM
43 Basic NGFW deployment Internet/ Cloud Services Internet/ Cloud Services Inline or Passive Inline Inline Tap VPN, NAT, Routing, IPS, AMP, URL, AVC, Access Control etc IPS, AMP, Routing, URL, AVC, Access Control etc.. Passive Routed Mode Transparent Mode 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
44 Deploying NGFW- Management Access Only available through FDM 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
45 Management Access list /var/log/firstboot.ngfw-onbox.log 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
46 Integrated Routing and Bridging- Soft Switch 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
47 Bob, an IT admin of a small firms just bought 5506-X
48 Deploy the Box
49 Default device Setup 1. Connect Management port and data port G1/2 to the L2 Switch, in same VLAN. 2. Connect G 1/1 to the ISP. 3. Switch is required to send management traffic to internet 4. Management port is not routable, because of security. Post 6.2 you can choose data port for management connectivity and get rid of switch 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
50 Easy Configuration:- Step Cisco and/or its affiliates. All rights reserved. Cisco Public 50
51 Easy Configuration: Step2 Rules to allow traffic, and default is to block all the traffic Information on DNS, DHCP etc Cisco and/or its affiliates. All rights reserved. Cisco Public 51
52 Easy Configuration: Step Cisco and/or its affiliates. All rights reserved. Cisco Public 52
53 Easy Configuration: Step Cisco and/or its affiliates. All rights reserved. Cisco Public 53
54 Will my Box stop attack with default configuration By default the box drops everything IPS profile, Security Intelligence, Access Control must be configured By default the box drops everything Default Access Policies, Default IPS policies. No Rules 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
55 Bob wants to Allow Dropbox Download :- Controlling the access
56 Access Control using Firepower Device Manager Rules under Access polies Mother policy to control and block traffic Default Action 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
57 Applications 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 57
58 Actions 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 58
59 Check with the deployment diagram 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 59
60 Authenticating Users Fallback as guest 1. Create Realm 2. Create Policies HTTP Basic NTLM HTTP Negotiate 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 60
61 Access Rule on FMC More attributes to create access rule Stitch inspection policies 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
62 Bob wants to inspect files getting downloaded from Dropbox :- Inspecting allowed Traffic
63 Inspecting Dropbox traffic 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 63
64 IPS Policies on FDM Security over Connectivity Maximum Detection Pre-canned Profiles Connectivity Over Security Balanced Security and connectivity Security Over Connectivity Maximum detection Intrusion Policy part of Access Rule IPS has performance overhead Connectivity over security Balanced Security and connectivity 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 64
65 Understand IPS profiles Security over Connectivity Maximum Detection Balanced Security and Connectivity has mix of rule set that address need for SMB organizations. Rules are set to drop and generate events It has ~7000 rules, that stop attacks like exploits, Virus, Worms, Trojans etc. Connectivity over security Balanced Security and connectivity 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
66 IPS tuning : FMC Auto Tuning of IPS rules Four Precanned profiles Rule tunings 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
67 Controlling the default behavior Enable IPS policies Change the default policy to Allow Select Profile 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
68 Bob wants to restrict access to online Games: Control the web access
69 URL Filtering on Firepower Device Manager URLs URL categories 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 69
70 URL Filtering on Firepower Device Manager: Using Reputation Reputation with games Cloud lookup for unknown URLs 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 70
71 URL Filtering on FMC Various Actions Also Assign reputation to the URL categories Around 81 categories and more than 21 million Cisco and/or its affiliates. All rights reserved. Cisco Public 71
72 Bob realized wants to save the network from Advance attacks like malwares
73 Controlling and Blocking Malware: FDM Pre-canned Profiles Connects to the cloud to detect malware. Cloud runs powerful engine for malware detection 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
74 Controlling and Blocking Malware: FMC Allows to perform Dynamic Analysis, Machine learning. Allow to capture files Allow to choose file types and Categories Custom black list. Watch Threat Score Patient Zero 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
75 Bob is at the branch and he want to connect to the head office
76 Site to Site VPN Site to Site VPN 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 76
77 Steps for configuration 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 77
78 Connection Profile Specify VPN interfaces and networks 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 78
79 Choose Protocol Privacy Configuration IKE Policy & Proposal Custom IKE Policies Pre-shared Keys 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 79
80 Summary 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 80
81 Site to Site VPN on FMC Multiple deployments Certificates Advance tuning IPsec, IKE etc Cisco and/or its affiliates. All rights reserved. Cisco Public 81
82 Bob wants to secure his remote users
83 RAVPN support on FTD Secured Access AnyConnect Client SSL, IPsec AAA LDAP/AD/Radius, certificates Radius Authorization Attribute- DACL, Group Policy Address Assignment Radius Accounting Connectivity Experience Split Tunneling, DNS, Address Assignment, Access Hours, ACLs, Time outs Troubleshooting & Reporting User, User Activity, Usage etc. Availability FTD-HA, Dual ISP, multiple AAA servers Smart Licensing Apex, Plus, VPN only Management Intuitive GUI 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 83
84 Remote Access VPN AnyConnect Client Configuration Device Identity and Client Addressing Connection Settings Summary & Instructions User can t use RA VPN if his FTD is in Evaluation mode of Smart Licensing. A user needs to have a Smart Licensing account and he should have a valid licensing token for the RA-VPN feature to work with FDM 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 84
85 Step1: Configuring a RA-VPN Connection Profile, a.k.a Tunnel Group Connection Profile name AD realm Upload package 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 85
86 Step2: Device Identity and Addressing Certificate to device Identity Outside Interface Address Pool DNS 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 86
87 Step3: Connection Settings Timeouts Dealing with Browser Proxy During VPN Session Address Pool Split Tunneling NAT exemption Inside Network AnyConnect Client Profile(Optional) 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 87
88 View Summary 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 88
89 Useful CLI commands.. vpn-sessiondb anyconnect vpn-sessiondb detail anyconnect vpn-sessiondb licensesummary ssl errors ssl ciphers aaa-server asp table socket crypto ca certificates crypto ca crls crypto ca trustpoints webvpn anyconnect webvpn group-alias webvpn group-url webvpn hostscan webvpn statistics webvpn saml idp uauth ip local pool <name of ipv4 pool> 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 89
90 How to protect endpoint not on corporate network 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 90
91 Bob must backup configuration- Backup Restore
92 Backup and Recovery 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 92
93 Monitoring & Troubleshooting
94 System Information Aggregated Throughput Resource Usage Real Time Events 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 94
95 Understanding Performance
96 Performance X 5508-X 5516-X 5525-X 5545-X 5555-X Datasheet numbers are for RFPs, References Real world numbers must be considered for sizing Each service degrades performance by some percentage. Performance Degrades with smaller packet size. Real World IPS DataSheet IPS 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 96
97 Courtesy: Cisco and/or its affiliates. All rights reserved. Cisco Public 97
98 Evaluating NGFW for SMB
99 Evaluating Features Evaluating Features Application Control Web Filtering IPS Malware Easy Deployment VPN Manageability You Need UTM if All Above mediocre and Anti Virus 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 99
100 Performance Evaluate Device Performance with Sizing data. Always plan for all feature enabled (Suggested) Consider the degrades by enabling the services 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 100
101 Plan for future Security requirements are changing: today, still virus can be buying criteria, but in year or two it will not be. Have a contingency for performance. Check if hardware can adopt to future requirements: upgrades etc.. How frequent is the updates Cisco and/or its affiliates. All rights reserved. Cisco Public 101
102 What we have learned
103 Things you have learned Security Attacks Technologies Protect your network How to use them for your network How to evaluate NGFW 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 103
104 Security Beta Programs Security Beta Products Customer Benefits ASA AMP for Endpoints ISE Firepower NGFW/NGIPS ISR OpenDNS Firepower Platforms ESA Stealthwatch Learning Networks Free test hardware Early experience with and training on new features and functionality Demos and feedback sessions on product usability, design, and roadmaps Risk-free testing in the customer environment prior to FCS To participate in Beta: or Beta customer S1-3 issues fixed in GA release I've been involved in many beta programs I must say that this one has been the best organized. This beta has taken a very active, hands-on approach. - Liberal Arts College Customer Presentation ID 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 104
105 Complete Your Online Session Evaluation Give us your feedback to be entered into a Daily Survey Drawing. A daily winner will receive a $750 gift card. Complete your session surveys through the Cisco Live mobile app or on Don t forget: Cisco Live sessions will be available for viewing on demand after the event at Cisco and/or its affiliates. All rights reserved. Cisco Public
106 Continue Your Education Demos in the Cisco campus Walk-in Self-Paced Labs Lunch & Learn Meet the Engineer 1:1 meetings 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 106
107 Thank you
108
109 Appendix
110 Bob must also know best practice to secure Wireless
111 Brief on Setup Integrated Cisco 702i AP, as hardware module AP is by default Off. Use CLI to AP console to enable Dot11radio Use IP to connect to AP to create SSIDs etc Cisco and/or its affiliates. All rights reserved. Cisco Public 111
112 Securing SSID Human Error Rogue Access Points WEP/WPA cracking Pre-Shared Key guess WPA2-AES the "gold standard" for data encryption 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 112
113 Other Cisco Security Products
114 Umbrella Protection when off the VPN no additional agents required Visibility and enforcement at the DNS-layer Block requests to malicious domains and IPs Predictive intelligence uncover current and emergent threats Subscription based Model Integrated with AnyConnect 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 114
115 Meraki Security NG Firewall, Client VPN, Site to Site VPN, IDS/IPS, Anti-Malware, Geo-Firewall Networking NAT/DHCP, 3G/4G Cellular, Intelligent WAN (IWAN) Application Control Web Caching, Traffic Shaping, Content Filtering 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 115
116 Cisco Integrated Services Router (ISR) For the ISR 4k, services are deployed on a UCS-E blade Blade contains Six hypervisor Architecture similar to ASA with Firepower Services Also called Cisco Firepower Threat Defense for ISR Snort integration is road-mapped for lower-end ISR routers Similar to Meraki Snort deployment Snort without the full Sourcefire sensor 2017 Cisco and/or its affiliates. All rights reserved. Cisco Public 116
Cisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats You have a mandate to build and secure a network that supports ongoing innovation Mobile access Social collaboration Public / private hybrid
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats Digital Transformation on a Massive Scale 15B Devices Today Attack Surface 500B Devices In 2030 Threat Actors $19T Opportunity Next 10 Years
More informationThreat Centric Network Security
BRKSEC-2056 Threat Centric Network Security Ted Bedwell, Principal Engineer Network Threat Defence Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this
More informationCisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017
Cisco Security Advanced Malware Protection Guillermo González Security Systems Engineer Octubre 2017 The New Security Model Attack Continuum Before During After Before Discover During Detect After Scope
More informationCisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer
Cisco Next Generation Firewall and IPS Dragan Novakovic Security Consulting Systems Engineer Cisco ASA with Firepower services Cisco TALOS - Collective Security Intelligence Enabled Clustering & High Availability
More informationGlobal vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year
Global vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year Firepower Next Generation Firewall Subtitle goes here William Young Security Solutions Architect, Global Security Architecture Team
More informationCisco Security Enterprise License Agreement
Cisco Security Enterprise License Agreement Deploy Software and Technology more easily The Cisco Security Enterprise Licensing Agreement (ELA) gives you a simpler way to manage your licenses. And it saves
More informationCloud-Managed Security for Distributed Networks with Cisco Meraki MX
Cloud-Managed Security for Distributed Networks with Cisco Meraki MX Joe Aronow, Product Architect Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization Changing Business Models Any Device
More informationCisco Firepower NGIPS Tuning and Best Practices
Cisco Firepower NGIPS Tuning and Best Practices John Wise, Security Instructor High Touch Delivery, Cisco Learning Services CTHCRT-2000 Cisco Spark How Questions? Use Cisco Spark to communicate with the
More informationCisco Cloud Security. How to Protect Business to Support Digital Transformation
Cisco Cloud Security How to Protect Business to Support Digital Transformation Dragan Novakovic Cybersecurity Consulting Systems Engineer January 2018. Security Enables Digitization Digital Disruption,
More informationAgile Security Solutions
Agile Security Solutions Piotr Linke Security Engineer CISSP CISA CRISC CISM Open Source SNORT 2 Consider these guys All were smart. All had security. All were seriously compromised. 3 The Industrialization
More informationResilient WAN and Security for Distributed Networks with Cisco Meraki MX
Resilient WAN and Security for Distributed Networks with Cisco Meraki MX Daghan Altas, Director of Product Management BRKSEC-2900 Agenda Problem Cisco CNG Live network creation demo (45m) Product Brief
More informationCisco Comstor
Cisco Security @ Comstor 1 Agenda 1. Cisco Security Fundamentals Cyber Security? Cisco Security Solutions - Cisco NGFW - Cisco Umbrella Cisco Meraki, MR, MS, MV and MX Meraki Insight 2 1. Cisco Security
More informationEasy Setup Guide. Cisco ASA with Firepower Services. You can easily set up your ASA in this step-by-step guide.
Cisco ASA with Firepower Services Easy Setup Guide You can easily set up your ASA in this step-by-step guide. Connecting PC to ASA Installing ASDM 3 Configuring ASA 4 Using Umbrella DNS Connecting PC to
More informationImplementing Cisco Edge Network Security Solutions ( )
Implementing Cisco Edge Network Security Solutions (300-206) Exam Description: The Implementing Cisco Edge Network Security (SENSS) (300-206) exam tests the knowledge of a network security engineer to
More informationCisco Advanced Malware Protection against WannaCry
Cisco Advanced Malware Protection against WannaCry "A false sense of security is worse than a true sense of insecurity" Senad Aruc Consulting Systems Engineer Advanced Threats Group Nils Roald Advanced
More informationTraining UNIFIED SECURITY. Signature based packet analysis
Training UNIFIED SECURITY Signature based packet analysis At the core of its scanning technology, Kerio Control integrates a packet analyzer based on Snort. Snort is an open source IDS/IPS system that
More informationNetDefend Firewall UTM Services
NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860/1660/2560/2560G) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content
More informationA New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization
A New Security Model for the IoE World Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization Internet of Everything The Internet of Everything brings together people, process, data and
More informationDeploying Intrusion Prevention Systems
Deploying Intrusion Prevention Systems Gary Halleen Consulting Systems Engineer II Agenda Introductions Introduction to IPS Comparing Cisco IPS Solutions IPS Deployment Considerations Migration from IPS
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect
Cisco Cyber Range Paul Qiu Senior Solutions Architect Cyber Range Service A platform to experience the intelligent Cyber Security for the real world What I hear, I forget What I see, I remember What I
More informationCisco AMP Solution. Rene Straube CSE, Cisco Germany January 2017
Cisco AMP Solution Rene Straube CSE, Cisco Germany January 2017 The AMP Everywhere Architecture AMP Protection Across the Extended Network for an Integrated Threat Defense AMP Threat Intelligence Cloud
More informationCisco Security Exposed Through the Cyber Kill Chain
Cisco Forschung & Lehre Forum für Mecklenburg Vorpommern Cisco Security Exposed Through the Cyber Kill Chain Rene Straube CSE, Cisco Advanced Threat Solutions January, 2017 The Cisco Security Model BEFORE
More informationFeatures and Functionality
Features and functionality introduced in previous versions may be superseded by new features and functionality in later versions. New or Changed Functionality in Version 6.2.2.x, page 1 Features Introduced
More informationPassit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers
Passit4Sure.500-265 (50Q) Number: 500-265 Passing Score: 800 Time Limit: 120 min File Version: 5.8 Cisco 500-265 Advanced Security Architecture for System Engineers Today is big day for me as I passed
More informationCisco - ASA Lab Camp v9.0
Cisco - ASA Lab Camp v9.0 Code: 0007 Lengt h: 5 days URL: View Online Based on our enhanced SASAC v1.0 and SASAA v1.2 courses, this exclusive, lab-based course, provides you with your own set of equipment
More informationBusiness Strategy Theatre
Business Strategy Theatre Security posture in the age of mobile, social and new threats Steve Pao, GM Security Business 01 May 2014 In the midst of chaos, there is also opportunity. - Sun-Tzu Security:
More informationFuture-ready security for small and mid-size enterprises
First line of defense for your network Quick Heal Terminator (UTM) (Unified Threat Management Solution) Data Sheet Future-ready security for small and mid-size enterprises Quick Heal Terminator is a high-performance,
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationSecuring Your Amazon Web Services Virtual Networks
Securing Your Amazon Web Services s IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up a workload,
More informationSecuring Your Microsoft Azure Virtual Networks
Securing Your Microsoft Azure Virtual Networks IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up
More informationGladiator Incident Alert
Gladiator Incident Alert Allen Eaves Sabastian Fazzino FINANCIAL PERFORMANCE RETAIL DELIVERY IMAGING PAYMENT SOLUTIONS INFORMATION SECURITY & RISK MANAGEMENT ONLINE & MOBILE 1 2016 Jack Henry & Associates,
More informationExam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo
Exam : JK0-015 Title : CompTIA E2C Security+ (2008 Edition) Exam Version : Demo 1.Which of the following logical access control methods would a security administrator need to modify in order to control
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationCisco Ransomware Defense The Ransomware Threat Is Real
Cisco Ransomware Defense The Ransomware Threat Is Real Seguridad Integrada Abril 2018 Ransomware B Malicious Software Encrypts Critical Data Demands Payment Permanent Data Loss Business Impacts Ramifications
More informationFIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?
WHAT IS FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT? While firewalls started life simply protecting networks from outside hacks and attacks, the role of the firewall has greatly evolved to take
More informationWatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.
WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution. Total Security. A stateful packet firewall, while essential, simply isn t enough anymore. The reality is that
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationCato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief
Cato Cloud Software-defined and cloud-based secure enterprise network Solution Brief Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise Cato Networks: Software-defined and Cloud-based
More informationLicensing the Firepower System
The following topics explain how to license the Firepower System. About Firepower Feature Licenses, page 1 Service Subscriptions for Firepower Features, page 1 Classic Licensing for the Firepower System,
More informationJURUMANI MERAKI CLOUD MANAGED SECURITY & SD-WAN
JURUMANI CLOUD MANAGED SECURITY & SD-WAN SECURITY BY DESIGN OVERVIEW Cisco Meraki MX Security Appliances are ideal for organizations considering a Unified Threat Managment (UTM) solution, for distributed
More informationSRX als NGFW. Michel Tepper Consultant
SRX als NGFW Michel Tepper Consultant Firewall Security Challenges Organizations are looking for ways to protect their assets amidst today s ever-increasing threat landscape. The latest generation of web-based
More informationLicensing the Firepower System
The following topics explain how to license the Firepower System. About Firepower Feature Licenses, on page 1 Service Subscriptions for Firepower Features, on page 2 Smart Licensing for the Firepower System,
More informationInnovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security
Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security Sven Kutzer Consulting Systems Engineer GSSO - CYBERSECURITY SALES Mittwoch, 7. März 2018 Challenges 2017
More informationHardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012
Hardening the Education IT Environment with NGFW Narongveth Yutithammanurak Business Development Manager 23 Feb 2012 Technology Trends Security Performance Bandwidth Efficiency Manageability Page 2 What
More informationHow to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption
How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption Nikos Mourtzinos, CCIE #9763 Cisco Cyber Security Sales Specialist April 2018 New
More informationADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY
ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY OUTLINE Advanced Threat Landscape (genv) Why is endpoint protection essential? Types of attacks and how to prevent them
More informationNew methods to protect the network. Deeper visibility with Cisco NGFW Next Generation Firewall
New methods to protect the network. Deeper visibility with Cisco NGFW Next Generation Firewall Claudiu Onisoru, Senior Network Specialist Cisco Connect - 15 May 2014 1 Agenda Frontal Communication: Who
More informationCisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339
Cisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339 Agenda Introduction to Lab Exercises Platforms and Solutions ASA with
More informationCisco Advanced Malware Protection. May 2016
Cisco Advanced Malware Protection May 2016 The Reality Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious traffic 100% Cybercrime is lucrative, barrier
More informationProtection - Before, During And After Attack
Advanced Malware Protection for FirePOWER TM BENEFITS Continuous detection of malware - immediately and retrospectively Inline detection of sophisticated malware that evades traditional network protections
More informationNew Features and Functionality
This section describes the new and updated features and functionality included in Version 6.2.1. Note that only the Firepower 2100 series devices support Version 6.2.1, so new features deployed to devices
More informationMX Sizing Guide. 4Gon Tel: +44 (0) Fax: +44 (0)
MX Sizing Guide FEBRUARY 2015 This technical document provides guidelines for choosing the right Cisco Meraki security appliance based on real-world deployments, industry standard benchmarks and in-depth
More informationChapter 1: Content Security
Chapter 1: Content Security Cisco Cloud Web Security (CWS) Cisco offers Cisco Cloud Web Security (CWS) to protect End Stations and Users devices from infection. Cisco Cloud Web Security (CWS) depends upon
More informationImplementing Cisco Network Security (IINS) 3.0
Implementing Cisco Network Security (IINS) 3.0 COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using
More informationBuilding Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More informationFirepower Threat Defense Remote Access VPNs
About, page 1 Firepower Threat Defense Remote Access VPN Features, page 3 Firepower Threat Defense Remote Access VPN Guidelines and Limitations, page 4 Managing, page 6 Editing Firepower Threat Defense
More informationRemote Access VPN. Remote Access VPN Overview. Licensing Requirements for Remote Access VPN
Remote Access virtual private network (VPN) allows individual users to connect to your network from a remote location using a laptop or desktop computer connected to the Internet. This allows mobile workers
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationNGFWv & ASAv in Public Cloud (AWS & Azure)
& in Public Cloud (AWS & Azure) Anubhav Swami, CCIE# 21208 Technical Marketing Engineer Your Speaker Anubhav Swami answami@cisco.com Technical Marketing Engineer 5 years in Cisco TAC 2 years in ASA BU
More informationSeqrite TERMINATOR (UTM) Unified Threat Management Solution.
Unified Threat Management Solution TERMINATOR Introduction Seqrite TERMINATOR is a high-performance, easy-to-use Unified Threat Management solution for small and mid-size enterprises. It is a robust solution
More informationAccessEnforcer Version 4.0 Features List
AccessEnforcer Version 4.0 Features List AccessEnforcer UTM Firewall is the simple way to secure and manage your small business network. You can choose from six hardware models, each designed to protect
More informationCisco Next Generation Firewall Services
Toronto,. CA May 30 th, 2013 Cisco Next Generation Firewall Services Eric Kostlan Cisco Technical Marketing 2011 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 1 Objectives At the
More informationHow to build a multi-layer Security Architecture to detect and remediate threats in real time
How to build a multi-layer Security Architecture to detect and remediate threats in real time Nikos Mourtzinos, CCIE #9763 Cisco Cyber Security Sales Specialist March 2018 Agenda Cisco Strategy Umbrella
More informationAby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.
Aby se z toho bezpečnostní správci nezbláznili aneb Cisco security integrace Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace Milan Habrcetl Cisco CyberSecurity Specialist Mikulov,
More informationLicensing the Firepower System
The following topics explain how to license the Firepower System. About Firepower Feature Licenses, page 1 Service Subscriptions for Firepower Features, page 2 Smart Licensing for the Firepower System,
More informationIdentity Based Network Access
Identity Based Network Access Identity Based Network Access - Agenda What are my issues Cisco ISE Power training What have I achieved What do I want to do What are the issues? Guest Student Staff Contractor
More informationISG-600 Cloud Gateway
ISG-600 Cloud Gateway Cumilon ISG Integrated Security Gateway Integrated Security Gateway Cumilon ISG-600C cloud gateway is the security product developed by Systrome for the distributed access network
More informationCisco Cyber Threat Defense Solution 1.0
Cisco Cyber Threat Defense Solution 1.0 Contents 1. Introduction to the Cisco Cyber Threat Defense Solution 1.0 2. Technical overview of the Cisco Cyber Threat Defense Solution 1.0 3. Using the Cisco Cyber
More informationSecurity Assessment Checklist
Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment
More informationExam : Title : Security Solutions for Systems Engineers. Version : Demo
Exam : 642-566 Title : Security Solutions for Systems Engineers Version : Demo 1. Which one of the following elements is essential to perform events analysis and correlation? A. implementation of a centralized
More informationYes, You can protect your endpoints! Szilard Csordas, Security Consultant scsordas [at] cisco.com
Yes, You can protect your endpoints! Szilard Csordas, Security Consultant scsordas [at] cisco.com Endpoint Footprint Problem: TOO MANY AGENTS! Anti-Virus/Anti-Spyware agent IPSec/SSLVPN agent Host IPS/FW
More informationCisco s Appliance-based Content Security: IronPort and Web Security
Cisco s Appliance-based Content Security: IronPort E-mail and Web Security Hrvoje Dogan Consulting Systems Engineer, Security, Emerging Markets East 2010 Cisco and/or its affiliates. All rights reserved.
More informationA Unified Threat Defense: The Need for Security Convergence
A Unified Threat Defense: The Need for Security Convergence Udom Limmeechokchai, Senior system Engineer Cisco Systems November, 2005 1 Agenda Evolving Network Security Challenges META Group White Paper
More informationSecurity Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems. BRKSEC-2052_c Cisco Systems, Inc. All rights reserved.
Web 2.0 Security Recommendations Ken Kaminski Security Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems 1 Agenda Reputation Services Web application security Secure Coding and Web Application
More informationFirewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků
Firewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků Jiří Tesař, CSE Security, jitesar@cisco.com CCIE #14558, SFCE #124266 Mapping Technologies to the
More informationSymantec Endpoint Protection
Overview provides unrivaled security across physical and virtual platforms and support for the latest operating systems-mac OS X 10.9 and Windows 8.1. Powered by Symantec Insight and by SONAR, a single,
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationFully Integrated, Threat-Focused Next-Generation Firewall
Cisco Firepower NGFW Fully Integrated, Threat-Focused Next-Generation Firewall Fuat KILIÇ, fkilic@cisco.com, +905339284608 Security Consulting Systems Engineer, CCIE #21150 September 2016 Get ahead of
More informationCisco Self Defending Network
Cisco Self Defending Network Integrated Network Security George Chopin Security Business Development Manager, CISSP 2003, Cisco Systems, Inc. All rights reserved. 1 The Network as a Strategic Asset Corporate
More informationStopping Advanced Persistent Threats In Cloud and DataCenters
Stopping Advanced Persistent Threats In Cloud and DataCenters Frederik Van Roosendael PSE Belgium Luxembourg 10/9/2015 Copyright 2013 Trend Micro Inc. Agenda How Threats evolved Transforming Your Data
More informationProtect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com
Protect Your Endpoint, Keep Your Business Safe. White Paper Exosphere, Inc. getexosphere.com White Paper Today s Threat Landscape Cyber attacks today are increasingly sophisticated and widespread, rendering
More informationCisco ASA Next-Generation Firewall Services
Q&A Cisco ASA Next-Generation Firewall Services Q. What are Cisco ASA Next-Generation Firewall Services? A. Cisco ASA Next-Generation Firewall Services are a modular security service that extends the Cisco
More informationMODERN DESKTOP SECURITY
MODERN DESKTOP SECURITY I M GOING TO BE HONEST. WE RE IN THE FIGHT OF OUR DIGITAL LIVES, AND WE ARE NOT WINNING! M I C H A E L M C C A U L, C H A I R M A N, U S H O M E L A N D S E C U R I T Y C O M M
More informationSimplify Technology Deployments
Cisco Security Enterprise License Agreement: Simplify Technology Deployments The need for Pervasive Security Coverage Security measures can t be limited to certain areas of your business. Mobility has
More informationSourcefire Network Security Analytics: Finding the Needle in the Haystack
Sourcefire Network Security Analytics: Finding the Needle in the Haystack Mark Pretty Consulting Systems Engineer #clmel Agenda Introduction The Sourcefire Solution Real-time Analytics On-Demand Analytics
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Next Generation Security John Tzortzakakis Security Solutions Architect, Security Business Group November 2014 Threat Landscape evolution 60% of data is
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect June 2016
Cisco Cyber Range Paul Qiu Senior Solutions Architect June 2016 What I hear, I forget What I see, I remember What I do, I understand ~ Confucius Agenda Agenda Cyber Range Highlights Cyber Range Overview
More informationCisco ASA 5500-X NGFW
Cisco ASA 5500-X NGFW Sieťová ochrana pre malé a stredné podniky pred modernými hrozbami Peter Mesjar CCIE 17428, Systémový Inžinier, Cisco What are we going to talk about Problem is THREATS How today
More informationNext generation branch with SD-WAN and NFV
Next generation branch with SD-WAN and NFV Kiran Ghodgaonkar, Senior Manager, Enterprise Marketing Mani Ganeson, Senior Product Manager PSOCRS-2004 @ghodgaonkar Cisco Spark How Questions? Use Cisco Spark
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationCisco Firepower Thread Defence. Claudiu Boar
Cisco Firepower Thread Defence Claudiu Boar Security everywhere Stop threats at the edge Control who gets onto your network Find and contain problems fast Protect users wherever they work Simplify network
More informationAMP for Endpoints & Threat Grid
AMP for Endpoints & Threat Grid Response & Prevention Dean De Beer & Eric Hulse BRKSEC-2029 AMP Threat Grid Malware Analysis Engines & Techniques A little background Malware Analysis & Threat Intelligence
More informationCato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN
Cato Cloud Software-defined and Cloud-based Secure Enterprise Network Solution Brief NETWORK + SECURITY IS SIMPLE AGAIN Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise The
More informationCisco Network Admission Control (NAC) Solution
Data Sheet Cisco Network Admission Control (NAC) Solution New: Updated to include the Cisco Secure Network Server (SNS) Cisco Network Admission Control (NAC) solutions allow you to authenticate wired,
More information3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017
3 Ways to Prevent and Protect Your Clients from a Cyber-Attack George Anderson Product Marketing Director Business October 31 st 2017 Agenda One ounce of prevention is worth a pound of protection 01 Aiming
More informationMonitoring the Device
The system includes dashboards and an Event Viewer that you can use to monitor the device and traffic that is passing through the device. Enable Logging to Obtain Traffic Statistics, page 1 Monitoring
More informationCisco Meraki MX products come in 6 models. The chart below outlines MX hardware properties for each model:
MX Sizing Guide AUGUST 2016 This technical document provides guidelines for choosing the right Cisco Meraki security appliance based on real-world deployments, industry standard benchmarks and in-depth
More informationWhite Paper. Why IDS Can t Adequately Protect Your IoT Devices
White Paper Why IDS Can t Adequately Protect Your IoT Devices Introduction As a key component in information technology security, Intrusion Detection Systems (IDS) monitor networks for suspicious activity
More information