The Internet of Everything is changing Everything
|
|
- Darrell Mills
- 6 years ago
- Views:
Transcription
1 The Internet of Everything is changing Everything
2 Next Generation Security John Tzortzakakis Security Solutions Architect, Security Business Group November 2014
3 Threat Landscape evolution 60% of data is stolen in hours 54% of breaches remain undiscovered for months 100% of companies connect to domains that host malicious files or services It is a Community that hides in plain sight avoids detection and attacks swiftly
4 Defense-in-Depth Security Alone is Not Enough Siloed Approach Increased complexity and reduced effectiveness Poor Visibility Undetected multivector and advanced threats Manual and Static Slow, manual, inefficient response
5 Building a Threat-Centric Cisco Security Architecture Attack Continuum BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate
6 Building a Threat-Centric Cisco Security Architecture Attack Continuum BEFORE Discover Enforce NGFW VPN Harden TrustSec UTM Secure Access + Identity Services DURING Detect NGIPS Block Defend Web Security Security AFTER Scope Advanced Malware Contain Protection Remediate Network Behavior Analysis Sandboxing Visibility - Automation - Management Security Intelligence and Services 6
7 Security is more than Application Control Application Detection is NOT Security Focus on the Apps? But miss the threat Legacy NGFWs can reduce attack surface area but advanced malware often evades security controls.
8 Cisco s Next Generation Security Offerings FirePOWER NGIPS Best-of-Breed NGIPS for Advanced Threat Protection Scalability up to 60Gbps+ Application and Identity Aware Lower TCO Through Automation Embedded Advanced Malware Prevention (AMP) Class-leading advanced malware solution File reputation and sandboxing Malware Forensics reports Malware and file Retrospection Cisco AMP Everywhere ensures pervasive coverage Cisco NGFW ASA w/ FirePOWER Services Only threat-focused NGFW to cover full attack continuum Available on existing ASA-x platforms Integrated NGIPS + AMP Ultra-Granular Policies: App, Identity, Risk, Business Relevance Common Technology across all offerings Flexible Deployment Appliance Virtual Cloud
9 Introducing Industry s First Adaptive Threat-Focused NGFW Cisco ASA with FirePOWER Services Proven Cisco ASA firewalling + Industry leading NGIPS and AMP #1 Cisco Security announcement of the year! Cisco Confidential 9
10 Cisco Adaptive Security Appliance (ASA) World s most proven Stateful inspection firewall ASA Platform Built upon 15 years of security innovation Widely deployed stateful firewall in Enterprise networks Class-leading AnyConnect VPN Network-wide identity and device access policy Multiple form factors (Physical & Virtual) Ready for Next Generation Networks like Software Defined Networks (SDN), Application Centric Infrastructure (ACI), NFV architectures and Open APIs.
11 Cisco ASA with FirePOWER Services Industry s First Adaptive, Threat-Focused NGFW Features Cisco ASA firewalling combined with Sourcefire next-generation IPS Integrated threat defense over the entire attack continuum Best-in-class security intelligence, application visibility and control (AVC), and URL filtering Superior, multilayered threat protection Unprecedented network visibility Advanced malware protection Reduced cost and complexity Benefits
12 Superior Integrated & Multilayered Protection Clustering & High Availability Network Firewall Routing Switching Cisco Collective Security Intelligence Enabled Intrusion Prevention (Subscription) Application Visibility & Control FireSIGHT Analytics & Automation Cisco ASA Advanced Malware Protection (Subscription) Built-in Network Profiling WWW URL Filtering (Subscription) Identity-Policy Control & VPN Cisco ASA enterprise-class stateful firewall Granular Cisco Application Visibility and Control (AVC) Industry-leading FirePOWER nextgeneration IPS (NGIPS) Reputation- and category-based URL filtering Advanced malware protection
13 Cisco ASA with FirePOWER Services A New, Adaptive, Threat-Focused NGFW Superior Visibility Integrated Threat Defense Best-in-class, multilayered protection in a single device Full contextual awareness to eliminate gaps Automation Simplified operations and dynamic response and remediation
14 Unprecedented Network Visibility Categories FirePOWER Services Typical IPS Typical NGFW Threats Users Web Applications Application Protocols File Transfers Malware Command & Control Servers Client Applications Network Servers Operating Systems Routers & Switches Mobile Devices Printers VoIP Phones Virtual Machines
15 Cisco s Information Superiority ANY EDGE Network Internet ANY WHERE Private DC Public DC 16B Daily Web Request 93B Daily Messages 100M Endpoints Cisco Cloud Security Intelligence and Research Group Pervasive Enforcement 100TB Security Intelligence 180K Daily Malwares
16 Indications of Compromise (IoCs) IPS Events SI Events Malware Events Malware Backdoors CnC Connections Connections to Known CnC IPs Malware Detections Malware Executions Exploit Kits Admin Privilege Escalations Office/PDF/Java Compromises Dropper Infections Web App Attacks
17 Impact Assessment IMPACT FLAG ADMINISTRATOR ACTION WHY 1 Act Immediately, Vulnerable Event corresponds to vulnerability mapped to host 2 Investigate, Potentially Vulnerable Relevant port open or protocol in use, but no vuln mapped 3 Good to Know, Currently Not Vulnerable Relevant port not open or protocol not in use 4 Good to Know, Unknown Target Monitored network, but unknown host Correlates all intrusion events to an impact of the attack against the target 0 Good to Know, Unknown Network Unmonitored network
18 AMP Provides Continuous Retrospective Security Breadth of Control Points WWW Endpoints Web Network IPS Devices Telemetry Stream File Fingerprint and Metadata File and Network I/O Continuous Feed Process Information Continuous Analysis
19 Cisco FireSIGHT Management Center Demo 19
20 Cisco FireSIGHT Management Center Demo The Power of FireSIGHT
21 2014 Vendor Rating for Security: Positive So do any network security vendors understand data center and what s needed to accommodate network security? Cisco certainly does. Cisco is disrupting the advanced threat defense industry. AMP will be one of the most beneficial aspects of the [Sourcefire] acquisition. The AMP products will provide deeper capability to Cisco's role in providing secure services for the Internet of Everything (IoE). Market Based on our (Breach Detection Systems) reports, Advanced Malware Protection from Cisco should be on everyone s short list. Recognition
22 Reduced Cost and Complexity Annual Costs of IPS Maintenance Multilayered protection in a single device Highly scalable Automates security tasks Impact assessment Policy tuning User identification Integrates with thirdparty security solutions $ $ Impact Assessment of IPS Events Typical IPS Cisco s FirePOWER Next-Generation IPS collectively saves this customer $230,100 per year. $ IPS Tuning $ Next-Generation IPS $ $3.000 Linking IPS Events to Users Source: SANS
23 IDC STAP Analysis (Specialized Threat Analysis and Protection products) Reduced time for: Annual Benefits of Limiting the Impact of Malware Infections Security management: 26.4% Address and remediate security breaches: 78.2% Security audits: 49.3%
24 Start with Best-of-breed Products NSS Labs Testing Sept, 2014 NEXT GENERATION FIREWALL COMPARATIVE ANALYSIS
25 NSS Labs Breach Detection Systems Security Value Map Cisco Advanced Malware Protection (AMP) has the lowest TCO of any product tested. It is also a a leader in security effectiveness achieving detection of 99 percent of all tested attacks AMP excelled in time-todetection, catching threats faster than competing Breach Detection Systems. Source: NSS Labs 2014 Source: NSS Labs 2014
26 NSS Labs Intrusion Prevention Systems Security Value Map Based on individual and comparative testing of vendors in the IPS market Cisco* FirePOWER NGIPS leads the Security Value Map and provides the best protection possible while also leading the class in total cost of ownership. Source: NSS Labs 2012 * Formerly Sourcefire FirePOWER Sourcefire Virtual IPS Sourcefire 3D8120 Sourcefire 3D8250 Sourcefire 3D8260 Source: NSS Labs 2012
27 2014 NSS Labs NGFW Security Value Map TM Consistent, industryleading security effectiveness Strong resistance to evasion High performance above published throughput Competitive total cost of ownership
28 Cisco ASA with FirePOWER Services Base Hardware and Software New ASA 5585-X Bundle SKUs with FirePOWER Services Module New ASA 5500-X SKUs running FirePOWER Services Software FirePOWER Services Spare Module/Blade for ASA 5585-X Series Spare SSD SKU for upgrading existing ASA 5500-X FirePOWER Services Software Hardware includes Application Visibility and Control (AVC) Management FireSIGHT Management Center (HW Appliance or Virtual) Cisco Security Manager (CSM) or ASDM Support SmartNET Software Application Support plus Upgrades
29 Five Subscription Packages to Choose From for Each Appliance AVC is part of the default offering AMP 1 & 3 year terms SMARTnet is ordered separately with the appliance URL IPS URL IPS URL IPS AMP IPS NGFW Packages NGIPS Packages Cisco ASA - Stateful Firewall Licenses
30 Performance and Deployment Options
31 Cisco ASA Multi-scale Performance Security for the Internet Edge 1 Gbps Max 100K Connections 10,000 CPS 1.2 Gbps Max 250K Connections 15,000 CPS 2 Gbps Max 500K Connections 20,000 CPS ASA 5525-X 3 Gbps Max 750K Connections 30,000 CPS ASA 5545-X 4 Gbps Max 1M Connections 50,000 CPS ASA 5555-X ASA 5512-X Branch Locations ASA 5515-X Small / Medium Internet Edge
32 Cisco ASA Multi-scale Performance Security for the Enterprise and Data Center ASA 5585-SSP10 4 Gbps Max 1 Million Connections 50,000 CPS ASA 5585-SSP20 10 Gbps Max 2 Million Connections 125,000 CPS ASA 5585-SSP40 20 Gbps Max 4 Million Connections 200,000 CPS Enterprise Internet Edge and Data Center ASA 5585-SSP60 40 Gbps Max 10 Million Connections 360,000 CPS
33 Performance Impacts by Location NGFW Performance Impact Factors Direct Different traffic types Different average packet Sizes Indirect Physical Placement Amount of traffic to be inspected Level of malicious traffic Level of analysis and logging Firewall max throughput numbers tend to be based on non-helpful packet sizes (UDP 1518 byte packet size is fairly common) IPS performance range is much more variable than firewalls, and partly because of industry choice (TCP 440 byte HTTP is fairly common) Multi-features devices must somehow provide useful, accurate performance numbers
34 Location Specific Traffic Profiles When deploying FirePOWER Services for ASA, the traffic profiles at the location can impact the performance of the device differently than standard test methods. Educational, ISP, and SMB protocol mixes have a slight impact Enterprise applications and Enterprise Datacenter have a greater impact
35 FirePOWER Services for ASA Data Sheet FirePOWER Services for ASA will include both a maximum throughput number as well as a TCP 440 Byte HTTP number more relevant for sizing. Model 5512-X 5515-X 5525-X 5545-X 5555-X Maximum Application Control Throughput in Mbps Maximum Application Control and IPS Throughput in Mbps Application Control or IPS Sizing Throughput in Mbps (440 Byte HTTP)
36 FirePOWER Services vs. ASA Classic IPS IPS-only test comparing throughput of FirePOWER Services for ASA to the classic IPS only module. Tested using the same 440 byte HTTP Transactional test that was the benchmark for classic IPS FirePOWER Services On ASA Classic IPS on ASA
37 Upgrading from ASA Classic IPS to FirePOWER Services for ASA When upgrading from classic IPS to FirePOWER services, adding new features can require a platform change. Generally each new major feature is a step up, assuming the box is near capacity. Model 5512-X 5515-X 5525-X 5545-X 5555-X Original IPS Module FirePOWER IPS + AVC FirePOWER IPS + AVC + AMP
38 Investment Protection: Pay as you Grow Horizontal Scaling FW MAX Throughput: 640 Gbps FW+FirePOWER IPS Maximum Throughput: 160+ Gbps FirePOWER IPS 440 Byte Throughput: 96 Gbps Up to 16 ASA 5585-X Devices
39 FirePOWER Services Support All Current ASA Deployment Models* Clustering for linear scalability Up to 16x ASA in cluster Eliminates Asymmetrical traffic issues Each FirePOWER Services module inspects traffic independently Multi-context mode for policy flexibility Each ASA Interface appears as a separate interface to FirePOWER Services module Allows for granular policy enforcement on both ASA and FirePOWER services *State sharing does not occur between FirePOWER Services Modules HA for increased redundancy Redundancy and state sharing (A/S & A/A pair) L2 and L3 designs
40 Features - Packet Flow
41 Functional Distribution of Features URL Category/Reputation NGIPS Application Visibility and Control Advanced Malware Protection File Type filtering File capture FirePOWER Services TCP Normalization TCP Intercept IP Option Inspection IP Fragmentation *Botnet Traffic Filter NAT Routing ACL VPN Termination ASA
42 Packet Processing Order of Operations ASA Module processes all ingress packets against ACL, Connection tables, Normalization and CBAC before traffic is forwarded to the FirePOWER Services module ASA provides flow normalization and context-aware selection/filtering to the FirePOWER Services Clustered ASA provides flow symmetry and HA to the FirePOWER Services Packets and flows are not dropped by FirePOWER Services Packets are marked for Drop or Drop with Reset and sent back to ASA This allow the ASA to clear the connection from the state tables and send resets if needed Yes RX Pkt Ingress Interface Existing Conn No NAT Rule ACL Permit DROP Yes No Inspection Sec Checks DROP No NAT IP Header No MPF Yes Original IP Session metadata FirePOWER Services Module TX Pkt L2 Addr Yes L3 Route Yes Egress Interface No No No DROP DROP DROP
43 ASA 5585-X Data Port Utilization ASA SSP processes all ingress and egress packets No packets are directly processed by FirePOWER SSP ports except for the FirePOWER SSP management port. ASA configures and controls the FirePOWER SSP data ports SFR-SSP Module Signature Engine CPU Complex PORTS Fabric Switch ASA-SSP Module Mezzanine Slot CPU Complex Fabric Switch ASA5585-X PORTS
44 ASA 5500-X Data Port Utilization ASA OS processes all ingress and egress packets No packets are directly processed by FirePOWER Services Backplane communication between ASA and FirePOWER Services Traffic is dropped at ASA OS Level ASA KVM ASA OS SFR S/W Module Firewall Services Memory Based Packet Rings ASA5500-X Mid-Range PORTS
45 Management
46 Managing Cisco ASA FirePOWER Services Two Managers with Cross-launch Cisco FireSIGHT Management Center Models: 750, 1500, 3500, Virtual Appliance (Promo PID available) Cisco Security Manager (CSM) or ASDM CSM version 4.7
47 ASA Single Device Manager Device Dashboard Firewall Dashboard FireSIGHT* Traffic Reports *Roadmap
48 FirePOWER & FireSIGHT benefits Enhanced Visibility 1,800+ Applications + stats File types, transfer direction/protocol Mobile Device type, OS, version Geolocation (country, postcode, time zone, lat/long., ISP, etc.) IPv6 address support throughout Improved UI/Admin Visual Device Management Security and Network Admin Roles Admin Role Editor Dashboards/Reporting Customizable Widgets Graphical Reports Report Creator
49 FirePOWER & FireSIGHT benefits Expanded Controls Application Control on NGIPS URL Filtering File Blocking Security Intelligence / IP Blacklisting Geolocation Blocking (in v5.3) Security Automation Impact Assessment Recommended Rules Advanced Malware Protection Network File Trajectory Network Malware Blocking
50 FireSIGHT Management Center Models Virtual Max. Devices Managed Event Storage Virtual FireSIGHT Management Center Up to GB 125 GB 1.8 TB 400 GB 4.8/6.3 TB Managed Devices Max. Network Map (hosts / users) Events per Sec (EPS) 2K/2K 50K/50K 150K/150K 300K/300K 600K/600K * Max number of devices is dependent upon sensor type and event rate Virtual FireSIGHT Management Center offerings limited to 2 or 10 Managed Devices FS-VMW-2-SW-K9 FS-VMW-10-SW-K9
51 Cisco Security Manager Multi-Device Management Centralized, Unified and comprehensive Firewall, VPN and IPS management Device View Policy View Map View Event View Device View Policy View Map View Event View Report CiscoView Public
52 Cisco Security Manager At-a-Glance Policy Comprehensive Policy Management for FW, VPN & IPS on heterogeneous devices (ASA, Cisco classic IPS, FWSM, PIX, ISR/ASR) API Cisco Security Manager Log Log Management Firewall (Syslogs) and Cisco classic IPS (SDEE) events Health & Performance Monitoring for ASA and Cisco classic IPS Reports for Firewall and Cisco classic IPS Devices Image Management for ASA and Cisco classic IPS Image Reports API for Policy Access Supports hundreds of devices in a single deployment Network Health Windows Based: Appliance Form factor and also available as a Software Installable
53 FireSIGHT Management Center Cross-launch Menu CSM Client FMC WEB UI Crosslaunches directly to FMC without prompting for login and navigates to dashboard of device in context
54 Enhance with Cisco Security Services Advisory Integration Managed Custom Threat Intelligence Integration Services Managed Threat Defense Technical Security Assessments Security Optimization Services Remote Managed Services
55 Cisco Services Portfolio Assessments Deployment Architecture and Design Migration Program Strategy Optimization Product Support Managed Security Hosted Security
56 FirePOWER Services New Capabilities Save File Content Policy Control Safe Retrieval File Detection Custom Apps SHA256 Dynamic Analysis File Threat Scores Block by Threat Score Threat Summary Execution Reports 3rd Party Response Forensics Block Source Block Destination Country Continent Prioritize Response Discover infected hosts Correlates data from all engines Endpoint and Network working together
57 Thank you
Cisco ASA with FirePOWER Services
Cisco ASA with FirePOWER Services TDM Thomas Jankowsky Consulting Systems Engineer May 2015 Introduction Industry s First Threat-Focused Next-Generation Firewall (NGFW) Proven Cisco ASA firewalling Industry-leading
More informationImproving Security with Cisco ASA Firepower Services Claudiu Onisoru, Senior Solutions Engineer Cisco Connect - 18 March 2015
Improving Security with Cisco ASA Firepower Services Claudiu Onisoru, Senior Solutions Engineer Cisco Connect - 18 March 2015 1 Agenda Frontal Communication: Who we are? - Key points - Competencies Areas
More informationCisco ASA 5500-X NGFW
Cisco ASA 5500-X NGFW Sieťová ochrana pre malé a stredné podniky pred modernými hrozbami Peter Mesjar CCIE 17428, Systémový Inžinier, Cisco What are we going to talk about Problem is THREATS How today
More informationCisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer
Cisco Next Generation Firewall and IPS Dragan Novakovic Security Consulting Systems Engineer Cisco ASA with Firepower services Cisco TALOS - Collective Security Intelligence Enabled Clustering & High Availability
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization Changing Business Models Any Device
More informationFirewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků
Firewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků Jiří Tesař, CSE Security, jitesar@cisco.com CCIE #14558, SFCE #124266 Mapping Technologies to the
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats You have a mandate to build and secure a network that supports ongoing innovation Mobile access Social collaboration Public / private hybrid
More informationAgile Security Solutions
Agile Security Solutions Piotr Linke Security Engineer CISSP CISA CRISC CISM Open Source SNORT 2 Consider these guys All were smart. All had security. All were seriously compromised. 3 The Industrialization
More informationCisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339
Cisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339 Agenda Introduction to Lab Exercises Platforms and Solutions ASA with
More informationCisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017
Cisco Security Advanced Malware Protection Guillermo González Security Systems Engineer Octubre 2017 The New Security Model Attack Continuum Before During After Before Discover During Detect After Scope
More informationProtection - Before, During And After Attack
Advanced Malware Protection for FirePOWER TM BENEFITS Continuous detection of malware - immediately and retrospectively Inline detection of sophisticated malware that evades traditional network protections
More informationNGFW Requirements for SMBs and Distributed Enterprises
White Paper NGFW Requirements for SMBs and Distributed Enterprises The Case for NGFWs for SMBs The need for threat-focused next-generation firewalls (NGFWs) that can effectively mitigate risks that traditional
More informationAdvanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe
Advanced Malware Protection Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe How would you do security differently if you knew you were going to be hacked? Security Challenges Changing
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats Digital Transformation on a Massive Scale 15B Devices Today Attack Surface 500B Devices In 2030 Threat Actors $19T Opportunity Next 10 Years
More informationCisco ASA with FirePOWER Services
Data Sheet Cisco ASA with FirePOWER Meet the industry s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco ASA with FirePOWER
More informationA New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization
A New Security Model for the IoE World Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization Internet of Everything The Internet of Everything brings together people, process, data and
More informationData Center Security. Fuat KILIÇ Consulting Systems
Data Center Security Fuat KILIÇ Consulting Systems Engineer @Security Data Center Evolution WHERE ARE YOU NOW? WHERE DO YOU WANT TO BE? Traditional Data Center Virtualized Data Center (VDC) Virtualized
More informationCisco Firepower Thread Defence. Claudiu Boar
Cisco Firepower Thread Defence Claudiu Boar Security everywhere Stop threats at the edge Control who gets onto your network Find and contain problems fast Protect users wherever they work Simplify network
More informationCisco Cloud Security. How to Protect Business to Support Digital Transformation
Cisco Cloud Security How to Protect Business to Support Digital Transformation Dragan Novakovic Cybersecurity Consulting Systems Engineer January 2018. Security Enables Digitization Digital Disruption,
More informationAn Investment Checklist
Next-Generation Addressing Advanced Firewalls: Web Threats Next-Generation Firewalls: What You Will Learn When you buy a next-generation firewall (NGFW), you want to determine whether the solution can
More informationDeploying Intrusion Prevention Systems
Deploying Intrusion Prevention Systems Gary Halleen Consulting Systems Engineer II Agenda Introductions Introduction to IPS Comparing Cisco IPS Solutions IPS Deployment Considerations Migration from IPS
More informationAby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.
Aby se z toho bezpečnostní správci nezbláznili aneb Cisco security integrace Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace Milan Habrcetl Cisco CyberSecurity Specialist Mikulov,
More informationCisco Advanced Malware Protection. May 2016
Cisco Advanced Malware Protection May 2016 The Reality Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious traffic 100% Cybercrime is lucrative, barrier
More informationCisco ASA with FirePOWER Services
Data Sheet with FirePOWER Meet the industry s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco ASA with FirePOWER delivers
More informationDesign and Deployment of SourceFire NGIPS and NGFWL
Design and Deployment of SourceFire NGIPS and NGFWL BRKSEC - 2024 Marcel Skjald Consulting Systems Engineer Enterprise / Security Architect Abstract Overview of Session This technical session covers the
More informationSourcefire and ThreatGrid. A new perspective on network security
Sourcefire and ThreatGrid A new perspective on network security Agenda An overview of traditional IPS solutions Next-Generation IPS Requirements Sourcefire Next-Generation IPS Advanced Malware Protection
More informationCisco Advanced Malware Protection for Networks
Data Sheet Cisco Advanced Malware Protection for Networks Product Overview Fighting malware effectively today requires new approaches, strategies, and technologies. Cisco Advanced Malware Protection (AMP)
More informationCisco Advanced Malware Protection for Networks
Data Sheet Cisco Advanced Malware Protection for Networks Product Overview Fighting malware effectively today requires new approaches, strategies, and technologies. Cisco Advanced Malware Protection (AMP)
More informationSnort: The World s Most Widely Deployed IPS Technology
Technology Brief Snort: The World s Most Widely Deployed IPS Technology Overview Martin Roesch, the founder of Sourcefire and chief security architect at Cisco, created Snort in 1998. Snort is an open-source,
More informationCisco Advanced Malware Protection for Endpoints. Donald J Case BizCare, Inc. Saturday, May 19, 2018
Cisco Advanced Malware Protection for Endpoints Donald J Case, Inc. Saturday, May 19, 2018 Every single attack that an organization experiences is either on an endpoint or it s headed there Malware is
More informationNext Generation IPS and Advance Malware Protection. Mahmoud Rabi Consulting Systems Engineer - Security
Next Generation IPS and Advance Malware Protection Mahmoud Rabi Consulting Systems Engineer - Security Threat Landscape and Attack Continuum Today s Real World: Threats are evolving and evading traditional
More informationFirepower Techupdate April Jesper Rathsach, Consulting Systems Engineer Cisco Security North April 2017
Firepower 6.2.1 Techupdate April 2017 Jesper Rathsach, Consulting Systems Engineer Cisco Security North April 2017 Firepower 6.2.1 Nr. 1 most important!! Firepower 6.2.1 BUGFIXES!!!!! Alle kendte severity
More informationFirePower 2100 NGFW. Elodie Heurtevent Security BDM Commercial. 21 March 2017
FirePower 2100 NGFW Elodie Heurtevent Security BDM Commercial 21 March 2017 Capture the NGFW Opportunity "Less than 40% of enterprise Internet connections today are secured using nextgeneration firewalls
More informationThe Future of Threat Prevention
The Future of Threat Prevention Bricata is the leading developer of Next Generation Intrusion Prevention Systems (NGIPS) technology, providing innovative, disruptive, high-speed, high-performance network
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect
Cisco Cyber Range Paul Qiu Senior Solutions Architect Cyber Range Service A platform to experience the intelligent Cyber Security for the real world What I hear, I forget What I see, I remember What I
More informationIntelligent Cyber Security for Real World
Intelligent Cyber Security for Real World Simone Posti Security Account Manager Cisco GSSO June 2016 The Security Challenges Without integrated security, our data is at risk 60% of data is stolen in HOURS
More informationA Unified Threat Defense: The Need for Security Convergence
A Unified Threat Defense: The Need for Security Convergence Udom Limmeechokchai, Senior system Engineer Cisco Systems November, 2005 1 Agenda Evolving Network Security Challenges META Group White Paper
More informationEvolution of Data Center Security Automated Security for Today s Dynamic Data Centers
Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers Speaker: Mun Hossain Director of Product Management - Security Business Group Cisco Twitter: @CiscoDCSecurity 2 Any
More informationIntelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales
Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales The Industrialization of Hacking Sophisticated Attacks, Complex Landscape Hacking Becomes an Industry Phishing,
More informationKey Security Measures to Enable Next-Generation Data Center Transformation
Key Security Measures to Enable Next-Generation Data Center Transformation Bill McGee Senior Manager, Security Solutions Cisco Systems, Inc. Agenda Data Center Security Challenges Secure DC Strategies
More informationAlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment
BRKPAR-2488 AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment Edy Almer How to Secure and Automate Your Heterogeneous Cisco Environment Yogesh Kaushik, Senior Director Cisco Doug
More informationCisco Comstor
Cisco Security @ Comstor 1 Agenda 1. Cisco Security Fundamentals Cyber Security? Cisco Security Solutions - Cisco NGFW - Cisco Umbrella Cisco Meraki, MR, MS, MV and MX Meraki Insight 2 1. Cisco Security
More informationCisco Advanced Malware Protection against WannaCry
Cisco Advanced Malware Protection against WannaCry "A false sense of security is worse than a true sense of insecurity" Senad Aruc Consulting Systems Engineer Advanced Threats Group Nils Roald Advanced
More informationHow to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption
How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption Nikos Mourtzinos, CCIE #9763 Cisco Cyber Security Sales Specialist April 2018 New
More informationSourcefire Network Security Analytics: Finding the Needle in the Haystack
Sourcefire Network Security Analytics: Finding the Needle in the Haystack Mark Pretty Consulting Systems Engineer #clmel Agenda Introduction The Sourcefire Solution Real-time Analytics On-Demand Analytics
More informationFully Integrated, Threat-Focused Next-Generation Firewall
Cisco Firepower NGFW Fully Integrated, Threat-Focused Next-Generation Firewall Fuat KILIÇ, fkilic@cisco.com, +905339284608 Security Consulting Systems Engineer, CCIE #21150 September 2016 Get ahead of
More informationExpert Reference Series of White Papers. Cisco Completes the Security Picture with Sourcefire
Expert Reference Series of White Papers Cisco Completes the Security Picture with Sourcefire 1-800-COURSES www.globalknowledge.com Cisco Completes the Security Picture with Sourcefire Rich Hummel, CCNA,
More informationCisco Firepower NGIPS Tuning and Best Practices
Cisco Firepower NGIPS Tuning and Best Practices John Wise, Security Instructor High Touch Delivery, Cisco Learning Services CTHCRT-2000 Cisco Spark How Questions? Use Cisco Spark to communicate with the
More informationPass4sure q. Cisco Securing Cisco Networks with Sourcefire IPS
Pass4sure.500-285.42q Number: 500-285 Passing Score: 800 Time Limit: 120 min File Version: 6.1 Cisco 500-285 Securing Cisco Networks with Sourcefire IPS I'm quite happy to announce that I passed 500-285
More informationBusiness Resiliency Through Superior Threat Defense
Business Resiliency Through Superior Threat Defense Firepower 2100 Series/ Cisco Identity Services Engine Andre Lambertsen, Consulting Systems Engineer ala@cisco.com Cisco Firepower NGFW Fully Integrated
More informationCisco Next Generation Firewall Services
Toronto,. CA May 30 th, 2013 Cisco Next Generation Firewall Services Eric Kostlan Cisco Technical Marketing 2011 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 1 Objectives At the
More informationEasy Setup Guide. Cisco ASA with Firepower Services. You can easily set up your ASA in this step-by-step guide.
Cisco ASA with Firepower Services Easy Setup Guide You can easily set up your ASA in this step-by-step guide. Connecting PC to ASA Installing ASDM 3 Configuring ASA 4 Using Umbrella DNS Connecting PC to
More informationGlobal vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year
Global vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year Firepower Next Generation Firewall Subtitle goes here William Young Security Solutions Architect, Global Security Architecture Team
More informationFP NGIPS Deployment and Operationalisation Mark Pretty, Consulting Systems Engineer
FP NGIPS Deployment and Operationalisation Mark Pretty, Consulting Systems Engineer Agenda Introduction The Issue of Threats Introduction to IPS Deploying IPS Operationalise IPS Q & A Objectives What will
More informationCisco Security Exposed Through the Cyber Kill Chain
Cisco Forschung & Lehre Forum für Mecklenburg Vorpommern Cisco Security Exposed Through the Cyber Kill Chain Rene Straube CSE, Cisco Advanced Threat Solutions January, 2017 The Cisco Security Model BEFORE
More informationAdvanced Malware Protection: A Buyer s Guide
Advanced Malware Protection: A Buyer s Guide What You Will Learn This document will identify the essential capabilities you need in an advanced malware protection solution, the key questions you should
More informationCisco ASA Next-Generation Firewall Services
Q&A Cisco ASA Next-Generation Firewall Services Q. What are Cisco ASA Next-Generation Firewall Services? A. Cisco ASA Next-Generation Firewall Services are a modular security service that extends the Cisco
More informationMonitoring the Device
The system includes dashboards and an Event Viewer that you can use to monitor the device and traffic that is passing through the device. Enable Logging to Obtain Traffic Statistics, page 1 Monitoring
More informationBuild a Software-Defined Network to Defend your Business
Build a Software-Defined Network to Defend your Business Filip Vanierschot Systems Engineer fvanierschot@juniper.net Kappa Data 2020 Software Defined Secure Networks Juniper s Innovation in Secure Networks
More informationCisco ASA with FirePOWER Services
Data Sheet Cisco ASA with FirePOWER Meet the industry s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco ASA with FirePOWER
More informationNew methods to protect the network. Deeper visibility with Cisco NGFW Next Generation Firewall
New methods to protect the network. Deeper visibility with Cisco NGFW Next Generation Firewall Claudiu Onisoru, Senior Network Specialist Cisco Connect - 15 May 2014 1 Agenda Frontal Communication: Who
More informationCisco Security Enterprise License Agreement
Cisco Security Enterprise License Agreement Deploy Software and Technology more easily The Cisco Security Enterprise Licensing Agreement (ELA) gives you a simpler way to manage your licenses. And it saves
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationService Provider Security Architecture
Service Provider Security Architecture Andrew Turner Technical Marketing, Security Business Group April 12 th 2017 Digitization is disrupting the SP business The world has gone mobile Traffic growth, driven
More informationWe re ready. Are you?
We re ready. Are you? Deploying Next-Generation Firewall with ASA and Firepower Services BRKSEC-2028 Jeff Fanelli Technical Solutions Architect jefanell@cisco.com Agenda Introduction to NGFW Software Architecture
More informationLastline Breach Detection Platform
Lastline Breach Detection Platform Quickly and accurately detect, block and respond to active breaches in your network. Highlights Integrate with existing security systems through API to optimize IR workflows
More informationNETWORKING &SECURITY SOLUTIONSPORTFOLIO
NETWORKING &SECURITY SOLUTIONSPORTFOLIO NETWORKING &SECURITY SOLUTIONSPORTFOLIO Acomprehensivesolutionsportfoliotohelpyougetyourbusiness securelyconnected.clickononeofoursolutionstoknowmore NETWORKING
More informationCisco Security Manager 4.1: Integrated Security Management for Cisco Firewalls, IPS, and VPN Solutions
Data Sheet Cisco Security Manager 4.1: Integrated Security Management for Cisco Firewalls, IPS, and VPN Solutions Security Operations Challenges Businesses are facing daunting new challenges in security
More informationMAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric
More informationAgenda: Insurance Academy Event
Agenda: Insurance Academy Event Drs Ing René Pluis MBA MBI Cyber Security Lead, Country Digitization Acceleration program the Netherlands The Hague, Thursday 16 November Introduction Integrated Security
More informationLicensing the Firepower System
The following topics explain how to license the Firepower System. About Firepower Feature Licenses, page 1 Service Subscriptions for Firepower Features, page 1 Classic Licensing for the Firepower System,
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationCisco FirePOWER 8000 Series Appliances
Data Sheet Cisco FirePOWER 8000 Series Appliances Product Overview Finding a network security appliance with exactly the right throughput, interface options, and threat protection for all the different
More informationMcAfee Network Security Platform 9.2
McAfee Network Security Platform 9.2 (9.2.7.22-9.2.7.20 Manager-Virtual IPS Release Notes) Contents About this release New features Enhancements Resolved issues Installation instructions Known issues Product
More informationCisco IOS Inline Intrusion Prevention System (IPS)
Cisco IOS Inline Intrusion Prevention System (IPS) This data sheet provides an overview of the Cisco IOS Intrusion Prevention System (IPS) solution. Product Overview In today s business environment, network
More informationProtecting Your Digital Business: The Case for Next-Generation Intrusion Prevention
White Paper Protecting Your Digital Business: The Case for Next-Generation Intrusion Prevention What You Will Learn Many companies that adopt a next-generation firewall (NGFW) believe that they can t benefit
More informationCisco ASA Software Release 8.2
Cisco ASA Software Release 8.2 Q. When will the Cisco ASA Software Release 8.2 be available? A. Cisco ASA Software Release 8.2 has a targeted release date of April 13, 2009. Q. How do I obtain Cisco ASA
More informationPassit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers
Passit4Sure.500-265 (50Q) Number: 500-265 Passing Score: 800 Time Limit: 120 min File Version: 5.8 Cisco 500-265 Advanced Security Architecture for System Engineers Today is big day for me as I passed
More informationLicensing the Firepower System
The following topics explain how to license the Firepower System. About Firepower Feature Licenses, page 1 Service Subscriptions for Firepower Features, page 2 Smart Licensing for the Firepower System,
More informationCisco Advanced Malware Protection for Endpoints
Data Sheet Cisco Advanced Malware Protection for Endpoints Product Overview Organizations today are under the constant threat of cyber attack, and security breaches happen every day. Cisco Advanced Malware
More informationHow to build a multi-layer Security Architecture to detect and remediate threats in real time
How to build a multi-layer Security Architecture to detect and remediate threats in real time Nikos Mourtzinos, CCIE #9763 Cisco Cyber Security Sales Specialist March 2018 Agenda Cisco Strategy Umbrella
More informationConnection Logging. Introduction to Connection Logging
The following topics describe how to configure the Firepower System to log connections made by hosts on your monitored network: Introduction to, page 1 Strategies, page 2 Logging Decryptable Connections
More informationCisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics
Solution Overview Cisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics BENEFITS Gain visibility across all network conversations, including east-west and north-south
More informationLicensing the Firepower System
The following topics explain how to license the Firepower System. About Firepower Feature Licenses, on page 1 Service Subscriptions for Firepower Features, on page 2 Smart Licensing for the Firepower System,
More informationThe SANS Institute Top 20 Critical Security Controls. Compliance Guide
The SANS Institute Top 20 Critical Security Controls Compliance Guide February 2014 The Need for a Risk-Based Approach A common factor across many recent security breaches is that the targeted enterprise
More informationCisco s Appliance-based Content Security: IronPort and Web Security
Cisco s Appliance-based Content Security: IronPort E-mail and Web Security Hrvoje Dogan Consulting Systems Engineer, Security, Emerging Markets East 2010 Cisco and/or its affiliates. All rights reserved.
More informationThreat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN)
Threat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN) JP Vasseur, PhD - Cisco Fellow jpv@cisco.com Maik G. Seewald, CISSP Sr. Technical Lead maseewal@cisco.com June 2016 Cyber
More informationCisco ASA 5500 Series IPS Solution
Cisco ASA 5500 Series IPS Product Overview As mobile devices and Web 2.0 applications proliferate, it becomes harder to secure corporate perimeters. Traditional firewall and intrusion prevention system
More informationConnection Logging. About Connection Logging
The following topics describe how to configure the Firepower System to log connections made by hosts on your monitored network: About, page 1 Strategies, page 2 Logging Decryptable Connections with SSL
More informationCisco Secure Access Control
Cisco Secure Access Control Delivering Deeper Visibility, Centralized Control, and Superior Protection Martin Briand - Security Escalation VSE Global Virtual Engineering Oriol Madriles Soriano Security
More informationAMP for Endpoints & Threat Grid
AMP for Endpoints & Threat Grid Response & Prevention Dean De Beer & Eric Hulse BRKSEC-2029 AMP Threat Grid Malware Analysis Engines & Techniques A little background Malware Analysis & Threat Intelligence
More informationSegmentation. Threat Defense. Visibility
Segmentation Threat Defense Visibility Establish boundaries: network, compute, virtual Enforce policy by functions, devices, organizations, compliance Control and prevent unauthorized access to networks,
More informationNetwork Visibility and Advanced Malware Protection. James Weathersby, Director Technical Marketing Gyorgy Acs, Consulting Security Engineer
Network Visibility and Advanced Malware Protection James Weathersby, Director Technical Marketing Gyorgy Acs, Consulting Security Engineer Security Challenges Changing Business Models Dynamic Threat Landscape
More informationFirefly Perimeter ( vsrx ) Technical information 12.1 X47 D10.2. Tuncay Seyran
Firefly Perimeter ( vsrx ) Technical information 12.1 X47 D10.2 Tuncay Seyran Security in a virtualized environment: same security risks + more TRADITIONAL SECURITY RISKS IMPACTING VIRTUAL ENVIRONMENTS
More informationSRX als NGFW. Michel Tepper Consultant
SRX als NGFW Michel Tepper Consultant Firewall Security Challenges Organizations are looking for ways to protect their assets amidst today s ever-increasing threat landscape. The latest generation of web-based
More informationPASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year
PASS4TEST \ http://www.pass4test.com We offer free update service for one year Exam : 300-210 Title : Implementing Cisco Threat Control Solutions Vendor : Cisco Version : DEMO Get Latest & Valid 300-210
More informationDEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise
DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION
More informationImplementing Cisco Edge Network Security Solutions ( )
Implementing Cisco Edge Network Security Solutions (300-206) Exam Description: The Implementing Cisco Edge Network Security (SENSS) (300-206) exam tests the knowledge of a network security engineer to
More informationCisco Tetration Analytics
Cisco Tetration Analytics Enhanced security and operations with real time analytics John Joo Tetration Business Unit Cisco Systems Security Challenges in Modern Data Centers Securing applications has become
More information