Threat Centric Network Security
|
|
- Cleopatra Small
- 5 years ago
- Views:
Transcription
1
2 BRKSEC-2056 Threat Centric Network Security Ted Bedwell, Principal Engineer Network Threat Defence
3 Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot#brksec Cisco and/or its affiliates. All rights reserved. Cisco Public
4
5
6 Before that I was a backbone engineer for a multi-national datacenter company (aka BGP Jockey) Frederick Baltimore Washington D.C I live within a one hour drive from Washington D.C. and Baltimore Maryland 14 Years building Network Security Products
7 Agenda Firepower Solution Introduction Firepower Threat Technologies DNS Security Intelligence & Sinkholing Firepower & AMP Threat Grid Integration Threat Intelligence Director Conclusions
8 Firepower Solution Firepower Threat Defense Firepower Services on ASA Firepower Next-generation IPS Firepower Management Center BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 8
9 Firepower Solution TALOS Security Intelligence AMP for Endpoints AMP Threat Grid Firepower Management Center Firepower Threat Defense Firepower Services ASA Firepower NGIPS BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 9
10 Agenda Firepower Solution Introduction Firepower Threat Technologies DNS Security Intelligence & Sinkholing Firepower & AMP Threat Grid Integration Threat Intelligence Director Conclusions
11 Next-generation IPS Commercial offering built around the the open source Snort security engine The world s best and most widely deployed IPS solution. Check out Snort today at snort.org Enterprise class appliances and virtual form factors. Contextual awareness through passive network discovery and automated vulnerability assessment. BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 11
12 Security Intelligence & URL Filtering Security Intelligence Block or monitor connections based on IP addresses, URLs, and Domains Talos Feed with multiple categories(updated multiple times a day) Malware, CnC, Bots, Phishing, Attackers, Spam etc Customer defined static lists and feeds Ability to immediately block any IP from event viewers/dashboards by simple right click action URL Filtering Filter connections based on URL Classification(82 categories), Reputation(5 levels) Key security categories: Malware, Phishing, Hacking, Shareware and Freeware, BotNets, Spyware\Adware, Key Loggers & Monitoring, P2P Clients, Anonymizers & Proxy Avoidance BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 12
13 Advanced Malware Protection for Networks Detect and Block Advanced Malware based on file signatures (SHA256) User defined SHA256 white and blacklisting is supported Retrospective Detection Carve out files from network traffic and: Perform additional analysis on Portable Executable files (SPERO) Inspect Compressed Archives Store files on appliances Submit files for dynamic analysis Consume endpoint based Advanced Malware events in order to provide fulllifecycle analytics and Indications of Compromise. BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 13
14 Indications of Compromise Correlation of disparate security events to update the Network Map state information with flags that indicate nefarious activity Threat detections contextually specific to host compromise Security Intelligence connections to known bad IP addresses AMP for Networks malware detection AMP for Endpoints malware detection and Big Data analytics driven host indications BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 14
15 Agenda Firepower Solution Introduction Firepower Threat Technologies DNS Security Intelligence & Sinkholing Firepower & AMP Threat Grid Integration Threat Intelligence Director Conclusions
16 DNS & Malware A blind spot for attackers to gain command and control, exfiltrate data, and redirect traffic 91.3% of malware uses DNS Annual Security Report % of organizations don t monitor it BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 16
17 DNS Security Intelligence Data Sources Firepower Management Center TALOS Categorized Domains Custom Feeds Global Whitelist Custom Lists Custom Lists Global Blacklist Managed Devices Managed Devices Managed Devices Managed Devices Managed Devices BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 17
18 DNS Security Intelligence Talos provided DNS Intelligence Malware, C&C, Bots, DGA, etc Enhanced eventing & analytics Query Record type Response code TTL Action DNS Policy Multiple actions Drop NXDOMAIN Domain Not Found Sinkhole Respond with configured IP resolution Indicator of Compromise binding to sinkhole IPs BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 18
19 Demo Setup
20 Angler & Cryptowall Threat Scenario Cisco Blogs Talos Blogs Talos Fahrenheit on YouTube Cognitive Threat Analytics Blog BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 20
21 Threat Scenario - Angler and Cryptowall BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 21
22 Angler & Cryptowall Threat Scenario Intranet Internet C&C DNS Lookup DNS Server DNS Response Authoritative DNS Server Exploit Server Endpoint Malware Server C&C Server BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 22
23 Angler & Cryptowall Identifying a Compromised Host Intranet Internet DNS Server X Malware Server alchemyofpresence.com Endpoint Cryptowall Malware Download Connection to Sinkhole IP X Sinkhole C&C Server alpha.akesha.com BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 23
24 Demo
25 Agenda Firepower Solution Introduction Firepower Threat Technologies DNS Security Intelligence & Sinkholing Firepower & AMP Threat Grid Integration Threat Intelligence Director Conclusions
26 Public Threat Grid AMP Threat Threat Score Score + Status Threat Grid SHA256 lookup Threat Report & Score Firepower Management Center captured file SHA256 lookup Protected Network Firepower NGIPS / Firepower Threat Defense / Firepower Services on ASA BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 28
27 Private AMP Threat Grid
28 Private AMP Threat Grid AMP SHA256 lookup Firepower Management Center SHA256 lookup Threat Report & Score Private Threat Grid SHA256 lookup captured file Protected Network Firepower NGIPS / Firepower Threat Defense / Firepower Services on ASA BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 32
29 Dynamic & Local Analysis In order to support a broad range of file types without overwhelming the dynamic analysis infrastructure, the device performs on-box file analysis to determine if it has indications that it is a viable sandbox sample On-box ClamAV engine w/ High-fidelity signature set Files supported for automatic submission MSEXE, PDF, MSOLE2, NEW_OFFICE Additional file-types supported for manual submission HTML, RTF, ZIP, SWF, XLW, JAR BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 33
30 Demo Setup
31 Angler & Cryptowall Identifying a Compromised Host Intranet Internet Cryptowall Malware Download Endpoint Malware Server alchemyofpresence.com BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 35
32 Demo
33 Agenda Firepower Solution Introduction Firepower Threat Technologies DNS Security Intelligence & Sinkholing Firepower & AMP Threat Grid Integration Threat Intelligence Director Conclusions
34 Evidence-based knowledge, including context, mechanisms, indicators, implications and actionable advice about an existing or emerging menace or hazard to assets that can be used to inform decisions regarding the subject s response to that menace or hazard. - Gartner Cisco s customers are investing in third-party Threat Intelligence feeds for a number of reasons Hunting Detection of advanced threats and campaigns that bypass traditional security measures Compliance Industry best practice and required by government and industry organizations Circle of Friends Availability of industry specific information on attacks and campaigns Problem Statement More intelligence sources become available everyday, but the products that are expected to provide utility from that intelligence aren t evolving to operationalize it BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 38
35 STIX Structured Threat Intelligence expression BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 39
36 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
37 Cisco Threat Intelligence Director 1 2 Indicators of Compromise (IOCs) Third-Party Intelligence Threat Intelligence Director NGFW NGIPS FMC Ingest 3 rd Party Cyber Threat Intelligence 2. Decompose & Publish Observables 3. Correlate Enriched Observations 4. Detect and alert on Incidents BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 41
38 Demo
39 Agenda Firepower Solution Introduction Firepower Threat Technologies DNS Security Intelligence & Sinkholing Firepower & AMP Threat Grid Integration Threat Intelligence Director Conclusions
40 Conclusions The Firepower solution delivers Threat Centric Network Security through a number of key feature sets Next-generation IPS & Network Awareness Indications of Compromise Security Intelligence DNS awareness Cisco Threat Intelligence Director Advanced Malware Protection AMP Threat Grid dynamic analysis Now go check out the products in the World of Solutions! BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 44
41 Complete your session evaluation!
42 Come take the Black Hat / White Hat Challenge See Firepower in Action! Right now in the DEVNET ZONE BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 46
43 Q&A
44 Cisco Firepower Sessions: Building Blocks TUESDAY WEDNESDAY THURSDAY BRKSEC-2050 Firepower NGFW Internet Edge Deployment Scenarios BRKSEC-2051 Deploying AnyConnect SSL VPN with ASA (and Firepower Threat Defense) ESTAMOS AQUÍ! BRKSEC-2058 A Deep Dive into using the Firepower Manager BRKSEC-2064 NGFWv and ASAv in Public Cloud (AWS and Azure) BRKSEC-2056 Threat Centric Network Security BRKSEC-3300 Advanced IPS Deployment BRKSEC-3667 Advanced Firepower SSL policy troubleshooting BRKSEC-3035 Firepower Platform Deep Dive BRKSEC-3455 Dissecting Firepower NGFW Installation & Troubleshooting BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 48
45 Security Beta Programs Security Customer Insights Security Beta Products Customer Benefits Free test hardware ASA Firepower NGFW/NGIPS Firepower Platforms Early experience with and training on new features and functionality AMP for Endpoints ISR ESA Demos and feedback sessions on product usability, design, and roadmaps ISE OpenDNS Stealthwatch Learning Networks Risk-free testing in the customer environment prior to FCS To participate in Beta: or Beta customer S1-3 issues fixed in GA release I've been involved in many beta programs I must say that this one has been the best organized. This beta has taken a very active, hands-on approach. - Liberal Arts College Customer BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 49
46 Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot#brksec Cisco and/or its affiliates. All rights reserved. Cisco Public
47 Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Complete Your Online Session Evaluation Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at Cisco and/or its affiliates. All rights reserved. Cisco Public
48 Continue Your Education Demos in the Cisco campus Walk-in Self-Paced Labs Tech Circle Meet the Engineer 1:1 meetings Related sessions BRKSEC Cisco and/or its affiliates. All rights reserved. Cisco Public 52
49 Thank you
50
Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017
Cisco Security Advanced Malware Protection Guillermo González Security Systems Engineer Octubre 2017 The New Security Model Attack Continuum Before During After Before Discover During Detect After Scope
More informationAlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment
BRKPAR-2488 AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment Edy Almer How to Secure and Automate Your Heterogeneous Cisco Environment Yogesh Kaushik, Senior Director Cisco Doug
More informationAMP for Endpoints & Threat Grid
AMP for Endpoints & Threat Grid Response & Prevention Dean De Beer & Eric Hulse BRKSEC-2029 AMP Threat Grid Malware Analysis Engines & Techniques A little background Malware Analysis & Threat Intelligence
More informationCisco Firepower NGIPS Tuning and Best Practices
Cisco Firepower NGIPS Tuning and Best Practices John Wise, Security Instructor High Touch Delivery, Cisco Learning Services CTHCRT-2000 Cisco Spark How Questions? Use Cisco Spark to communicate with the
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats You have a mandate to build and secure a network that supports ongoing innovation Mobile access Social collaboration Public / private hybrid
More informationProtection - Before, During And After Attack
Advanced Malware Protection for FirePOWER TM BENEFITS Continuous detection of malware - immediately and retrospectively Inline detection of sophisticated malware that evades traditional network protections
More informationFirewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků
Firewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků Jiří Tesař, CSE Security, jitesar@cisco.com CCIE #14558, SFCE #124266 Mapping Technologies to the
More informationAgile Security Solutions
Agile Security Solutions Piotr Linke Security Engineer CISSP CISA CRISC CISM Open Source SNORT 2 Consider these guys All were smart. All had security. All were seriously compromised. 3 The Industrialization
More informationSourcefire Network Security Analytics: Finding the Needle in the Haystack
Sourcefire Network Security Analytics: Finding the Needle in the Haystack Mark Pretty Consulting Systems Engineer #clmel Agenda Introduction The Sourcefire Solution Real-time Analytics On-Demand Analytics
More informationCisco Cloud Security. How to Protect Business to Support Digital Transformation
Cisco Cloud Security How to Protect Business to Support Digital Transformation Dragan Novakovic Cybersecurity Consulting Systems Engineer January 2018. Security Enables Digitization Digital Disruption,
More informationCloud-Managed Security for Distributed Networks with Cisco Meraki MX
Cloud-Managed Security for Distributed Networks with Cisco Meraki MX Joe Aronow, Product Architect Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this
More informationCisco Advanced Malware Protection against WannaCry
Cisco Advanced Malware Protection against WannaCry "A false sense of security is worse than a true sense of insecurity" Senad Aruc Consulting Systems Engineer Advanced Threats Group Nils Roald Advanced
More informationAutomated Response in Cyber Security SOC with Actionable Threat Intelligence
Automated Response in Cyber Security SOC with Actionable Threat Intelligence while its biggest weakness is lack of visibility: SOCs still can t detect previously unknown threats, which is a consistent
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats Digital Transformation on a Massive Scale 15B Devices Today Attack Surface 500B Devices In 2030 Threat Actors $19T Opportunity Next 10 Years
More informationThreat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ
Threat Containment and Operations Yong Kwang Kek, Director of Presales SE, APJ 2018-07-19 1 1 2017 Infoblox Inc. All Rights 2013 Infoblox Inc. All Reserved. Rights Reserved. Three Aspects of Security #1
More informationCloudCenter for Developers
DEVNET-1198 CloudCenter for Developers Conor Murphy, Systems Engineer Data Centre Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the
More informationCisco AMP Solution. Rene Straube CSE, Cisco Germany January 2017
Cisco AMP Solution Rene Straube CSE, Cisco Germany January 2017 The AMP Everywhere Architecture AMP Protection Across the Extended Network for an Integrated Threat Defense AMP Threat Intelligence Cloud
More informationCisco Security Enterprise License Agreement
Cisco Security Enterprise License Agreement Deploy Software and Technology more easily The Cisco Security Enterprise Licensing Agreement (ELA) gives you a simpler way to manage your licenses. And it saves
More informationCisco Advanced Malware Protection. May 2016
Cisco Advanced Malware Protection May 2016 The Reality Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious traffic 100% Cybercrime is lucrative, barrier
More informationCisco ASA 5500-X NGFW
Cisco ASA 5500-X NGFW Sieťová ochrana pre malé a stredné podniky pred modernými hrozbami Peter Mesjar CCIE 17428, Systémový Inžinier, Cisco What are we going to talk about Problem is THREATS How today
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization Changing Business Models Any Device
More informationNXOS in the Real World Using NX-API REST
NXOS in the Real World Using NX-API REST Adrian Iliesiu Corporate Development Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationDesign and Deployment of SourceFire NGIPS and NGFWL
Design and Deployment of SourceFire NGIPS and NGFWL BRKSEC - 2024 Marcel Skjald Consulting Systems Engineer Enterprise / Security Architect Abstract Overview of Session This technical session covers the
More informationCisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339
Cisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339 Agenda Introduction to Lab Exercises Platforms and Solutions ASA with
More informationAby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.
Aby se z toho bezpečnostní správci nezbláznili aneb Cisco security integrace Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace Milan Habrcetl Cisco CyberSecurity Specialist Mikulov,
More informationBest Security and deployment strategies SMB NGFW deployment
Best Security and deployment strategies SMB NGFW deployment Anant Mathur, Manager Technical Marketing Cisco Spark How Questions? Use Cisco Spark to chat with the speaker after the session 1. Find this
More informationGlobal vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year
Global vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year Firepower Next Generation Firewall Subtitle goes here William Young Security Solutions Architect, Global Security Architecture Team
More informationCisco Ransomware Defense The Ransomware Threat Is Real
Cisco Ransomware Defense The Ransomware Threat Is Real Seguridad Integrada Abril 2018 Ransomware B Malicious Software Encrypts Critical Data Demands Payment Permanent Data Loss Business Impacts Ramifications
More informationCisco Advanced Malware Protection for Networks
Data Sheet Cisco Advanced Malware Protection for Networks Product Overview Fighting malware effectively today requires new approaches, strategies, and technologies. Cisco Advanced Malware Protection (AMP)
More informationCisco Security Exposed Through the Cyber Kill Chain
Cisco Forschung & Lehre Forum für Mecklenburg Vorpommern Cisco Security Exposed Through the Cyber Kill Chain Rene Straube CSE, Cisco Advanced Threat Solutions January, 2017 The Cisco Security Model BEFORE
More informationHow to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption
How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption Nikos Mourtzinos, CCIE #9763 Cisco Cyber Security Sales Specialist April 2018 New
More informationCisco Advanced Malware Protection for Networks
Data Sheet Cisco Advanced Malware Protection for Networks Product Overview Fighting malware effectively today requires new approaches, strategies, and technologies. Cisco Advanced Malware Protection (AMP)
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationA Deep Dive into the Firepower Manager
A Deep Dive into the Firepower Manager William Young, Security Solutions Architect willyou@cisco.com @WilliamDYoung BRKSEC-2058 Just some Security Guy William Young Security Solutions Architect, Cisco
More informationMonitoring the Device
The system includes dashboards and an Event Viewer that you can use to monitor the device and traffic that is passing through the device. Enable Logging to Obtain Traffic Statistics, page 1 Monitoring
More informationCisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer
Cisco Next Generation Firewall and IPS Dragan Novakovic Security Consulting Systems Engineer Cisco ASA with Firepower services Cisco TALOS - Collective Security Intelligence Enabled Clustering & High Availability
More informationCisco Threat Grid Integrations with Web, and Endpoint Security
Cisco Threat Grid Integrations with Web, Email and Endpoint Security Moritz Wenz, Manager Systems Engineering, Advanced Threat Solutions Rene Straube, Consulting Systems Engineer, Advanced Threat Solutions
More informationWe re ready. Are you?
We re ready. Are you? Defense against Multi-Vector Threats with Cisco Email and Web Security Usman Din Consulting Systems Engineer Agenda Threat Landscape Email and Web Solutions: Reputation Filtering
More informationRouting Underlay and NFV Automation with DNA Center
BRKRST-1888 Routing Underlay and NFV Automation with DNA Center Prakash Rajamani, Director, Product Management Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session
More informationRadware: Anatomy of an IoT Botnet and Economics of Defense
BRKPAR-4000 Radware: Anatomy of an IoT Botnet and Economics of Defense Eric Grubel Anatomy of an IoT Botnet and Economics of Defense Eric Grubel VP, Business Development January 2018 Theme of Discussion
More informationAdvanced IPS Deployment
Advanced IPS Deployment Gary Halleen, Technical Solutions Architect BRKSEC-3300 About your Speaker Gary Halleen gary@cisco.com Technical Solutions Architect Cisco Global Security Sales Organization Oregon
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationNext generation branch with SD-WAN and NFV
Next generation branch with SD-WAN and NFV Kiran Ghodgaonkar, Senior Manager, Enterprise Marketing Mani Ganeson, Senior Product Manager PSOCRS-2004 @ghodgaonkar Cisco Spark How Questions? Use Cisco Spark
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationFile Policies and AMP for Firepower
The following topics provide an overview of file control, file policies, file rules, AMP cloud connections, and dynamic analysis connections. About, page 1 File Control and Cisco AMP Basics, page 2 File
More informationMAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric
More informationAccess Control Using Intrusion and File Policies
The following topics describe how to configure access control policies to use intrusion and file policies: Intrusions and Malware Inspection Overview, page 1 Access Control Traffic Handling, page 2 File
More informationInnovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security
Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security Sven Kutzer Consulting Systems Engineer GSSO - CYBERSECURITY SALES Mittwoch, 7. März 2018 Challenges 2017
More informationIntelligent Cyber Security for Real World
Intelligent Cyber Security for Real World Simone Posti Security Account Manager Cisco GSSO June 2016 The Security Challenges Without integrated security, our data is at risk 60% of data is stolen in HOURS
More informationLicensing the Firepower System
The following topics explain how to license the Firepower System. About Firepower Feature Licenses, page 1 Service Subscriptions for Firepower Features, page 1 Classic Licensing for the Firepower System,
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect
Cisco Cyber Range Paul Qiu Senior Solutions Architect Cyber Range Service A platform to experience the intelligent Cyber Security for the real world What I hear, I forget What I see, I remember What I
More informationThe following topics describe how to manage various policies on the Firepower Management Center:
The following topics describe how to manage various policies on the Firepower Management Center: Policy Deployment, page 1 Policy Comparison, page 11 Policy Reports, page 12 Out-of-Date Policies, page
More informationFile Policies and Advanced Malware Protection
The following topics provide an overview of file control, file policies, file rules, AMP cloud connections, and dynamic analysis connections. About, on page 1 File Control and Cisco AMP Basics, on page
More informationCisco SD-Access Hands-on Lab
LTRCRS-2810 Cisco SD-Access Hands-on Lab Larissa Overbey - Technical Marketing Engineer, Cisco Derek Huckaby - Technical Marketing Engineer, Cisco https://cisco.box.com/v/ltrcrs-2810-bcn2018 Password:
More informationCloud Mobility: Meraki Wireless & EMM
BRKEWN-2002 Cloud Mobility: Meraki Wireless & EMM Emily Sporl Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile
More informationDeploying Intrusion Prevention Systems
Deploying Intrusion Prevention Systems Gary Halleen Consulting Systems Engineer II Agenda Introductions Introduction to IPS Comparing Cisco IPS Solutions IPS Deployment Considerations Migration from IPS
More informationFirepower Techupdate April Jesper Rathsach, Consulting Systems Engineer Cisco Security North April 2017
Firepower 6.2.1 Techupdate April 2017 Jesper Rathsach, Consulting Systems Engineer Cisco Security North April 2017 Firepower 6.2.1 Nr. 1 most important!! Firepower 6.2.1 BUGFIXES!!!!! Alle kendte severity
More informationSecurity Experts Webinar
Security Experts Webinar Content Security Email and Web Fabio Panada Consulting Systems Engineer Security Mauro Pellicioli Systems Engineer May 2016 Content Security - Agenda Threat Landscape Cisco Approach
More informationAccess Control Using Intrusion and File Policies
The following topics describe how to configure access control policies to use intrusion and file policies: About Deep Inspection, page 1 Access Control Traffic Handling, page 2 File and Intrusion Inspection
More informationTetration Hands-on Lab from Deployment to Operations Support
LTRACI-2184 Tetration Hands-on Lab from Deployment to Operations Support Furong Gisiger, Solutions Architect Lawrence Zhu, Sr. Solutions Architect Cisco Spark How Questions? Use Cisco Spark to communicate
More informationYour API Toolbelt Tools and techniques for testing, monitoring, and troubleshooting REST API requests
DEVNET-1631 Your API Toolbelt Tools and techniques for testing, monitoring, and troubleshooting REST API requests Adam Kalsey, Spark Developer Relations Cisco Spark How Questions? Use Cisco Spark to communicate
More informationAutomation and Programmability using Cisco Open NXOS and DevOps Tools
Automation and Programmability using Cisco Open NXOS and DevOps Tools Jeff Lester Sr. Solutions Integration Architect Matt Tarkington Consulting Engineer Services Cisco Spark How Questions? Use Cisco Spark
More informationYes, You can protect your endpoints! Szilard Csordas, Security Consultant scsordas [at] cisco.com
Yes, You can protect your endpoints! Szilard Csordas, Security Consultant scsordas [at] cisco.com Endpoint Footprint Problem: TOO MANY AGENTS! Anti-Virus/Anti-Spyware agent IPSec/SSLVPN agent Host IPS/FW
More informationTrend Micro Deep Discovery Training Advanced Threat Detection 2.0 for Certified. Professionals Course Description
Trend Micro Deep Discovery Training Advanced Threat Detection 2.0 for Certified Professionals Course Description Length Courseware 3 Day ebooks Trend Micro Deep Discovery Training Advanced Threat Detection
More informationStopping Advanced Persistent Threats In Cloud and DataCenters
Stopping Advanced Persistent Threats In Cloud and DataCenters Frederik Van Roosendael PSE Belgium Luxembourg 10/9/2015 Copyright 2013 Trend Micro Inc. Agenda How Threats evolved Transforming Your Data
More informationNext Generation IPS and Advance Malware Protection. Mahmoud Rabi Consulting Systems Engineer - Security
Next Generation IPS and Advance Malware Protection Mahmoud Rabi Consulting Systems Engineer - Security Threat Landscape and Attack Continuum Today s Real World: Threats are evolving and evading traditional
More informationIntroducing Cisco Network Assurance Engine
BRKACI-2403 Introducing Cisco Network Assurance Engine Intent Based Networking for Data Centers Sundar Iyer, Distinguished Engineer Head Cisco Network Assurance Engine Team Dhruv Jain, Director of Product
More informationA MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE
SESSION ID: SPO2-W12 A MULTILAYERED SECURITY APPROACH TO KEEPING HEALTHCARE DATA SECURE Frank Bunton VP, CISO MedImpact Healthcare Systems, Security @frankbunton Larry Biggs Security Engineer III - Threat
More informationHybrid Cloud Automation using Cisco CloudCenter API
Hybrid Cloud Automation using Cisco CloudCenter API Ray Doerr, Advanced Services Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationNGFWv & ASAv in Public Cloud (AWS & Azure)
& in Public Cloud (AWS & Azure) Anubhav Swami, CCIE# 21208 Technical Marketing Engineer Your Speaker Anubhav Swami answami@cisco.com Technical Marketing Engineer 5 years in Cisco TAC 2 years in ASA BU
More informationKey Technologies for Security Operations. Copyright 2014 EMC Corporation. All rights reserved.
Key Technologies for Security Operations 2 Traditional Security Is Not Working 97% of breaches led to compromise within days or less with 72% leading to data exfiltration in the same time Source: Verizon
More informationProtecting Your Digital Business: The Case for Next-Generation Intrusion Prevention
White Paper Protecting Your Digital Business: The Case for Next-Generation Intrusion Prevention What You Will Learn Many companies that adopt a next-generation firewall (NGFW) believe that they can t benefit
More informationTHE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson
THE RSA NETWITNESS SUITE REINVENT YOUR SIEM Presented by: Walter Abeson 1 Reality Goals GOALS VERSUS REALITY OF SIEM 1.0 Single compliance & security interface Analyze & prioritize alerts across various
More informationApplied Advanced Network Telemetry: ETA and Beyond
BRKSEC-2809 Applied Advanced Network Telemetry: ETA and Beyond TK Keanini, Principal Engineer Blake Anderson, Technical Leader Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker
More informationProduct Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd
Product Roadmap Symantec Endpoint Protection Suzanne Konvicka & Paul Murgatroyd Symantec Endpoint Protection Product Roadmap 1 Safe Harbor Disclaimer Any information regarding pre-release Symantec offerings,
More informationPSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco
PSOACI-4592 Why ACI: An overview and a customer (BBVA) perspective TJ Bijlsma César Martinez Joaquin Crespo Technology Officer DC EMEAR Cisco Lead Architect BBVA Lead Architect BBVA Cisco Spark How Questions?
More informationDemystifying Machine Learning
Demystifying Machine Learning Dmitry Figol, WW Enterprise Sales Systems Engineer - Programmability @dmfigol CTHRST-1002 Agenda Machine Learning examples What is Machine Learning Types of Machine Learning
More information2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco ACI App Center Fabrice Servais, Software Engineer, Data Center Networking, Cisco Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationEU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux
EU GENERAL DATA PROTECTION: TIME TO ACT Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux Is this the WAY you handle GDPR today 2 3 area s to consider
More informationFireproofing your network Do your own security check
Fireproofing your network Do your own security check bb! Cisco Connect 2016, October 19 th Cristian Ionescu, CTO, CCIE #20005 Cosmin Voicu, Senior Solution Engineer, CCIE #37076 1. About us About us IT
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationHow to build a multi-layer Security Architecture to detect and remediate threats in real time
How to build a multi-layer Security Architecture to detect and remediate threats in real time Nikos Mourtzinos, CCIE #9763 Cisco Cyber Security Sales Specialist March 2018 Agenda Cisco Strategy Umbrella
More informationEnhanced Threat Detection, Investigation, and Response
Enhanced Threat Detection, Investigation, and Response What s new in Cisco Stealthwatch Enterprise Release 6.10.2 Cisco Stealthwatch Enterprise is a comprehensive visibility and security analytics solution
More informationThe Importance of Threat-Centric Security
The Importance of Threat-Centric Security Martin Roesch Vice President and Chief Architect, Cisco Security Business Group Leon Ward Group Product Manager, Security Innovation Agenda Today s Security Challenges
More informationStop Threats Before They Stop You
Stop Threats Before They Stop You Gain visibility and control as you speed time to containment of infected endpoints Andrew Peters, Sr. Manager, Security Technology Group Agenda Situation System Parts
More informationPSOACI Tetration Overview. Mike Herbert
Tetration Overview Mike Herbert Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion
More informationCloud-Ready WAN For IAAS & SaaS With Cisco s Next- Gen SD-WAN
BRKCRS-2113 Cloud-Ready WAN For IAAS & SaaS With Cisco s Next- Gen SD-WAN Sumanth Kakaraparthi Product Leader SD-WAN Manan Shah Director Of Product Management Cisco Spark How Questions? Use Cisco Spark
More informationKey Security Measures to Enable Next-Generation Data Center Transformation
Key Security Measures to Enable Next-Generation Data Center Transformation Bill McGee Senior Manager, Security Solutions Cisco Systems, Inc. Agenda Data Center Security Challenges Secure DC Strategies
More informationSnort: The World s Most Widely Deployed IPS Technology
Technology Brief Snort: The World s Most Widely Deployed IPS Technology Overview Martin Roesch, the founder of Sourcefire and chief security architect at Cisco, created Snort in 1998. Snort is an open-source,
More informationMcAfee Advanced Threat Defense
Advanced Threat Defense Detect advanced malware Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike
More informationGet Hands On With DNA Center APIs for Managing Intent
DEVNET-3620 Get Hands On With DNA Center APIs for Managing Intent Adam Radford Distinguished Systems Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session
More informationBuilding Resilience in a Digital Enterprise
Building Resilience in a Digital Enterprise Top five steps to help reduce the risk of advanced targeted attacks To be successful in business today, an enterprise must operate securely in the cyberdomain.
More informationImplementing Cisco Edge Network Security Solutions ( )
Implementing Cisco Edge Network Security Solutions (300-206) Exam Description: The Implementing Cisco Edge Network Security (SENSS) (300-206) exam tests the knowledge of a network security engineer to
More informationBGP in the Enterprise for Fun and (fake) Profit: A Hands-On Lab
BGP in the Enterprise for Fun and (fake) Profit: A Hands-On Lab Michael Kowal, Principal Systems Engineer, @ciscomk Dash Thompson, Systems Engineer, @dash_thompson Abel Ramirez, Systems Engineer, @ramirezabel21
More informationSourcefire and ThreatGrid. A new perspective on network security
Sourcefire and ThreatGrid A new perspective on network security Agenda An overview of traditional IPS solutions Next-Generation IPS Requirements Sourcefire Next-Generation IPS Advanced Malware Protection
More informationAgenda: Insurance Academy Event
Agenda: Insurance Academy Event Drs Ing René Pluis MBA MBI Cyber Security Lead, Country Digitization Acceleration program the Netherlands The Hague, Thursday 16 November Introduction Integrated Security
More informationEncrypted Traffic Analytics
Encrypted Traffic Analytics Introduction The rapid rise in encrypted traffic is changing the threat landscape. As more businesses become digital, a significant number of services and applications are using
More informationIpswitch: The New way of Network Monitoring and how to provide managed services to its customers
BRKPAR-2333 Ipswitch: The New way of Network Monitoring and how to provide managed services to its customers Paolo Ferrari, Senior Director Sales Southern Europe, Ipswitch, Inc. WhatsUp Gold Jan 2018 Agenda
More informationDeploying Cloud-Agnostic Applications with Cisco CloudCenter
LTRCLD-2303 Deploying Cloud-Agnostic Applications with Cisco CloudCenter Zack Kielich CloudCenter Product Manager Vince Motto Sr. Technical Leader Andrew Horrigan Consulting Engineer Matt Tarkington Consulting
More informationIntelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales
Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales The Industrialization of Hacking Sophisticated Attacks, Complex Landscape Hacking Becomes an Industry Phishing,
More information