Best Practices to deploy secure Cloud Collaboration solutions in context of a Cloud Ready network
|
|
- Phebe Floyd
- 5 years ago
- Views:
Transcription
1
2 Best Practices to deploy secure Cloud Collaboration solutions in context of a Cloud Ready network Marc Dionysius Technical Solutions Architect
3 Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot# 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
4 Agenda Introduction and Objectives Current challenges How to address the existing network architecture? Why are Cloud Ready Network Concepts relevant? A different angle to Cloud Security Conclusion
5 Objectives Cloud Collaboration services continue to grow and present customers and partners with both opportunities and challenges to deploy those services in today s customer environments. This session will review design and deployment considerations for secure Cloud Collaboration solutions in the context of current customer network architectures including proxies, centralized internet breakouts and future evolutions towards cloud-ready networks. It is designed for individuals looking to understand the various aspects, benefits and challenges of moving solutions towards Cisco Collaboration Cloud and Cisco Spark Cisco and/or its affiliates. All rights reserved. Cisco Public 5
6 Current challenges
7 Cloud and Security are mutually exclusive! Undisclosed customer quote 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
8 The New Normal More targeted attacks More than 100 targeted breach attempts every year Shortage of cybersecurity expertise 1.5 million job openings by 2019 Attacks are faster than ever but still take too long to find 82% of compromises measured in minutes 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
9 Are Cloud and Security Mutually really mutually exclusive? Source: Gartner Highlights the Top 10 Cloud Myths 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
10 We expect your solution to fit into our existing security framework. Undisclosed customer quote 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
11 Collaboration Security a History tour into Cisco and/or its affiliates. All rights reserved. Cisco Public 12
12 How to address the existing network architecture?
13 What topology we typically see in a customer s network? Internal DMZ Internet IdP Datacenter Cisco Collaboration Cloud Cloud Remote Site IP WAN Voice Video Endpoints IdP Desktops/Laptops Teleworker Wireless Devices 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
14 Cisco Spark - Types of Traffic Spark Clients Messages, Media Signalization, notifications, Control and Analytics Traffic HTTPS and WSS Spark Services Voice, Video and Content Share SRTP and STUN 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
15 Traffic Flow Scenario 1 - Security relaxed customer, policies only enforced in the FW Internal DMZ Internet 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
16 Traffic Flow Scenario 2 - Security aware customer, policies enforced in the FW and Proxy Internal DMZ Internet Proxy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
17 Traffic Flow Scenario 3 - Security focus customer, policies enforced in the FW and Proxy plus no direct connection to internet Internal DMZ Internet Proxy HMN 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
18 What is a proxy? Proxy is a machine or groups of machines that allow computers in the internal LAN of the customer to reach to the internet. Mainly they deliver services for HTTP/HTTPS Protocol but other services are also supported ( FTP, Gopher, etc. ) Typically we see them in customer network that don t give direct access to the internet/outside Cisco and/or its affiliates. All rights reserved. Cisco Public 20
19 Objective of proxies? Caching To allow the speed of downloading content from the internet, assuming that most of the times many user in the same organization access to the same sites. Filtering Limiting to which sites the user of a specific organization can have access to. Authentication Making sure that only valid users from a specific organization are allowed to access to the internet. Inspect Some proxies also allow for inspection of HTTP/HTTPS traffic to make sure it is legit 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
20 Proxy Hot to configure Manually user needs to manually configure the proxy in the web bowser or OS, it is a process that is unpractical in mid size to big organization GPO Using Widows Group policy, Active Directory administrators can push to the Windows desktops the configuration for the proxies. PAC Allow for administrators to create a file, to be store in a web Server, that specifies the proxies and exceptions. Easier to manage, since only requires that the user configure an URL WPAD - The Web Proxy Auto-Discovery Protocol (WPAD) is a method used by clients to locate the URL of a configuration file using DHCP and/or DNS discovery methods Cisco and/or its affiliates. All rights reserved. Cisco Public 22
21 Proxy How to authenticate? No Authentication User or Endpoint does not need to authenticate against the proxy. Basic Defined in RFC 2617, in Basic Authentication the client sends the username and password as unencrypted base64 encoded text. Digest Same as Basic, but instead of passing the password in clear text, uses a hash based on the password and several other parameters. Only very few proxy servers support Digest authentication and if so, it can t use User password in Active Directory NTLM - is a protocol that is used in several Microsoft network implementations to enable single sign-on across different services and use a Challenge/Response mechanisms for delivering authentication, password is never travels over the network. Negotiate - Microsoft release Simple And Protected Negotiate ( SPNEGO ) authentication method. In this method the server asked for Negotiate in the proxy Authentication, the clients will reply with a Kerberos ticket but can fallback to NTLM credentials. (First appear part of RFC 1510 but become obsolete by RFC 4120) 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
22 Proxy Inspection using TLS intercept How does TLS works? client Server Secure Sockets Layer (SSL) and its successor Transport Layer Security (TLS) are key components of secure communications in insecure medias. The privacy, integrity, and authenticity provided by these protocols are extremely important to transmit data. Modern implementations generally support both TLSv1.0 and TLSv1.1, with TLSv1.2. All communications relies on the validation of the certificates exchange TLS intercept acts as a MiTM, will open the possibility of such attacks to the clients, need to be carefully planned. Verify Server Certificate Client Hello Server Hello Server Certificate Cipher Suite Request client Certificate Client Certificate Cipher suite Client Finished Message Server Finished Message Encrypted Data 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
23 Proxy Inspection using TLS intercept How does proxy do TLS intercept? Client Proxy Server Intercept proxies can be deployed in several ways, depending on their purpose and what type of inspection they do. Intercept proxies can be Deep Packet Inspection devices, can be included in next-generation firewalls, or do data loss prevention (DLP). Verify Server Certificate Client Hello Server Hello Server Certificate Cipher Suite Request client Certificate Client Certificate Cipher suite Client Finished Message Server Finished Message Data Verify Server Certificate Client Hello Server Hello Server Certificate Cipher Suite Request client Certificate Client Certificate Cipher suite Client Finished Message Server Finished Message Data Unencrypted Data 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 25
24 TLS intercept How to validate? In TLS, Clients needs to validate Server components. So our Client needs to validate the Certificate used by the proxy, so it needs to trust the Enterprise or Public CA that sign it. But since the proxy itself is also a client for the second segment, so it needs to validate the Public CA that sign the Server. Client Certificate TrustStore Enterprise CA DMZ Proxy Certificate TrustStore Public CA Server Certificate TrustStore There isn t much point of doing TLS intercept to Spark traffic since inside the TLS packets there is another layer of encryption that proxies can t decrypt, so the only advance would be to know the full URL s used by Spark Service 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
25 Spark Security Architecture End to End Secure Communication Transport Key Management Establish TLS connection Mutual TLS connection OAuth to authorize services Inter service message transport Establish end to end ECDHE communication channel Client verifies KMS identity through PKI certificate Crypto Key operations (key material) not visible to other cloud components Establish TLS connection Inter service message transport Secure TLS REST interfaces Interaction between services based on certificate based MTLS Service components authorization by OAuth Tokens Secure client connection to service over TLS End to End Client to Key Management channel negotiated ECDHE Identity of Key Management Service verified by PKI certificate Client to Key Management crypto key operations E2E secured over transport layer JSON Web Encryption (JWE, RFC 7516) 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
26 Proxy exceptions for Spark traffic An alternative to TCP Intercept Most of the Proxy can create rules base on destinations. There are rules like TLS intercept bypass, authentication bypass, etc. For Spark we published the URLs that we require for the Spark service to work. Some proxies like the Cisco WSA have the capabilities of getting all this URL s from a single live feed: /assets/docs/spark_wsa.csv Cisco and/or its affiliates. All rights reserved. Cisco Public
27 Recommendations regarding Proxies Spark traffic has encrypted traffic inside HTTPS connections, so even TLS delivers Hop by Hop encryption for the connections we add end-to-end encryption for the Spark traffic: In fact the only advantage of TLS Intercept is just to understand the destination URL (not only the domain information that the TLS connections provides by default), the traffic is complete opaque to the proxy Alternatively, create an exception in the proxy to exclude Spark traffic from the TLS Intercept and/or Authentication as described on the previous slide. We are absolutely NOT recommending to turn off TLS Intercept in general!! Spark Devices: recommendation is by using Destination (Cisco Spark domains) and User Agent of the HTTP request, to create rules where the Spark devices (CE and SparkBoard) will use a specific policy with exceptions for Cisco Spark, with no Authentication or TLS intercept configured Cisco and/or its affiliates. All rights reserved. Cisco Public 30
28 WSA Proxy authentication using ISE with.1x Some endpoints like CE and SB devices have no easy way of delivering secure authentication against proxies. If there is the need to authenticate on multiple OSI layers ( network, application ) why not use one to provide authentication to the other? Enterprise CA ISE Switch WSA Web Service Sign certificate from a CA Access to network, switch will redirect to the ISE ISE will ask for.1x certificate base authentication Endpoint with proxy configuration will request access to web services WSA using pxgrid will check is device did successful.1x authentication Endpoint connect securely to the Web Service using authenticated proxies without user interaction 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
29 Proxy support - what does it means? When we talk about proxy support we only talking HTTPS and WSS traffic. Media over proxies isn t recommended, proxies were not designed to handle media, their performance is really bad and doesn t scale. Spark Clients Messages, Media Signalization, notifications, Control and Analytics Traffic HTTPS and WSS Voice, Video and Content Share SRTP and STUN Spark Services 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
30 Firewall Requirements
31 Spark Clients Message, Signalization, Notification and Control Messages, Media Signalization, notifications, Control and Analytics Traffic HTTPS and WSS Spark Services Internal DMZ Internet Media goes directly to the internet using HTTPS WSS protocol. Internal DMZ Internet Signalization goes through Proxy (rules already in place in the firewall). Proxy 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
32 Protocol and Ports used by Spark Assuming the most simple scenario with direct connection to the internet Protocol : TCP Source IP : Internal LAN IP address Range Source Port : Ephemeral Destination IP : Any IP Destination Port : 443 Internal DMZ Internet Protocol : UDP Source IP : Internal LAN IP Source Port : Voice Video Destination IP : Any IP Destination Port : 5004 Fallback Protocol : TCP Source IP : Internal LAN IP Source Port : Ephemeral Destination IP : Any IP Destination Port : Cisco and/or its affiliates. All rights reserved. Cisco Public
33 Protocol and Ports used by Spark From a Media perspective Spark clients always try to use UDP but will fallback to TCP if UDP is closed. TCP might impact media quality and it can t guarantee quality for Real Time Media. As last case scenario for the software clients (Win, MAC, ios and Android ) we can use HTTPS proxies for media, but it isn t recommended. Cisco can t help much if there will be quality issues with media. Spark Boards in old versions of SW need to access NTP ( port 123 ), but in new versions Protocol : TCP Source IP : Internal LAN IP address Range Source Port : Ephemeral Destination IP : Any IP Destination Port : 443 will use DHCP. Internal DMZ Internet Protocol : UDP Fallback Source IP : Internal LAN IP Source Port : Voice Video Destination IP : Any IP Destination Port : 5004 Protocol : TCP Source IP : Internal LAN IP Source Port : Ephemeral Destination IP : Any IP Destination Port : Cisco and/or its affiliates. All rights reserved. Cisco Public 36
34 Internal DMZ Internet Firewall rules for Media HMN Option 1 Access to the Spark Service through Hybrid Media Node. All clients inside the customer network would connect to the Hybrid Media Node, if there will be participants outside the customer network then HMN would cascade the media flow to the cloud. Unique sources, very well defines, if necessary in special DMZ s to protect to connect to the Spark services in the Cloud. Will open UDP connection to a destination port 5004, few additional ports needed, please review reference slides in the Appendix Cisco and/or its affiliates. All rights reserved. Cisco Public 37
35 Internal DMZ Internet Firewall rules for Media Option 2 Using firewalls with STUN support Defined in RFC3489. Uses UDP from any Spark client inside the customer network using source ports Voice Video Where the destination might be any IP address in the internet with destination port 5004 STUN allow to open up pinholes only if the system is WebRTC compliant, and there is an external recipient expecting the traffic (prevents enterprise from being source of DDoS). From a security perspective this is the recommended model but require Firewalls that use STUN for WebRTC traffic like Cisco ASA Cisco and/or its affiliates. All rights reserved. Cisco Public 38
36 Internal DMZ Internet Firewall rules for Media Option 3 Direct access to the Spark Service using UDP protocol for media using specific destination IP addresses. We require that the administrator configure the firewall to access inside initiated UDP flow with return to the same 5-Tuple (Source IP address/port number, destination IP address/port number and the protocol in use ) with a 30s timeout on the creation of the pinhole, Bidirectional media is sent over this flow. Uses UDP from any Spark client inside the customer network using source ports Voice Video Where the destination might be two /19 prefixed in the internet with destination port 5004 This is EFT today, will be GA soon Cisco and/or its affiliates. All rights reserved. Cisco Public 39
37 Internal DMZ Internet Firewall rules for Media Option 4 Direct access to the Spark Service using UDP protocol for media. We require that the administrator configure the firewall to access inside initiated UDP flow with return to the same 5-Tuple (Source IP address/port number, destination IP address/port number and the protocol in use ) with a 30s timeout on the creation of the pinhole, Bidirectional media is sent over this flow. Uses UDP from any Spark client inside the customer network using source ports Voice Video Where the destination might be any IP address in the internet with destination port Cisco and/or its affiliates. All rights reserved. Cisco Public 40
38 Spark Clients Media for Voice, Video and Content Sharing Voice, Video and Content Share SRTP and STUN Spark Services Option 1 Access to the Spark Service through Hybrid Media Node. Option 2 Direct access to the Spark Service using firewalls with STUN support. Option 3 Direct access to the Spark Service using UDP protocol for media using specific destination IP addresses. Option 4 Direct access to the Spark Service using UDP protocol for media. Option 5 Direct access to the Spark Service using TCP protocol for media. Option 6 Access to the Spark Service using Proxy Cisco and/or its affiliates. All rights reserved. Cisco Public 43
39 Why are Cloud Ready Network Concepts relevant?
40 With the growing number of Cloud Services consumed by our organization, we have to re-think our current Internet Breakout strategy! Undisclosed customer Manager Solution Architecture Network & Unified Communications 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
41 Why are enterprises thinking about SD-WAN? 50% of Apps accessed via Internet 58% Of IT budgets spent on WAN Connectivity 32.4% Cite management of connectivity at branch as a challenge 48.6% Cite poor application performance and latency as corporate WAN concern 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 46
42 Secure SD-WAN and Cloud Access Optimized Hybrid WAN Branch MPLS (IP-VPN) 3G/4G-LTE Private Cloud Virtual Private V Cloud DirectAccess Cloud Internet Public Cloud 1. IWAN Secure VPN for private and virtual private cloud access 2. Leverage local Internet path for public cloud and Internet access Increase WAN transport capacity and app performance cost effectively! Improve application performance (right flows to right places) 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
43 SD-WAN: Secure Connectivity Secure WAN Transport Branch MPLS (IP-VPN) Private Cloud Virtual Private Cloud Secure Internet Access Internet Public Cloud Two areas of concern 1. Protecting the network from outside threats with data privacy over provider networks 2. Protecting user access to Public Cloud and Internet services; malware, privacy, phishing, 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
44 SD-WAN: Direct Cloud Access MPLS (IP-VPN) Private Cloud Virtual Private Cloud Branch Internet Direct Cloud Access Umbrella Public Cloud Leverage Local Internet path for Public Cloud and Internet access Improve application performance (right flows to right places) Solutions On Premise Zone Based Firewall Cloud Based Cloud Umbrella Branch 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 49
45 Cisco Umbrella Any device User request patterns Used to detect: Compromised systems Command and control callbacks Malware and phishing attempts Algorithm-generated domains Domain co-occurrences Newly registered domains Authoritative DNS logs Used to find: Newly staged infrastructures Malicious domains, IPs, ASNs DNS hijacking Fast flux domains Related domains Authoritative DNS root com. domain.com Cisco and/or its affiliates. All rights reserved. Cisco Public 50
46 Improving Cloud User Experience and Security Cloudlock vprivate Cloud Internet DMZ Secure Direct Cloud Access From the DC From the Branch From a Colocation Facility (Colo) From within a Cloud Service (AWS, Azure,..) Colo MPLS INET MPLS V vprivate Cloud V MPLS Internet INET DC Pervasive Security User, Transport, Cloud, Internet & Compliance AVC OpenDNS Umbrella R14 Branch Site 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 51
47 A different angle to Cloud Security
48 Cisco Cloudlock Discover and Control Compromised Accounts Data Exposures and Leakages Cloud Malware Insider Threats Privacy and Compliance Violations Shadow IT/OAuth Discovery and Control User and Entity Behavior Analytics Cloud Data Loss Prevention (DLP) Apps Firewall 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 53
49 More of a proactive approach Events API for Data Loss Prevention, Archival, ediscovery API enables polling for events and content that enables organizations to monitor and correct user behavior, preventing the loss of sensitive data Cisco Spark Events API Third party DLP or CASB Integrations Third-party vendor software Corrective actions policies Delete content Alert user / admin 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 54
50 More of a proactive approach cont. Cloud Access Security Broker (CASB) Unmanaged Users Unmanaged Devices Cisco Spark PUBLIC ADMIN OAUTH API ACCESS ACCES Authorized S Unmanaged Network (Cisco?) NGFW/Umbrella Managed Users Managed Devices Managed Network 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 55
51 More of a proactive approach cont. Vendors for Compliance and Data Loss Prevention (DLP) 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 56
52 Conclusions
53 Conclusions Cloud and Security can be absolutely working hand in hand. In order to deploy Cisco Collaboration Cloud in a current customer network we may need to elaborate that a different approach is NOT less secure. Understand the bigger picture and the change that Cloud Applications bring to all aspects of a customer network and try to address customer demands and concerns in a cross-architecture approach. Leverage the full capabilities of Cisco s Collaboration Cloud to include it into a general framework for secure Cloud Application Access to address both, the technical requirements and the user side Cisco and/or its affiliates. All rights reserved. Cisco Public 58
54 Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion 3. Install Spark or go directly to the space 4. Enter messages/questions in the space cs.co/ciscolivebot# 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
55 Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Complete Your Online Session Evaluation Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at Cisco and/or its affiliates. All rights reserved. Cisco Public
56 Continue Your Education Technical Seminar Cloud Security unveiled - all aspects of Network, Data-Security, Compliance and Data Leakage Prevention in Cisco Spark Breakout Sessions BRKCOL-2030 Cisco Spark - Cloud and On Premise Security explained Recommended reading Spark Security Whitepaper Spark Firewall Traversal Whitepaper Demos in the Cisco campus Meet the Engineer 1:1 meetings 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 61
57 Thank you
58
59 Appendix
60 Cisco Spark Clients Proxy configuration Config Type CE SparkBoard Spark Windows Spark Mac Spark ios Spark Android Manual Config GPO PAC WPAD 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 65
61 Cisco Spark Clients Proxy Authentication Support Config Type CE SparkBoard Spark Windows Spark Mac Spark ios Spark Android No Auth Basic Digest NTLM Negotiate 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 66
62 Cisco Spark Clients Other Security Features Config Type CE SparkBoard Spark Windows Spark Mac Spark ios Spark Android 802.1X Auth TLS intercept CDP Media over HTTPS Content Sharing over UDP 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 67
63 Hybrid Media Node Internal DMZ Internet HMN 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
64 Expressway Connectors Internal User devices Internal Servers DMZ Internet Expressway C Proxy If customer has proxies we support only No Auth and Basic Authentication, TLS intercept is also supported. Internal User devices Internal Servers DMZ Internet Expressway C If there isn t any proxy we will use HTTPS to send traffic to the Spark cloud Cisco and/or its affiliates. All rights reserved. Cisco Public 69
65 Directory Connector Internal User devices Internal Servers DMZ Internet Proxy If Windows OS is configured for Proxies we will use it and send all traffic there Internal User devices Internal Servers DMZ Internet If there isn t any proxies configured in the systems we will use HTTPS to send traffic to the Spark cloud Cisco and/or its affiliates. All rights reserved. Cisco Public 70
66 Hybrid Data Security Internal User devices Internal Servers DMZ Internet HDS 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 71
67 Hybrid Media Node Media Considerations Source IP Address Destination IP Address Source UDP Ports Destinations UDP Ports Media Type Clients/endpoints Hybrid Media Node Audio Clients/endpoints Hybrid Media Node Video Hybrid Media Node Collaboration Cloud Audio Hybrid Media Node Collaboration Cloud Video Hybrid Media Node Hybrid Media Node , 5006 Voice, Video Hybrid Media Node Hybrid Media Node 5004, Voice, Video 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 72
68 Hybrid Media Node Management Considerations Source Destination Transport Protocol Destinations Ports Destination IP Computer Management Hybrid Media Node TCP 443 Any UDP -> NTP 123 Hybrid Media Node Collaboration Cloud UDP -> DNS 53 Any TCP -> HTTPS 444 Hybrid Media Node Hybrid Media Node TCP -> HTTPS 5000 Any Hybrid Media Node Collaboration Cloud TCP -> HTTPS 443 *.wbx2.com *.idbroker.webex.com 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 73
69 Cisco Spark Port Usage Summary (Endpoints -> Cloud Direction Shown) Source IP Address Destination IP Address Source UDP Ports Destinations UDP Ports Recommended DSCP Media Type Clients/endpoints Collaboration Cloud EF Audio Clients/endpoints Collaboration Cloud AF41 Video Clients/endpoints Hybrid Media Node EF Audio Clients/endpoints Hybrid Media Node AF41 Video Hybrid Media Node Collaboration Cloud EF Audio Hybrid Media Node Collaboration Cloud AF41 Video 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 74
70
BRKCOL-2030 Cisco Spark Cloud and On Premise Security Explained
Cisco Spark Cloud and On Premise Security Explained Tony Mulchrone Technical Marketing Engineer Cisco Collaboration Technology Group Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker
More informationCisco Spark Tech Ops and Security Frequently Asked Questions (FAQs)
Cisco Spark Tech Ops and Security Frequently Asked Questions (FAQs) First Published: November 3, 2017 Last Updated: November 3, 2017 Question: Can Cisco provide a detailed Cisco Spark architecture diagram?
More informationNew methods to protect the network. Deeper visibility with Cisco NGFW Next Generation Firewall
New methods to protect the network. Deeper visibility with Cisco NGFW Next Generation Firewall Claudiu Onisoru, Senior Network Specialist Cisco Connect - 15 May 2014 1 Agenda Frontal Communication: Who
More informationBRKCOC-2399 Inside Cisco IT: Integrating Spark with existing large deployments
Inside Cisco IT: Integrating Spark with existing large deployments Jan Seynaeve, Sr. Collaborations Engineer Luke Clifford, Sr. Collaborations Engineer Cisco Spark How Questions? Use Cisco Spark to communicate
More informationCloud Mobility: Meraki Wireless & EMM
BRKEWN-2002 Cloud Mobility: Meraki Wireless & EMM Emily Sporl Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile
More informationNext generation branch with SD-WAN and NFV
Next generation branch with SD-WAN and NFV Kiran Ghodgaonkar, Senior Manager, Enterprise Marketing Mani Ganeson, Senior Product Manager PSOCRS-2004 @ghodgaonkar Cisco Spark How Questions? Use Cisco Spark
More informationExamTorrent. Best exam torrent, excellent test torrent, valid exam dumps are here waiting for you
ExamTorrent http://www.examtorrent.com Best exam torrent, excellent test torrent, valid exam dumps are here waiting for you Exam : 400-251 Title : CCIE Security Written Exam (v5.0) Vendor : Cisco Version
More informationBIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0
BIG-IP Access Policy Manager : Secure Web Gateway Version 13.0 Table of Contents Table of Contents BIG-IP APM Secure Web Gateway Overview...9 About APM Secure Web Gateway... 9 About APM benefits for web
More informationCloud-Ready WAN For IAAS & SaaS With Cisco s Next- Gen SD-WAN
BRKCRS-2113 Cloud-Ready WAN For IAAS & SaaS With Cisco s Next- Gen SD-WAN Sumanth Kakaraparthi Product Leader SD-WAN Manan Shah Director Of Product Management Cisco Spark How Questions? Use Cisco Spark
More informationRouting Underlay and NFV Automation with DNA Center
BRKRST-1888 Routing Underlay and NFV Automation with DNA Center Prakash Rajamani, Director, Product Management Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session
More informationDolby Conference Phone 3.1 configuration guide for West
Dolby Conference Phone 3.1 configuration guide for West 17 January 2017 Copyright 2017 Dolby Laboratories. All rights reserved. For information, contact: Dolby Laboratories, Inc. 1275 Market Street San
More informationConfiguration Guide. BlackBerry UEM. Version 12.9
Configuration Guide BlackBerry UEM Version 12.9 Published: 2018-07-16 SWD-20180713083904821 Contents About this guide... 8 Getting started... 9 Configuring BlackBerry UEM for the first time...9 Configuration
More informationAlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment
BRKPAR-2488 AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment Edy Almer How to Secure and Automate Your Heterogeneous Cisco Environment Yogesh Kaushik, Senior Director Cisco Doug
More informationCato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief
Cato Cloud Software-defined and cloud-based secure enterprise network Solution Brief Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise Cato Networks: Software-defined and Cloud-based
More informationDATACENTER MANAGEMENT Goodbye ADFS, Hello Modern Authentication! Osman Akagunduz
Goodbye ADFS, Hello Modern Authentication! Osman Akagunduz Osman Akagunduz Consultant @ InSpark Microsoft Country Partner Of The Year Twitter: @Osman_Akagunduz What s in this session The role of Azure
More informationCybersecurity Roadmap: Global Healthcare Security Architecture
SESSION ID: TECH-W02F Cybersecurity Roadmap: Global Healthcare Security Architecture Nick H. Yoo Chief Security Architect Disclosure No affiliation to any vendor products No vendor endorsements Products
More informationSecurity Guide Zoom Video Communications Inc.
Zoom unifies cloud video conferencing, simple online meetings, group messaging, and a softwaredefined conference room solution into one easy-to-use platform. Zoom offers the best video, audio, and wireless
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationBlackBerry UEM Configuration Guide
BlackBerry UEM Configuration Guide 12.9 2018-11-05Z 2 Contents Getting started... 7 Configuring BlackBerry UEM for the first time... 7 Configuration tasks for managing BlackBerry OS devices... 9 Administrator
More informationHybrid Identity de paraplu in de cloud
EXPERTS LIVE SUMMER NIGHT Hybrid Identity de paraplu in de cloud Robbert van der Zwan TSP EM+S Netherlands EXPERTS LIVE SUMMER NIGHT Robbert van der Zwan Robbert works as an Enterprise Mobility and Security
More informationSingle Sign-On Showdown
Single Sign-On Showdown ADFS vs Pass-Through Authentication Max Fritz Solutions Architect SADA Systems #ITDEVCONNECTIONS Azure AD Identity Sync & Auth Timeline 2009 2012 DirSync becomes Azure AD Sync 2013
More informationTetration Hands-on Lab from Deployment to Operations Support
LTRACI-2184 Tetration Hands-on Lab from Deployment to Operations Support Furong Gisiger, Solutions Architect Lawrence Zhu, Sr. Solutions Architect Cisco Spark How Questions? Use Cisco Spark to communicate
More informationGet Hands On With DNA Center APIs for Managing Intent
DEVNET-3620 Get Hands On With DNA Center APIs for Managing Intent Adam Radford Distinguished Systems Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session
More informationUser Identity Sources
The following topics describe Firepower System user identity sources, which are sources for user awareness. These users can be controlled with identity and access control policies: About, on page 1 The
More informationDelivering Integrated Cyber Defense for the Cloud Generation Darren Thomson
Delivering Integrated Cyber Defense for the Generation Darren Thomson Vice President & CTO, EMEA Region Symantec In 2009 there were 2,361,414 new piece of malware created. In 2015 that number was 430,555,582
More informationConfiguration Guide. BlackBerry UEM. Version 12.7 Maintenance Release 2
Configuration Guide BlackBerry UEM Version 12.7 Maintenance Release 2 Published: 2017-12-04 SWD-20171130134721747 Contents About this guide... 8 Getting started... 9 Configuring BlackBerry UEM for the
More informationADC im Cloud - Zeitalter
ADC im Cloud - Zeitalter Applikationsdienste für Hybrid-Cloud- und Microservice-Szenarien Ralf Sydekum, SE Manager DACH, F5 Networks GmbH Some of the Public Cloud Related Questions You May Have.. It s
More informationCisco SD-WAN (Viptela) Migration, QoS and Advanced Policies Hands-on Lab
Cisco SD-WAN (Viptela) Migration, QoS and Advanced Policies Hands-on Lab Ali Shaikh Technical Leader Faraz Shamim Sr. Technical Leader Mossaddaq Turabi Distinguished ENgineer Cisco Spark How Questions?
More informationSAP Security in a Hybrid World. Kiran Kola
SAP Security in a Hybrid World Kiran Kola Agenda Cybersecurity SAP Cloud Platform Identity Provisioning service SAP Cloud Platform Identity Authentication service SAP Cloud Connector & how to achieve Principal
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats You have a mandate to build and secure a network that supports ongoing innovation Mobile access Social collaboration Public / private hybrid
More informationCato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN
Cato Cloud Software-defined and Cloud-based Secure Enterprise Network Solution Brief NETWORK + SECURITY IS SIMPLE AGAIN Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise The
More information2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1
2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 Cisco AnyConnect as a Service György Ács Regional Security Consultant Mobile User Challenges Mobile and Security Services Web Security
More informationCisco ASA Next-Generation Firewall Services
Q&A Cisco ASA Next-Generation Firewall Services Q. What are Cisco ASA Next-Generation Firewall Services? A. Cisco ASA Next-Generation Firewall Services are a modular security service that extends the Cisco
More informationResilient WAN and Security for Distributed Networks with Cisco Meraki MX
Resilient WAN and Security for Distributed Networks with Cisco Meraki MX Daghan Altas, Director of Product Management BRKSEC-2900 Agenda Problem Cisco CNG Live network creation demo (45m) Product Brief
More informationSRX als NGFW. Michel Tepper Consultant
SRX als NGFW Michel Tepper Consultant Firewall Security Challenges Organizations are looking for ways to protect their assets amidst today s ever-increasing threat landscape. The latest generation of web-based
More informationForeScout Extended Module for VMware AirWatch MDM
ForeScout Extended Module for VMware AirWatch MDM Version 1.7.2 Table of Contents About the AirWatch MDM Integration... 4 Additional AirWatch Documentation... 4 About this Module... 4 How it Works... 5
More informationPrecisionAccess Trusted Access Control
Data Sheet PrecisionAccess Trusted Access Control Defeats Cyber Attacks Credential Theft: Integrated MFA defeats credential theft. Server Exploitation: Server isolation defeats server exploitation. Compromised
More informationConfigure Mobile and Remote Access
Mobile and Remote Access Overview, on page 1 Mobile and Remote Access Prerequisites, on page 3 Mobile and Remote Access Configuration Task Flow, on page 4 Mobile and Remote Access Overview Cisco Unified
More informationMost Common Security Threats (cont.)
Most Common Security Threats (cont.) Denial of service (DoS) attack Distributed denial of service (DDoS) attack Insider attacks. Any examples? Poorly designed software What is a zero-day vulnerability?
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationIdentity Based Network Access
Identity Based Network Access Identity Based Network Access - Agenda What are my issues Cisco ISE Power training What have I achieved What do I want to do What are the issues? Guest Student Staff Contractor
More informationPolicing The Borderless Network: Integrating Web Security
Policing The Borderless Network: Integrating Web Security Hrvoje Dogan Consulting Systems Engineer, Security March 16, 2012 2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 About Cisco
More informationCitrix SD-WAN for Optimal Office 365 Connectivity and Performance
Solution Brief Citrix SD-WAN for Optimal Office 365 Connectivity and Performance Evolving Needs for WAN Network Architecture Enterprise networks have historically been architected to provide users access
More informationFirewalls for Secure Unified Communications
Firewalls for Secure Unified Communications Positioning Guide 2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 12 Firewall protection for call control
More informationThe following topics provide more information on user identity. Establishing User Identity Through Passive Authentication
You can use identity policies to collect user identity information from connections. You can then view usage based on user identity in the dashboards, and configure access control based on user or user
More informationCisco Next Generation Firewall Services
Toronto,. CA May 30 th, 2013 Cisco Next Generation Firewall Services Eric Kostlan Cisco Technical Marketing 2011 2012 Cisco and/or its affiliates. All rights reserved. Cisco Connect 1 Objectives At the
More informationWHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365
WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365 Airwatch Support for Office 365 One of the most common questions being asked by many customers recently is How does AirWatch support Office 365? Customers often
More informationCyberP3i Course Module Series
CyberP3i Course Module Series Spring 2017 Designer: Dr. Lixin Wang, Associate Professor Firewall Configuration Firewall Configuration Learning Objectives 1. Be familiar with firewalls and types of firewalls
More informationPolycom RealPresence Access Director System
Release Notes Polycom RealPresence Access Director System 4.0 June 2014 3725-78700-001D Polycom announces the release of the Polycom RealPresence Access Director system, version 4.0. This document provides
More informationCisco Spark Hybrid Media Service
BRKCOL-1120 Cisco Spark Hybrid Media Service Richard Murphy Technical Marketing Engineer ricmurph@cisco.com Abstract Cisco Spark is a constantly evolving cloud platform with innovation happening in the
More informationICE / TURN / STUN Tutorial
BRKCOL-2986 ICE / TURN / STUN Tutorial Kristof Van Coillie, Technical Leader, Services Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationGuide to Deploying VMware Workspace ONE. VMware Identity Manager VMware AirWatch 9.1
Guide to Deploying VMware Workspace ONE VMware Identity Manager 2.9.1 VMware AirWatch 9.1 Guide to Deploying VMware Workspace ONE You can find the most up-to-date technical documentation on the VMware
More informationCisco s Appliance-based Content Security: IronPort and Web Security
Cisco s Appliance-based Content Security: IronPort E-mail and Web Security Hrvoje Dogan Consulting Systems Engineer, Security, Emerging Markets East 2010 Cisco and/or its affiliates. All rights reserved.
More informationAKAMAI WHITE PAPER. Enterprise Application Access Architecture Overview
AKAMAI WHITE PAPER Enterprise Application Access Architecture Overview Enterprise Application Access Architecture Overview 1 Providing secure remote access is a core requirement for all businesses. Though
More informationBorderless Networks. Tom Schepers, Director Systems Engineering
Borderless Networks Tom Schepers, Director Systems Engineering Agenda Introducing Enterprise Network Architecture Unified Access Cloud Intelligent Network & Unified Services Enterprise Networks in Action
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationCisco AnyConnect Secure Mobility Solution. György Ács Regional Security Consultant
Cisco AnyConnect Secure Mobility Solution György Ács Regional Security Consultant Mobile User Challenges Mobile and Security Services Web Security Deployment Methods Live Q&A 2011 Cisco and/or its affiliates.
More informationAT&T SD-WAN Network Based service quick start guide
AT&T SD-WAN Network Based service quick start guide After you order your AT&T SD-WAN Network Based service, you can: Create administrator accounts Log in to the SD-WAN orchestrator Configure business policy
More informationPSOACI Tetration Overview. Mike Herbert
Tetration Overview Mike Herbert Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join the Discussion
More informationIntroduction. The Safe-T Solution
Secure Application Access Product Brief Contents Introduction 2 The Safe-T Solution 3 How It Works 3 Capabilities 4 Benefits 5 Feature List 6 6 Introduction As the world becomes much more digital and global,
More informationExam : Title : Security Solutions for Systems Engineers. Version : Demo
Exam : 642-566 Title : Security Solutions for Systems Engineers Version : Demo 1. Which one of the following elements is essential to perform events analysis and correlation? A. implementation of a centralized
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationCisco Spark Hybrid Media service
Cisco Spark Hybrid Media service Richard Murphy Technical Marketing Engineer Abstract Cisco Spark is a constantly evolving cloud platform with innovation happening in the cloud and on the Cisco Spark app.
More informationSecurity in Bomgar Remote Support
Security in Bomgar Remote Support 2018 Bomgar Corporation. All rights reserved worldwide. BOMGAR and the BOMGAR logo are trademarks of Bomgar Corporation; other trademarks shown are the property of their
More informationPSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco
PSOACI-4592 Why ACI: An overview and a customer (BBVA) perspective TJ Bijlsma César Martinez Joaquin Crespo Technology Officer DC EMEAR Cisco Lead Architect BBVA Lead Architect BBVA Cisco Spark How Questions?
More informationImplementing Cisco Network Security (IINS) 3.0
Implementing Cisco Network Security (IINS) 3.0 COURSE OVERVIEW: Implementing Cisco Network Security (IINS) v3.0 is a 5-day instructor-led course focusing on security principles and technologies, using
More informationCisco Plug and Play Feature Guide Cisco Services. Cisco Plug and Play Feature Guide Cisco and/or its affiliates.
Cisco Services TABLE OF CONTENTS Configuring Cisco Plug and Play... 14 Contents Introduction... 3 Cisco Plug and Play Components... 3 Plug-n-Play Agent... 3 Key Benefits... 4 Plug and Play Server... 4
More informationDeploy Avi Vantage with Microsoft Lync 2013
Page 1 of 5 Deploy Avi Vantage with Microsoft Lync 2013 view online Deploy Avi Vantage with Microsoft Lync 2013 Microsoft Lync 2013 is a unified munications platform for the enterprise. Lync provides instant
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationCAN MICROSOFT HELP MEET THE GDPR
CAN MICROSOFT HELP MEET THE GDPR REQUIREMENTS? Danny Uytgeerts Microsoft 365 TSP / P-Seller Privacy Consultant (certified DPO) Member of DPO-Pro (Professional association of Belgian DPOs) danny.uytgeerts@realdolmen.com
More informationGLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications
GLOBALPROTECT Prevent Breaches and Secure the Mobile Workforce GlobalProtect extends the protection of Palo Alto Networks Next-Generation Security Platform to the members of your mobile workforce, no matter
More informationCloud-Managed Security for Distributed Networks with Cisco Meraki MX
Cloud-Managed Security for Distributed Networks with Cisco Meraki MX Joe Aronow, Product Architect Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this
More informationVendor: Cisco. Exam Code: Exam Name: Implementing Cisco Threat Control Solutions. Version: Demo
Vendor: Cisco Exam Code: 300-207 Exam Name: Implementing Cisco Threat Control Solutions Version: Demo DEMO QUESTION 1 When learning accept mode is set to auto, and the action is set to rotate, when is
More informationISE Primer.
ISE Primer www.ine.com Course Overview Designed to give CCIE Security candidates an intro to ISE and some of it s features. Not intended to be a complete ISE course. Some topics are not discussed. Provides
More informationCloud Customer Architecture for Securing Workloads on Cloud Services
Cloud Customer Architecture for Securing Workloads on Cloud Services http://www.cloud-council.org/deliverables/cloud-customer-architecture-for-securing-workloads-on-cloud-services.htm Webinar April 19,
More informationCato Cloud. Global SD-WAN with Built-in Network Security. Solution Brief. Cato Cloud Solution Brief. The Future of SD-WAN. Today.
Cato Cloud Global SD-WAN with Built-in Network Security Solution Brief 1 Legacy WAN and Security Appliances are Incompatible with the Modern Enterprise The rise of cloud applications and mobile workforces
More informationServiceability of SD-WAN
BRKCRS-2112 Serviceability of SD-WAN Chandrabalaji Rajaram & Ali Shaikh Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live
More informationHybrid Cloud Automation using Cisco CloudCenter API
Hybrid Cloud Automation using Cisco CloudCenter API Ray Doerr, Advanced Services Engineer Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session
More informationGo mobile. Stay in control.
Go mobile. Stay in control. Enterprise Mobility + Security Jeff Alexander Sr. Technical Evangelist http://about.me/jeffa36 Mobile-first, cloud-first reality 63% 80% 0.6% Data breaches Shadow IT IT Budget
More informationComprehensive datacenter protection
Comprehensive datacenter protection There are several key drivers that are influencing the DDoS Protection market: DDoS attacks are increasing in frequency DDoS attacks are increasing in size DoS attack
More informationNSG100 Nebula Cloud Managed Security Gateway
Managed Security Gateway The Zyxel Nebula Cloud Managed Security Gateway is built with remote management and ironclad security for organizations with growing numbers of distributed sites. With the extensive
More informationCisco TelePresence Conductor with Cisco Unified Communications Manager
Cisco TelePresence Conductor with Cisco Unified Communications Manager Deployment Guide TelePresence Conductor XC4.0 Unified CM 10.5(2) January 2016 Contents Introduction 6 About this document 6 Related
More informationUnderstanding HTTPS to Decrypt it
Understanding HTTPS to Decrypt it James Everett Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this session in the Cisco Live Mobile App 2. Click Join
More informationOffice 365 and Azure Active Directory Identities In-depth
Office 365 and Azure Active Directory Identities In-depth Jethro Seghers Program Director SkySync #ITDEVCONNECTIONS ITDEVCONNECTIONS.COM Agenda Introduction Identities Different forms of authentication
More informationWORKPLACE Data Leak Prevention: Keeping your sensitive out of the public domain. Frans Oudendorp Ronny de Jong
Data Leak Prevention: Keeping your sensitive out of the public domain Frans Oudendorp Ronny de Jong Session objectives & takeaways Session objectives: Overview of information protection solutions How to
More informationVeloCloud Cloud-Delivered WAN Fast. Simple. Secure. KUHN CONSULTING GmbH
VeloCloud Cloud-Delivered WAN Fast. Simple. Secure. 1 Agenda 1. Overview and company presentation 2. Solution presentation 3. Main benefits to show to customers 4. Deployment models 2 VeloCloud Company
More informationMobile and Remote Access Through Cisco Expressway
Mobile and Remote Access Through Cisco Expressway Deployment Guide First Published: April 2014 Last Updated: April 2016 Cisco Expressway X8.7 Cisco Unified CM 9.1(2)SU1 or later Cisco Systems, Inc. www.cisco.com
More informationCisco TelePresence Conductor with Cisco Unified Communications Manager
Cisco TelePresence Conductor with Cisco Unified Communications Manager Deployment Guide XC2.2 Unified CM 8.6.2 and 9.x D14998.09 Revised March 2014 Contents Introduction 4 About this document 4 Further
More informationDEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise
DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION
More informationGuide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1
Guide to Deploying VMware Workspace ONE DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1 You can find the most up-to-date technical documentation on the VMware website at: https://docs.vmware.com/
More informationSECURITY & NETWORK WHITEPAPER
SECURITY & NETWORK WHITEPAPER Introduction With Mosaic Hub, teams in different locations can work together in realtime in a collaborative workspace like as if they're all in the same room. Mosaic brings
More informationThreat Centric Network Security
BRKSEC-2056 Threat Centric Network Security Ted Bedwell, Principal Engineer Network Threat Defence Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this
More informationO365 Solutions. Three Phase Approach. Page 1 34
O365 Solutions Three Phase Approach msfttechteam@f5.com Page 1 34 Contents Use Cases... 2 Use Case One Advanced Traffic Management for WAP and ADFS farms... 2 Use Case Two BIG-IP with ADFS-PIP... 3 Phase
More informationP ART 3. Configuring the Infrastructure
P ART 3 Configuring the Infrastructure CHAPTER 8 Summary of Configuring the Infrastructure Revised: August 7, 2013 This part of the CVD section discusses the different infrastructure components that are
More informationOn the Internet, nobody knows you re a dog.
On the Internet, nobody knows you re a dog. THREATS TO DISTRIBUTED APPLICATIONS 1 Jane Q. Public Big Bank client s How do I know I am connecting to my bank? server s Maybe an attacker...... sends you phishing
More informationUnderstanding Traffic Decryption
The following topics provide an overview of SSL inspection, describe the prerequisites for SSL inspection configuration, and detail deployment scenarios. Traffic Decryption Overview, page 1 SSL Handshake
More informationVMware Workspace ONE Quick Configuration Guide. VMware AirWatch 9.1
VMware Workspace ONE Quick Configuration Guide VMware AirWatch 9.1 A P R I L 2 0 1 7 V 2 Revision Table The following table lists revisions to this guide since the April 2017 release Date April 2017 June
More informationCisco WebEx Meeting Center Enterprise Deployment Guide for Video Device-Enabled Meetings (WBS31 and WBS32)
Cisco WebEx Meeting Center Enterprise Deployment Guide for Video Device-Enabled Meetings (WBS31 and First Published: 2015-09-23 Last Modified: 2018-03-09 Americas Headquarters Cisco Systems, Inc. 170 West
More informationDeploying OAuth with Cisco Collaboration Solution Release 12.0
White Paper Deploying OAuth with Cisco Collaboration Solution Release 12.0 Authors: Bryan Morris, Kevin Roarty (Collaboration Technical Marketing) Last Updated: December 2017 This document describes the
More informationSobering statistics. The frequency and sophistication of cybersecurity attacks are getting worse.
Sobering statistics The frequency and sophistication of cybersecurity attacks are getting worse. 146 >63% $500B $3.8M The median # of days that attackers reside within a victim s network before detection
More information