Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers
|
|
- Mervyn Blankenship
- 5 years ago
- Views:
Transcription
1 Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers Speaker: Mun Hossain Director of Product Management - Security Business Group Cisco
2 2
3 Any Device to Any Cloud PUBLIC CLOUD HYBRID CLOUD PRIVATE CLOUD 3
4 Enterprise Response Antivirus (Host-Based) IDS/IPS (Network Perimeter) Reputation (Global) and Sandboxing Intelligence and Analytics (Cloud) Worms and Viruses Spyware and Rootkits APTs and Cyberware Increased Attack Surface Threats Tomorrow 4
5 The Advanced Attack Lifecycle PLAN EXPLOIT / ATTACK INFECT / SPREAD STEAL / DISRUPT HACKER Attacker determines possible entry points, formulates a plan of attack Attacker exploits vulnerabilities and delivers its weapon Malware moves laterally through the internal network in search of additional resources and data Attacker takes action on its objectives and exfiltrates data or disrupts systems 5
6 Your Biggest Security Challenges Maintain Security and Compliance as business models change (Agility) Stay ahead of the threat landscape Reduce complexity and fragmentation of security solutions 6
7 Today s Security is Complex and Fragmented WWW CSR ASR SP-1 WWW Global Orchestration WWW CSR SP-2 Multiple Management Paradigms Multiple Identity Stores Isolated Threat Intelligence Inconsistent Enforcement 7
8 Implications for Security Process and Technology BEFORE See it, Control it DURING Intelligent & Context Aware AFTER Retrospective Security Defending Attacks Discovering/Catching Attacks Remediating Attacks Network Endpoint Mobile Virtual Cloud 8
9 Security Functions Mapped to Security Process BEFORE See it, Control it DURING Intelligent & Context Aware AFTER Retrospective Security Defending Attacks Discovering/Catching Attacks Remediating Attacks FIREWALL IPS MALWARE PROTECTION VPN WWW WEB NETWORK ANALYSIS CONTEXT 9
10 Security Functions in the Data Center Traditional Firewall Functions VPN Functions Context Aware Functions IPS Functions Web Functions WWW 10
11 Key Trends for Security in the Data Center Scale: Need for policy enforcement for high speed networks Resiliency: High availability is imperative for applications Expanded Deployment Options: Policy enforcement on inter-dc traffic Segmentation: Policy between specific groups, users, or applications Contextual Analysis: Global and local threat correlation Virtualization: Security for east-west traffic in multi-hypervisor environments 11
12 Key Trends for Security in the Data Center Scale: Need for policy enforcement for high speed networks Resiliency: High availability is imperative for applications Expanded Deployment Options: Policy enforcement on inter-dc traffic Segmentation: Policy between specific groups, users, or applications Contextual Analysis: Global and local threat correlation Virtualization: Security for east-west traffic in multi-hypervisor environments 12
13 TOTAL THROUGHPUT CONCURRENT CONNECTIONS CONNECTIONS / SEC Data Center Scale POWER & SPACE 2013 Cisco and/or its affiliates. All rights reserved. 13
14 Key Trends for Security in the Data Center Scale: Need for policy enforcement for high speed networks Resiliency: High availability is imperative for applications Expanded Deployment Options: Policy enforcement on inter-dc traffic Segmentation: Policy between specific groups, users, or applications Contextual Analysis: Global and local threat correlation Virtualization: Security for east-west traffic in multi-hypervisor environments 14
15 Network Integrated Clustering & Resiliency Integration with DC Switches Technology Integration with VSS, vpc and Fabric Path Benefit Ease of Deployment Solves Asymmetric Traffic Clustered Security Services Using N+1 HA Consistent Scaling Factor Pay as You Grow FW, VPN, IPS Services Linear, Predictable Performance Increase Only Buy What You Need Compliance and Security 15
16 Key Trends for Security in the Data Center Scale: Need for policy enforcement for high speed networks Resiliency: High availability is imperative for applications Expanded Deployment Options: Policy enforcement on inter-dc traffic Segmentation: Policy between specific groups, users, or applications Contextual Analysis: Global and local threat correlation Virtualization: Security for east-west traffic in multi-hypervisor environments 16
17 Symmetric Traffic Patterns in the Data Center Inside Network Outside Network Client Server Security Services Cluster 17
18 Symmetric Traffic Patterns in the Data Center Inside Network Outside Network Client Server Security Services Cluster 18
19 Symmetric Traffic Patterns in the Data Center Inside Network Outside Network Client Server Security Services Cluster 19
20 Asymmetric Traffic Patterns in the Data Center Owner Inside Network Outside Network Client Director Server Forwarder Security Services Cluster 20
21 Asymmetric Traffic Patterns in the Data Center Owner Inside Network Outside Network Client Director Server Forwarder Security Services Cluster 21
22 EXPANDING SECURITY BETWEEN DATA CENTERS Use Cases Disaster Recovery Power outage, catastrophic failure Follow the sun operations Optimization of resources Dynamic Load Distribution Dealing with traffic bursts
23 EXPANDING SECURITY BETWEEN DATA CENTERS Infrastructure Demands Traditional Approach Optimized Approach Simplicity Over- provisioned HW Workload mobility Low Latency High Scale High Availability Manual traffic engineering Static, external stateless LB Siloed HA at different sites no sharing of info Optimize traffic flows to minimize latency Security state maintained with application mobility via CCL Persistent security HA across DC
24 Key Trends for Security in the Data Center Scale: Need for policy enforcement for high speed networks Resiliency: High availability is imperative for applications Expanded Deployment Options: Policy enforcement on inter-dc traffic Segmentation: Policy between specific groups, users, or applications Contextual Analysis: Global and local threat correlation Virtualization: Security for east-west traffic in multi-hypervisor environments 24
25 Unified Context & Network Control TrustSec +ASA TrustSec Overview TrustSec lets you define policy in meaningful business terms Context Classification Business Policy TAG Security Group Tag Destination Source Exec PC Prod HRMS HR Database HR Database Prod HRMS Storage Exec BYOD X X X X X X Distributed Enforcement throughout Network Switch Router DC FW DC Switch 25
26 Key Trends for Security in the Data Center Scale: Need for policy enforcement for high speed networks Resiliency: High availability is imperative for applications Expanded Deployment Options: Policy enforcement on inter-dc traffic Segmentation: Policy between specific groups, users, or applications Contextual Analysis: Global and local threat correlation Virtualization: Security for east-west traffic in multi-hypervisor environments 26
27 Turning Big Data into Threat Intelligence SECURITY SENSOR BASE Broadest range of threat & vulnerability data sources THREAT ANALYTICS Global and local correlation through analytics and human intelligence INTELLIGENCE DELIVERED Contextual Policy with Distributed Enforcement 100TB Context for Data Common Filtration Security Intelligence Policy 150M Faster Heuristics Deployed Threat Engines Detection Endpoints Global Real 13B Time & Local Appliance Data Web Updates Correlation Requests 14M Self- Remediate Learning Deployed Dynamically Algorithms Access Gateways 93B Threat Trust Prevention Daily Modeling By Messages Network 1.6M Perimeter Deployed Human & Cloud Research Delivered Security Devices 27
28 Key Trends for Security in the Data Center Scale: Need for policy enforcement for high speed networks Resiliency: High availability is imperative for applications Expanded Deployment Options: Policy enforcement on inter-dc traffic Segmentation: Policy between specific groups, users, or applications Contextual Analysis: Global and local threat correlation Virtualization: Security for east-west traffic in multi-hypervisor environments 28
29 TRAFFIC TRENDS IN DATA CENTER 76 % 17 % 7% East West Traffic North South Traffic Inter-DC Traffic Source: Cisco Global Cloud Index 2012 by destination
30 TRADITIONAL APPROACH TO TRAFFIC TRENDS DC Core DC Aggregation DC Access Infrastructure Traditional Demands Policy for North-South Approach traffic enforced by firewalls Insert East-West Services Need for Scale Diverse Users/Devices Rapid Provisioning Traffic Hairpinning Over-provision HW Inspection of inter-vm Rules East-West traffic Explosion requires complex traffic steering Manual & Fragmented VM VM VM VM VM VM VM VM
31 APPLICATION TRENDS IN DATA CENTER DYNAMIC WORKLOADS Dynamic Instantiation/Removal Decommission Instantiate Migrate existing new VM HETERGENEOUS IMPLEMENTATION Physical & Virtual DISTRIBUTED DEPLOYMENTS On-Demand Scaling INFRASTRUCTURE INDEPENDENT Transparent to Underlying Network CLOUD-AWARE Migration across public/private clouds
32 APPLICATION TRENDS IN DATA CENTER DYNAMIC WORKLOADS Dynamic Instantiation/Removal Applications on both physical & virtual HETERGENEOUS IMPLEMENTATION Physical & Virtual DISTRIBUTED DEPLOYMENTS On-Demand Scaling INFRASTRUCTURE INDEPENDENT Transparent to Underlying Network CLOUD-AWARE Migration across public/private clouds The adoption rate of server virtualization will reach 21.3% of total servers in 2016.
33 APPLICATION TRENDS IN DATA CENTER DYNAMIC WORKLOADS Dynamic Instantiation/Removal New Applications, Devices & Users HETERGENEOUS IMPLEMENTATION Physical & Virtual DISTRIBUTED DEPLOYMENTS On-Demand Scaling INFRASTRUCTURE INDEPENDENT Transparent to Underlying Network CLOUD-AWARE Migration across public/private clouds
34 APPLICATION TRENDS IN DATA CENTER DYNAMIC WORKLOADS Dynamic Instantiation/Removal oversubscribed underutilized Dynamically Shared Resource Pools HETERGENEOUS IMPLEMENTATION Physical & Virtual Silioed Resources DISTRIBUTED DEPLOYMENTS On-Demand Scaling INFRASTRUCTURE INDEPENDENT Transparent to Underlying Network optimized CLOUD-AWARE Migration across public/private clouds Shared Resource Pools
35 APPLICATION TRENDS IN DATA CENTER DYNAMIC WORKLOADS Dynamic Instantiation/Removal Secure Multi-tenant aware HETERGENEOUS IMPLEMENTATION Physical & Virtual DISTRIBUTED DEPLOYMENTS On-Demand Scaling INFRASTRUCTURE INDEPENDENT CLOUD-AWARE Transparent to Underlying Network Migration across public/private clouds Inter-DC By 2016, 66% of all workloads will be processed in the cloud CISCO GLOBAL CLOUD INDEX
36 KEY REQUIREMENTS TO ADDRESS DC TRENDS Simplified Provisioning Dynamic workloads Centralized Management Physical/Virtual agnostic Dynamic Scaling Dynamic On-Demand Physical + Virtual Location independent Centralized Management Centralized policy for network & security Rapid instantiation based on resource availability Automated Policy Management Dynamic ACL insertion / removal Open Architecture Hypervisor agnostic vswitch compatible Programmable API Multi-tenant aware Application aware 36
37 APPLICATION CENTRIC INFRASTRUCTURE ENABLING APPLICATION VELOCITY Nexus 9500 APIC Nexus 9300 and 9500 Physical Networking Hypervisors and Virtual Networking Compute L4 L7 Services Storage Multi DC WAN and Cloud Nexus 7K ASA Nexus 2K Integrated WAN Edge 37
38 CISCO S APPLICATION CENTRIC INFRASTRUCTURE SECURITY SOLUTION Transparent Integration of Security into Cisco s Application Centric Infrastructure Centralized Infrastructure with Automated Security Policy Management Elastic Scalability across Virtual and Physical Environments 38
39 ACI SECURITY SOLUTION STARTS WITH CISCO ASA VIRTUAL ASA PHYSICAL ASAv Full ASA Feature Set Hypervisor Independent Virtual Switch Agnostic Dynamic Scalability ASA 5585-X 16 Way Clustering with State Synchronization Scalable to 640Gbps 39
40 Application Centric Infrastructure Security Solution AUTOMATED PROVISIONING ASA WEB APP LB ASA LB LB APP APP APP DB Extensible Scripting Model CONNECTIVIT Y POLICY SLA QoS APIC SECURITY POLICIES Security Load Balancing QOS APPLICATIO N L4..7 SERVICES STORAGE AND COMPUTE APP PROFILE ASA HYPERVISOR HYPERVISOR HYPERVISOR ASA ASAv ASAv APP ASAv APP
41 Application Centric Infrastructure Security Solution DYNAMIC SCALING ASAv enforcing policy between App Tier & Web Tier ASAv enforcing policy between Apps inter-vm ASAv enforcing policy across web resource pool
42 Application Centric Infrastructure Security Solution AUTOMATED POLICY LIFECYCLE MANAGEMENT Marketing Connection accesses to App1 ACL for Firewall connection ACLs App Decommissioned 12 in Data Center Dynamically Connection Removed to App 12 Clients from Marketing Endpoint Group App Tier in DC permit tcp host host eq 80 permit tcp host host eq 443 permit tcp host host eq 80 permit tcp host host eq 443 permit tcp host host eq 80 permit tcp host host eq 443 permit tcp host host eq 80 permit tcp host host eq /24 (client ) HTTP/HTTPS Servers ( , )
43 EVOLUTION OF VPN IN THE DATA CENTER Deployment Traditional Agility using HW VPN based in VPN ASAv SSL to Public Cloud Operational Impact MED IPSec to Data Center SSL to Private Cloud Deployment Complexity $$ IPSec to Teleworker IPSec to Remote Office Deployment Cost Wk Enterprises should expect an average yearly increase of ~20% in SSL traffic NSS Clientless SSL to Handheld Deployment Time
44 Application Centric Infrastructure Security Solution OPEN ARCHITECTURE Hypervisor Support Orchestration Frameworks Management System CSM PNSC READ / WRITE SOUTHBOUND API MULTI-TENANT AND APPLICATION AWARE PUBLISHED DEVICE MGMT PACKAGE FOR ACI STANDARDS COMPLIANT MONITORING FEATURES Built on top of Industry Leading Data Center Security Platform
45 CISCO SECURITY INTEGRATED INTO ACI PROVISIONING Simplified Service Chaining Dynamic Policy Management Rapid Instantiation PERFORMANCE On Demand Scalability Increased Clustering Size Multi-Site Clustering PROTECTION Integrated Security and Consistent Policy Enforcement (Physical & Virtual) Active Monitoring & Comprehensive Diagnostics for Threat Mitigation 45
46 The Network and Security: Synergies Drive Value Scales Enforcement Consistent, End-to-end Security Policy Enforcement Mobility and BYOD Accelerator / Enabler Network Accelerates Detection Security Aggregates Unique Context Data Center Service Clustering Delivers Unmatched Scale Automated Network Re-direction Rich Data Sets Accelerate Threat Detection 46
47
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric
More informationSegmentation. Threat Defense. Visibility
Segmentation Threat Defense Visibility Establish boundaries: network, compute, virtual Enforce policy by functions, devices, organizations, compliance Control and prevent unauthorized access to networks,
More informationData Center Security. Fuat KILIÇ Consulting Systems
Data Center Security Fuat KILIÇ Consulting Systems Engineer @Security Data Center Evolution WHERE ARE YOU NOW? WHERE DO YOU WANT TO BE? Traditional Data Center Virtualized Data Center (VDC) Virtualized
More informationDEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise
DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION
More informationSDN Security BRKSEC Alok Mittal Security Business Group, Cisco
SDN Security Alok Mittal Security Business Group, Cisco Security at the Speed of the Network Automating and Accelerating Security Through SDN Countering threats is complex and difficult. Software Defined
More informationGet Your Datacenter SDN Ready. Ahmad Chehime Cisco ACI Strategic Product Sales Specialist SPSS Emerging Region
Get Your Datacenter SDN Ready Ahmad Chehime Cisco ACI Strategic Product Sales Specialist SPSS Emerging Region AGENDA Data Center Trends, Priorities, Concerns What Problems Are we Trying to Solve? Cisco
More informationTitle DC Automation: It s a MARVEL!
Title DC Automation: It s a MARVEL! Name Nikos D. Anagnostatos Position Network Consultant, Network Solutions Division Classification ISO 27001: Public Data Center Evolution 2 Space Hellas - All Rights
More informationCisco CloudCenter Solution with Cisco ACI: Common Use Cases
Cisco CloudCenter Solution with Cisco ACI: Common Use Cases Cisco ACI increases network security, automates communication policies based on business-relevant application requirements, and decreases developer
More informationCisco Cloud Application Centric Infrastructure
Cisco Cloud Application Centric Infrastructure About Cisco cloud application centric infrastructure Cisco Cloud Application Centric Infrastructure (Cisco Cloud ACI) is a comprehensive solution for simplified
More informationThe Next Opportunity in the Data Centre
The Next Opportunity in the Data Centre Application Centric Infrastructure Soni Jiandani Senior Vice President, Cisco THE NETWORK IS THE INFORMATION BROKER FOR ALL APPLICATIONS Applications Are Changing
More informationDeploying Cloud Network Services Prime Network Services Controller (formerly VNMC)
Deploying Cloud Network Services Prime Network Services Controller (formerly VNMC) Dedi Shindler - Sr. Manager Product Management Cloud System Management Technology Group Cisco Agenda Trends Influencing
More informationSECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011
SECURING THE NEXT GENERATION DATA CENTER Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011 JUNIPER SECURITY LEADERSHIP Market Leadership Data Center with High-End
More informationIntelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales
Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales The Industrialization of Hacking Sophisticated Attacks, Complex Landscape Hacking Becomes an Industry Phishing,
More informationAgile Security Solutions
Agile Security Solutions Piotr Linke Security Engineer CISSP CISA CRISC CISM Open Source SNORT 2 Consider these guys All were smart. All had security. All were seriously compromised. 3 The Industrialization
More informationKey Security Measures to Enable Next-Generation Data Center Transformation
Key Security Measures to Enable Next-Generation Data Center Transformation Bill McGee Senior Manager, Security Solutions Cisco Systems, Inc. Agenda Data Center Security Challenges Secure DC Strategies
More informationCisco SDN 解决方案 ACI 的基本概念
Cisco SDN 解决方案 ACI 的基本概念 Presented by: Shangxin Du(@shdu)-Solution Support Engineer, Cisco TAC Aug 26 th, 2015 2013 Cisco and/or its affiliates. All rights reserved. 1 Type Consumption Delivery Big data,
More informationIntuit Application Centric ACI Deployment Case Study
Intuit Application Centric ACI Deployment Case Study Joon Cho, Principal Network Engineer, Intuit Lawrence Zhu, Solutions Architect, Cisco Agenda Introduction Architecture / Principle Design Rollout Key
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationCisco Virtual Networking Solution Nexus 1000v and Virtual Services. Abhishek Mande Engineer
Cisco Virtual Networking Solution Nexus 1000v and Virtual Services Abhishek Mande Engineer mailme@cisco.com Agenda Application requirements in virtualized DC The Anatomy of Nexus 1000V Virtual Services
More informationNetwork Virtualization Business Case
SESSION ID: GPS2-R01 Network Virtualization Business Case Arup Deb virtual networking & security VMware NSBU adeb@vmware.com I. Data center security today Don t hate the player, hate the game - Ice T,
More informationCisco Unified Data Center Strategy
Cisco Unified Data Center Strategy How can IT enable new business? Holger Müller Technical Solutions Architect, Cisco September 2014 My business is rapidly changing and I need the IT and new technologies
More informationThe threat landscape is constantly
A PLATFORM-INDEPENDENT APPROACH TO SECURE MICRO-SEGMENTATION Use Case Analysis The threat landscape is constantly evolving. Data centers running business-critical workloads need proactive security solutions
More informationSecuring the Software-Defined Data Center
Securing the Software-Defined Data Center The future of the data center is software defined Key Advantages McAfee Network Platform 8.4 Delivers best-in-class IPS security across physical and softwaredefined
More informationCloud Native Security. OpenShift Commons Briefing
Cloud Native Security OpenShift Commons Briefing Amir Sharif Co-Founder amir@aporeto.com Cloud Native Applications Challenge Security Change Frequency x 10x 100x 1,000x Legacy (Pets) Servers VMs Cloud
More informationF5 Synthesis Information Session. April, 2014
F5 Synthesis Information Session April, 2014 Agenda Welcome and Introduction to Customer Technology Challenges Software Defined Application Services Reference Architectures for Today s Customer Challenges
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats You have a mandate to build and secure a network that supports ongoing innovation Mobile access Social collaboration Public / private hybrid
More informationThe Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec
The Virtualisation Security Journey: Beyond Endpoint Security with VMware and Symantec James Edwards Product Marketing Manager Dan Watson Senior Systems Engineer Disclaimer This session may contain product
More informationThe Need In today s fast-paced world, the growing demand to support a variety of applications across the data center and help ensure the compliance an
Solution Overview Cisco ACI and AlgoSec Solution: Enhanced Security Policy Visibility and Change, Risk, and Compliance Management With the integration of AlgoSec into the Cisco Application Centric Infrastructure
More informationCisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002
Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002 Agenda Joint Cisco and Microsoft Integration Efforts Introduction to CCA-MCP What is a Pattern?
More informationService Insertion with ACI using F5 iworkflow
Service Insertion with ACI using F5 iworkflow Gert Wolfis F5 EMEA Cloud SE October 2016 Agenda F5 and Cisco ACI Joint Solution Cisco ACI L4 L7 Service Insertion Overview F5 and Cisco ACI Integration Models
More informationService Provider Security Architecture
Service Provider Security Architecture Andrew Turner Technical Marketing, Security Business Group April 12 th 2017 Digitization is disrupting the SP business The world has gone mobile Traffic growth, driven
More informationHybrid Cloud Solutions
Hybrid Cloud Solutions with Cisco and Microsoft Innovation Rob Tappenden, Technical Solution Architect rtappend@cisco.com March 2016 Today s industry and business challenges Industry Evolution & Data Centres
More information2018 Cisco and/or its affiliates. All rights reserved.
Beyond Data Center A Journey to self-driving Data Center with Analytics, Intelligent and Assurance Mohamad Imaduddin Systems Engineer Cisco Oct 2018 App is the new Business Developer is the new Customer
More informationCisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack
White Paper Cisco Application Centric Infrastructure and Microsoft SCVMM and Azure Pack Introduction Cisco Application Centric Infrastructure (ACI) is a next-generation data center fabric infrastructure
More informationOsynlig infrastruktur i datacentret med inbyggd säkerhet och resursoptimering.
Osynlig infrastruktur i datacentret med inbyggd säkerhet och resursoptimering. Joel Lindberg Nutanix Build and Manage Daniel Dale varmour Secure and visibility Karl Barton VMTurbo Demand driven control
More informationModelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer
Modelos de Negócio na Era das Clouds André Rodrigues, Cloud Systems Engineer Agenda Software and Cloud Changed the World Cisco s Cloud Vision&Strategy 5 Phase Cloud Plan Before Now From idea to production:
More informationSTRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview
STRATEGIC WHITE PAPER Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview Abstract Cloud architectures rely on Software-Defined Networking
More informationPassit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers
Passit4Sure.500-265 (50Q) Number: 500-265 Passing Score: 800 Time Limit: 120 min File Version: 5.8 Cisco 500-265 Advanced Security Architecture for System Engineers Today is big day for me as I passed
More informationBuilding Private Cloud Infrastructure
Building Private Cloud Infrastructure Matthias Wessendorf Consulting Systems Engineer 20.11.2014 Cloud == FOG?? 3 The Path to Data Center Transformation Application- Based Silos Zones of Virtualization
More informationCisco Enterprise Cloud Suite Overview Cisco and/or its affiliates. All rights reserved.
Cisco Enterprise Cloud Suite Overview 2015 Cisco and/or its affiliates. All rights reserved. 1 CECS Components End User Service Catalog SERVICE PORTAL Orchestration and Management UCS Director Application
More informationVM-SERIES FOR VMWARE VM VM
SERIES FOR WARE Virtualization technology from ware is fueling a significant change in today s modern data centers, resulting in architectures that are commonly a mix of private, public or hybrid cloud
More informationAWS Reference Design Document
AWS Reference Design Document Contents Overview... 1 Amazon Web Services (AWS), Public Cloud and the New Security Challenges... 1 Security at the Speed of DevOps... 2 Securing East-West and North-South
More informationA Unified Threat Defense: The Need for Security Convergence
A Unified Threat Defense: The Need for Security Convergence Udom Limmeechokchai, Senior system Engineer Cisco Systems November, 2005 1 Agenda Evolving Network Security Challenges META Group White Paper
More informationDisclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme
SAI2803BU The Road to Micro- Segmentation with VMware NSX #VMworld #SAI2803BU Disclaimer This presentation may contain product features that are currently under development. This overview of new technology
More informationCisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer
Cisco Next Generation Firewall and IPS Dragan Novakovic Security Consulting Systems Engineer Cisco ASA with Firepower services Cisco TALOS - Collective Security Intelligence Enabled Clustering & High Availability
More information5 STEPS TO BUILDING ADVANCED SECURITY IN SOFTWARE- DEFINED DATA CENTERS
5 STEPS TO BUILDING ADVANCED SECURITY IN SOFTWARE- DEFINED DATA CENTERS INTRODUCTION The modern data center is rapidly evolving. Virtualization is paving the way to the private cloud, enabling applications
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization Changing Business Models Any Device
More information1V0-642.exam.30q.
1V0-642.exam.30q Number: 1V0-642 Passing Score: 800 Time Limit: 120 min 1V0-642 VMware Certified Associate 6 Network Visualization Fundamentals Exam Exam A QUESTION 1 Which is NOT a benefit of virtualized
More informationWHITE PAPER OCTOBER VMWARE NSX WITH CHECK POINT vsec. Enhancing Micro-Segmentation Security
WHITE PAPER OCTOBER 2017 VMWARE NSX WITH CHECK POINT vsec Enhancing Micro-Segmentation Security Table of Contents Executive Summary 3 VMware NSX Network Virtualization Overview 5 East-West Versus North-South
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationAdvanced threats. "Software defined" everything. Internet of Things. SDDC/Cloud. HTTP is the new TCP. Mobile. F5 Networks, Inc 2
F5 Software Defined Application Services F5 Synthesis Fred Wu Technical Director of F5 Networks China Advanced threats "Software defined" everything SDDC/Cloud Internet of Things Mobile HTTP is the new
More informationData Center and Cloud Automation
Data Center and Cloud Automation Tanja Hess Systems Engineer September, 2014 AGENDA Challenges and Opportunities Manual vs. Automated IT Operations What problem are we trying to solve and how do we solve
More informationCisco Tetration Analytics
Cisco Tetration Analytics Real-time application visibility and policy management using advanced analytics Yogesh Kaushik, Sr. Director Product Management PSOACI-2100 Agenda Market context Introduction:
More informationNext generation branch with SD-WAN and NFV
Next generation branch with SD-WAN and NFV Kiran Ghodgaonkar, Senior Manager, Enterprise Marketing Mani Ganeson, Senior Product Manager PSOCRS-2004 @ghodgaonkar Cisco Spark How Questions? Use Cisco Spark
More informationResilient WAN and Security for Distributed Networks with Cisco Meraki MX
Resilient WAN and Security for Distributed Networks with Cisco Meraki MX Daghan Altas, Director of Product Management BRKSEC-2900 Agenda Problem Cisco CNG Live network creation demo (45m) Product Brief
More informationOrchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud
Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud 2 Orchestrate the Cloud Infrastructure Business Drivers for Cloud Long Provisioning Times for New Services o o o Lack
More informationA10 HARMONY CONTROLLER
DATA SHEET A10 HARMONY CONTROLLER AGILE MANAGEMENT, AUTOMATION, ANALYTICS FOR MULTI-CLOUD ENVIRONMENTS PLATFORMS A10 Harmony Controller provides centralized agile management, automation and analytics for
More informationVirtual Security Gateway Overview
This chapter contains the following sections: Information About the Cisco Virtual Security Gateway, page 1 Cisco Virtual Security Gateway Configuration for the Network, page 10 Feature History for Overview,
More informationCisco HyperFlex and the F5 BIG-IP Platform Accelerate Infrastructure and Application Deployments
OVERVIEW + Cisco and the F5 BIG-IP Platform Accelerate Infrastructure and Application Deployments KEY BENEFITS Quickly create private clouds Tested with industry-leading BIG-IP ADC platform Easily scale
More informationCisco ONE Software BRKRST Dan Lohmeyer Senior Director, Software Strategy and Operations
Cisco ONE Software BRKRST-1213 Dan Lohmeyer Senior Director, Software Strategy and Operations Agenda Introduction Enterprise Challenges Cisco ONE Software Conclusion Enterprise Challenges IT Decision Maker
More informationAnalytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS
Analytics Driven, Simple, Accurate and Actionable Cyber Security Solution CYBER ANALYTICS Overview Cyberattacks are increasingly getting more frequent, more sophisticated and more widespread than ever
More informationStopping Advanced Persistent Threats In Cloud and DataCenters
Stopping Advanced Persistent Threats In Cloud and DataCenters Frederik Van Roosendael PSE Belgium Luxembourg 10/9/2015 Copyright 2013 Trend Micro Inc. Agenda How Threats evolved Transforming Your Data
More informationSecuring Your Amazon Web Services Virtual Networks
Securing Your Amazon Web Services s IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up a workload,
More informationCisco ONE Enterprise Cloud Suite
Cisco ONE Enterprise Cloud Suite Pragmatic Progression to Cloud Automation Geoff Soon Today s Businesses Require Greater Agility Focus on increasing speed of business Customers expect on-demand service
More informationNGFWv & ASAv in Public Cloud (AWS & Azure)
& in Public Cloud (AWS & Azure) Anubhav Swami, CCIE# 21208 Technical Marketing Engineer Your Speaker Anubhav Swami answami@cisco.com Technical Marketing Engineer 5 years in Cisco TAC 2 years in ASA BU
More informationCisco Network Admission Control (NAC) Solution
Data Sheet Cisco Network Admission Control (NAC) Solution New: Updated to include the Cisco Secure Network Server (SNS) Cisco Network Admission Control (NAC) solutions allow you to authenticate wired,
More informationOracle IaaS, a modern felhő infrastruktúra
Sárecz Lajos Cloud Platform Sales Consultant Oracle IaaS, a modern felhő infrastruktúra Copyright 2017, Oracle and/or its affiliates. All rights reserved. Azure Window collapsed Oracle Infrastructure as
More informationAutomate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure
Automate Application Deployment with F5 Local Traffic Manager and Cisco Application Centric Infrastructure White Paper 2016 Cisco F5 Networks. All rights reserved. Page 1 Contents What You Will Learn...
More informationSecuring the Empowered Branch with Cisco Network Admission Control. September 2007
Securing the Empowered Branch with Cisco Network Admission Control September 2007 Presentation_ID 2006 Cisco Systems, Inc. All rights reserved. 1 Contents 1 The Cisco Empowered Branch 2 Security Considerations
More informationThe Software Driven Datacenter
The Software Driven Datacenter Three Major Trends are Driving the Evolution of the Datacenter Hardware Costs Innovation in CPU and Memory. 10000 10 µm CPU process technologies $100 DRAM $/GB 1000 1 µm
More informationSimplify and automate your network with Cisco DNA
Simplify and automate your network with Cisco DNA Mr. Brink Sanders Managing Director, Software and Network Transformation Cisco Asia Pacific and Japan March, 2017 Agenda Software-Defined Networking (SDN)
More informationVideo-Aware Networking: Automating Networks and Applications to Simplify the Future of Video
Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video The future of video is in the network We live in a world where more and more video is shifting to IP and mobile.
More informationCisco Application Centric Infrastructure Roadshow. Wednesday, 2. April 14
Cisco Application Centric Infrastructure Roadshow Wednesday, 2. April 14 Cisco ACI Roadshow - Agenda Business and IT trends Cisco Open Network Environment (ONE) Lunch Cisco Application Centric Infrastructure
More information21CTL Disaster Recovery, Workload Mobility and Infrastructure as a Service Proposal. By Adeyemi Ademola E. Cloud Engineer
21CTL Disaster Recovery, Workload Mobility and Infrastructure as a Service Proposal By Adeyemi Ademola E. Cloud Engineer 1 Contents Introduction... 5 1.2 Document Purpose and Scope...5 Service Definition...
More informationSecurity for the Cloud Era
Security for the Cloud Era Make the Most Out of Your Cloud Journey Fadhly Hassim Sales Engineer South East Asia & Korea Barracuda Networks Current Weather Situation Customer Provisions & Manage On-Premises
More informationThe Why, What, and How of Cisco Tetration
The Why, What, and How of Cisco Tetration Why Cisco Tetration? With the above trends as a backdrop, Cisco has seen specific changes within the multicloud data center. Infrastructure is changing. It is
More informationNetwork Automation and Branch Agility The Network Helps Enable Digital Business. Rajinder Singh Product Sales Specialist June 2016
Network Automation and Branch Agility The Network Helps Enable Digital Business Rajinder Singh Product Sales Specialist June 2016 Agenda WAN Market Drivers Cisco Intelligent WAN (IWAN) Cisco Intelligent
More informationSecuring Cisco s Network
Securing Cisco s Network Inside Cisco IT Simon Finn, Solutions Architect, Information Security Oisin MacAlasdair, Member of Technical Staff, Information Technology Agenda Cisco Landscape Trends Changing
More informationRethinking Security CLOUDSEC2016. Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team
Rethinking Security CLOUDSEC2016 Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team Breaches Are The New Normal Only The Scale Surprises Us OPM will send notifications
More informationCisco UCS Director and ACI Advanced Deployment Lab
Cisco UCS Director and ACI Advanced Deployment Lab Michael Zimmerman, TME Vishal Mehta, TME Agenda Introduction Cisco UCS Director ACI Integration and Key Concepts Cisco UCS Director Application Container
More informationCisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13
Q&A Cisco Cloud Services Router 1000V with Cisco IOS XE Software Release 3.13 Q. What is the Cisco Cloud Services Router 1000V? A. The Cisco Cloud Services Router 1000V (CSR 1000V) is a router in virtual
More informationSecurity for shared infrastructure in Cisco ONE Enterprise Cloud Suite BRKPCA-2040
Security for shared infrastructure in Cisco ONE Enterprise Cloud Suite Roxana Diaz TSA, CCIE BRKPCA-2040 @roxadiaz2 Agenda Introduction Cisco VACS Overview VACS Configuration Security Use-cases Customers
More informationCisco SD-WAN and DNA-C
Cisco SD-WAN and DNA-C SD-WAN Cisco SD-WAN Intent-based networking for the branch and WAN 4x Improved application experience Better user experience Deploy applications in minutes on any platform with consistent
More informationCisco Cloud Security. How to Protect Business to Support Digital Transformation
Cisco Cloud Security How to Protect Business to Support Digital Transformation Dragan Novakovic Cybersecurity Consulting Systems Engineer January 2018. Security Enables Digitization Digital Disruption,
More informationModule Day Topic. 1 Definition of Cloud Computing and its Basics
Module Day Topic 1 Definition of Cloud Computing and its Basics 1 2 3 1. How does cloud computing provides on-demand functionality? 2. What is the difference between scalability and elasticity? 3. What
More informationCloudVision Macro-Segmentation Service
CloudVision Macro-Segmentation Service Inside Address network-based security as a pool of resources, stitch security to applications and transactions, scale on-demand, automate deployment and mitigation,
More informationCisco Virtual Security Gateway (VSG) Mohammad Salaheldin
Cisco Virtual Security Gateway (VSG) Mohammad Salaheldin Virtual Security Gateway (VSG) Overview VSG Packet Flow VSG Policy Model Use Case Example ASA on 1000V Summary 2011 Cisco and/or its affiliates.
More informationWhat s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics
What s next for your data center? Power Your Evolution with Physical and Virtual ADCs. Jeppe Koefoed Wim Zandee Field sales, Nordics Vision: Everything as a service Speed Scalability Speed to Market
More informationThe Cisco HyperFlex Dynamic Data Fabric Advantage
Solution Brief May 2017 The Benefits of Co-Engineering the Data Platform with the Network Highlights Cisco HyperFlex Dynamic Data Fabric Simplicity with less cabling and no decisions to make The quality
More informationPROTECT WORKLOADS IN THE HYBRID CLOUD
PROTECT WORKLOADS IN THE HYBRID CLOUD SPOTLIGHTS Industry Aviation Use Case Protect workloads in the hybrid cloud for the safety and integrity of mission-critical applications and sensitive data across
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats Digital Transformation on a Massive Scale 15B Devices Today Attack Surface 500B Devices In 2030 Threat Actors $19T Opportunity Next 10 Years
More informationOrchestration: Accelerate Deployments and Reduce Operational Risk. Nathan Pearce, Product Development SA Programmability & Orchestration Team
Orchestration: Accelerate Deployments and Reduce Operational Risk Nathan Pearce, Product Development SA Programmability & Orchestration Team Agenda 1 2 3 Industry Trends Customer Journey Use Cases 2016
More informationF5 Demystifying Network Service Orchestration and Insertion in Application Centric and Programmable Network Architectures
F5 Demystifying Network Service Orchestration and Insertion in Application Centric and Programmable Network Architectures Jeffrey Wong - Solution Architect F5 Networks February, 2015 Agenda F5 Synthesis
More informationCisco Security Manager 4.1: Integrated Security Management for Cisco Firewalls, IPS, and VPN Solutions
Data Sheet Cisco Security Manager 4.1: Integrated Security Management for Cisco Firewalls, IPS, and VPN Solutions Security Operations Challenges Businesses are facing daunting new challenges in security
More informationBorderless Networks. Tom Schepers, Director Systems Engineering
Borderless Networks Tom Schepers, Director Systems Engineering Agenda Introducing Enterprise Network Architecture Unified Access Cloud Intelligent Network & Unified Services Enterprise Networks in Action
More informationCisco SD-WAN. Intent-based networking for the branch and WAN. Carlos Infante PSS EN Spain March 2018
Cisco SD-WAN Intent-based networking for the branch and WAN Carlos Infante PSS EN Spain March 2018 Aug-12 Oct-12 Dec-12 Feb-13 Apr-13 Jun-13 Aug-13 Oct-13 Dec-13 Feb-14 Apr-14 Jun-14 Aug-14 Oct-14 Dec-14
More informationCHARTING THE FUTURE OF SOFTWARE DEFINED NETWORKING
www.hcltech.com CHARTING THE FUTURE OF SOFTWARE DEFINED NETWORKING Why Next-Gen Networks? The rapid and large scale adoption of new age disruptive digital technologies has resulted in astronomical growth
More informationDesign Guide for Cisco ACI with Avi Vantage
Page 1 of 23 Design Guide for Cisco ACI with Avi Vantage view online Overview Cisco ACI Cisco Application Centric Infrastructure (ACI) is a software defined networking solution offered by Cisco for data
More informationData Center 3.0: Transforming the Data Center via the Network
Data Center 3.0: Transforming the Data Center via the Network Douglas A. Gourlay Senior Director - Data Center Solutions Group Peter Linkin Marketing Manager - Data Center Architecture August 1, 2007 1
More informationHow to Leverage Containers to Bolster Security and Performance While Moving to Google Cloud
PRESENTED BY How to Leverage Containers to Bolster Security and Performance While Moving to Google Cloud BIG-IP enables the enterprise to efficiently address security and performance when migrating to
More information