Fully Integrated, Threat-Focused Next-Generation Firewall
|
|
- Michael Johnston
- 5 years ago
- Views:
Transcription
1 Cisco Firepower NGFW Fully Integrated, Threat-Focused Next-Generation Firewall Fuat KILIÇ, Security Consulting Systems Engineer, CCIE #21150 September 2016
2 Get ahead of attackers with threat-centric security solutions In our live Security Experts Webinars discover all the items needed to help set up the best security architecture. What a Next Generation Firewall should be Protect your and web gateways Advanced Malware Protection ISE/Access Control And many other hot security topics so check our Security Experts Page and register to our upcoming webinars- ww.cisco.com/go/securityexperts
3 Digital Transformation on a Massive Scale Title Goes Here 15B Devices Today Attack Surface 500B Devices In 2030 Threat Actors $19T Opportunity Next 10 Years Attack Sophistication Global Cybercrime Market: $450B to $1T
4 Typical NGFWs are focused too narrowly and Title are Goes too Here hard to manage Network Threat Threat Content Malware Analysis IPS Access VPN Threat Web Security NGFW Access Control Security Firewall Malware Protection Focused on apps, not threats Another silo to manage
5 They protect before an attack but are less effective during or after one Attack Continuum BEFORE DURING AFTER Typical NGFW Silos Enable applications IPS URL GAP DDoS Sandbox Incident Response
6 We are committed to addressing this problem Security is Cisco s number 1 priority. We are going big and making strategic investments to become our customers and partners most trusted security advisor. John Chambers Executive Chairman, Cisco April 2015 In the last 18 months, we invested over $3.7B in security
7 Enable your business with a fully integrated, threat-focused solution Cisco NGFW Stop more threats Gain more insight Detect earlier, act faster Reduce complexity Get more from your network Threat Focused Fully Integrated
8 Stop more threats across the entire attack continuum BEFORE DURING AFTER Cisco NGFW Discover threats and enforce security policies Detect, block, and defend against attacks Remediate breaches and prevent future attacks
9 Gain more insight with increased visibility You can t protect what you can t see Client applications Operating systems Threats Typical IPS Users Application protocols File transfers Web applications Command and control servers Malware Routers and switches Mobile devices Printers Typical NGFW Cisco NGFW Network servers VoIP phones
10 Reduce complexity with simplified, consistent management Unified Network-to-endpoint visibility Manages firewall, applications, threats, and files Track, contain, and recover remediation tools Scalable Central, role-based management Multitenancy Policy inheritance Automated Impact assessment Rule recommendations Remediation APIs Cisco Firepower Management Center
11 Get more from your network through integrated defenses Shared intelligence Talos Shared contextual awareness Visibility Radware DDoS URL Network analysis Threats Identity and NAC DNS Firewall Consistent policy enforcement Firepower 4100 Series Firepower 9300 Platform Cisco Firepower Management Center
12 Threat Focused Threat Intelligence I00I III0I III00II 0II00II I0I I000 0II0 00 0III000 II III000III0 I00I II0I III [Talos] II0 00 0III000 III0I00II II II0000I II0 100I II0I III00II 0II00II I0I000 0II III0 I00I II0I III00II 0II00II Research Response Endpoints Web Networks IPS Devices 100 TB Intelligence 1.6M sensors 150 million+ endpoints 35% world wide FireAMP, 3+ million 13B web req WWW AEGIS & SPARK Open Source Communities 180,000+ Files per Day 1B SBRS Queries per Day 3.6PB Monthly though CWS Advanced Industry Disclosures Outreach Activities Dynamic Analysis Threat Centric Detection Content SEU/SRU Sandbox VDB Security Intelligence & Web Reputation 2014 Cisco and/or its affiliates. All rights reserved. 12
13 With Cisco NGFW, security can be a business growth engine Cisco NGFW Stop more threats Gain more insight Detect earlier, act faster Reduce complexity Get more from your network Threat Focused Fully Integrated
14 Product and Services
15 Next Generation Firewall (NGFW) Essentials Cisco Collective Security Intelligence Enabled WWW High Availability NGIPS Advanced Malware Protection URL Filtering Analytics & Automation Network Firewall Routing Switching Application Visibility & Control Built-in Network Profiling Identity-Policy Control & VPN One Operating System + One Management 2015 Cisco and/or its affiliates. All rights reserved. 15
16 Cisco NGFW Evolution Two Appliances One Appliance Two Images One Appliance One Image Two Management Consoles Two Management Consoles One Management Console ASA FW FirePOWER NGIPS ASA + FirePOWER Services FirePOWER NGIPS ASA FW Code Firewall URL Visibility Threats Cisco Firepower Threat-focused Unified NGFW
17 Introducing Cisco NGFW Fully Integrated Threat Focused Unified Management FW / applications / IPS Cisco AMP network / endpoint Analysis and remediation Cisco security solutions Networkwide visibility Industry-best threat protection Known and unknown threats Track / contain / recover Across attack continuum Manage, control, and investigate Automatically protect
18 Cisco NGFW Platforms New Appliances Cisco Firepower 4100 Series and 9300 Cisco ASA with Firepower Services on ASA 5500-X Cisco FirePOWER Services on ASA 5585-X All* Managed by Cisco Firepower Management Center *5585-X management available 2H CY16
19 Cisco Firepower 4100 Series Introducing four new high-performance models Performance and Density Optimization 10-Gbps and 40-Gbps interfaces Up to 80-Gbps throughput 1-rack-unit (RU) form factor Low latency Multiservice Security Integrated inspection engines for FW, NGIPS, Application Visibility and Control (AVC), URL, Cisco Advanced Malware Protection (AMPRadware DefensePro DDoS) ASA and other future third party Unified Management Single management interface with Firepower Threat Defense Unified policy with inheritance Choice of management deployment options
20 Cisco Firepower 9300 Platform High-speed, scalable security Modular Benefits Standards and interoperability Flexible architecture Features Template-driven security Secure containerization for customer apps RESTful/JSON API Third-party orchestration and management Multiservice Security Benefits Integration of best-in-class security Dynamic service stitching Features* Cisco ASA container Cisco Firepower Threat Defense containers: NGIPS, AMP, URL, AVC Third-party containers: Radware DDoS Other ecosystem partners Carrier Class Benefits Industry-leading performance: 600% higher performance 30% higher port density Features Compact, 3RU form factor 10-Gbps/40-Gbps I/O; 100-Gbps ready Terabit backplane Low latency, intelligent fast path Network Equipment-Building System (NEBS) ready * Contact Cisco for services availability
21 Features
22 Automated, Integrated Defenses Context and Threat Correlation Context and Threat Correlation Priority 1 Priority 2 Priority 3 Impact Assessment
23 Automated, Integrated Defenses Dynamic Security Control Dynamic Security Control WWW WEB WWW WWW Adapt Policy to Risks
24 Automated, Integrated Defenses Multivector Correlation Admin Request 5 IoCs Host A Multivector Correlation Mail PDF Admin Request PDF Mail 3 IoCs Host B Early Warning for Advanced Threats Host C
25 Advanced Malware Protection - Preventive All detection is less than 100% One-to-One Signature Fuzzy Finger-Printing Machine Learning Advanced Analytics Dynamic Analysis Reputation Filtering and File Sandboxing
26 Automated, Integrated Defenses Retrospective Security Retrospective Security Shrink Time Between Detection and Cure
27 Expanding Advanced Malware Protection Everywhere ASA Dedicated FirePOWER Appliance Web & Security Appliances Cloud Based Web Security & Hosted Private Cloud PC / MAC Mobile Virtual NGIPS /NGFW on FirePOWER Continuous & Zero-Day Detection Advanced Analytics And Correlation Enterprise Capabilities
28 We are committed to addressing this problem Security is Cisco s number 1 priority. We are going big and making strategic investments to become our customers and partners most trusted security advisor. John Chambers Executive Chairman, Cisco April 2015 In the last 18 months, we invested over $3.7B in security
29 Cisco Firepower 6.1 Introduction
30 Firepower 6.1 A Quick Glance NGFW & Network Firewall Integration & Infrastructure Management Site-to-Site VPN Traffic Rate-Limiting Routing Enhancements Tunneled Traffic Policies Safe Search enforcement True-IP Policy (XFF) SSL Client Hello Captive Portal Enhancements ISE Remediation Inline SGT Tags KVM Support Converged CLI AMP Private Cloud Fail-to-Wire Improved Scale Usability Improvements Integrated Risk Reports High Availability Firepower Device Manager Available only on Firepower Threat Defense Software (FTD)
31 With Firepower 6.1 Software Internet Edge Focus An Integrated Cisco Story Local Management Enhanced Virtualization
32 Software Support by Platform Firepower Threat Defense Firepower NGIPS ASA Firewall Firepower Services on ASA Old (Series 2) FirePOWER Appliances FirePOWER 7000 Series FirePOWER 8000 Series ASA Low-end (5506/08/16) (reimage) ASA Mid-Range (5512/15/25/45/55) (reimage) ASA High-end (5585 SSP-10/20/40/60) Firepower 4100, 9300 (SSP 3RU - SM-24/36) VMware AWS KVM
33 Threat (IPS / SI / DNS) Malware (AMP / TG) URL Filtering Licensing Structure Base License enables NGFW Networking, Firewall and Application Visibility & Control Perpetual license - included with appliance purchase Term-based licenses for advanced protection Threat, Malware and URL Filtering Traditional ASA, FirePOWER licenses not needed Base (NGFW) Blue = Term-based Green = Perpetual Applicable only for Firepower Threat Defense Software (FTD)
34 Firepower 6.1 Feature Overview
35 NGFW and Network Firewall
36 Site-to-Site VPN Between multiple FTDs or between FTD and ASA Topology based design Point to point Hub and Spoke Full Mesh Uses pre-shared key only, no PKI Available only on Firepower Threat Defense Software (FTD)
37 Routing enhancements FTD now supports multicast routing IGMP version 1 and version 2 are supported PIM only sparse mode is supported Multicast Boundary supported Available only on Firepower Threat Defense Software (FTD)
38 Inline Security Group Tags (SGT) Behavior in 6.1 SGTs in network traffic are utilized SGTs seen in traffic take precedence SGT to IP mapping provided by ISE Untagged traffic is still matched to rule using IP to SGT mapping provided by ISE ISE integration is no longer needed SGTs can be defined in FMC Sensor does not add or remove tags from traffic Available only on Firepower Threat Defense Software (FTD)
39 Rate limiting Rate limiting provides Limits based on apps/groups, user/groups, Networks/Geo, Ports, URL, etc. Separate limits can be applied for download or upload Rate limits applied on routed mode interface objects Limits can be expressed in terms of actual rate or percentage of overall interface bandwidth Supported only on FTD Limitations Maximum number of QoS rules is 32 per interface on which rate limiting is getting applied Rate Limiting range is 8000 bits to 2Gbs (same as ASA) Available only on Firepower Threat Defense Software (FTD)
40 True-IP Policy In 6.1 True-IP Policy can be used in policy decisions X-Forwarded-For True-Client-IP header Custom headers that support XFF like syntax see RFC 7239 Precedence is set in the HTTP pre-processor settings Can specify which source IPs (Proxy servers) are trusted for these headers
41 Safe Search YouTube EDU enforcement Enforce Safe Search using supported search engines Utilizes a new Snort preprocessor: HTTP header modification Pre-processor Last preprocessor in Snort preprocessor chain:, AppID Access Control Rules Engine HTTP HTTP Header Modification Safe Search Action varies depending on search engine YouTube EDU Injects X-YouTube-Edu-Filter
42 Active authentication enhancements Kerberos authentication is now supported in 6.1 Guest access Before 6.1, guest policies could be provided to users that failed authentication With 6.1, there is a new button on the portal page. This button allows a user to choose guest access without trying to authenticate.
43 Prefilter Policies New type of policy called Prefilter policies Precedes access control policy Together with access control policy, allows control of both tunneled and tunneling protocol Also used to facilitate tools to migrate from ASA w/ FirePOWER services to FTD Prefilter Policies are implemented without involving Snort Prefilter Policy is associated with one or more Access Control Policies Available only on Firepower Threat Defense Software (FTD)
44 Integration and Infrastructure
45 ISE remediation via pxgrid Ability to register from FMC to ISE's Endpoint Services Protection providing the ability to quarantine, unquarantine or deactivate ports on endpoints visible to ISE ISE 1.3 and 2.0 are supported FMC SGTs and Endpoint Profiles Remediation requests (quarantine, un-quarantine) ISE Internet Sensor Servicing Router Client PC
46 AMP Private Cloud Firepower 6.1 is capable of using both the AMP Private Cloud and ThreatGrid Private Cloud 1. Log into your Private Cloud Portal 2. Navigate to Integrations Defense Center 3. Follow the instructions provided
47 KVM Support FMCv and FTDv are supported on KVM Both are functionally equivalent to FMCv on VMware Virtio driver support FMCv "Graceful Shutdown" - Allows the FMC to save critical data before shutting down Restrictions and Limitations Nested hypervisors (KVM running on top of VMware/ESXi) are not supported. Only bare-metal KVM deployments are supported Onbox management is not supported Available only on Firepower Threat Defense Software (FTD)
48 Management Specific Features
49 FMC HA Active/Standby Deployment Manual Failover Sybase database duplicated Both FMC nodes receive events from each sensor Policy changes made on primary are copied over to the secondary
50 FMC HA 5.4 vs FMC HA is Active/Standby. In 5.4.x, it was Active/Active Active FMC: fully functional. As good as standalone Standby FMC: read-only. Most of the tabs/sub-tabs on UI are hidden. Standby FMC: No CSM processes. Except VmsDbEngine. Standby FMC: Configuration database (Sybase) is read-only. No sync for events. Events are pushed to both the FMCs (no change from 5.4.x) FMC HA is supported on 4K, 2K, 3500 and Not supported on Virtual All configuration related tables of MySQL are moved to Sybase FMC HA 5.4 FMC HA managed FP only; FMC HA 6.1 managed HA for both FP and FTD
51 Integrated Risk Reports There are three risk reports Advanced Malware Attacks Network Prior to 6.1 risk reports where generated offline Generated by Cisco or partners Customers could not create reports. In 6.1 reports are integrated into the FMC UI
52 Analysis Tool: Lookup The Lookup tool can be used to get: Geolocation for an IP Address Whois Information for an IP Address Internet Connectivity is required
53 Firepower Device Manager
54 Firepower Device Manager Free local manager for managing a single Firepower Threat Defense device Targeted for SMB market Designed for Networking Security Administrator Beta is only available on Kenton models Available only for Firepower Threat Defense Software (FTD)
55 On-box Vs. Off-box Comparison at 6.1 NAT & Routing Access Control Intrusion & Malware Device & Events Monitoring Site to Site VPN Security Intelligence Other Policies: SSL, Identity, Rate Limiting (QoS) etc. Active/Passive Authentications Threat Intelligence & Analytics Risk Reports Correlation & Remediation Easy Device Setup Firepower Management Center (Off-box) Firepower Device Manager (On-box) In Roadmap In Roadmap In Roadmap In Roadmap NCP NCP NCP => Detailed => Optimized for SMBs => Not Present NCP => No Current Plan Available only for Firepower Threat Defense Software (FTD)
56 Demo
57
Cisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats Digital Transformation on a Massive Scale 15B Devices Today Attack Surface 500B Devices In 2030 Threat Actors $19T Opportunity Next 10 Years
More informationCisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer
Cisco Next Generation Firewall and IPS Dragan Novakovic Security Consulting Systems Engineer Cisco ASA with Firepower services Cisco TALOS - Collective Security Intelligence Enabled Clustering & High Availability
More informationCisco Firepower NGFW. Anticipate, block, and respond to threats
Cisco Firepower NGFW Anticipate, block, and respond to threats You have a mandate to build and secure a network that supports ongoing innovation Mobile access Social collaboration Public / private hybrid
More informationCisco Firepower Thread Defence. Claudiu Boar
Cisco Firepower Thread Defence Claudiu Boar Security everywhere Stop threats at the edge Control who gets onto your network Find and contain problems fast Protect users wherever they work Simplify network
More informationAby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.
Aby se z toho bezpečnostní správci nezbláznili aneb Cisco security integrace Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace Milan Habrcetl Cisco CyberSecurity Specialist Mikulov,
More informationCisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017
Cisco Security Advanced Malware Protection Guillermo González Security Systems Engineer Octubre 2017 The New Security Model Attack Continuum Before During After Before Discover During Detect After Scope
More informationBusiness Resiliency Through Superior Threat Defense
Business Resiliency Through Superior Threat Defense Firepower 2100 Series/ Cisco Identity Services Engine Andre Lambertsen, Consulting Systems Engineer ala@cisco.com Cisco Firepower NGFW Fully Integrated
More informationCisco Security Exposed Through the Cyber Kill Chain
Cisco Forschung & Lehre Forum für Mecklenburg Vorpommern Cisco Security Exposed Through the Cyber Kill Chain Rene Straube CSE, Cisco Advanced Threat Solutions January, 2017 The Cisco Security Model BEFORE
More informationAgile Security Solutions
Agile Security Solutions Piotr Linke Security Engineer CISSP CISA CRISC CISM Open Source SNORT 2 Consider these guys All were smart. All had security. All were seriously compromised. 3 The Industrialization
More informationA New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization
A New Security Model for the IoE World Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization Internet of Everything The Internet of Everything brings together people, process, data and
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization Changing Business Models Any Device
More informationGlobal vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year
Global vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year Firepower Next Generation Firewall Subtitle goes here William Young Security Solutions Architect, Global Security Architecture Team
More informationIntelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales
Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales The Industrialization of Hacking Sophisticated Attacks, Complex Landscape Hacking Becomes an Industry Phishing,
More informationFirepower Techupdate April Jesper Rathsach, Consulting Systems Engineer Cisco Security North April 2017
Firepower 6.2.1 Techupdate April 2017 Jesper Rathsach, Consulting Systems Engineer Cisco Security North April 2017 Firepower 6.2.1 Nr. 1 most important!! Firepower 6.2.1 BUGFIXES!!!!! Alle kendte severity
More informationCisco Cloud Security. How to Protect Business to Support Digital Transformation
Cisco Cloud Security How to Protect Business to Support Digital Transformation Dragan Novakovic Cybersecurity Consulting Systems Engineer January 2018. Security Enables Digitization Digital Disruption,
More informationCisco Comstor
Cisco Security @ Comstor 1 Agenda 1. Cisco Security Fundamentals Cyber Security? Cisco Security Solutions - Cisco NGFW - Cisco Umbrella Cisco Meraki, MR, MS, MV and MX Meraki Insight 2 1. Cisco Security
More informationCisco ASA with FirePOWER Services
Cisco ASA with FirePOWER Services TDM Thomas Jankowsky Consulting Systems Engineer May 2015 Introduction Industry s First Threat-Focused Next-Generation Firewall (NGFW) Proven Cisco ASA firewalling Industry-leading
More informationMAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric
More informationFirewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků
Firewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků Jiří Tesař, CSE Security, jitesar@cisco.com CCIE #14558, SFCE #124266 Mapping Technologies to the
More informationCisco Advanced Malware Protection. May 2016
Cisco Advanced Malware Protection May 2016 The Reality Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious traffic 100% Cybercrime is lucrative, barrier
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Next Generation Security John Tzortzakakis Security Solutions Architect, Security Business Group November 2014 Threat Landscape evolution 60% of data is
More informationFirePower 2100 NGFW. Elodie Heurtevent Security BDM Commercial. 21 March 2017
FirePower 2100 NGFW Elodie Heurtevent Security BDM Commercial 21 March 2017 Capture the NGFW Opportunity "Less than 40% of enterprise Internet connections today are secured using nextgeneration firewalls
More informationSilverBlight. Craig Williams Sr. Technical Leader / Security Outreach Manager Cisco and/or its affiliates. All rights reserved.
SilverBlight Craig Williams Sr. Technical Leader / Security Outreach Manager 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 1 2014 Cisco and/or its affiliates. All rights reserved.
More informationCisco ASA 5500-X NGFW
Cisco ASA 5500-X NGFW Sieťová ochrana pre malé a stredné podniky pred modernými hrozbami Peter Mesjar CCIE 17428, Systémový Inžinier, Cisco What are we going to talk about Problem is THREATS How today
More informationIntelligent Cyber Security for Real World
Intelligent Cyber Security for Real World Simone Posti Security Account Manager Cisco GSSO June 2016 The Security Challenges Without integrated security, our data is at risk 60% of data is stolen in HOURS
More informationCloud-Managed Security for Distributed Networks with Cisco Meraki MX
Cloud-Managed Security for Distributed Networks with Cisco Meraki MX Joe Aronow, Product Architect Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this
More informationDeploying Intrusion Prevention Systems
Deploying Intrusion Prevention Systems Mike Mercier Consulting Systems Engineer BRKSEC-2030 Agenda Introduction to IPS Cisco NGIPS Solutions Deploying Cisco NGIPS Migrating to Firepower NGIPS Conclusion
More informationFirepower Management Center High Availability
The following topics describe how to configure Active/Standby high availability of Cisco Firepower Management Centers: About, on page 1 Establishing, on page 7 Viewing Status, on page 8 Configurations
More informationCisco Firepower 9300 Security Appliance
Data Sheet Cisco Firepower 9300 Security Appliance The Cisco Firepower 9300 is a scalable, carrier-grade platform designed for service providers and others requiring low latency and exceptional throughput,
More informationHow-To Threat Centric NAC Cisco AMP for Endpoints in Cloud and Cisco Identity Service Engine (ISE) Integration using STIX Technology
How-To Threat Centric NAC Cisco AMP for Endpoints in Cloud and Cisco Identity Service Engine (ISE) Integration using STIX Technology Author: John Eppich Table of Contents About this Document... 3 Introduction
More informationData Center Security. Fuat KILIÇ Consulting Systems
Data Center Security Fuat KILIÇ Consulting Systems Engineer @Security Data Center Evolution WHERE ARE YOU NOW? WHERE DO YOU WANT TO BE? Traditional Data Center Virtualized Data Center (VDC) Virtualized
More informationService Provider Security Architecture
Service Provider Security Architecture Andrew Turner Technical Marketing, Security Business Group April 12 th 2017 Digitization is disrupting the SP business The world has gone mobile Traffic growth, driven
More informationSourcefire and ThreatGrid. A new perspective on network security
Sourcefire and ThreatGrid A new perspective on network security Agenda An overview of traditional IPS solutions Next-Generation IPS Requirements Sourcefire Next-Generation IPS Advanced Malware Protection
More informationDesign and Deployment of SourceFire NGIPS and NGFWL
Design and Deployment of SourceFire NGIPS and NGFWL BRKSEC - 2024 Marcel Skjald Consulting Systems Engineer Enterprise / Security Architect Abstract Overview of Session This technical session covers the
More informationImproving Security with Cisco ASA Firepower Services Claudiu Onisoru, Senior Solutions Engineer Cisco Connect - 18 March 2015
Improving Security with Cisco ASA Firepower Services Claudiu Onisoru, Senior Solutions Engineer Cisco Connect - 18 March 2015 1 Agenda Frontal Communication: Who we are? - Key points - Competencies Areas
More informationCisco Advanced Malware Protection against WannaCry
Cisco Advanced Malware Protection against WannaCry "A false sense of security is worse than a true sense of insecurity" Senad Aruc Consulting Systems Engineer Advanced Threats Group Nils Roald Advanced
More informationSourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data
SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.
More informationChapter 1: Content Security
Chapter 1: Content Security Cisco Cloud Web Security (CWS) Cisco offers Cisco Cloud Web Security (CWS) to protect End Stations and Users devices from infection. Cisco Cloud Web Security (CWS) depends upon
More informationImplementing Cisco Edge Network Security Solutions ( )
Implementing Cisco Edge Network Security Solutions (300-206) Exam Description: The Implementing Cisco Edge Network Security (SENSS) (300-206) exam tests the knowledge of a network security engineer to
More informationAlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment
BRKPAR-2488 AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment Edy Almer How to Secure and Automate Your Heterogeneous Cisco Environment Yogesh Kaushik, Senior Director Cisco Doug
More informationBefore You Update: Important Notes
Before you update, familiarize yourself with the update process, the system's behavior during the update, compatibility issues, and required pre or post-update configuration changes. Caution Note Do not
More informationUser Identity Sources
The following topics describe Firepower System user identity sources, which are sources for user awareness. These users can be controlled with identity and access control policies: About, on page 1 The
More informationWe re ready. Are you?
We re ready. Are you? Defense against Multi-Vector Threats with Cisco Email and Web Security Usman Din Consulting Systems Engineer Agenda Threat Landscape Email and Web Solutions: Reputation Filtering
More informationDeploying Intrusion Prevention Systems
Deploying Intrusion Prevention Systems Gary Halleen Consulting Systems Engineer II Agenda Introductions Introduction to IPS Comparing Cisco IPS Solutions IPS Deployment Considerations Migration from IPS
More informationThere are two ways for a sensor device to detect the Security Group Tag (SGT) assigned to the traffic:
Contents Introduction Components Used Overview The User-IP Mapping Method The Inline Tagging Method Troubleshooting From the Restricted Shell of a Firepower Device From the Expert Mode of a Firepower Device
More informationBuild a Software-Defined Network to Defend your Business
Build a Software-Defined Network to Defend your Business Filip Vanierschot Systems Engineer fvanierschot@juniper.net Kappa Data 2020 Software Defined Secure Networks Juniper s Innovation in Secure Networks
More informationThe following topics describe how to manage various policies on the Firepower Management Center:
The following topics describe how to manage various policies on the Firepower Management Center: Policy Deployment, page 1 Policy Comparison, page 11 Policy Reports, page 12 Out-of-Date Policies, page
More informationEasy Setup Guide. Cisco ASA with Firepower Services. You can easily set up your ASA in this step-by-step guide.
Cisco ASA with Firepower Services Easy Setup Guide You can easily set up your ASA in this step-by-step guide. Connecting PC to ASA Installing ASDM 3 Configuring ASA 4 Using Umbrella DNS Connecting PC to
More informationCisco Self Defending Network
Cisco Self Defending Network Integrated Network Security George Chopin Security Business Development Manager, CISSP 2003, Cisco Systems, Inc. All rights reserved. 1 The Network as a Strategic Asset Corporate
More informationEvolution of Data Center Security Automated Security for Today s Dynamic Data Centers
Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers Speaker: Mun Hossain Director of Product Management - Security Business Group Cisco Twitter: @CiscoDCSecurity 2 Any
More informationCisco Advanced Malware Protection for Networks
Data Sheet Cisco Advanced Malware Protection for Networks Product Overview Fighting malware effectively today requires new approaches, strategies, and technologies. Cisco Advanced Malware Protection (AMP)
More informationATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK
PARTNER BRIEF ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK INTRODUCTION Attivo Networks has partnered with Cisco Systems to provide advanced real-time inside-the-network
More informationSecurity, Internet Access, and Communication Ports
Security, Internet Access, and Communication Ports The following topics provide information on system security, internet access, and communication ports: Security Requirements Security Requirements, on
More informationAn Investment Checklist
Next-Generation Addressing Advanced Firewalls: Web Threats Next-Generation Firewalls: What You Will Learn When you buy a next-generation firewall (NGFW), you want to determine whether the solution can
More informationCisco NGFW and UTM update Security Expert Call series
Cisco NGFW and UTM update Security Expert Call series 6 th of October 2016. Istvan Segyik (CCIE security #47531) Escalations Engineer, Cisco GVE isegyik@cisco.com Today s topics Cisco Firepower NGFW overview
More informationLicensing the Firepower System
The following topics explain how to license the Firepower System. About Firepower Feature Licenses, page 1 Service Subscriptions for Firepower Features, page 2 Smart Licensing for the Firepower System,
More informationCisco Firepower NGIPS Tuning and Best Practices
Cisco Firepower NGIPS Tuning and Best Practices John Wise, Security Instructor High Touch Delivery, Cisco Learning Services CTHCRT-2000 Cisco Spark How Questions? Use Cisco Spark to communicate with the
More informationCisco Secure Access Control
Cisco Secure Access Control Delivering Deeper Visibility, Centralized Control, and Superior Protection Martin Briand - Security Escalation VSE Global Virtual Engineering Oriol Madriles Soriano Security
More informationExpert Reference Series of White Papers. Cisco Completes the Security Picture with Sourcefire
Expert Reference Series of White Papers Cisco Completes the Security Picture with Sourcefire 1-800-COURSES www.globalknowledge.com Cisco Completes the Security Picture with Sourcefire Rich Hummel, CCNA,
More informationThreat Centric Network Security
BRKSEC-2056 Threat Centric Network Security Ted Bedwell, Principal Engineer Network Threat Defence Cisco Spark How Questions? Use Cisco Spark to communicate with the speaker after the session 1. Find this
More informationSecure solutions for advanced threats
Secure solutions for advanced email threats Threat-centric email security Cosmina Calin Virtual System Engineer November 2016 Get ahead of attackers with threat-centric security solutions In our live Security
More informationLicensing the Firepower System
The following topics explain how to license the Firepower System. About Firepower Feature Licenses, page 1 Service Subscriptions for Firepower Features, page 1 Classic Licensing for the Firepower System,
More informationFireproofing your network Do your own security check
Fireproofing your network Do your own security check bb! Cisco Connect 2016, October 19 th Cristian Ionescu, CTO, CCIE #20005 Cosmin Voicu, Senior Solution Engineer, CCIE #37076 1. About us About us IT
More informationClarify Firepower Threat Defense Access Control Policy Rule Actions
Clarify Firepower Threat Defense Access Control Policy Rule Actions Contents Introduction Prerequisites Requirements Components Used Background Information How ACP is Deployed Configure ACP Available Actions
More informationSubscriber Data Correlation
Subscriber Data Correlation Application of Cisco Stealthwatch to Service Provider mobility environment Introduction With the prevalence of smart mobile devices and the increase of application usage, Service
More informationCisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339
Cisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339 Agenda Introduction to Lab Exercises Platforms and Solutions ASA with
More informationCisco Advanced Malware Protection for Networks
Data Sheet Cisco Advanced Malware Protection for Networks Product Overview Fighting malware effectively today requires new approaches, strategies, and technologies. Cisco Advanced Malware Protection (AMP)
More informationCisco - ASA Lab Camp v9.0
Cisco - ASA Lab Camp v9.0 Code: 0007 Lengt h: 5 days URL: View Online Based on our enhanced SASAC v1.0 and SASAA v1.2 courses, this exclusive, lab-based course, provides you with your own set of equipment
More informationNGFW Requirements for SMBs and Distributed Enterprises
White Paper NGFW Requirements for SMBs and Distributed Enterprises The Case for NGFWs for SMBs The need for threat-focused next-generation firewalls (NGFWs) that can effectively mitigate risks that traditional
More informationSnort: The World s Most Widely Deployed IPS Technology
Technology Brief Snort: The World s Most Widely Deployed IPS Technology Overview Martin Roesch, the founder of Sourcefire and chief security architect at Cisco, created Snort in 1998. Snort is an open-source,
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect
Cisco Cyber Range Paul Qiu Senior Solutions Architect Cyber Range Service A platform to experience the intelligent Cyber Security for the real world What I hear, I forget What I see, I remember What I
More informationSecurity Experts Webinar
Security Experts Webinar Content Security Email and Web Fabio Panada Consulting Systems Engineer Security Mauro Pellicioli Systems Engineer May 2016 Content Security - Agenda Threat Landscape Cisco Approach
More informationHow to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption
How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption Nikos Mourtzinos, CCIE #9763 Cisco Cyber Security Sales Specialist April 2018 New
More informationNGFWv and ASAv in Public Cloud
and ASAv in Amazon Web Services (AWS) and Azure Jesper Rathsach jrathsac@cisco.com Consulting cybersecurity systems engineer, Cisco Systems 29 th August 2018 Introduktion til public cloud Overblik over,
More informationExtending Enterprise Security to Multicloud and Public Cloud
Extending Enterprise Security to Multicloud and Public Cloud Paul Kofoid Sr. Consulting Engineer: Security & Cloud This statement of direction sets forth Juniper Networks current intention and is subject
More informationCompare Security Analytics Solutions
Compare Security Analytics Solutions Learn how Cisco Stealthwatch compares with other security analytics products. This solution scales easily, giving you visibility across the entire network. Stealthwatch
More informationFeatures and Functionality
Features and functionality introduced in previous versions may be superseded by new features and functionality in later versions. New or Changed Functionality in Version 6.2.2.x, page 1 Features Introduced
More informationIntroduction to Cisco ASA to Firepower Threat Defense Migration
Introduction to Cisco ASA to Firepower Threat Defense Migration This guide describes how to use Cisco s migration tool to migrate firewall policy settings from your Cisco ASA to a Firepower Threat Defense
More informationDevice Management Basics
The following topics describe how to manage devices in the Firepower System: The Device Management Page, on page 1 Remote Management Configuration, on page 2 Add Devices to the Firepower Management Center,
More informationCisco ASA with FirePOWER Services
Data Sheet Cisco ASA with FirePOWER Meet the industry s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco ASA with FirePOWER
More informationStop Threats Before They Stop You
Stop Threats Before They Stop You Gain visibility and control as you speed time to containment of infected endpoints Andrew Peters, Sr. Manager, Security Technology Group Agenda Situation System Parts
More informationAdvanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe
Advanced Malware Protection Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe How would you do security differently if you knew you were going to be hacked? Security Challenges Changing
More informationNew methods to protect the network. Deeper visibility with Cisco NGFW Next Generation Firewall
New methods to protect the network. Deeper visibility with Cisco NGFW Next Generation Firewall Claudiu Onisoru, Senior Network Specialist Cisco Connect - 15 May 2014 1 Agenda Frontal Communication: Who
More informationUser Identity Sources
The following topics describe Firepower System user identity sources, which are sources for user awareness. These users can be controlled with identity and access control policies: About, page 1 The User
More informationPassit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers
Passit4Sure.500-265 (50Q) Number: 500-265 Passing Score: 800 Time Limit: 120 min File Version: 5.8 Cisco 500-265 Advanced Security Architecture for System Engineers Today is big day for me as I passed
More informationManaged Endpoint Defense
DATA SHEET Managed Endpoint Defense Powered by CB Defense Next-gen endpoint threat detection and response DEPLOY AND HARDEN. Rapidly deploy and optimize endpoint prevention with dedicated security experts
More informationConfiguring High Availability (HA)
4 CHAPTER This chapter covers the following topics: Adding High Availability Cisco NAC Appliance To Your Network, page 4-1 Installing a Clean Access Manager High Availability Pair, page 4-3 Installing
More informationCisco Security Enterprise License Agreement
Cisco Security Enterprise License Agreement Deploy Software and Technology more easily The Cisco Security Enterprise Licensing Agreement (ELA) gives you a simpler way to manage your licenses. And it saves
More informationModern attacks and malware
Modern attacks and malware Everything starts with an email and web Dragan Novakovic Cisco Systems New Cyber Threat Reality Your environment will get breached You ll most likely be infected via email Hackers
More informationSDN Security BRKSEC Alok Mittal Security Business Group, Cisco
SDN Security Alok Mittal Security Business Group, Cisco Security at the Speed of the Network Automating and Accelerating Security Through SDN Countering threats is complex and difficult. Software Defined
More informationFile Policies and Advanced Malware Protection
The following topics provide an overview of file control, file policies, file rules, AMP cloud connections, and dynamic analysis connections. About, on page 1 File Control and Cisco AMP Basics, on page
More informationA Unified Threat Defense: The Need for Security Convergence
A Unified Threat Defense: The Need for Security Convergence Udom Limmeechokchai, Senior system Engineer Cisco Systems November, 2005 1 Agenda Evolving Network Security Challenges META Group White Paper
More informationCisco ASA with FirePOWER Services
Data Sheet with FirePOWER Meet the industry s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco ASA with FirePOWER delivers
More informationThe Future of Threat Prevention
The Future of Threat Prevention Bricata is the leading developer of Next Generation Intrusion Prevention Systems (NGIPS) technology, providing innovative, disruptive, high-speed, high-performance network
More informationSourcefire Network Security Analytics: Finding the Needle in the Haystack
Sourcefire Network Security Analytics: Finding the Needle in the Haystack Mark Pretty Consulting Systems Engineer #clmel Agenda Introduction The Sourcefire Solution Real-time Analytics On-Demand Analytics
More informationASACAMP - ASA Lab Camp (5316)
ASACAMP - ASA Lab Camp (5316) Price: $4,595 Cisco Course v1.0 Cisco Security Appliance Software v8.0 Based on our enhanced FIREWALL and VPN courses, this exclusive, lab-based course is designed to provide
More informationLicensing the Firepower System
The following topics explain how to license the Firepower System. About Firepower Feature Licenses, on page 1 Service Subscriptions for Firepower Features, on page 2 Smart Licensing for the Firepower System,
More informationNew Features and Functionality
This section describes the new and updated features and functionality included in Version 6.2.1. Note that only the Firepower 2100 series devices support Version 6.2.1, so new features deployed to devices
More informationProtection - Before, During And After Attack
Advanced Malware Protection for FirePOWER TM BENEFITS Continuous detection of malware - immediately and retrospectively Inline detection of sophisticated malware that evades traditional network protections
More informationFireSIGHT Virtual Installation Guide
Version 5.3.1 July 17, 2014 THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL
More information