Securing Cisco s Network
|
|
- Katherine Griffith
- 6 years ago
- Views:
Transcription
1
2 Securing Cisco s Network Inside Cisco IT Simon Finn, Solutions Architect, Information Security Oisin MacAlasdair, Member of Technical Staff, Information Technology
3 Agenda Cisco Landscape Trends Changing the Security Landscape Architecture Overview Major Programs Data Center Security Application Centric Infrastructure (ACI) Context aware networking ISE
4 Cisco Enterprise and What We Must Protect 400+ cloud/asp providers used (officially) 294 partners using 547 IT extranet connections into Cisco 110k Workforce 165 Countries ~3M IP Addresses IT Applications 215,000 Infra Devices 275,000 Total Hosts 1820 Labs 160+ Acquisitions 312 sites, 450+ buildings 42 Data Centers 16 major Internet connections, ~32 TB bandwidth used daily ~3TB Network Data collected p/day 5,400 Routers, 5,300 Switches 27,000 Home routers 4
5 Trends Elevating the Importance of Security BYOD / Mobile SaaS / Cloud Externalizing Data & Apps Collaboration / Social / Data Analytics Advanced Threats Regulations 5
6 The Threats are Evolving Industry Posture BRKSEC Next Unprotected desktops Unmanaged desktops Malware Worms Rapidly changing and proliferating Network Behavior Disruptive Compromised hosts remotely controlled 2013 Cisco and/or its affiliates. All rights reserved. Proliferating device types Sophisticated Opaquely compromised hosts exfiltrate sensitive data Threat Depth Annoyance Individual host Sensitive infrastructure Industry Response Deploy AV 1) Deploy HIPS 2) Detect botnets via IDS 1) Detect via reputation 2) Automate prevention 3) Detect via behaviour Cisco Public Cloud-connected ecosystem Beyond Windows Hidden in and social networking Embedded 1) Augment detection with intel 2) Detect via precursors 3) Diversify intelligence and methods
7 Transformational Principles Perspectives about security have changed It s a roadblock Security enables the business It s not my problem Everyone needs to own security Technology metamorphoses Disjointed point solutions Integrated architectural play Physical infrastructure slow to change Virtual infrastructure flexible, dynamic, change-ready The office contains all my stuff My mobile devices are my office (Data, Apps, Voice) Video) Architecture approach has changed Perimeters as the control point Identity is the new perimeter Focus on protecting the infrastructure Focus on protecting the data Capabilities not tightly aligned Services, Service Categories, Service Offerings The threats have changed Individuals Hactivism Disparate groups Nation State Capture individual users data Gain access to your Data (and your customer s data)
8 Architecture driving current and future investments IT GOVERNANCE SECURITY OPERATIONS Service Security Prime Role Governance Decision Making Model Next Generation Policies GOVERNANCE Security-IT OM Integration Unified Security Metrics (USM) Operational Security Excellence Policy IDENTITY AND ACCESS Enforcement (Control) KEY CAPABILITIES AND SERVICES SECURE INFRA Compliance (Visibility) DATA SECURITY Foundational SSOT Identity Federated Identity Fine Grain Access Policy Mgmt Strong, Multifactor Authentication Device Profiling, Registration and Posture Assessment Contextual Network/App Access DC Zone Segmentation Data Inventory Data Ownership & Accountability Data Visibility and Control Data Monitoring CAPTURE, DETECT AND CONTAIN Data Collection Anomaly Detection Forensic Analysis 8
9 Security Accountability Metrics Model Service Security Accountability Service Owner Vulnerabilities & Performance Service Execs Unified Service Metrics CIO 99% of all Compromises required moderate-tolittle sophistication Verizon Breach Report Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
10 Security Analytics Detect Detection Tools Collect Logs and Telemetry IDS Lancope Advanced Malware Blackhole ACL s Syslog DNS WSA Netflow Analyze Playbook Mitigate Remediate SDN Intelligence Industry Intelligence ACI Cisco Law Enforcement BRKRST-2640 Partners 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 10
11 Policy Managed Network BRKRST Cisco and/or its affiliates. All rights reserved. Cisco Public 11
12 Defining and Applying Network Policy: Today vs ACI App Sec Net Define policy Today ACI App Sec Net Controller Define policy Net Net Translate policy Instantiate policy } Weeks permit tcp host XX.XXX.X.XXX host XX.XX.XX.XX eq www permit tcp host XX.XXX.X.XXX host XX.XXX.X.XXX eq 443 permit tcp host XX.XXX.X.XXX host XX.XXX.X.XXX eq permit tcp host XX.XXX.X.XXX host XX.XXX.X.XXX eq www permit tcp host XX.XXX.X.XXX host XX.XXX.X.XXX eq 443 permit tcp host XX.XXX.X.XXX host XX.XXX.X.XXX eq permit tcp XX.XXX.X.XXX host XX.XXX.X.XXX eq www Minutes EPG: DB EPG: App Application-centric networking C } Faster Instantiation Better Visibility Tenant Application Network Profile Translate policy Instantiate policy C EPG: Web Portability Re-Usability 12
13 Why Single Fabric? Save on capital and operational costs of physically separate DC environments for DMZ and internal (and potentially other security perimeters) Enable automation and other benefits across the board that ACI is attempting to bring Faster application deployment Application health score Lower complexity for orchestration Larger resource pools Spare resources available to me moved to where its needed irrespective of domain Greater flexibility Some application architecture visibility enhancements Service chains Application health scores
14 Single Fabric Risks Large fault domain Resilience in product architecture Potential impact from less trusted zones on trusted zones Fabric needs to protect itself from errant nodes/leafs Logical controls being bypassed (previously physical controls) User error, use limited fabric consumer privileges via ARBAC Administrator access too broad, use granular administrative controls Malicious user, need trust in logical controls, auditing
15 The Context Aware Network
16 Why now? Evolution of the borderless enterprise 400 Cisco sites => 29,000+ (including CVO) Persistent endpoint connectivity with AnyConnect Work is no longer somewhere you go. It s something you do Emergence of cloud computing Location of data no longer fixed Mixture of internal & external cloud services & data repositories BYOD & proliferation/commoditization of endpoints
17 Cisco s current device landscape (Dec 31, 2013) 122,694 79,969 7,943 34,782 Corporate Provided Laptops (CYOD) 67,663 Personally Owned Mobile Devices 16,688 35,251 14,309 4, Other 894 (BYOD)
18 Identity and Context Identity Context Access + Device = Location Job Role
19 Why the Context Aware Network? Identity is the new perimeter and Device is the new office Old model relying upon hardened and clearly defined perimeter no longer viable or secure Users are productive based on their endpoint, not only their location No access layer security on our LAN Particularly concerning in IP Control Zones (ICZ); ie, heightened risk geographies No visibility of users or devices No ability to confirm compliance ( posture validation ) ISE allows us to manage access to Network via 802.1X (ie, user s identity) Locations or zones via Secure Group Access (ie, user s role) Data or applications Enables entire future network access strategy Trusted Device Standard etc
20 The four stages of the journey Identity of a device on the network Quantify the risk 1. Profiling 2. Authentication User and end device attribution Identification of end points on Wireless connections Device security posture identification Allows for better policy & security decisions 3. Posture 4. Enforcement Ability to enforce policy decisions based on context Untrusted devices have restricted access ISE 1.2 Profiling ISE X ISE X Auth Mode MDM ISE X Auth Mode MDM FY13/14 FY14 FY15 FY16
21 Cisco IT are delivering multiple capabilities with ISE ION Restrict unauthorized devices & users to Internet access only Profiling Ability to identify users and devices on our network Endpoint Protection Protect the network from infected devices Access Control Authentication on wired & wireless networks BYOD Support Trusted Device Standard and enable BYOD
22 Cisco IT deployment lessons learned Avoid the Big Bang Too many new capabilities to enable in a single deployment. ISE Deployment Bundle model Capabilities have been grouped into bundles to enable targeted & manageable deployments Multiple clusters consolidated Partner with the business and tailor deployment to use single cluster where possible Start with one cluster and add more if necessary Global Infrastructure Foundation Deploy global VM infrastructure and ISE servers first Enable features (based on ISE Deployment Bundles ) theatre by theatre ION enabled and deployed globally
23 Q2 FY14 Q3 FY14 Q4 FY14 Q1 FY15 Q2 FY15 Q3 FY15 Q4 FY15 Nov Dec Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul ION EPS Pilot (China ICZ, EIC) Global Profiling (Global) 802.1X Monitor Mode (Global) 802.1X Auth Mode (Global Wireless) 802.1X Auth Mode (ICZ s) 802.1X Auth Mode (ROW) CVO Auth on ISE (Global) Current Challenges Platform OS support Scalability MDM integration Upcoming enhancements Scalability improvements Guest enhancements REST API enhancements
24 Q & A
25 Complete Your Online Session Evaluation Give us your feedback and receive a Cisco Live 2014 Polo Shirt! Complete your Overall Event Survey and 5 Session Evaluations. Directly from your mobile device on the Cisco Live Mobile App By visiting the Cisco Live Mobile Site Visit any Cisco Live Internet Station located throughout the venue Polo Shirts can be collected in the World of Solutions on Friday 21 March 12:00pm - 2:00pm Don t forget to activate your Cisco Live 365 account for access to all session material, communities, and on-demand and live activities throughout the year. Log into your Cisco Live portal and click the "Enter Cisco Live 365" button. 25
26
Pervasive Security Accelerator
Pervasive Security Accelerator 2 Agenda Pervasive Security Accelerator Why-Trends & Opportunities Transformational Principles Charter & Goals Architecture Use Case: Engineering Governance & Operating Model
More informationSDN Security BRKSEC Alok Mittal Security Business Group, Cisco
SDN Security Alok Mittal Security Business Group, Cisco Security at the Speed of the Network Automating and Accelerating Security Through SDN Countering threats is complex and difficult. Software Defined
More informationMAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER
MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER Bret Hartman Cisco / Security & Government Group Session ID: SPO1-W25 Session Classification: General Interest 1 Mobility Cloud Threat Customer centric
More informationEvolution of Data Center Security Automated Security for Today s Dynamic Data Centers
Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers Speaker: Mun Hossain Director of Product Management - Security Business Group Cisco Twitter: @CiscoDCSecurity 2 Any
More informationBorderless Networks. Tom Schepers, Director Systems Engineering
Borderless Networks Tom Schepers, Director Systems Engineering Agenda Introducing Enterprise Network Architecture Unified Access Cloud Intelligent Network & Unified Services Enterprise Networks in Action
More informationSecurity Challenges and
Security Challenges and Opportunities for IoE Becoming an IoE Ready Organization Steve Martino, Chief Information Security Officer, Cisco Lokesh Sisodiya, President, ISC2, East Bay Chapter Cisco Public
More informationCisco Cyber Threat Defense Solution 1.0
Cisco Cyber Threat Defense Solution 1.0 Contents 1. Introduction to the Cisco Cyber Threat Defense Solution 1.0 2. Technical overview of the Cisco Cyber Threat Defense Solution 1.0 3. Using the Cisco Cyber
More informationPrivilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer
Privilege Security & Next-Generation Technology Morey J. Haber Chief Technology Officer mhaber@beyondtrust.com Agenda The Next-Gen Threat Landscape o Infomatics, Breaches & the Attack Chain o Securing
More informationCisco Cyber Range. Paul Qiu Senior Solutions Architect
Cisco Cyber Range Paul Qiu Senior Solutions Architect Cyber Range Service A platform to experience the intelligent Cyber Security for the real world What I hear, I forget What I see, I remember What I
More informationDEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise
DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS Security Without Compromise CONTENTS INTRODUCTION 1 SECTION 1: STRETCHING BEYOND STATIC SECURITY 2 SECTION 2: NEW DEFENSES FOR CLOUD ENVIRONMENTS 5 SECTION
More informationHow a Programmable Network and SDN Help Solve Critical Security Infrastructure Requirements
How a Programmable Network and SDN Help Solve Critical Security Infrastructure Requirements Session ID 18PT John Manville, SVP Global Infrastructure Services Steve Martino, VP Chief Information Security
More informationThe Internet of Everything is changing Everything
The Internet of Everything is changing Everything Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization Changing Business Models Any Device
More informationCisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002
Cisco Cloud Architecture with Microsoft Cloud Platform Peter Lackey Technical Solutions Architect PSOSPG-1002 Agenda Joint Cisco and Microsoft Integration Efforts Introduction to CCA-MCP What is a Pattern?
More informationSTRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview
STRATEGIC WHITE PAPER Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview Abstract Cloud architectures rely on Software-Defined Networking
More informationCisco Software-Defined Access
F Cisco Software-Defined ccess What is Cisco Software-Defined ccess? Cisco Software-Defined ccess (SD-ccess) is a central part of the Cisco Digital Network rchitecture (Cisco DN ) solution and represents
More informationBYOD Business year of decision!
Bucharest, Romania April 24, 2013 BYOD Business year of decision! Cisco on Cisco Christoph Nienhaus IT Leader for EMEAR Central - DACH 2011 2012 Cisco and/or its affiliates. All rights reserved. Cisco
More informationDesign and Deployment of SourceFire NGIPS and NGFWL
Design and Deployment of SourceFire NGIPS and NGFWL BRKSEC - 2024 Marcel Skjald Consulting Systems Engineer Enterprise / Security Architect Abstract Overview of Session This technical session covers the
More informationForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.
Real-time Visibility Network Access Control Endpoint Compliance Mobile Security ForeScout CounterACT Continuous Monitoring and Mitigation Rapid Threat Response Benefits Rethink IT Security Security Do
More informationSIEM: Five Requirements that Solve the Bigger Business Issues
SIEM: Five Requirements that Solve the Bigger Business Issues After more than a decade functioning in production environments, security information and event management (SIEM) solutions are now considered
More informationSpeaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec
SIE3197BE Secure Your Windows 10 and Office 365 Deployment with VMware Security Solutions Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel #VMworld #SIE3197BE Speaker Introduction
More informationCisco Digital Network Architecture The Network Enables Digital Business. Rene Andersen Cisco DK
Cisco Digital Network Architecture The Network Enables Digital Business Rene Andersen Cisco DK IT Priorities for Digital Transformation Faster Innovation Slow IT processes Technology innovation speed Only
More informationThe Need In today s fast-paced world, the growing demand to support a variety of applications across the data center and help ensure the compliance an
Solution Overview Cisco ACI and AlgoSec Solution: Enhanced Security Policy Visibility and Change, Risk, and Compliance Management With the integration of AlgoSec into the Cisco Application Centric Infrastructure
More informationModelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer
Modelos de Negócio na Era das Clouds André Rodrigues, Cloud Systems Engineer Agenda Software and Cloud Changed the World Cisco s Cloud Vision&Strategy 5 Phase Cloud Plan Before Now From idea to production:
More informationCisco Cloud Security. How to Protect Business to Support Digital Transformation
Cisco Cloud Security How to Protect Business to Support Digital Transformation Dragan Novakovic Cybersecurity Consulting Systems Engineer January 2018. Security Enables Digitization Digital Disruption,
More informationEnhancing the Cybersecurity of Federal Information and Assets through CSIP
TECH BRIEF How BeyondTrust Helps Government Agencies Address Privileged Access Management to Improve Security Contents Introduction... 2 Achieving CSIP Objectives... 2 Steps to improve protection... 3
More informationAKAMAI CLOUD SECURITY SOLUTIONS
AKAMAI CLOUD SECURITY SOLUTIONS Whether you sell to customers over the web, operate data centers around the world or in the cloud, or support employees on the road, you rely on the Internet to keep your
More informationOrchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud
Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud 2 Orchestrate the Cloud Infrastructure Business Drivers for Cloud Long Provisioning Times for New Services o o o Lack
More informationTransforming the Network for the Digital Business
Transforming the Network for the Digital Business Driven by Software Defined Platforms Hugo Padilla Prad Enterprise Networks Digital Acceleration Team CCIE Emeritus #12444 Cisco Forum Kiev, November 14
More informationSYMANTEC DATA CENTER SECURITY
SYMANTEC DATA CENTER SECURITY SYMANTEC UNIFIED SECURITY STRATEGY Users Cyber Security Services Monitoring, Incident Response, Simulation, Adversary Threat Intelligence Data Threat Protection Information
More informationEM L01 Introduction to Mobile
EM L01 Introduction to Scott Jareo Principal Field Enablement Mgr. 1 Agenda 1 Welcome and Introduction 2 Overview 3 Lab Exercises 4 Resources and Conclusion 2 Leading Concerns In Enterprise Mobility Discussions
More informationNext Generation Authentication
Next Generation Authentication Bring Your Own security impact Dominique Dessy Sr. Technology Consultant 1 2012 DIGITAL UNIVERSE 1.8 ZETTABYTES 1,800,000,000,000,000,000,000 2 $ 3 4 Threat Landscape 60%
More informationWhy Most IoT Projects Fail And how to ensure success with OSIsoft and Cisco Kinetic
Why Most IoT Projects Fail And how to ensure success with OSIsoft and Cisco Kinetic Presented by Stephen Friedenthal, IoT Solutions Architect About Cisco Systems, Inc. San Fran Companies want to derive
More informationHOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS
HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS Danielle M. Zeedick, Ed.D., CISM, CBCP Juniper Networks August 2016 Today s Objectives Goal Objectives To understand how holistic network
More information2013 InterWorks, Page 1
2013 InterWorks, Page 1 The BYOD Phenomenon 68% of devices used by information workers to access business applications are ones they own themselves, including laptops, smartphones, and tablets. IT organizations
More informationIntelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales
Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales The Industrialization of Hacking Sophisticated Attacks, Complex Landscape Hacking Becomes an Industry Phishing,
More informationHow to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption
How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption Nikos Mourtzinos, CCIE #9763 Cisco Cyber Security Sales Specialist April 2018 New
More informationOptimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution
DATASHEET Optimizing Pulse Secure Access Suite with Pulse Secure Virtual Application Delivery Controller solution Features & Benefits Best-in-class VPN and vadc solutions A single point of access for all
More informationA Unified Threat Defense: The Need for Security Convergence
A Unified Threat Defense: The Need for Security Convergence Udom Limmeechokchai, Senior system Engineer Cisco Systems November, 2005 1 Agenda Evolving Network Security Challenges META Group White Paper
More informationDocker and HPE Accelerate Digital Transformation to Enable Hybrid IT. Steven Follis Solutions Engineer Docker Inc.
Docker and HPE Accelerate Digital Transformation to Enable Hybrid IT Steven Follis Solutions Engineer Docker Inc. Containers are the Fastest Growing Cloud Enabling Technology Title source: 451 Research
More informationPartner Webinar. AnyConnect 4.0. Rene Straube Cisco Germany. December 2014
Partner Webinar AnyConnect 4.0 Rene Straube Cisco Germany December 2014 Agenda Introduction to AnyConnect 4.0 New Licensing Scheme for AnyConnect 4.0 How to migrate to the new Licensing? Ordering & Migration
More informationCybersecurity Roadmap: Global Healthcare Security Architecture
SESSION ID: TECH-W02F Cybersecurity Roadmap: Global Healthcare Security Architecture Nick H. Yoo Chief Security Architect Disclosure No affiliation to any vendor products No vendor endorsements Products
More informationNetwork Visibility and Segmentation
Network Visibility and Segmentation 2019 Cisco and/ or its affiliates. All rights reserved. Contents Network Segmentation A Services Approach 3 The Process of Segmentation 3 Segmentation Solution Components
More informationSIEM Solutions from McAfee
SIEM Solutions from McAfee Monitor. Prioritize. Investigate. Respond. Today s security information and event management (SIEM) solutions need to be able to identify and defend against attacks within an
More informationForeScout ControlFabric TM Architecture
ForeScout ControlFabric TM Architecture IMPROVE MULTI-VENDOR SOLUTION EFFECTIVENESS, RESPONSE AND WORKFLOW AUTOMATION THROUGH COLLABORATION WITH INDUSTRY-LEADING TECHNOLOGY PARTNERS. The Challenge 50%
More informationThreat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ
Threat Containment and Operations Yong Kwang Kek, Director of Presales SE, APJ 2018-07-19 1 1 2017 Infoblox Inc. All Rights 2013 Infoblox Inc. All Reserved. Rights Reserved. Three Aspects of Security #1
More informationRSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief
RSA Solution Brief The RSA Solution for VMware View: Managing Securing the the Lifecycle Virtual of Desktop Encryption Environment Keys with RSA Key Manager RSA Solution Brief 1 According to the Open Security
More informationTitle DC Automation: It s a MARVEL!
Title DC Automation: It s a MARVEL! Name Nikos D. Anagnostatos Position Network Consultant, Network Solutions Division Classification ISO 27001: Public Data Center Evolution 2 Space Hellas - All Rights
More informationIntroducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer
Introducing Secure Access for the Next Generation Bram De Blander Sales Engineer bdeblander@pulsesecure.net What CIOs are asking Mobility Cloud Apps IoT Is our firewall security and EMM system good enough?
More informationCloud Essentials for Architects using OpenStack
Cloud Essentials for Architects using OpenStack Course Overview Start Date 5th March 2015 Duration 2 Days Location Dublin Course Code SS15-13 Programme Overview Cloud Computing is gaining increasing attention
More informationalign security instill confidence
align security instill confidence cyber security Securing data has become a top priority across all industries. High-profile data breaches and the proliferation of advanced persistent threats have changed
More informationCisco Unified Data Center Strategy
Cisco Unified Data Center Strategy How can IT enable new business? Holger Müller Technical Solutions Architect, Cisco September 2014 My business is rapidly changing and I need the IT and new technologies
More informationIdentity Based Network Access
Identity Based Network Access Identity Based Network Access - Agenda What are my issues Cisco ISE Power training What have I achieved What do I want to do What are the issues? Guest Student Staff Contractor
More informationEvolution of the Data Center
Cisco on Cisco Evolution of the Data Center Global Cloud Strategy & Tetration John Manville, SVP, Cisco IT Jon Woolwine, Distinguished Engineer, Cisco IT Benny Van de Voorde, Principal Engineer, Cisco
More informationTo the Designer Where We Need Your Help
To the Designer Where We Need Your Help Slide 7 Can you provide a similar high-res image? Slide 15 Can you polish up the content so it s not an eye chart? Slide 21, 22, 23 Can you polish up the content
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More informationBEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE
BEYOND AUTHENTICATION IDENTITY AND ACCESS MANAGEMENT FOR THE MODERN ENTERPRISE OUR ORGANISATION AND SPECIALIST SKILLS Focused on delivery, integration and managed services around Identity and Access Management.
More informationAlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment
BRKPAR-2488 AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment Edy Almer How to Secure and Automate Your Heterogeneous Cisco Environment Yogesh Kaushik, Senior Director Cisco Doug
More informationBorderless Networks - Enabling the Borderless Organization. Michael Rau Vice President, CTO Worldwide Borderless Networks Sales
Borderless Networks - Enabling the Borderless Organization Michael Rau Vice President, CTO Worldwide Borderless Networks Sales Market Transitions Video By 2014 video will be > 91% of global traffic Mission
More informationThe New Enterprise Network In The Era Of The Cloud. Rohit Mehra Director, Enterprise Communications Infrastructure IDC
The New Enterprise Network In The Era Of The Cloud Rohit Mehra Director, Enterprise Communications Infrastructure IDC Agenda 1. Dynamics of the Cloud Era 2. Market Landscape 3. Implications for the new
More informationThe threat landscape is constantly
A PLATFORM-INDEPENDENT APPROACH TO SECURE MICRO-SEGMENTATION Use Case Analysis The threat landscape is constantly evolving. Data centers running business-critical workloads need proactive security solutions
More informationDelivering a Secure BYOD Solution with XenMobile MDM and Cisco ISE
Delivering a Secure BYOD Solution with XenMobile MDM and Cisco ISE Bhumik Patel Solutions Architect, Citrix Systems May 21 st 2013 App Complete Enterprise Mobility Business Apps Productivity and Collaboration
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationThe Context Aware Network A Holistic Approach to BYOD
The Context Aware Network A Holistic Approach to BYOD Trends Bring Your Own Device BYOD at Cisco Cisco BYOD Solution Use Cases Summary Trends #CiscoPlusCA Demand for Mobility 15 billion new networked mobile
More informationChanging face of endpoint security
Changing face of endpoint security S A N T H O S H S R I N I V A S A N C I S S P, C I S M, C R I S C, C E H, C I S A, G S L C, C G E I T D I R E C T O R S H A R E D S E R V I C E S, H C L T E C H N O L
More informationTHE NETWORK. INTUITIVE. Powered by intent, informed by context. Rajinder Singh Product Sales Specialist - ASEAN August 2017
THE NETWORK. INTUITIVE. Powered by intent, informed by context. Rajinder Singh Product Sales Specialist - ASEAN August 2017 The Network. Intuitive. Constantly learning, adapting and protecting. L E A R
More informationThe Case for Pervasive Security in a Multicloud World. Marisa Chancellor Sr. Director, Information Security March, 27, 2018
The Case for Pervasive Security in a Multicloud World Marisa Chancellor Sr. Director, Information Security March, 27, 2018 The new Multicloud world Anytime cloud access keeps us productive SaaS applications
More informationMicrosoft Security Management
Microsoft Security Management MICROSOFT SECURITY MANAGEMENT SECURITY MANAGEMENT CHALLENGES Some large financial services organizations have as many as 40 or more different security vendors inside their
More informationBoston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018
Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security BRANDEIS UNIVERSITY PROFESSOR ERICH SCHUMANN MAY 2018 1 Chinese military strategist Sun Tzu: Benchmark If you know your
More informationChallenges 3. HAWK Introduction 4. Key Benefits 6. About Gavin Technologies 7. Our Security Practice 8. Security Services Approach 9
HAWK Overview Agenda Contents Slide Challenges 3 HAWK Introduction 4 Key Benefits 6 About Gavin Technologies 7 Our Security Practice 8 Security Services Approach 9 Why Gavin Technologies 10 Key Clients
More informationCisco Prime for Enterprise Innovative Network Management
Cisco Prime for Enterprise Innovative Network Management Session ID 1 Agenda Network Management Challenges Cisco Prime for Enterprise Overview Service-Centric Foundation Common Operational Attributes Benefits
More informationCisco Connected Factory Accelerator Bundles
Data Sheet Cisco Connected Factory Accelerator Bundles Many manufacturers are pursuing the immense business benefits available from digitizing and connecting their factories. Major gains in overall equipment
More informationSupply Chain Integrity and Security Assurance for ICT. Mats Nilsson
Supply Chain Integrity and Security Assurance for ICT Mats Nilsson The starting point 2 B Internet users 85% Population coverage 5+ B Mobile subscriptions 10 years of Daily upload E-Books surpassing Print
More informationlocuz.com SOC Services
locuz.com SOC Services 1 Locuz IT Security Lifecycle services combine people, processes and technologies to provide secure access to business applications, over any network and from any device. Our security
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationManaging Your Privileged Identities: The Choke Point of Advanced Attacks
Managing Your Privileged Identities: The Choke Point of Advanced Attacks Shirief Nosseir EMEA Alliances Director Identity & API Management Tuesday, 16 May 2017 Agenda Why Privileged Access Management Why
More informationThe Why, What, and How of Cisco Tetration
The Why, What, and How of Cisco Tetration Why Cisco Tetration? With the above trends as a backdrop, Cisco has seen specific changes within the multicloud data center. Infrastructure is changing. It is
More informationInside Cisco IT: Making the Leap to IPv6
Inside Cisco IT: Making the Leap to IPv6 COCRST-2464 COCRST-2464 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 2 IPv6 Sessions BRKRST-1069 BRKRST-2301 BRKRST-2311 BRKSEC-2003 BRKSPG-2604
More informationCisco Secure Access Control
Cisco Secure Access Control Delivering Deeper Visibility, Centralized Control, and Superior Protection Martin Briand - Security Escalation VSE Global Virtual Engineering Oriol Madriles Soriano Security
More informationCisco ACI App Center. One Platform, Many Applications. Overview
White Paper Cisco ACI App Center One Platform, Many Applications Overview Cisco Application Centric Infrastructure (Cisco ACI ) is a comprehensive software-defined networking (SDN) solution designed from
More informationALIENVAULT USM FOR AWS SOLUTION GUIDE
ALIENVAULT USM FOR AWS SOLUTION GUIDE Summary AlienVault Unified Security Management (USM) for AWS is a unified security platform providing threat detection, incident response, and compliance management
More informationThe Road to a Secure, Compliant Cloud
The Road to a Secure, Compliant Cloud The Road to a Secure, Compliant Cloud Build a trusted infrastructure with a solution stack from Intel, IBM Cloud SoftLayer,* VMware,* and HyTrust Technology innovation
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationSay Goodbye to Enterprise IT: Welcome to the Mobile First World. Sean Ginevan, Senior Director, Strategy Infosecurity Europe
Say Goodbye to Enterprise IT: Welcome to the Mobile First World Sean Ginevan, Senior Director, Strategy Infosecurity Europe - 2015 Sean Ginevan Sr. Director, Strategy, MobileIron Linkedin.com/in/sginevan
More informationTransforming Security Part 2: From the Device to the Data Center
SESSION ID: SP01-R11 Transforming Security Part 2: From the Device to the Data Center John Britton Director, EUC Security VMware @RandomDevice The datacenter as a hospital 3 4 5 Digital transformation
More informationDiscover threats quickly, remediate immediately, and mitigate the impact of malware and breaches
Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches Introduction No matter how hard you work to educate your employees about the constant and evolving threats
More informationIntuit Application Centric ACI Deployment Case Study
Intuit Application Centric ACI Deployment Case Study Joon Cho, Principal Network Engineer, Intuit Lawrence Zhu, Solutions Architect, Cisco Agenda Introduction Architecture / Principle Design Rollout Key
More informationBest Practices in Securing a Multicloud World
Best Practices in Securing a Multicloud World Actions to take now to protect data, applications, and workloads We live in a multicloud world. A world where a multitude of offerings from Cloud Service Providers
More informationStop Threats Before They Stop You
Stop Threats Before They Stop You Gain visibility and control as you speed time to containment of infected endpoints Andrew Peters, Sr. Manager, Security Technology Group Agenda Situation System Parts
More informationCisco pxgrid: A New Architecture for Security Platform Integration
Cisco pxgrid: A New Architecture for Security Platform Integration Brian Gonsalves Product Manager #clmel Agenda Cisco pxgrid in Summary pxgrid Use-Cases How to Develop Using pxgrid Getting Started Cisco
More informationCisco Adaptive Wireless Intrusion Prevention System: Protecting Information in Motion
Cisco Adaptive Wireless Intrusion Prevention System: Protecting Information in Motion What You Will Learn The wireless spectrum is a new frontier for many IT organizations. Like any other networking medium,
More informationSecurity by Default: Enabling Transformation Through Cyber Resilience
Security by Default: Enabling Transformation Through Cyber Resilience FIVE Steps TO Better Security Hygiene Solution Guide Introduction Government is undergoing a transformation. The global economic condition,
More informationSOLUTION BRIEF. RiskSense Platform. RiskSense Platform the industry s most comprehensive, intelligent platform for managing cyber risk.
RiskSense Platform RiskSense Platform the industry s most comprehensive, intelligent platform for managing cyber risk. 27 RiskSense, Inc. Executive Summary The RiskSense Platform is a Software-as-a-Service
More informationCisco Network Admission Control (NAC) Solution
Data Sheet Cisco Network Admission Control (NAC) Solution New: Updated to include the Cisco Secure Network Server (SNS) Cisco Network Admission Control (NAC) solutions allow you to authenticate wired,
More informationCisco Hosted Collaboration Solution (HCS) and Cisco Collaboration Cloud
Cisco Hosted Collaboration Solution (HCS) and Cisco Collaboration Cloud Tony Reyes Technical Solutions Architect Chuck Millet - Technical Solutions Architect PSOCOL-1020 Agenda Cisco Hosted Collaboration
More informationAchieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER
Achieving Digital Transformation: FOUR MUST-HAVES FOR A MODERN VIRTUALIZATION PLATFORM WHITE PAPER Table of Contents The Digital Transformation 3 Four Must-Haves for a Modern Virtualization Platform 3
More informationSOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM
SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM OVERVIEW The Verizon 2016 Data Breach Investigations Report highlights that attackers are regularly outpacing the defenders.
More informationSourcefire Network Security Analytics: Finding the Needle in the Haystack
Sourcefire Network Security Analytics: Finding the Needle in the Haystack Mark Pretty Consulting Systems Engineer #clmel Agenda Introduction The Sourcefire Solution Real-time Analytics On-Demand Analytics
More informationAsset Discovery with Symantec Control Compliance Suite WHITE PAPER
Asset Discovery with Symantec Control Compliance Suite WHITE PAPER Who should read this paper: IT Operations IT Security Abstract Know Your Assets, Know Your Risk. A robust and easily managed host discovery
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More information