Cisco Firepower NGFW. Anticipate, block, and respond to threats

Similar documents
Cisco Firepower NGFW. Anticipate, block, and respond to threats

Cisco Comstor

Global vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Secure solutions for advanced threats

Fully Integrated, Threat-Focused Next-Generation Firewall

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

The Internet of Everything is changing Everything

Agile Security Solutions

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

Cisco ASA 5500-X NGFW

Passit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Cisco Security Exposed Through the Cyber Kill Chain

Business Resiliency Through Superior Threat Defense

Cisco Ransomware Defense The Ransomware Threat Is Real

Cisco Advanced Malware Protection against WannaCry

Cisco Advanced Malware Protection. May 2016

Modern attacks and malware

Cisco ASA with FirePOWER Services

Intelligent Cyber Security for Real World

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK

Licensing the Firepower System

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Service Provider Security Architecture

Cisco Firepower Thread Defence. Claudiu Boar

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

Stop Threats Before They Stop You

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Chapter 1: Content Security

Licensing the Firepower System

The Internet of Everything is changing Everything

Cisco s Appliance-based Content Security: IronPort and Web Security

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Expert Reference Series of White Papers. Cisco Completes the Security Picture with Sourcefire

Sourcefire and ThreatGrid. A new perspective on network security

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

Cisco NGFW and UTM update Security Expert Call series

Cisco ASA Next-Generation Firewall Services

Cisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339

NGFW Requirements for SMBs and Distributed Enterprises

Implementing Cisco Edge Network Security Solutions ( )

A Pragmatic Approach to HealthCare Security. Hans Mathys CSE, Cybersecurity, Cisco Switzerland

We re ready. Are you?

Licensing the Firepower System

AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment

IBM Security Network Protection Solutions

Design and Deployment of SourceFire NGIPS and NGFWL

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

Simplify Technology Deployments

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Automated Threat Management - in Real Time. Vectra Networks

Cisco Self Defending Network

Easy Setup Guide. Cisco ASA with Firepower Services. You can easily set up your ASA in this step-by-step guide.

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Securing the Software-Defined Data Center

Cloud-Managed Security for Distributed Networks with Cisco Meraki MX

Protecting Your Digital Business: The Case for Next-Generation Intrusion Prevention

RSA INCIDENT RESPONSE SERVICES

Compare Security Analytics Solutions

Threat Centric Network Security

Maximum Security with Minimum Impact : Going Beyond Next Gen

Firewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků

Data Center Security. Fuat KILIÇ Consulting Systems

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Intro to Niara. no compromise behavioral analytics. Tomas Muliuolis HPE Aruba Baltics Lead

RSA INCIDENT RESPONSE SERVICES

Advanced Malware Protection: A Buyer s Guide

Security Experts Webinar

FirePower 2100 NGFW. Elodie Heurtevent Security BDM Commercial. 21 March 2017

An Investment Checklist

IBM Next Generation Intrusion Prevention System

Cisco Advanced Malware Protection for Networks

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

CloudSOC and Security.cloud for Microsoft Office 365

Cisco Advanced Malware Protection for Networks

Key Security Measures to Enable Next-Generation Data Center Transformation

Use Cases. E-Commerce. Enterprise

Best Security and deployment strategies SMB NGFW deployment

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Symantec Ransomware Protection

How to build a multi-layer Security Architecture to detect and remediate threats in real time

Next Generation IPS and Advance Malware Protection. Mahmoud Rabi Consulting Systems Engineer - Security

Snort: The World s Most Widely Deployed IPS Technology

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Security, Internet Access, and Communication Ports

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Comprehensive datacenter protection

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

Security, Internet Access, and Communication Ports

Cisco AMP Solution. Rene Straube CSE, Cisco Germany January 2017

Cisco Advanced Malware Protection for Endpoints. Donald J Case BizCare, Inc. Saturday, May 19, 2018

Features and Functionality

Transcription:

Cisco Firepower NGFW Anticipate, block, and respond to threats

Digital Transformation on a Massive Scale 15B Devices Today Attack Surface 500B Devices In 2030 Threat Actors $19T Opportunity Next 10 Years Attack Sophistication Global Cybercrime Market: $450B to $1T

Which dramatically expands what you have to worry about New demands More things Specialized threats Global collaboration Anywhere access BYOD 30% Phishing messages opened by the target across campaigns Source: 2016 Verizon Data Breach Investigations Report Access is tougher to manage Visibility is more elusive Threats are harder to stop

Other next-generation firewalls fix some problems but create new ones They re only app-focused Threat They can t help you once you ve been breached Attack Continuum Threat BEFORE DURING AFTER Threat They re another silo to manage IPS Acceptable use NGFW DDoS Sandbox

Cisco Firepower NGFW is a complete solution Cisco Firepower NGFW Stop more threats Gain more insight Detect earlier, act faster Reduce complexity Get more from your network Threat Focused Fully Integrated

Offering extensive contextual visibility The more you see, the better you can protect Client applications Operating systems Threats Typical IPS Users File transfers Application protocols Web applications C & C Servers Malware Routers & switches Mobile Devices Printers Typical NGFW Network Servers Cisco Firepower NGFW VOIP phones

Features: Firewall & AVC Threat Defense Management Integrations

Firewall & AVC

Provide next-generation visibility into app usage Application Visibility & Control Cisco database 4,000+ apps 180,000+ Micro-apps Prioritize traffic 1 2 Network & users OpenAppID See and understand risks Enforce granular access control Prioritize traffic and limit rates Create detectors for custom apps

Extend AVC to proprietary and custom apps OpenAppID Self-Service Open-Source Easily customize application detectors Detect custom and proprietary apps Share detectors with other users

Uncover hidden threats at the edge SSL decryption engine SSL decryption engine NGIPS AVC Enforcement decisions http://www.%$*#$@#$.com http://www.%$*#$@#$.com http://www.%$&^*#$@#$.com http://www.%$*#$@#$.com http://www.%$*#$@#$.com http://www.%$*#$@#$.com gambling http://www.%$*#$@#$.com http://www.%$*#$@#$.com http://www.%$*#$@#$.com http://www.%$&^*#$@#$.com elicit http://www.%$*#$@#$.com http://www.%$*#$@#$.com Encrypted Traffic Log Decrypt 3.5 Gbps traffic over five million simultaneous flows Inspect deciphered packets Track and log all SSL sessions

Block or allow access to URLs and domains Web controls Filtering 01001010100 00100101101 NGFW Security feeds URL IP DNS Safe Search Cisco URL Database gambling Allow Block Allow Block DNS Sinkhole Category-based Policy Creation Admin Classify 280M+ URLs Filter sites using 80+ categories Manage allow/block lists easily Block latest malicious URLs

Improve traffic control with new features Additional Firewall Features Identity Integration ISE pxgrid VDI Captive Portal Active/Passive NTLM Kerberos True-IP Policy X-Forwarded-For True-Client-IP Custom Headers Target threats accurately Enforce authentication Analyze headers in more depth Rate limiting Rule-based limits Reports QoS rules Tunnel Policy Pre-filtering Priority policy Policy migration Control application usage Block unwanted traffic early

Threat Defense

Understand threat details and quickly respond Next-Generation Intrusion Prevention System (NGIPS) App & Device Data ISE 010111010010 10 010001101 010010 10 10 Blended threats 1 2 Prioritize response Automate policies Block Data packets Communications Network profiling Phishing attacks Innocuous payloads Infrequent callouts 3 Accept Scan network traffic Correlate data Detect stealthy threats Respond based on priority

Uncover hidden threats in the environment Advanced Malware Protection (AMP) File Reputation c File & Device Trajectory AMP for Endpoint Log AMP for Network Log? Known Signatures Fuzzy Fingerprinting Indications of compromise Threat Grid Sandboxing Advanced Analytics Dynamic analysis Threat intelligence Threat Disposition Uncertain Safe Risky Sandbox Analysis Enforcement across all endpoints Block known malware Investigate files safely Detect new threats Respond to alerts

Stop known threats from getting in Security Intelligence URL Based Block risky sites using a classified database of 270 million+ known URLs IP Based Filter out bad IPs using a blacklist of 70,000+ known IPs DNS Based Get real-time threat intelligence based on 80 billion+ daily DNS requests Understand risks using reputation scoring See more through industry-leading research

Get real-time protection against global threats Talos Threat Intelligence Security Coverage Research Response 1.5 million daily malware samples WWW Endpoints Web 250+ Researchers 600 billion daily email messages Networks NGIPS Jan 24 x 7 x 365 Operations 16 billion daily web requests Devices Identify advanced threats Get specific intelligence Catch stealthy threats Stay protected with updates

Management

Easily manage NGFWs across multiple sites Firepower Management Center Centralized management for multi-site deployments Firepower Management Center Multi-domain management Firewall & AVC Role-based access control NGIPS High availability AMP APIs and pxgrid integration Security Intelligence Available in physical and virtual options Manage across many sites Control access and set policies Investigate incidents Prioritize response

Easily manage individual NGFWs Firepower Device Manager Firepower Device Manager Integrated on-box option for single instance deployment Easy set-up Role-based access control High availability Physical and virtual options NAT and Routing Intrusion and Malware prevention Device monitoring VPN support Set up easily Control access and set policies Investigate incidents Prioritize response

Know what and when you need to update Smart Licensing Report Software Services Devices View software, services, and devices in one easy to use portal Activate software automatically Extend licenses automatically Track software usage with regular reports to Cisco

Get help making the transition to Firepower Migration assistance tool Prior ASA appliance Firepower NGFW Policies Settings Groups Policies Settings Groups

Integrations

Ensure compliance before granting access Identity Services Engine (ISE) ISE pxgrid TrustSec BYOD Employee Tag Guest Tag Guest Access Supplier Tag Server Tag Quarantine Tag Suspicious Tag ISE Segmentation Firepower Management Center Propagate User Context Device context Access policies Policy automation Set access control policies Propagate rules and context Establish a secure network Remediate breaches automatically

Build on your solution with an open platform REST APIs and Third-party integration Custom functionality Firepower Management Center Authentication tokens Access control Virtual switch API Explorer Third-party solutions Radware DDoS VDI identity VPN capabilities APIs Augment functionality with third party solutions Integrate custom-built features

Prevent network and application downtime Radware DDoS vdp Cloud scrub Flood Traffic Legitimate Traffic SYN Flood attacks DDoS attacks Nonstandard packet attacks 110101010101000101011011101010010010101010101001010101011101010 010101101010101010001010110111010100100101010101010010101010111 010101001010100101010111010101010100010101101110101001001010101 Network and Applications Maintain up to 30 Gbps throughput for legitimate traffic Handle 140,000 connections per second Block 1,200,000 packets of flood traffic per second Stop attacks within seconds of detection Block or allow traffic automatically

Available in multiple deployment options Physical, virtual, and cloud options AWS Azure Also available as standalone solutions NGIPS only Dedicated AMP And on high-end performance appliances New Appliances Cisco Firepower 4100 Series and 9300 Cisco Firepower Threat Defense on ASA 5500-X Cisco FirePOWER Services on ASA 5585-X

Use cases

Secure your company s internet edge I want to DNS Sinkhole Security feeds URL IP DNS 0110110010101001010100 0010010110100101101101 Dynamic and Static NAT High Availability High Bandwidth SSL Decryption Engine AVC NGIPS AMP file inspection AMP Threat Grid DNS www @ $ % * # Allow Block DMZ Stop threats at the edge, find and fix breaches, and increase throughput. Internet Firewall Private Network

Protect your data center at the edge I want to Prepare Secure Define policies Uncover threats Respond Remediate HR Security feeds URL IP DNS 0110110010101001010100 0010010110100101101101 TrustSec High Availability High Bandwidth SSL Decryption Engine AVC NGIPS AMP file inspection AMP Threat Grid Clustering Support for North-South and East-West traffic Financial data Finance $ % * # Allow Block HR data DevOps In-house app Reduce the company s attack surface and detect data center threats. Data Center Edge Firewall Data Center Network

Keep threats out of campus security domains I want to Firewall Security feeds URL IP DNS 0110110010101001010100 0010010110100101101101 SSL Decryption Engine $ % * # AVC Allow Block NGIPS AMP file inspection AMP Threat Grid Apps www Database TrustSec Apps www Database Protect against threats while meeting campus bandwidth demands. Data Center Edge Core Campus Distribution Access Layer

Enforce acceptable use within the organization I want to Reputation scoring www 4000+ web and inhouse applications www Filter unwanted URLs SSL Decryption Engine $ % * # www Decrypt hidden traffic User identity Partial Block Allow 1 2 Stop risky web traffic, control application use, and allocate bandwidth. and additional custom applications Gambling Application Block Define access control Firewall Prioritize Traffic Network

Defend the network with Rapid Threat Containment I want to www Firepower Management Center ISE pxgrid Alerts Receive alert of intrusion event Issue quarantine command pxgrid Alerts TrustSec Isolate compromised resources quickly before the problem grows. Automatic Isolation Quarantine Tag Employee Tag Supplier Tag Guest Tag Quarantine Tag

Only Cisco delivers Threat Focused Fully Integrated Stop more threats Gain more insight Detect earlier, act faster Reduce complexity Get more from your network superior protection and visibility to address new demands, more things, and specialized threats

The results speak for themselves 17.5 hours Average time to detection with Cisco security 100 days Industry average time to detection Source: Cisco Annual Security Report 2016

How to benefit from our Free Risk Assessment? Cisco Threat Scan Proof of Value Programme With this offer, you will: Gain valuable information on your network including critical attacks Reduce risk and make security a growth engine for your business This offer is valid through December 29 th, 2016 in Austria, Belgium, Denmark, Finland, France, Germany, Ireland, Italy, Luxemburg, Netherlands, Norway, Spain, Sweden, Switzerland and United Kingdom. For more information and to request a Threat Scan POV, go to www.cisco.com/go/threatscanpov

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback