Secure solutions for advanced threats

Similar documents
Modern attacks and malware

Cisco and Web Security News

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Security Hands-On Lab

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Cisco Firepower NGFW. Anticipate, block, and respond to threats

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

Cisco Advanced Malware Protection. May 2016

Cisco Advanced Malware Protection

Proteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro

We re ready. Are you?

Security Experts Webinar

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

Cisco s Appliance-based Content Security: IronPort and Web Security

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Avanan for G Suite. Technical Overview. Copyright 2017 Avanan. All rights reserved.

Chapter 1: Content Security

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

Office 365 Buyers Guide: Best Practices for Securing Office 365

Cisco AMP Solution. Rene Straube CSE, Cisco Germany January 2017

How to build a multi-layer Security Architecture to detect and remediate threats in real time

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Cloud Security & Advance Threat Protection. Cloud Security & Advance Threat Protection

Synchronized Security

Security Protection

Cisco Advanced Malware Protection against WannaCry

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Office 365 Integration Guide Software Version 6.7

CloudSOC and Security.cloud for Microsoft Office 365

Using Centralized Security Reporting

Cisco Security Exposed Through the Cyber Kill Chain

Protect Your Endpoint, Keep Your Business Safe. White Paper. Exosphere, Inc. getexosphere.com

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

The Internet of Everything is changing Everything

Symantec Protection Suite Add-On for Hosted Security

Vendor: Cisco. Exam Code: Exam Name: Implementing Cisco Threat Control Solutions. Version: Demo

Seqrite Endpoint Security

Cisco Security: Advanced Threat Defense for Microsoft Office 365

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

Agile Security Solutions

Passit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

PineApp Mail Secure SOLUTION OVERVIEW. David Feldman, CEO

Intelligent Cyber Security for Real World

MODERN DESKTOP SECURITY

Technical Brochure F-SECURE THREAT SHIELD

Symantec Ransomware Protection

On the Surface. Security Datasheet. Security Datasheet

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Sales Training

Advanced Malware Protection: A Buyer s Guide

Cisco Security Enterprise License Agreement

Symantec Endpoint Protection Family Feature Comparison

Cisco Ransomware Defense The Ransomware Threat Is Real

Sophos Central Admin. help

Securing Office 365 with SecureCloud

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

File Reputation Filtering and File Analysis

Trustwave SEG Cloud BEC Fraud Detection Basics

Agenda: Insurance Academy Event

AMP for Endpoints & Threat Grid

Understanding the Pipeline

THE CLOUD SECURITY CHALLENGE:

TrendMicro Hosted Security. Best Practice Guide

Bitdefender GravityZone. Supreme protection against active threats for the SMB market

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

PEOPLE CENTRIC SECURITY THE NEW

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

Annexure E Technical Bid Format

How to Conquer Targeted Threats: SANS Review of Agari Enterprise Protect

Easy Activation Effortless web-based administration that can be activated in as little as one business day - no integration or migration necessary.

Tracking Messages

Securing the Modern Data Center with Trend Micro Deep Security

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

with Advanced Protection

Microsoft Security Management

Agenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options

Cirius Secure Messaging Enterprise Dedicated Cloud

SYMANTEC DATA CENTER SECURITY

Sophos Central Partner. help

Cisco Advanced Malware Protection for Endpoints. Donald J Case BizCare, Inc. Saturday, May 19, 2018

McAfee Total Protection for Data Loss Prevention

McAfee MVISION Cloud. Data Security for the Cloud Era

Competitive Matrix - IRONSCALES vs Alternatives

Stopping Advanced Persistent Threats In Cloud and DataCenters

Put an end to cyberthreats

Securing Office 365 with Symantec

Anti-Spam. Overview of Anti-Spam Scanning

Cisco Comstor

Phishing Discussion. Pete Scheidt Lead Information Security Analyst California ISO

Security Gap Analysis: Aggregrated Results

TABLE OF CONTENTS Introduction: IS A TOP THREAT VECTOR... 3 THE PROBLEM: ATTACKS ARE EVOLVING FASTER THAN DEFENSES...

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

IBM Security Network Protection Solutions

Seamless Security in the Age of Cloud Services: Securing SaaS Applications & Cloud Workloads

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

CipherPost Pro Enterprise Dedicated Cloud

Transcription:

Secure solutions for advanced email threats Threat-centric email security Cosmina Calin Virtual System Engineer November 2016

Get ahead of attackers with threat-centric security solutions In our live Security Experts Webinars discover all the items needed to help set up the best security architecture. What a Next Generation Firewall should be Protect your email and web gateways Advanced Malware Protection ISE/Access Control And many other hot security topics so check our Security Experts Page and register to our upcoming webinars- ww.cisco.com/go/securityexperts

Email is still the #1 threat vector

Phishing leaves businesses on the line Phishing $500M Spoofing Ransomware 30% 94% malicious attachments 1 are opened 1 of phish mail has of phishing messages Loss incurred due to phishing attacks in a year by US companies 2 1 2016 Cisco Annual Security Report 2 2016 Verizon Data Breach Report, Krebs on Security Messages contain attachments and URL s Socially engendered messages are well crafted and specific Credential hooks give criminals access to your systems

Spoofing rates are on the rise Phishing Spoofing 270 % increase 1 $2.3B Ransomware 2015 2016 In losses from spoofing 2013-2015 1 1 FBI Warns of Dramatic Increase in Business email scams, 2016 Forged addresses fool recipients Threat actors extensively research targets Money and sensitive information are targeted

Ransomware attacks are holding companies hostage Phishing Spoofing Ransomware 9,515 users are paying ransoms per month 2 Ransomware represents the biggest jump in occurrences of crimeware 1 $60M Cost to consumers and companies of a single campaign 2 1 2016 Verizon Data Breach Report, Kerbs on Security 2 2016 Cisco Annual Security Report Malware encrypts critical files Locking you out of your own system Extortion demands are being paid

And security is more complex with email moving to the cloud Moving to Office 365 creates new risks Gartner estimates 60% cloud adoption by 2022 1 Access control Data leaks Infections Visibility and Audits 1 Gartner Report Office 365, Google Apps for Work and Other Cloud Office Key Initiative Overview July 2015

Cisco secures your email, cloud or on-premises Reduce threats Support growth Achieve agility

Reduce threats

Cisco Email Security is backed by unrivaled global threat intelligence 100 TB Of Data Received Daily 1.5 MILLION Daily Malware Samples 600 BILLION Daily Email Messages with SenderBase III00II 0II00II 0I0I0I0I 0I I0 I00 000II0 I0I0 0II0 00 III00II 0II00II I0I0II0II0 I0 I0 I00 00I0 I000 0II0 00 III00II 0II00II I0I000 0II0 00I0I00 I0 I000I0I 0II 0I0I0I 00I00 I00I0I II0I0I 0II0I I0I00I0I0 0II0I0II 0I00I0I I0 00 II0III0I 0II0II0I II00I0I0 0I00I0I00 I0I0 I0I0 I00I0I00 II0II0I0I0I I0I0I0I 0I0I0I0I 0I0I00I0 I0I0I0I 0II0I0I0I III00II I000I0I I000I0I I000I0I II 0I00 I0I000 0II0 00 00I I0I0I0 I0I0III000 I0I00I0I 0II0I0 I00I0I0I0I 000 0II00 I00I0I0 0I00I0I I00I0I0 I0I0I0I 0I0I0I 0I0I0I0 00I0I0 0I0I0I0 I0I0I00I 0I0I 0I0I 0I0I I0I0I 0I00I0I 250+ Full Time Threat Intel Researchers MILLIONS Of Telemetry Agents 4 Global Data Centers 16 BILLION Daily Web Requests 24 7 365 Operations Over 100 Threat Intelligence Partners Deploy the world's largest email traffic monitoring network Leverage industry-leading threat analytics

And reduces your exposure to the three main components of an email attack Attachments www.url.com URLs Email content

Attachments Protect against Ransomware Phishing

Cisco protects against threats hidden within attachments Anti-spam Anti-virus Virus Outbreak Filters Advanced Malware Protection (AMP)

It s built with industry-leading spam protection Anti-spam processing / Context Adaptive Scanning Engine (CASE) Cisco Anti-Spam Block Cisco Email Security Who sent the message? What Is the content? How was the message constructed? Where does the call to action take you? Forward O365 Mail Server Quarantine Review sender reputation, URL reputation, and message content Block spam with 99% accuracy with fewer than 1:1M false positives Quarantine suspicious messages for additional review

Block known and zero-day viruses Anti-virus processing Outbreak Filters Block Block Multiple detection methods: Pattern matching Emulation technology Advanced heuristic techniques Forward Zero-Hour Virus and Malware Detection.DOC.EXE.LNK Updates every 12 hours.pdf Quarantine Determine what actions to take on viral messages Real time security updates that prevent new malware Also receive AV Signature updates regularly Quarantine Determine whether anomalies are zero-day threats Scan attachments for known viruses Forward clean emails to additional security checks Defend against zero-day malware

Detect and contain advanced threats quickly Advanced Malware Protection (AMP) architecture AMP Threat Intelligence Cloud Remote Endpoints Private Network Edge Meraki MX ISR w/ FirePOWER Services Cisco ASA w/ FirePOWER Services FirePOWER NGIPS Appliance Threat Grid Malware Analysis Endpoints Private Cloud Virtual Appliance Cloud Email Security and Email Security Appliance CWS CWS and Web Security Appliance Data Center Virtual Windows OS Android Mobile MAC OS CentOS, Red Hat and Linux AnyConnect Leverage threat intelligence and dynamic malware analysis Deploy easily with multiple platform options

Keep tabs on all emails admitted into the environment after analysis Advanced Malware Protection (AMP) File Reputation File Sandboxing File Retrospection? Advanced Analytics Dynamic analysis 560+ indicators.sys.doc.exe.lnk.pdf.scr Unknown Clean Malicious Known Signatures Fuzzy Fingerprinting Indications of compromise Block known malware Investigate files safely Auto-remediate threats in O365 Gain visibility into messages trying to enter the network

Investigate unrecognized attachments safely AMP Threat Grid for Sandboxing Threat Grid Cisco Email Security HTML Email sent to O365 for administered action Office 365 SWF JPG Threat Score: Email delivered PDF Admin Upload unknown files to Threat Grid Examine files with context-driven analysis Receive threat report and score to guide decision making Automatically remediate malware for O365 users

URLs Protect against Ransomware Phishing Spoofing

Cisco protects against disguised hyperlinks Anti-spam Content Filters Outbreak Filters

Control which emails cross the network Content Filters Content Filters Rewrite URL Cisco Cloud Web Proxy Defang / Block BLOCKEDwww.proxy.org BLOCKED URL reputation and categorization Replace with Text This URL is blocked by policy Admin Customize filters in three different ways for additional security Easily enforce business and compliance policies

Email Content Protect against Spoofing Phishing

Cisco defends against human error Anti-spam DMARC, DKIM and SPF Forged Email Detection

SMTP Envelope Protect against spoofing attacks Forged Email Detection Pre-processing Inspects the SMTP envelope address: $ telnet mail-smtp-in.l.mail.com 25 Trying 74.125.206.26... Connected to mail-smtp-in.l.mail.com. Escape character is '^]'. Recipient Domain Compare against Company directory 220 mx.mail.com ESMTP i11si22058766wmh.67 - gsmtp From: Chuck <chuck.robbins@mail.com> Subject: [URGENT] Need help transferring funds HELO mail.outside.com Sending Domain 250 mx.mail.com at your service MAIL FROM:<adam@outside.com> Actual Sender 250 2.1.0 OK i11si22058766wmh.67 - gsmtp RCPT TO:<alan@mail.com> Allison Johnson Barry Smith Chuck Robbins Dave Tucker From: adam@outside.com Subject: {Possibly Forged} [URGENT] Need help transferring funds 250 2.1.5 OK i11si22058766wmh.67 gsmtp Data Post-processing Inspect SMTP envelope for sender address Match sender address against company directory Send appended mail to warn users of potential forgery Record a log of attempts and actions taken

Cisco catches critical data before it leaves the network Data loss prevention Cisco Registered Envelope Service and ZixGateway with Cisco Technology

Protect personal information and IP Data Loss Prevention (DLP) Cisco Email Security Manage policies such as: Specific users Groups Locations Federal compliance State regulations With multi-language support Critical violation: Info redirected and not sent Minor violation: Content sent with encryption Admin Scanned against 100+ predefined DLP policies No violation: Content sent with optional encryption Control what leaves the network and customize policies Scan email content for sensitive information Prevent data exfiltration automatically

Extend security to external communications Cisco Registered Envelope Service (CRES) CRES Sender controls Cisco Email Security Push Open attachment & confirm identity Scan messages for keywords, policies, and sender Apply authentication mechanisms to access encryption keys Maintain control over your sent messages

Achieve agility

Understand the health of your system Unified business reporting 00I0I0 0I0I0I0 I0I0I00I 0I0I 0I0I 0I0I I0I0I 0I00I0I II0II0I0I0I I0I0I0I 0I0I0I0I 0I0I00I0 I0I0I0I 0II0I0I0I III00II I000I0I I000I0I I000I0I II 0I00 I0I000 0II0 00 00I I0I0I0 I0I0III000 I0I00I0I 0II0I0 I00I0I0I0I 000 0II00 I00I0I0 0I00I0I I00I0I0 I0I0I0I 0I0I0I 0I0I0I0 00I0I0 0I0I0I0 I0I0I00I 0I0I 0I0I 0I0I I0I0I 0I00I0I Cisco Email Security 0II00 I00I0I0 0I00I0I I00I0I0 I0I0I0I 0I0I0I 0I0I0I0 See details around: Email Threats Malicious Attachments Email Volume Spam Counters Policy Violations Virus Reports Outgoing Email Data Reputation Service System Health View Access data from the cloud to create consolidated reports Reduce investigations and response times Identify trends with scheduled and ad-hoc reporting

Support growth

Deploy the configuration that works best for you Cloud Hybrid On Premises

Cisco delivers superior protection and visibility to specialized threats Reduce threats Support growth Achieve agility with advanced protection with availability and assurance through operational efficiency

Demo

With this offer, you will: Gain valuable information on your network including critical attacks Reduce risk and make security a growth engine for your business This offer is valid through December 29 th, 2016 in Austria, Belgium, Denmark, Finland, France, Germany, Ireland, Italy, Luxemburg, Netherlands, Norway, Spain, Sweden, Switzerland and United Kingdom. For more information and to request a Threat Scan POV, go to www.cisco.com/go/threatscanpov

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback