Cisco Firepower NGFW. Anticipate, block, and respond to threats

Similar documents
Cisco Firepower NGFW. Anticipate, block, and respond to threats

Global vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer

Cisco Comstor

Secure solutions for advanced threats

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Agile Security Solutions

The Internet of Everything is changing Everything

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Business Resiliency Through Superior Threat Defense

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

Cisco Security Exposed Through the Cyber Kill Chain

Cisco ASA 5500-X NGFW

Cisco Ransomware Defense The Ransomware Threat Is Real

Passit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers

Fully Integrated, Threat-Focused Next-Generation Firewall

Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Cisco Advanced Malware Protection against WannaCry

Cisco ASA with FirePOWER Services

Stop Threats Before They Stop You

Cisco Advanced Malware Protection. May 2016

Modern attacks and malware

Chapter 1: Content Security

ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK

Intelligent Cyber Security for Real World

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

The Internet of Everything is changing Everything

Snort: The World s Most Widely Deployed IPS Technology

Implementing Cisco Edge Network Security Solutions ( )

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment

Firewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků

Maximum Security with Minimum Impact : Going Beyond Next Gen

Service Provider Security Architecture

Cisco Firepower Thread Defence. Claudiu Boar

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Compare Security Analytics Solutions

The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Licensing the Firepower System

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Cisco NGFW and UTM update Security Expert Call series

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Sourcefire and ThreatGrid. A new perspective on network security

Cisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339

Automated Threat Management - in Real Time. Vectra Networks

Deploying Intrusion Prevention Systems

Advanced Malware Protection: A Buyer s Guide

Infoblox as Part of the Ecosystem

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

Cisco ASA Next-Generation Firewall Services

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

Automated Response in Cyber Security SOC with Actionable Threat Intelligence

Integrated McAfee and Cisco Fabrics Demolish Enterprise Boundaries

Threat Centric Network Security

Design and Deployment of SourceFire NGIPS and NGFWL

Expert Reference Series of White Papers. Cisco Completes the Security Picture with Sourcefire

AMP for Endpoints & Threat Grid

Cisco Advanced Malware Protection for Networks

Easy Setup Guide. Cisco ASA with Firepower Services. You can easily set up your ASA in this step-by-step guide.

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Proteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro

Key Security Measures to Enable Next-Generation Data Center Transformation

McAfee MVISION Cloud. Data Security for the Cloud Era

Next Generation IPS and Advance Malware Protection. Mahmoud Rabi Consulting Systems Engineer - Security

Simplify Technology Deployments

Cisco Advanced Malware Protection for Networks

NGFW Requirements for SMBs and Distributed Enterprises

ForeScout ControlFabric TM Architecture

An Investment Checklist

We re ready. Are you?

Cisco Cyber Threat Defense Solution 1.0

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Intro to Niara. no compromise behavioral analytics. Tomas Muliuolis HPE Aruba Baltics Lead

Cisco s Appliance-based Content Security: IronPort and Web Security

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

IBM Security Network Protection Solutions

Security, Internet Access, and Communication Ports

Securing the Software-Defined Data Center

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Security, Internet Access, and Communication Ports

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Securing the Modern Data Center with Trend Micro Deep Security

with Advanced Protection

Corrigendum 3. Tender Number: 10/ dated

Cisco Advanced Malware Protection for Endpoints. Donald J Case BizCare, Inc. Saturday, May 19, 2018

THE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson

CloudSOC and Security.cloud for Microsoft Office 365

Licensing the Firepower System

Rethinking Security CLOUDSEC2016. Ian Farquhar Distinguished Sales Engineer Field Lead for the Gigamon Security Virtual Team

A Pragmatic Approach to HealthCare Security. Hans Mathys CSE, Cybersecurity, Cisco Switzerland

Transcription:

Cisco Firepower NGFW Anticipate, block, and respond to threats

You have a mandate to build and secure a network that supports ongoing innovation Mobile access Social collaboration Public / private hybrid cloud Cloud applications IT is now an enabler

Which dramatically expands what you have to worry about New demands More things Specialized threats Global collaboration Anywhere access BYOD 30% Phishing messages opened by the target across campaigns Source: 2016 Verizon Data Breach Investigations Report Access is tougher to manage Visibility is more elusive Threats are harder to stop

Other next-generation firewalls fix some problems but create new ones They re only app-focused Threat They can t help you once you ve been breached Attack Continuum Threat BEFORE DURING AFTER Threat They re another silo to manage IPS Acceptable use NGFW DDoS Sandbox

Cisco Firepower NGFW is a complete solution Cisco Firepower NGFW Stop more threats Gain more insight Detect earlier, act faster Reduce complexity Get more from your network Threat Focused Fully Integrated

Offering extensive contextual visibility The more you see, the better you can protect Client applications Operating systems Threats Typical IPS Users File transfers Application protocols Web applications C & C Servers Malware Routers & switches Mobile Devices Printers Typical NGFW Network Servers Cisco Firepower NGFW VOIP phones

Features: Firewall & AVC Threat Defense Management Integrations

Firewall & AVC

Uncover hidden threats at the edge SSL decryption engine SSL decryption engine NGIPS AVC Enforcement decisions http://www.%$*#$@#$.com http://www.%$*#$@#$.com http://www.%$&^*#$@#$.com http://www.%$*#$@#$.com http://www.%$*#$@#$.com http://www.%$*#$@#$.com gambling http://www.%$*#$@#$.com http://www.%$*#$@#$.com http://www.%$*#$@#$.com http://www.%$&^*#$@#$.com elicit http://www.%$*#$@#$.com http://www.%$*#$@#$.com Encrypted Traffic Log Decrypt 3.5 Gbps traffic over five million simultaneous flows Inspect deciphered packets Track and log all SSL sessions

Block or allow access to URLs and domains Web controls Filtering 01001010100 00100101101 NGFW Security feeds URL IP DNS Safe Search Cisco URL Database gambling Allow Block Allow Block DNS Sinkhole Category-based Policy Creation Admin Classify 280M+ URLs Filter sites using 80+ categories Manage allow/block lists easily Block latest malicious URLs

Provide next-generation visibility into app usage Application Visibility & Control Cisco database 4,000+ apps 180,000+ Micro-apps Prioritize traffic 1 2 Network & users OpenAppID See and understand risks Enforce granular access control Prioritize traffic and limit rates Create detectors for custom apps

Extend AVC to proprietary and custom apps OpenAppID Self-Service Open-Source Easily customize application detectors Detect custom and proprietary apps Share detectors with other users

Pick from many deployment modes Firewall deployment modes Inline or Passive Fail-to-wire NetMods Additional options Inline Routed NetMod 101110 Inline Tap Transparent 101110 Passive Virtual or Physical

Threat Defense

Understand threat details and quickly respond Next-Generation Intrusion Prevention System (NGIPS) App & Device Data ISE 010111010010 10 010001101 010010 10 10 Blended threats 1 2 Prioritize response Automate policies Block Data packets Communications Network profiling Phishing attacks Innocuous payloads Infrequent callouts 3 Accept Scan network traffic Correlate data Detect stealthy threats Respond based on priority

Uncover hidden threats in the environment Advanced Malware Protection (AMP) File Reputation c File & Device Trajectory AMP for Endpoint Log AMP for Network Log? Known Signatures Fuzzy Fingerprinting Indications of compromise Threat Grid Sandboxing Advanced Analytics Dynamic analysis Threat intelligence Threat Disposition Uncertain Safe Risky Sandbox Analysis Enforcement across all endpoints Block known malware Investigate files safely Detect new threats Respond to alerts

Stop known threats from getting in Security Intelligence URL Based Block risky sites using a classified database of 270 million+ known URLs IP Based Filter out bad IPs using a blacklist of 70,000+ known IPs DNS Based Get real-time threat intelligence based on 80 billion+ daily DNS requests Understand risks using reputation scoring See more through industry-leading research

Get real-time protection against global threats Talos Threat Intelligence Security Coverage Research Response 1.5 million daily malware samples WWW Endpoints Web 250+ Researchers 600 billion daily email messages Networks NGIPS Jan 24 x 7 x 365 Operations 16 billion daily web requests Devices Identify advanced threats Get specific intelligence Catch stealthy threats Stay protected with updates

Management

Easily manage NGFWs across multiple sites Firepower Management Center Centralized management for multi-site deployments Firepower Management Center Multi-domain management Firewall & AVC Role-based access control NGIPS High availability AMP APIs and pxgrid integration Security Intelligence Available in physical and virtual options Manage across many sites Control access and set policies Investigate incidents Prioritize response

Easily manage individual NGFWs Firepower Device Manager Firepower Device Manager Integrated on-box option for single instance deployment Easy set-up Role-based access control High availability Physical and virtual options NAT and Routing Intrusion and Malware prevention Device monitoring VPN support Set up easily Control access and set policies Investigate incidents Prioritize response

Get help making the transition to Firepower Migration assistance tool Prior ASA appliance Firepower NGFW Policies Settings Groups Policies Settings Groups

Integrations

Ensure compliance before granting access Identity Services Engine (ISE) ISE pxgrid TrustSec BYOD Employee Tag Guest Tag Guest Access Supplier Tag Server Tag Quarantine Tag Suspicious Tag ISE Segmentation Firepower Management Center Propagate User Context Device context Access policies Policy automation Set access control policies Propagate rules and context Establish a secure network Remediate breaches automatically

Defend the network with Rapid Threat Containment I want to www Firepower Management Center ISE pxgrid Alerts Receive alert of intrusion event Issue quarantine command pxgrid Alerts TrustSec Isolate compromised resources quickly before the problem grows. Automatic Isolation Quarantine Tag Employee Tag Supplier Tag Guest Tag Quarantine Tag

Build on your solution with an open platform REST APIs and Third-party integration Custom functionality Firepower Management Center Authentication tokens Access control Virtual switch API Explorer Third-party solutions Radware DDoS VDI identity VPN capabilities APIs Augment functionality with third party solutions Integrate custom-built features

Prevent network and application downtime Radware DDoS vdp Cloud scrub Flood Traffic Legitimate Traffic SYN Flood attacks DDoS attacks Nonstandard packet attacks 110101010101000101011011101010010010101010101001010101011101010 010101101010101010001010110111010100100101010101010010101010111 010101001010100101010111010101010100010101101110101001001010101 Network and Applications Maintain up to 30 Gbps throughput for legitimate traffic Handle 140,000 connections per second Block 1,200,000 packets of flood traffic per second Stop attacks within seconds of detection Block or allow traffic automatically

10110110 10101111 Identify threats hidden by desktop virtualization Virtual Desktop Infrastructure (VDI) Identity www Terminal Services Agent Firepower Management Center User IPs VDI 192.068.0.23 123.018.6.53 135.036.5.49 APIs User 1 User 2 User 3 User 1 User 2 User 3 Route user information to Terminal Services Capture information using APIs Identify risky behavior

Improve scalability and control with ACI I want to Application Policy Infrastructure Controller (APIC) White list policies Segmentation Multi-tenancy Integrated Management APIC APIs Firepower Management Center AVC Allow Block NGIPS Detect threats with NGIPS using ACI fabric visibility Set policies with integrated management tool Spine Protect the data center with consistent and targeted security policies. Host 1 Host 2 Host 3 Application 1 (Physical) Application 2 (Physical) Leaf VM VM VM Nodes Refine policies over time through activity analysis

Available in multiple deployment options Physical, virtual, and cloud options AWS Azure Also available as standalone solutions NGIPS only Dedicated AMP And on high-end performance appliances New Appliances Cisco Firepower 4100 Series and 9300 Cisco Firepower Threat Defense on ASA 5500-X Cisco FirePOWER Services on ASA 5585-X

Only Cisco delivers Threat Focused Fully Integrated Stop more threats Gain more insight Detect earlier, act faster Reduce complexity Get more from your network superior protection and visibility to address new demands, more things, and specialized threats

Next steps 1 Learn more about what Firepower NGFW can do for you 2 Schedule a demo today for a hands-on experience 3 Set up a POV to see how it can improve your network

How to benefit from our Free Risk Assessment? Cisco Threat Scan Proof of Value Programme With this offer, you will: Gain valuable information on your network including critical attacks Reduce risk and make security a growth engine for your business This offer is valid through December 29 th, 2016 in Austria, Belgium, Denmark, Finland, France, Germany, Ireland, Italy, Luxemburg, Netherlands, Norway, Spain, Sweden, Switzerland and United Kingdom. For more information and to request a Threat Scan POV, go to www.cisco.com/go/threatscanpov

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback