A Unified Threat Defense: The Need for Security Convergence

Similar documents
Cisco Self Defending Network

Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets

Wireless and Network Security Integration Solution Overview

Solution Architecture

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

Cisco Intrusion Prevention Solutions

Cisco ASA 5500 Series IPS Edition for the Enterprise

Cisco Systems Korea

NETWORK THREATS DEMAN

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access

Future-ready security for small and mid-size enterprises

Cisco Security Manager 4.1: Integrated Security Management for Cisco Firewalls, IPS, and VPN Solutions

Cisco NAC Network Module for Integrated Services Routers

Cisco Network Admission Control (NAC) Solution

SteelGate Overview. Manage perimeter security and network traffic to ensure operational efficiency, and optimal Quality of Service (QoS)

Firewalls for Secure Unified Communications

Presentation_ID. 2003, 2004 Cisco Systems, Inc. All rights reserved.

HOLISTIC NETWORK PROTECTION: INNOVATIONS IN SOFTWARE DEFINED NETWORKS

Cisco Exam Questions & Answers

NetDefend Firewall UTM Services

CA Host-Based Intrusion Prevention System r8

Networks with Cisco NAC Appliance primarily benefit from:

Check Point DDoS Protector Introduction

Juniper Networks Adaptive Threat Management Solutions

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Cisco ASA 5500 Series IPS Solution

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

CSA for Mobile Client Security

Networking Drivers & Trends

Exam : Title : Security Solutions for Systems Engineers(SSSE) Version : Demo

ADVANCED SECURITY MECHANISMS TO PROTECT ASSETS AND NETWORKS: SOFTWARE-DEFINED SECURITY

Cisco IPS AIM and IPS NME for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

Cisco Incident Control System

Juniper Sky Advanced Threat Prevention

Data Retrieval Firm Boosts Productivity while Protecting Customer Data

Free Download BitDefender Client Security 1 Year 50 PCs softwares download ]

ProCurve Network Immunity

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

Cisco Firepower NGFW. Anticipate, block, and respond to threats

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

AKAMAI CLOUD SECURITY SOLUTIONS

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Technology Risk Management in Banking Industry. Rocky Cheng General Manager, Information Technology, Bank of China (Hong Kong) Limited

Transforming the Network for the Digital Business

Software-Defined Secure Networks. Sergei Gotchev April 2016

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Cisco IOS Inline Intrusion Prevention System (IPS)

Intelligent and Secure Network

SAS and F5 integration at F5 Networks. Updates for Version 11.6

Delivering Business-Critical IP Multicast Applications Securely

USG310/210/110. Benefits. Always online. Protection and optimization. Next Generation Firewall (NGFW) for small and medium-sized businesses

Security Assessment Checklist

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

ForeScout ControlFabric TM Architecture

IBM Next Generation Intrusion Prevention System

Coordinated Threat Control

Cisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics

SECURING THE NEXT GENERATION DATA CENTER. Leslie K. Lambert Juniper Networks VP & Chief Information Security Officer July 18, 2011

Agile Security Solutions

The Cisco BYOD Smart Solution

Nebraska CERT Conference

Cisco s Appliance-based Content Security: IronPort and Web Security

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

ASA/PIX Security Appliance

Symantec Network Access Control Starter Edition

Network. Arcstar Universal One

Cisco Cyber Threat Defense Solution 1.0

White Paper February McAfee Policy Enforcer. Securing your endpoints for network access with McAfee Policy Enforcer.

Cisco & Rockwell Automation Alliance. Mr. Gary Bundoc Solutions Architect Rockwell Automation Phil Inc.

Cisco Security Solutions for Systems Engineers (SSSE) Practice Test. Version

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises

Securing the Converged Enterprise, Part I

Trend Micro Deep Security

Cisco Exam Questions & Answers

Symantec Endpoint Protection 14

Internetwork Expert s CCNA Security Bootcamp. Common Security Threats

Implementing Cisco Network Security (IINS) 3.0

Network Access Control Whitepaper

Cracked BitDefender Client Security 2 Years 20 PCs lowest price software ]

WatchGuard Total Security Complete network protection in a single, easy-to-deploy solution.

Symantec Endpoint Protection

An Investment Checklist

Stopping Advanced Persistent Threats In Cloud and DataCenters

Course Outline Topic 1: Current State Assessment, Security Operations Centers, and Security Architecture

Symantec Network Access Control Starter Edition

Teleworking and Security: IT All Begins with Endpoints. Jim Jessup Solutions Manager, Information Risk Management June 19, 2007

McAfee Advanced Threat Defense

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

2 ZyWALL UTM Application Note

Self Defending Networks

Securing Your Business Against the Diversifying Targeted Attacks Leonard Sim

IBM Security Network Protection Solutions

Symantec Network Access Control Starter Edition

RSA INCIDENT RESPONSE SERVICES

SSL VPNs or IPsec VPNs The Challenges of Remote Access. February 2 nd, 2007 Chris Witeck- Director of Product Marketing

Transcription:

A Unified Threat Defense: The Need for Security Convergence Udom Limmeechokchai, Senior system Engineer Cisco Systems November, 2005 1

Agenda Evolving Network Security Challenges META Group White Paper : Unified Threat Defenses The Self Defending Network Increasing the Effectiveness of Security Decreasing the Cost of Securing the Network Summary 2

Evolving Network Security Challenges 3

Key Issues Facing Organizations Simplification and Cost Reduction Scalability Equipment cost Staffing (total cost of ownership) Integration and systems management Application and Service Optimization Enablers Application management Performance/Optimization Resilience Security Threats Theft Loss Response time 4

The Network Has Evolved Applications Everywhere, Everyone Interconnected Sales Automation HR Apps ERP MRP Finance Headquarters Partners Manufacturing Sales Reached Mostly by Web/Extranet Human Resources Teleworker Departmental Applications Available Throughout Remote Offices Customer 5

Evolution of Security Challenges Target and Scope of Damage Global Infrastructure Impact Regional Networks Multiple Networks Individual Networks Individual Computer First Gen Boot viruses Rapidly Escalating Threat to Businesses Weeks Days Second Gen Macro viruses Denial of Service Minutes Third Gen Distributed Denial of Service Blended threats Seconds Next Gen Flash threats Massive bot driven DDoS Damaging payload worms 1980s 1990s Today Future 6

Security Services Silos Force Trade Offs Complementary Defenses, Limited Deployability Firewall Services Access Control Services Packet Inspection Protocol Validation Accurate Enforcement Robust Resiliency IPS Services Broad Attack Detection Granular Packet Inspection Application Control Dynamic Response Network AV Services Virus Mitigation Spyware, Adware, Malware Detection and Control Malicious Mobile Code Mitigation IPSec/SSL VPN Services SSL VPN IPSec VPN User-Based Security Group-Based Management Clustering Access Breaches Session Abuse Port Scans Malformed Packets Application Misuse DoS/Hacking Known Attacks Tunneled Traffic Limited Protections Infected Traffic Multiple Discrete Services x Multiple Locations = Security Trade-Offs 7

What s on the Mind of the IT Professional? Help! I have to respond more rapidly and proactively to changes in business conditions Show me how to use IT investments to go on the offense Help me with my pain: Operational complexity Virus/worm outbreaks Application abuse Approaching the network in a new way can help solve these challenges 8

META Group White Paper: Unified Threat Defenses 9

Pervasive Integration 10

Pervasive Perimeterization 11

Multilayer Security 12

Multiservice Agents/Gateway 13

Unified Threat Defenses 14

The Self-Defending Network 15

What Worked in the Past Can t Meet Today s Threats Past Reactive Point Products Product Support Services Needed Now Automated, Proactive Integrated Multiple Layers Advanced Design/Deployment Services A Collaborative Systems Approach 16

Evolution of Cisco Security Strategy Cisco Self-Defending Network SDN Phase III Adaptive Threat Defense Mutual awareness among and between security services and network intelligence Increases security effectiveness, enables proactive response Consolidates services, improves operations efficiency Application recognition and inspection for secure application delivery/optimization Point Products Multiple security appliances Separate management software SDN Phase II Collaborative Security Systems Security becomes a Network-Wide System: Endpoints + Network + Policies Multiple services and devices working in coordination to thwart attacks with active management NAC, IBNS, SWAN SDN Phase I Integrated Security Making every network element a point of defense routers, switches, appliances. endpoints Secure connectivity (V3PN, DMVPN), threat defense, trust and identity Network foundation protection 17

Adaptive Threat Defense in Action Services Convergence Enables More Effective Security Access Control, Packet Inspection Firewall Services Application Intelligence, Content Inspection, Virus Mitigation IPS and NW-AV Services Identity, Virtualization, QoS Segmentation, Traffic Visibility Network Intelligence Cisco Router CSA Cisco DDoS Catalyst VPN VPN Access Cisco Router Si Si Catalyst PIX Identity-Based Networking NAC CSA Quarantine VLAN Cisco IPS CSA 18

Five Characteristics of a Self-Defending Network End Point Posture Enforcement Network Device and End Point Protection Dynamic/ Secure Connectivity Dynamic Communication Between Elements Automated Threat Response 19

Introducing Cisco Adaptive Security Appliances Delivering Adaptive Threat Defense and VPN Solutions App Inspection, Use Enforcement, Web Control Malware/Content Defense, Anomaly Detection Application Security Anti-X Defenses Traffic/Admission Control, Proactive Response Containment and Control Catalyst CSA Cisco Router Cisco DDoS VPN VPN Access Cisco Router Catalyst Quarantine VLAN NAC CSA PIX Identity-Based Networking Cisco IPS The Cisco ASA 5500 Series 2005 Cisco Systems, Inc. All rights reserved. CSA Cisco Public 20

Increasing the Effectiveness of Security 21

Introducing Cisco Adaptive Security Appliances Delivering Adaptive Threat Defense and VPN Solutions Converged Adaptive Threat Defense and Flexible VPN Services Application Security, Worm/Virus Mitigation, Malware Protection and Threat-Protected VPN Minimize Deployment and Operations Costs Platform Standardization, Unified Management, Network Awareness Technology Extensibility to Address New Threats Purpose-Built Adaptive Identification and Mitigation Architecture Enables Unprecedented Extensibility and Policy Control The Cisco ASA 5500 Series 22

Cisco Adaptive Security Appliances Series Convergence of Robust, Market-Proven Technologies Market-Proven Technologies Adaptive Threat Defense, Secure Connectivity Firewall Technology Cisco PIX App Inspection, Use Enforcement, Web Control Application Security IPS Technology Cisco IPS NW-AV Technology Cisco IPS + Trend NAV VPN Technology Cisco VPN 3000 Malware/Content Defense, Anomaly Detection Anti-X Defenses Traffic/Admission Control, Proactive Response Network Containment and Control Network Intelligence Cisco Network Services Secure Connectivity IPSec and SSL VPN 23

VPN Services for Any Deployment Scenario Robust IPSec and SSL VPN Services with Threat Prevention Branch Office Site-to-Site Supply Partner Extranet Public Internet Access Scenarios: Site-to-Site Connectivity Managed Desktop Employee Desktop Kiosk Access Full or Limited Network Access Partner Access Account Manager Mobile User Employee at Home Unmanaged Desktop ASA 5500 Converged IPSec, WebVPN, Firewall, IPS: Inspect/Control VPN Sessions Single RA VPN Device Infrastructure Unified User Management Uniform Resiliency and Load Balancing QoS for Site-to-Site Traffic Provides Secure Access for Any User from Any Location from a Single Device and Management Infrastructure 24

High Performance Threat Mitigation Services Convergence Enables Thorough Protection Worms Viruses Spyware Hackers W32.Tomorrow s-threat Comprehensive Analysis: De-obfuscation Application Layer Inspection Protocol Anomaly Detection Heuristic Analysis Traffic Normalization Public Internet ASA 5500 Accurate Enforcement: Real-Time Correlation Risk Rating Attack Drop Session Removal and Resets Outbreak Prevention: Virus Detection Dynamic Outbreak Updates Leverages Depth of Anti-X Defense Features to Stop Malicious Worms, Viruses and More and Without a Performance Loss! 25

Decreasing the Cost of Securing the Network 26

Cisco Adaptive Security Device Manager (ASDM) v5.0 Dashboard Provides At-a-Glance View of System Status Dashboard provides instant status of items such as: - Software versions installed - Interface status and throughput - Platform uptime - Security Contexts -Real-time syslog viewer (last ten) - Powerful search capabilities - And more! 27 27

Cisco Adaptive Security Device Manager (ASDM) v5.0 Robust Firewall Management and Monitoring Cisco ASDM v5.0 delivers robust firewall management and monitoring of a Cisco ASA appliance Supports full configuration of: - Access control lists - Network and service object groups - Inspection Engines - NAT/PAT - AAA and more Supports monitoring of: - Syslog (real-time) - Connections - Throughput & more! ASA 5500 Intro 2004 2005 Cisco Systems, Inc. All rights reserved. Cisco Public 28 28

Cisco Adaptive Security Device Manager v5.0 Comprehensive VPN Management and Monitoring Cisco ASDM v5.0 delivers comprehensive remote access and site-to-site VPN management and monitoring of a single Cisco ASA appliance Supports full configuration of: - WebVPN - IPSec RA groups - S2S tunnels - AAA, DHCP, & more! Supports monitoring of: - Uptime, bytes xfered, by tunnel - VPN usage trends ASA 5500 Intro 2004 2005 Cisco Systems, Inc. All rights reserved. Cisco Public 29 29

Cisco Adaptive Security Device Manager v5.0 Extensive IPS Management and Monitoring Cisco ASDM v5.0 delivers extensive IPS management and monitoring of a single Cisco ASA appliance Supports full configuration of: -Engines - Signatures - Threat Risk Rating - IPS Actions - And more! Supports monitoring of: - Events - Diagnostic reports - Sensor statistics ASA 5500 Intro 2004 2005 Cisco Systems, Inc. All rights reserved. Cisco Public 30 30

Summary 31

Benefits Protects from broadest range of threats with comprehensive suite of services Delivers excellent value through integration of multiple deployment-proven, best-ofbreed security and networking services Decreases ops costs by standardizing on one platform customizable for numerous deployment scenarios Increases security effectiveness through services consolidation Delivers high concurrent services performance through unique, extensible multi-processor architecture Part of a greater whole self-defending networks 32

Take Advantage of Unified Threat Defenses and Self Defending Networks Today! To learn more about this exciting new product family or about Cisco Self Defending Networks: Visit us at www.cisco.com/go/asa or www.cisco.com/go/sdn Contact your Cisco account team or Cisco partner to arrange a demo Thank you for your time today! 33

34

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback