The Internet of Everything is changing Everything

Similar documents
Cisco Advanced Malware Protection. May 2016

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Agile Security Solutions

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

Cisco Security Exposed Through the Cyber Kill Chain

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Passit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers

Next Generation IPS and Advance Malware Protection. Mahmoud Rabi Consulting Systems Engineer - Security

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Cisco ASA 5500-X NGFW

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Cisco Advanced Malware Protection

Firewall nové generace na platformě SF, přístupové politiky, analýza souborů, FireAMP a trajektorie útoků

Cisco Advanced Malware Protection for Endpoints. Donald J Case BizCare, Inc. Saturday, May 19, 2018

An Investment Checklist

Sourcefire and ThreatGrid. A new perspective on network security

Service Provider Security Architecture

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

Network Visibility and Advanced Malware Protection. James Weathersby, Director Technical Marketing Gyorgy Acs, Consulting Security Engineer

Intelligent Cyber Security for Real World

Cisco ASA with FirePOWER Services

Understanding Persistent Connectivity: How IoT and Data Will Impact the Connected Data Center

Cisco Advanced Malware Protec3on

Modern attacks and malware

Cisco Advanced Malware Protection for Endpoints

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer

Protection - Before, During And After Attack

Stop Threats Before They Stop You

The Internet of Everything is changing Everything

Cisco Advanced Malware Protection against WannaCry

Expert Reference Series of White Papers. Cisco Completes the Security Picture with Sourcefire

Cisco Comstor

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment

Key Security Measures to Enable Next-Generation Data Center Transformation

CloudSOC and Security.cloud for Microsoft Office 365

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Architecting a More Effective Enterprise Security Program

Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security

Best Practices in Securing a Multicloud World

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Advanced Malware Protection: A Buyer s Guide

SAFE Architecture Guide. Places in the Network: Secure Campus

Build a Software-Defined Network to Defend your Business

SDN Security BRKSEC Alok Mittal Security Business Group, Cisco

PrecisionAccess Trusted Access Control

How to build a multi-layer Security Architecture to detect and remediate threats in real time

Secure Network Access for Personal Mobile Devices

Protecting Your Digital Business: The Case for Next-Generation Intrusion Prevention

Cisco Stealthwatch Improves Threat Defense with Network Visibility and Security Analytics

Cisco Ransomware Defense The Ransomware Threat Is Real

Cybersecurity for Service Providers

Global vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year

A Pragmatic Approach to HealthCare Security. Hans Mathys CSE, Cybersecurity, Cisco Switzerland

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

Security Challenges and

Stopping Advanced Persistent Threats In Cloud and DataCenters

Agenda: Insurance Academy Event

NGFW Requirements for SMBs and Distributed Enterprises

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

The Top 6 WAF Essentials to Achieve Application Security Efficacy

THE ACCENTURE CYBER DEFENSE SOLUTION

ForeScout ControlFabric TM Architecture

Gladiator Incident Alert

Easy Setup Guide. Cisco ASA with Firepower Services. You can easily set up your ASA in this step-by-step guide.

Wireless and Network Security Integration Solution Overview

Cisco Security Enterprise License Agreement

Simplify Technology Deployments

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

with Advanced Protection

Introduction to the Cisco Sourcefire NGIPS

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Implementing Cisco Edge Network Security Solutions ( )

Securing the SMB Cloud Generation

Sourcefire Network Security Analytics: Finding the Needle in the Haystack

Security Experts Webinar

Best Practices in Healthcare Risk Management. Balancing Frameworks/Compliance and Practical Security

Cisco Network Admission Control (NAC) Solution

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

Fully Integrated, Threat-Focused Next-Generation Firewall

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Cisco s Appliance-based Content Security: IronPort and Web Security

Cisco Cyber Range. Paul Qiu Senior Solutions Architect June 2016

Office 365 Buyers Guide: Best Practices for Securing Office 365

FIREWALL BEST PRACTICES TO BLOCK

Cisco Advanced Malware Protection for Networks

Why we need Intelligent Security? Juha Launonen Sourcefire, Inc.

Cisco Cyber Threat Defense Solution 1.0

Battle between hackers and machine learning. Alexey Lukatsky Cybersecurity Business Consultant April 03, 2019

Total Threat Protection. Whitepaper

Copyright 2011 Trend Micro Inc.

CYBER SECURITY EFFECTIVENESS FOR THE RESOURCE-CONSTRAINED ORGANIZATION

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

Transcription:

The Internet of Everything is changing Everything

Intelligent Threat Defense for the Enterprise Mobility Nikos Mourtzinos, CCIE #9763 Global Security Sales Organization

Changing Business Models Any Device to Any Cloud PUBLIC CLOUD HYBRID CLOUD PRIVATE CLOUD 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3

Internet of Things and Everything Every company becomes a technology company, Every company becomes a security company 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4

The Industrialization of Hacking Sophisticated Attacks, Complex Landscape Hacking Becomes an Industry Phishing, Low Sophistication 1990 1995 2000 2005 2010 2015 2020 Viruses 1990 2000 Worms 2000 2005 Spyware and Rootkits 2005 Today APTs Cyberware Today + 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5

How Industrial Hackers Monetize the Opportunity Social Security $1 DDoS DDOS as a Service ~$7/hour Medical Record >$50 Credit Card Data $0.25-$60 $ Bank Account Info >$1000 depending on account type and balance Global Cybercrime Market: $450B Mobile Malware Exploits $150 Spam $1000-$300K $50/500K emails Malware Development $2500 (commercial malware) Facebook Account $1 for an account with 15 friends Source: RSA/CNBC 2014 Cisco and/or its affiliates. All rights reserved. WELCOME TO THE HACKERS ECONOMY Cisco Confidential 6

What do these companies have in common? 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7

Today s Reality. Cyber attacks are one of the unfortunate realities of doing business today. All were smart, all had security All were seriously compromised. 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8

Five Things Boards Should do about Cybersecurity NOW Many Organizations have Cybersecurity tucked away in IT departments. It s time to bring it up and dust it off. 1 Understand the problem 2 Know the scope of risk to the organization 3 Decide what your crown jewels are 4 Know the regulations 2014 Cisco and/or its affiliates. All rights reserved. 5 Know where to spend Cisco Confidential 9

The Security Problem Changing Business Models Dynamic Threat Landscape Complexity and Fragmentation 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10

Cisco Threat-Centric Security Model Attack Continuum BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate NGFW VPN NGIPS Advanced Malware Protection Secure Access + Policy Control Web Security Email Security Network Behavior Analysis Collective Security Intelligence 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11

Enhanced Security & Cost Savings Superior Network Visibility Automated Tuning Impact Assessment & Correlation Rogue hosts, Vulnerabilities, Applications, OS, Servers, Mobiles Adjust IPS policies automatically based on network changes Threat correlation reduces actionable events by up to 99% Remediation Industry Leading Threat Detection Continuous Analysis, Trajectory 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12

Cisco Sees More Than the Competition Superior Network Visibility Rogue hosts, Vulnerabilities, Applications, OS, Servers, Mobiles NetFlow Files Users Web Applications Application Protocols Services Malware Command and Control Servers Vulnerabilities Processes Network Servers Operating Systems Routers and Switches Mobile Devices Printers VoIP Phones Virtual Machines Client Applications Network Behavior 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13

Superior Network Visibility Geolocation Superior Network Visibility Rogue hosts, Vulnerabilities, Applications, OS, Servers, Mobiles 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14

Automated Tuning Automated Tuning Adjust IPS policies automatically based on network changes Automated Recommended Rules customized & based on Customer s Infrastructure Automated IPS Policies based on network changes Simplifies Operations & Reduces Costs 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15

Impact Assessment & Correlation Impact Assessment & Correlation IMPACT FLAG ADMINISTRATOR ACTION Determine the relevance and impact of the attack With automated impact assessment, intrusion events requiring manual investigation are typically reduced by more than 90%. 1 2 3 4 0 Act Immediately; Vulnerable Investigate; Potentially Vulnerable Good to Know; Currently Not Vulnerable Good to Know; Unknown Target Good to Know; Unknown Network 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16

Remediation Remediation Point-in-time Detection NGFW NGIPS Analysis Stops Not 100% Sleep Techniques Unknown Protocols Encryption Polymorphism Blind to scope of compromise Continuous Analysis, Trajectory Initial Disposition = unknown Actual Disposition = Bad = Too Late!! Retrospective Detection, Analysis Continues Continuous Turns back time Visibility and Control are Key Initial Disposition = unknown Actual Disposition = Bad = Blocked 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17

Information Cisco Security Intelligence Outstanding cloud-based global threat intelligence Industry Leading Threat Detection 24x7x365 operations 40+ languages More than US$100 million spent on dynamic research and development 600+ engineers, technicians, and researchers 80+ PH.D., CCIE, CISSP, AND MSCE users Big Analytics Sandbox Advanced Malware WWW SIO Sourcefire VRT ThreatGrid Cognitive Security Email Devices Web Cisco CWS Cisco IPS Cisco AnyConnect IPS Networks Endpoints Updates Cisco ESA Cisco ASA WWW Cisco WSA Visibility Control 1.6 million global sensors 35% worldwide email traffic 3- to 5- minute updates 200+ parameters tracked 100 TB of data received per day 16 billion web requests 5,500+ IPS signatures produced 70+ publications produced 150 million+ deployed endpoints 8 million+ rules per day C97-728331-00 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18

Threats by the Numbers Industry Leading Threat Detection 7399 CVE Entries in 2013 a 10% increase from 2012 1,100,000 Incoming Malware Samples Per Day, Increasing Daily 400K AV Blocks 4.2 Billion Web Filtering Blocks Per Day 6.4 Billion daily blocks peak of 1 Billion Reputation Queries Per Day The Common Vulnerabilities and Exposures (CVE) system provides a reference-method for publicly known information-security vulnerabilities and exposures 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19

Industry Leading Threat Detection Industry Leading Threat Detection The NGFW Security Value Map shows the placement of Cisco ASA with FirePOWER Services as compared to other vendors. Cisco Best Protection Value 99.2% Security Effectiveness Cisco achieved 99.2 percent in security effectiveness and now all can be confident that they will receive the best protections possible Source: NSS Labs 2014 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20

NSS Labs Next-Generation Firewall Reports: Cisco ASA with FirePOWER Services Excels http://www.cisco.com/web/offers/nsslabsreportngfw.html?keycode=000551632 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21

Perimeter Security Customized Threat Bypasses Security Gateways Security Inside Perimeter Firewall IPS AMP Web Sec Email Sec 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22

The User to Device Ratio Has Changed What is all this stuff on my network?!!! 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23

COMMON POLICY, MANAGEMENT & CONTEXT Who/What is currently connected on the Network? How Do I Control Who and What Access the Network/Resources? How to Quarantine a User? 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24

All-in-One Enterprise Policy Control Policy Management Increases Operational Efficiency Identity Context Who What Where When How Device Profiling & Posture Provides Comprehensive Secure Access Mobile Device Management Onboarding & Remediation Increases Productivity and Improves User Experience Cisco Identity Services Engine Wired Wireless VPN Business-Relevant Policies Network Enforcement Decreases Operational Costs Virtual machine client, IP device, guest, employee, and remote user 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25

Cisco Identity Services Engine Who? Employee Guest What? Personal Device Company Asset How? Wired Wireless VPN Where? @ Coffee Shop Headquarters When? Weekends (8:00am 5:00pm) 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26

802.1x, MAC-Authentication Bypass (MAB) Web Authentication 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27

Non-User Device 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28

2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29

Guest Management 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30

ISE 1.3.1 Mobile Enablement with AnyConnect 4.0 Configuration Email & Calendar Network Access (Wi-Fi / VPN) Exchange Active Sync Restriction (camera usage) App Distribution / Public Stores Compliance Enforcement Set the PIN lock Enable Passcode - Screen Lock Enable Disk Encryption Restrict Jailbroken device Security Locate lost/stolen Device Lock /Unlock Device Remote Wipe Device Remove / Unenroll Device from Network Restore factory default 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31

Putting It All Together Who What Event History Where? When How Discover, Enforce, Harden Detect, Block, Defend NGFW VPN NGIPS BEFORE Secure Access / Policy Control DURING Web Security Email Security 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32

Putting It All Together Who What Event History Where When How Discover, Enforce, Harden Detect, Block, Defend Scope, Contain, Remediate BEFORE NGFW VPN Secure Access / Policy Control DURING NGIPS Web Secuirty Email Security AFTER Advanced Malware Protection Network Behavior Analysis 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33

Putting It All Together Who What Patient ZERO How The Malware Spread STOP The Malware From Spreading REMEDIATE Event History Where When How Discover, Enforce, Harden Detect, Block, Defend Scope, Contain, Remediate BEFORE NGFW VPN Secure Access / Identity Services DURING NGIPS Web Secuirty Email Security AFTER Advanced Malware Protection Network Behavior Analysis 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34

Intelligent Cybersecurity with Integrated Threat Defense in action Security Gateways NGFW NGIPS Web Security Gateways Email Security Gateways AMP Services for Gateways AMP for Networks, Sandbox Malware detection/blocking File detection/blocking CNC detection/blocking File Dynamic Analysis Threat Analytics 1 4 Identity & Control Wired Wireless VPN Contextual and Consistent Policies across the entire Campus Network & D/C (User/Device/Access method, Network location), BYOD, Device Profiling Continuous File Analytics Sandbox Reputation Determination Visibility, Context and Control Determine Scope: File Trajectory: systems impacted, point of entry, file type, protocol, direction, etc Correlated contextual events: Users, apps, threats, etc Retrospective Detection IoC Determination 2014 Cisco and/or its affiliates. All rights reserved. 35 3 2 AMP for Endpoints Integrated or standalone PC, mobile & virtual Malware Detection Automated IoC detection Trajectory File Analysis Outbreak Control

Ecosystem and Integration Vulnerability Management Custom Detection Full Packet Capture NAC Incident Response BEFORE Policy and Control DURING Detection and Blocking AFTER Analysis and Remediation Network Access Taps Infrastructure & Mobility Visualization SIEM Combined API Framework 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36

Based on our (Breach Detection Systems) reports, Advanced Malware Protection from Cisco should be on everyone s short list. So do any network security vendors understand data center and what s needed to accommodate network security? Cisco certainly does. Cisco is disrupting the advanced threat defense industry. 2014 Vendor Rating for Security: Positive AMP will be one of the most beneficial aspects of the [Sourcefire] acquisition. The AMP products will provide deeper capability to Cisco's role in providing secure services for the Internet of Everything (IoE). Market Recognition 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37

Your First step to Threat Focused Security FirePOWER Services for ASA Start today! Bring the worlds most secure firewall platform capabilities to the top cyber-security platform Let us show you what you are missing Put Cisco in behind of your existing NGFW to show you what threats you aren t seeing 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback