AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment

Similar documents
Solution Overview Cisco Tetration Analytics and AlgoSec: Business Application Connectivity Visibility, Policy Enforcement, and Business-Based Risk and

Cisco Tetration Analytics

Stop Threats Before They Stop You

The Need In today s fast-paced world, the growing demand to support a variety of applications across the data center and help ensure the compliance an

Introducing Cisco Network Assurance Engine

Tetration Hands-on Lab from Deployment to Operations Support

Infoblox as Part of the Ecosystem

Sourcefire Network Security Analytics: Finding the Needle in the Haystack

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

PSOACI Tetration Overview. Mike Herbert

Cisco Firepower NGFW. Anticipate, block, and respond to threats

NetBrain Technologies: Achieving Agile Network Operations: How Automation Can Improve Visibility Across Hybrid Infrastructures

Ipswitch: The New way of Network Monitoring and how to provide managed services to its customers

Cloud Mobility: Meraki Wireless & EMM

NXOS in the Real World Using NX-API REST

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

CloudCenter for Developers

Microsoft Security Management

Cisco Tetration Analytics

PSOACI Why ACI: An overview and a customer (BBVA) perspective. Technology Officer DC EMEAR Cisco

Title DC Automation: It s a MARVEL!

The Internet of Everything is changing Everything

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

Cisco Secure Access Control

AlgoSec. Managing Security at the Speed of Business. AlgoSec.com

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Cisco Tetration Analytics

Threat Centric Network Security

Deploying Cloud-Agnostic Applications with Cisco CloudCenter

Compare Security Analytics Solutions

Radware: Anatomy of an IoT Botnet and Economics of Defense

Key Security Measures to Enable Next-Generation Data Center Transformation

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Cisco Security Enterprise License Agreement

2018 Cisco and/or its affiliates. All rights reserved.

Manufacturing security: Bridging the gap between IT and OT

Not your Father s SIEM

The Why, What, and How of Cisco Tetration

DevNet Workshop-Learning Cisco platform Exchange Grid (pxgrid) Dynamic Topics

Cisco & IBM Security SECURING THE THREATS OF TOMORROW, TODAY, TOGETHER

2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Contiv installation and integration with ACI

SDN Security BRKSEC Alok Mittal Security Business Group, Cisco

Modelos de Negócio na Era das Clouds. André Rodrigues, Cloud Systems Engineer

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Using Cisco pxgrid for Security Platform Integration

SYMANTEC DATA CENTER SECURITY

Business Resiliency Through Superior Threat Defense

AMP for Endpoints & Threat Grid

SECURING THE MULTICLOUD

Build a Software-Defined Network to Defend your Business

Automation and Programmability using Cisco Open NXOS and DevOps Tools

AWS Reference Design Document

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

The Evolution of Data Center Security, Risk and Compliance

Intelligent Cyber Security for Real World

Contiv installation and integration with ACI. LTRCLD-2003

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

Cisco Tetration Analytics Demo. Ing. Guenter Herold Area Manager Datacenter Cisco Austria GmbH

Cloud-Managed Security for Distributed Networks with Cisco Meraki MX

A Pragmatic Approach to HealthCare Security. Hans Mathys CSE, Cybersecurity, Cisco Switzerland

Cisco Advanced Malware Protection against WannaCry

Borderless Networks. Tom Schepers, Director Systems Engineering

Zero Trust Security with Software-Defined Secure Networks

Using Cisco pxgrid for Security Platform Integration

Multi-Cloud and Application Centric Modeling, Deployment and Management with Cisco CloudCenter (CliQr)

Unlocking the Power of the Cloud

Transforming Security Part 2: From the Device to the Data Center

Best Practices in Securing a Multicloud World

Global vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year

DNA Automation Services Offerings

Intuit Application Centric ACI Deployment Case Study

Cisco Cloud Application Centric Infrastructure

Cisco Firepower NGIPS Tuning and Best Practices

Cisco Security Manager 4.1: Integrated Security Management for Cisco Firewalls, IPS, and VPN Solutions

Using Workload Automation to Optimize Hybrid Cloud Estates

Cisco Solution Support

Cisco Solution Support

Orchestrating the Cloud Infrastructure using Cisco Intelligent Automation for Cloud

THE IMPACT OF HYBRID AND MULTI CLOUDS TO CYBERSECURITY PRIORITIES

Enabling a Multicloud World. Kip Compton VP, Cloud Platform & Solutions Group December 4,

Cisco Spark. Questions? Use Cisco Spark to communicate with the speaker after the session. How

CONTENTS. Technology Overview. Workflow Integration. Sample Customers. How It Works

SIEM Solutions from McAfee

Benefits of SDN Modeling and Analytics tool for complex Service Provider Network

Orange: Cisco & Orange: a human touch for a digital experience

Customer s journey into the private cloud with Cisco Enterprise Cloud Suite

One Hospital s Cybersecurity Journey

Intelligent Edge Protection

Cisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339

Fast IT - Policy Driven Infrastructure for the Intercloud World

GEARS + CounterACT. Advanced Compliance Enforcement for Healthcare. December 16, Presented by:

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Cisco ASA 5500-X NGFW

Cisco UCS Director and ACI Advanced Deployment Lab

Transcription:

BRKPAR-2488 AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment Edy Almer

How to Secure and Automate Your Heterogeneous Cisco Environment Yogesh Kaushik, Senior Director Cisco Doug Hurd, Alliance Manager Cisco Edy Almer, VP Product Algosec

Cisco Tetration Platform Hybrid Cloud Workload Protection Network Traffic Visibility Visibility & Forensics Googl e Azure Amazon App Behavior Detection Vulnerability Detection Policy Simulation Attribute based whitelist policy & segmentation Whitelist Policy

USE CASE I Map Firewall Rules to Business Applications Application tags are then visible everywhere policy searches, security risks, cleanup, export via API

USE CASE II Risk, Vulnerability and Compliance Application servers are matched with vulnerability scan results Risk, vulnerability and compliance are managed with correct business application context and priority

USE CASE II Risk, Vulnerability and Compliance Tetration Platform discovers application flows and dependencies Application flows are matched with network security risks & vulnerability scan results

USE CASE II Risk, Vulnerability and Compliance Tetration flow data annotated with vulnerability score

USE CASE III Generate and Push Whitelist Policies Tetration Analytics generates whitelist policy recommendations and enforces host based polices AlgoSec configures security policies to multi-vendor security devices and SDN controllers (automatically/with modifications) ACI

CORPORATE OVERVIEW Founded 2004 1500+ Enterprise Customers Serving 20 of the Fortune 50 24/7 Support via 3 Global Centers Passionate about Customer Satisfaction

BUSINESS-DRIVEN SECURITY MANAGEMENT Business-Driven Network Security Policy Management Business-Driven Security Business-Driven Agility Unified Visibility Across Cloud, SDN & On-Premise Enterprise Networks USE CASES Risk Management Auditing & Compliance Incident Response Micro- Segmentation Change Management DevSecOps Business Continuity Digital Transformation

NETWORK ABSTRACTION & POLICY ANALYSIS Visibility and analysis of complex network security policies across on premise and cloud networks. Topology map and traffic simulation Firewall rule optimization and cleanup Audit-ready compliance reports Risk assessment Baseline configuration compliance Network segmentation enforcement 12 Confidential

SECURITY POLICY CHANGE AUTOMATION Process firewall changes with zerotouch automation. Security policy workflow automation Topology analysis and optimal rule design Proactive risk and compliance verification Automated policy push Change validation and reconciliation SLA tracking and complete audit trail Integration with ticketing systems 13 Confidential

APPLICATION CONNECTIVITY MANAGEMENT Discover, provision, maintain and securely decommission network connectivity for critical business applications. Automated discovery and mapping of business connectivity Translation of business requirements in to networking terms Impact assessment to avoid outages Rapid datacenter and cloud migration Business-centric risk analysis Secure application decommissioning 14 Confidential

ACI, NX-OS, FIREPOWER, FWSM, IOS (XE,XR) Process firewall changes with zerotouch automation. Automate change for ACI, FWSM, IOS Plan: Automate Firepower Risk and Compliance for all Change recommendation for NX-OS Change validation and reconciliation SLA tracking and complete audit trail Integration with ticketing systems 15 Confidential

Integration Points Across the Cisco Security Portfolio estreamer API Send Firepower event data to SIEMs Host Input API Collect vulnerability and other host info Remediation API Programmatic response to third parties from FireSIGHT JDBC Database Access API Supports queries from other applications Read/Write REST API for Firepower Supports FW and Risk Management technologies Threat Intelligence Director REST API for Firepower Collect, correlate, take action on third party Threat Intelligence Management API for ASA Third party management of ASA, policy auditing pxgrid Bi-directional context sharing framework for ISE, ecosystem partners MDM API Enables 3rd party MDM partners to make mobile device posture part of ISE access policy External Restful Services (ERS) Adds 3rd party asset data to ISE inventory database AMP Cloud-based API Externalize event data for all 3rd party apps Threat Grid API Hand off suspicious files for analysis Queries entire dataset for correlation or historical/geographic significance Automate submission of files for analysis Create custom or batch threat feeds FirePOWER 9300 (SSP) REST API Cisco and third party applications in service chain configuration AnyConnect Network Visibility Module Collection AnyConnect provides IPFIX data AnyConnect EDM/MDM VPN Services OpenDNS Investigate Query OpenDNS for threat intelligence OpenDNS Umbrella Add addresses to customer specific enforcement CloudLock Enterprise API Reporting/Management CloudLock Development APIs Access micro-services Other Integration Points ESA, WSA

Gain more insight with increased visibility Migration from ASA to Firepower Client applications Operating systems Threats Typical IPS Users File transfers Application protocols Web applications C & C Servers Malware Routers & switches Mobile Devices Printers Typical NGFW Cisco Firepower NGFW Network Servers VOIP phones

Please complete your Online Session Evaluations after each session Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt All surveys can be completed via the Cisco Live Mobile App or the Communication Stations Complete Your Online Session Evaluation Don t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/. 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public

Continue Your Education Demos in the Cisco campus Walk-in Self-Paced Labs Tech Circle Meet the Engineer 1:1 meetings Related sessions BRKPAR-2488 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 24

Thank you

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback