Service Provider Security Architecture

Similar documents
Cybersecurity for Service Providers

Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Cisco Firepower NGFW. Anticipate, block, and respond to threats

The Internet of Everything is changing Everything

Understanding Persistent Connectivity: How IoT and Data Will Impact the Connected Data Center

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Cisco Advanced Malware Protection. May 2016

AKAMAI CLOUD SECURITY SOLUTIONS

Agile Security Solutions

Advanced Malware Protection. Dan Gavojdea, Security Sales, Account Manager, Cisco South East Europe

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

How to build a multi-layer Security Architecture to detect and remediate threats in real time

Threat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN)

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer

Video-Aware Networking: Automating Networks and Applications to Simplify the Future of Video

Overview of the Juniper Mobile Cloud Architecture Laying the Foundation for a Next-gen Secure Distributed Telco Cloud. Mobile World Congress 2017

Cisco Security Enterprise License Agreement

Securing Digital Transformation

Overview of the Juniper Networks Mobile Cloud Architecture

Security Everywhere Within Juniper Networks Mobile Cloud Architecture. Mobile World Congress 2017

THE ACCENTURE CYBER DEFENSE SOLUTION

Cisco Self Defending Network

Cisco Ransomware Defense The Ransomware Threat Is Real

Perimeter Defenses T R U E N E T W O R K S E C U R I T Y DEPENDS ON MORE THAN

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

6 KEY SECURITY REQUIREMENTS

SOLUTION OVERVIEW THE ARUBA MOBILE FIRST ARCHITECTURE

The Future of Threat Prevention

SDN Security BRKSEC Alok Mittal Security Business Group, Cisco

CloudSOC and Security.cloud for Microsoft Office 365

Business Strategy Theatre

Architecting a More Effective Enterprise Security Program

The Windstream Enterprise Advantage for Banking

Segment Your Network for Stronger Security

HOSTED SECURITY SERVICES

Office 365 Buyers Guide: Best Practices for Securing Office 365

The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

Hybrid Network present & future

Subscriber Data Correlation

Express Monitoring 2019

Intelligent and Secure Network

Stop Threats Before They Stop You

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

Cisco Advanced Malware Protection against WannaCry

Smart and Secured Infrastructure. Rajesh Kumar Technical Consultant

Where is the Network Edge? MEC Deployment Options, Business Case & SDN Considerations

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

A Pragmatic Approach to HealthCare Security. Hans Mathys CSE, Cybersecurity, Cisco Switzerland

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

Evolution of connectivity in the era of cloud

Strategies for a Successful Security and Digital Transformation

Technical Brochure F-SECURE THREAT SHIELD

INVESTOR PRESENTATION

Putting Trust Into The Network Securing Your Network Through Trusted Access Control

DEFENCE IN DEPTH HOW ANTIVIRUS, TRADITIONAL FIREWALLS, AND DNS FIREWALLS WORK TOGETHER

Securing LTE Networks What, Why, and How

Next generation branch with SD-WAN and NFV

Transformation Through Innovation

Modern attacks and malware

Cisco 5G Now! Product Announcements. February, 2018

Expert Reference Series of White Papers. Cisco Completes the Security Picture with Sourcefire

Leverage SDN Principles in LTE to Meet Future Network Demands

5G Network Architecture

with Advanced Protection

Preparing your network for the next wave of innovation

accelerate your ambition Chris Jenkins

Transforming the Network for the Digital Business

5G Infinite Acceleration Cisco Knowledge Network. Humberto J. La Roche, PhD, Principal Engineer October 25, 2016

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Sichere Applikations- dienste

21ST CENTURY CYBER SECURITY FOR MEDIA AND BROADCASTING

Cisco ASA 5500-X NGFW

Future X Network. Sanjay Kamat Managing Partner, Bell Labs Consulting Nokia

NETWORK THREATS DEMAN

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

New Digital Business Models Driving the Softwarization of the Network

to protect the well-being of citizens. Fairfax is also home to some Fortune 500 and large

Fully Integrated, Threat-Focused Next-Generation Firewall

OPTIMIZE. MONETIZE. SECURE. Agile, scalable network solutions for service providers.

From Managed Security Services to the next evolution of CyberSoc Services

Integrating Okta and Preempt Detecting and Preventing Threats With Greater Visibility and Proactive Enforcement

5 Trends That Will Impact Your IT Planning in Layered Security. Executive Brief

Security Vendor Line Card

ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK

Achieving a Secure and Resilient Cyber Ecosystem: A Way Ahead

Cisco SD-WAN. Securely connect any user to any application across any platform, all with a consistent user experience.

Achieving End-to-End Security in the Internet of Things (IoT)

Building a Threat Intelligence Program

McAfee epolicy Orchestrator

Use Cases. E-Commerce. Enterprise

IBM Next Generation Intrusion Prevention System

Stopping Advanced Persistent Threats In Cloud and DataCenters

We are innovating in security

Transcription:

Service Provider Security Architecture Andrew Turner Technical Marketing, Security Business Group April 12 th 2017

Digitization is disrupting the SP business The world has gone mobile Traffic growth, driven by video Changing Customer Expectations Ubiquitous Access to Apps & Services Rise of cloud computing 120,000 Other (43%, 25%) 100,000 Internet Video (57%, 75%) Exponential Growth in Data 80,000 10X Mobile Traffic Growth From 2013-2019 Petabytes per Month 60,000 40,000 More and more Data 20,000 More and more ways to access Data 0 2013 2014 2015 2016 2017 2018 Machine-to-Machine More and more regulations on securing Data Emergence of the Internet of Everything 23% Global CAGR 2013-2018 Soon to Change SP Architectures/ Service Delivery Risks to Service Providers and Their Customers Changing Enterprise Business Models Efficiency & Capacity People Process Data Things

All Data has Monetary Value Social Security $1 DDoS DDoS as a Service ~$7/hour Medical Record >$50 Credit Card Data $0.25 $60 $ Bank Account Info >$1000 depending on account type and balance Global Cybercrime Market: $450B $1T Mobile Malware $150 Spam $50/500K emails Malware Development $2500 (commercial malware) Welcome to the Hackers Economy Exploits $100k-$300K Facebook Account $1 for an account with 15 friends Source: CNBC

Money Motivates Attackers Organizations Are Under Attack and Malware Is Getting in 95% of large companies targeted by malicious traffic 100% Cybercrime is lucrative, barrier to entry is low Hackers are smarter and have the resources to compromise your organization Malware is more sophisticated Organizations face tens of thousands of new malware samples per hour of organizations interacted with websites hosting malware Phishing, Low Sophistication Hacking Becomes an Industry Sophisticated Attacks, Complex Landscape 1990 1995 2000 2005 2010 2015 2020 Viruses 1990-2000 Worms 2000-2005 Spyware and Rootkits 2005-Today APTs Cyberware Today +

Being Breached Costs Dollars and Reputation $87k $1.45M 60% 54% Loss for every 1k data files breached 1 Average lost business cost per attack 2 Of security breaches compromise data in hours 3 Of security breaches are not detected until months later 4 Loss of customer trust 1 Verizon 2015 Data Breach Investigations Report 2 Ponemon Institute - 2015 Cost of Data Breach Study: Global Analysis 3 Verizon 2014 Data Breach Investigations Report 4 Verizon 2014 Data Breach Investigations Report

Shift to 5G Will Be Led by New Services Ultra Reliability (Wherever + Whenever) Broadband access in dense areas Broadband access everywhere Higher user mobility Massive Internet of Things Ultra Capacity and Coverage 1G Ultra High-Speed (up to 10 Gbps to cell site) Pervasive Video Extreme real-time communications Average 1 Gbps per device Lifeline communications High Speed Train Ultra-reliable communications Sensor Networks Broadcast-like services Ultra Low Latency (1 ms End-to-End) + Massive Device Connectivity Tactile Internet Natural Disaster E-Health Services Broadcast Services

New Services Mean New Threats Threat Surface 2G 3G LTE 5G

Cisco: Committed to Security 5K People Strong 250 Threat Researchers 100x Faster Finding Breaches 19.7B Threats Blocked Daily 99% Security Effectiveness #1 Cisco Priority Billions Invested Ongoing Innovation Integrated Best of breed portfolio 88% Fortune 100 use Cisco Security

Traditional Security Needs to Keep Pace Internet S8 Corp IT SGi Datacenter S9 Rx

Security

Remember This?

https:// Look Inside Or Maybe Not

Traditional Security Needs to Keep Pace Internet S8 Corp IT SGi Datacenter Once inside, who is talking to who? S9 Rx

Traditional Security Needs to Keep Pace Internet S8 Corp IT SGi S9 Datacenter Industry Average Time to Detect 100 Days Rx

Example Threats inside the Perimeter Insider Internal DoS Interception and Exploitation Exfiltration

Security begins with visibility Who is on the Network? You can t protect what you can t see And what are they up to?

Because when it happens.. Incident reported WHO did this? HOW long? WHAT was accessed? WHEN did it happen? WHEN will we know?

Evolution of s How to increase visibility at the? NGFW NGIP S Application Control AMP

Evolution of Security NGFW Architecture including NGFW Device Network Cloud

Cisco Open Network Architecture for 5G, IoT, Beyond Service Creation OSS BSS Cloud-Based Services, Applications Public Private Cloud and/or On-Prem Business IoT Video Mobile I Collaboration Open APIs Security Policy Analytics Network Abstraction Orchestration Automation Streaming Telemetry Infrastructure Physical Physical & Virtual & Virtual

Security in the Open Network Architecture Security Analytics Policy & Segmentation Visibility Monitoring & Anomaly Detection What should happen on the network What is happening on the network Enforcement Cloud Based Services Network Abstraction Infrastructure Visibility

Security Architecture LAN / WAN Infra WiFi / BYOD Enterprise Network Call Centres Retail presence UE DDOS Malware IN (IMS,SigTran) DDOS Malware Interception Malware enodeb DOS Smallcell Internet Edge Privilege Exploitation Signaling DOS Partner Edge DOS Smallcell Interception Data Exfiltration Data Exfiltration Privilege Exploitation Access & Aggregation Insider Threat Privilege Exploitation MPC/EPC Insider Threat Data Hoarding Data Exfiltration Malware Datacentre DDOS Public Cloud Insider Threat Malware Interception Management Network

Mobility Security Architecture - Visibility LAN / WAN Infra WiFi / BYOD Enterprise Network Call Centres Retail presence IN (IMS,SigTran) Access & Aggregation MPC/EPC Internet Edge Datacentre Partner Edge Public Cloud Network Data Endpoint Data Subscriber Data Partner Data Internet Data Service Data Management Network

Mobility Security Architecture Policy & Segmentation IN (IMS,SigTran) Segment Internet Edge Segment Policy & Segmentation defines Access & Aggregation MPC/EPC Who is allowed to talk to Who? What are they allowed to talk about? How are they allowed to talk? When are they allowed to talk?

Mobility Security Architecture Policy & Segmentation IN (IMS,SigTran) Segment Internet Edge Segment Access & Aggregation MPC/EPC Policy and Segmentation is not just between segments but also within segments

Mobility Security Architecture Policy & Segmentation LAN / WAN Infra WiFi / BYOD Enterprise Network Call Centres Retail presence Segment IN (IMS,SigTran) Segment Segment Internet Edge Partner Edge Segment Segment What is happening on the network Segment Access & Aggregation MPC/EPC Management Network Datacentre Public Cloud What should happen on the network

Security Architecture - Analytics LAN / WAN Infra WiFi / BYOD What is versus what should be Enterprise Network IN (IMS,SigTran) Call Centres Retail presence Access & Aggregation What is happening on the network OLO Interconnect Control Plane (Diameter) User Plane (SCTP, GTP) MPC/EPC What should happen on the network Management Network Gi LAN BSS (Billing & Mediation) OSS Systems, Customer Portals NfV & Orchestration Datacentre Internet Peering Peering Internal / External Cloud Cloud

Security Architecture - Analytics Threat Intel LAN / WAN Infra WiFi / BYOD Access & Aggregation What is happening on the network What is versus what should be plus what threats do we know and what is normal behavior Enterprise Network IN (IMS,SigTran) OLO Interconnect Control Plane (Diameter) User Plane (SCTP, GTP) MPC/EPC What should happen on the network Management Network Gi LAN BSS (Billing & Mediation) OSS Systems, Customer Portals NfV & Orchestration Datacentre Call Centres Retail presence Internet Peering Peering Internal / External Cloud Cloud

Security Architecture - Analytics Threat Intel LAN / WAN Infra WiFi / BYOD Access & Aggregation What is happening on the network AnalyticsEnterprise Network What is versus what should be plus what threats do we know and what is normal behavior IN (IMS,SigTran) OLO Interconnect Control Plane (Diameter) User Plane (SCTP, GTP) MPC/EPC What should happen on the network Management Network Gi LAN BSS (Billing & Mediation) OSS Systems, Customer Portals NfV & Orchestration Datacentre Call Centres Retail presence Internet Peering Peering Internal / External Cloud Cloud Visibility Policy

Security Architecture Threat Intel LAN / WAN Infra WiFi / BYOD Access & Aggregation What is happening on the network Visibility AnalyticsEnterprise Network What is versus what Security should be plus what Trigger threats do we know and what is normal behavior IN (IMS,SigTran) OLO Interconnect Control Plane (Diameter) User Plane (SCTP, GTP) MPC/EPC What should happen on the network Management Network Policy Gi LAN BSS (Billing & Mediation) OSS Systems, Customer Portals NfV & Orchestration Datacentre Call Centres Retail presence Service Change Internet Peering Peering Infrastructure Change via Orchestration Internal / External Cloud Cloud Enforcement Action to Mitigate Threat

Security in the Open Network Architecture Security Analytics Policy & Segmentation Visibility Monitoring & Anomaly Detection What should happen on the network What is happening on the network Enforcement Cloud Based Services Network Abstraction Infrastructure Security Driven Service Change Security Auto-Remediation Visibility

Example Enforcement Rules Device is quarantined for remediation or mitigation access is denied per security policy Datacenter Server Source Destination Action IP SGT IP SGT Service Action Any Employee Any DC Server HTTPS Allow Any Suspicious Any DC Server Any Deny Based on the new policy, network enforcers automatically restrict access NGFW Trustsec Enabled Network FMC ISE Policy Server Stealthwatch PXGRID: Visibility User Activity and File Activity monitored, aggregated and analyzed. Analytics Analytics detect suspicious behavior and inform policy server. Rapid Threat Containment Device is compromised Tries to breach datacenter Policy server changes policy for device Policy

Visibility UE RAN EPC Internet Which User Accessed a URL at any particular time?

Visibility UE RAN EPC Internet URL Date/Time of Connection Duration of the Connection NAT IP Address Source IP Address IMSI/MSISDN

Visibility Cisco Stealthwatch Correlates multiple data types and sources to provide traffic details, subscriber info and application context for every traffic flow passing through the network

See Once, Enforce Everywhere Threat Intelligence Analytics Visibility Enforcement Device Network Cloud

Protecting Network, Cloud, Device for 5G, IoT, Beyond Security Gateway (SecGW) Solutions for Secure Mobile Backhaul Device Network Centralized SecGW Distributed SecGW Firepower 9300 Cloud Firepower 4100 Series ASR 900 Series ASAv ASAv Superior Performance and Scale High throughput IPsec VPN and Security Gateway processing Exceptional Flexibility Right sized with pay-as-you-grow options; unique clustering technology on Firepower to optimize performance while reducing rack space, power and cooling costs Future Proof Physical and virtual options to address architectural requirements

Protecting Network, Cloud, Device for 5G, IoT, Beyond Cisco Umbrella for New Revenue Opportunities Device Network Cisco Umbrella for Service Providers Cloud Learn Intelligence to see attacks before they launch See Visibility to protect access everywhere Block Stop threats before connections are made Consumer SMB Connectivity MSSP Enterprise

Protecting Network, Cloud, Device for 5G, IoT, Beyond Secure Enterprise Mobility Device Network Trusted Device Visibility Collection & Analytics Cloud Samsung and Cisco are partnering to provide the most secure mobile device platform with unmatched visibility for the enterprise

Thank You Security Business Group

There are two types of companies: those who have been hacked, and those who don t yet know they have been hacked. John Chambers

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback