Cisco Cloud Security. How to Protect Business to Support Digital Transformation

Similar documents
Innovative Cisco Security- Lösungen für den Endpoint Das Alpha und Omega unsere Next Gen Security

How to build a multi-layer Security Architecture to detect and remediate threats in real time

Cisco Ransomware Defense The Ransomware Threat Is Real

Cisco Advanced Malware Protection against WannaCry

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Aby se z toho bezpečnostní správci nezbláznili Cisco security integrace. Milan Habrcetl Cisco CyberSecurity Specialist Mikulov, 5. 9.

Cisco Firepower NGFW. Anticipate, block, and respond to threats

How to Predict, Detect & Stop threats at the Edge and Behind the Perimeter even in encrypted traffic without decryption

Cisco Advanced Malware Protection. May 2016

Predicting and Preventing Cyber Threats. Paolo Passeri, Consulting Systems Engineer

Cisco Security. Advanced Malware Protection. Guillermo González Security Systems Engineer Octubre 2017

Modern attacks and malware

SOLUTION BRIEF RSA NETWITNESS SUITE 3X THE IMPACT WITH YOUR EXISTING SECURITY TEAM

Battle between hackers and machine learning. Alexey Lukatsky Cybersecurity Business Consultant April 03, 2019

The Internet of Everything is changing Everything

Cisco Security Exposed Through the Cyber Kill Chain

CloudSOC and Security.cloud for Microsoft Office 365

Cisco Comstor

Compare Security Analytics Solutions

Agenda: Insurance Academy Event

Service Provider Security Architecture

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

Automated Threat Management - in Real Time. Vectra Networks

Cognitive Threat Analytics Tech update

A Pragmatic Approach to HealthCare Security. Hans Mathys CSE, Cybersecurity, Cisco Switzerland

Cisco Security Enterprise License Agreement

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Intelligent Cybersecurity for the Real World Scott Lovett Vice President, Global Security Sales

RSA NetWitness Suite Respond in Minutes, Not Months

with Advanced Protection

A New Security Model for the IoE World. Henry Ong SE Manager - ASEAN Cisco Global Security Sales Organization

Maximum Security with Minimum Impact : Going Beyond Next Gen

Simplify Technology Deployments

AKAMAI CLOUD SECURITY SOLUTIONS

ATTIVO NETWORKS THREATDEFEND PLATFORM INTEGRATION WITH CISCO SYSTEMS PROTECTS THE NETWORK

Best Practices in Securing a Multicloud World

Gladiator Incident Alert

How Boards use the NIST Cybersecurity Framework as a Roadmap to oversee cybersecurity

Eliminating the Blind Spot: Rapidly Detect and Respond to the Advanced and Evasive Threat

Agile Security Solutions

Cisco Advanced Malware Protection for Endpoints

Consumerization. Copyright 2014 Trend Micro Inc. IT Work Load

AMP for Endpoints & Threat Grid

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Symantec Ransomware Protection

SAFE Architecture Guide. Places in the Network: Secure Campus

Security and Compliance for Office 365

McAfee Endpoint Threat Defense and Response Family

Cisco s Appliance-based Content Security: IronPort and Web Security

QuickSpecs. Aruba IntroSpect User and Entity Behavior Analytics. Overview. Aruba IntroSpect User and Entity Behavior Analytics Product overview

MODERN DESKTOP SECURITY

Cisco Security: Advanced Threat Defense for Microsoft Office 365

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

TREND MICRO SMART PROTECTION SUITES

Managed Endpoint Defense

EBOOK What attacks aren t you seeing? Why you should consider adding DNS-layer security as your first line of defense against threats

Designing an Adaptive Defense Security Architecture. George Chiorescu FireEye

SOLUTION BRIEF RSA NETWITNESS EVOLVED SIEM

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Sandboxing and the SOC

FOUR WAYS TO IMPROVE ENDPOINT SECURITY: MOVING BEYOND TRADITIONAL APPROACHES

An Investment Checklist

Censornet. CensorNet Unified Security Service (USS) FREEDOM. VISIBILITY. PROTECTION. Lars Gotlieb Regional Manager DACH

Defend Against the Unknown

Cisco Next Generation Firewall and IPS. Dragan Novakovic Security Consulting Systems Engineer

PEOPLE CENTRIC SECURITY THE NEW

Passit4Sure (50Q) Cisco Advanced Security Architecture for System Engineers

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

STAY ONE STEP AHEAD OF THE CRIMINAL MIND. F-Secure Rapid Detection & Response

Cisco Cyber Range. Paul Qiu Senior Solutions Architect June 2016

3 Ways to Prevent and Protect Your Clients from a Cyber-Attack. George Anderson Product Marketing Director Business October 31 st 2017

Advanced Malware Protection: A Buyer s Guide

Encrypted Traffic Analytics

Cisco AMP Solution. Rene Straube CSE, Cisco Germany January 2017

Stealthwatch ülevaade + demo ja kasutusvõimalused. Leo Lähteenmäki

Cato Cloud. Software-defined and cloud-based secure enterprise network. Solution Brief

Protecting Your Digital Business: The Case for Next-Generation Intrusion Prevention

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

Threat Detection and Mitigation for IoT Systems using Self Learning Networks (SLN)

Global vision. Local knowledge. Cisco Forum Kyiv Country Day Month Year

SIEM Solutions from McAfee

Cisco Advanced Malware Protection for Endpoints. Donald J Case BizCare, Inc. Saturday, May 19, 2018

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

Threat Containment and Operations. Yong Kwang Kek, Director of Presales SE, APJ

Automated Context and Incident Response

Cisco Advanced Malware Protection

Barracuda Advanced Threat Protection. Bringing a New Layer of Security for . White Paper

IBM Security Network Protection Solutions

THE RSA SUITE NETWITNESS REINVENT YOUR SIEM. Presented by: Walter Abeson

Segment Your Network for Stronger Security

AlgoSec: How to Secure and Automate Your Heterogeneous Cisco Environment

Cato Cloud. Solution Brief. Software-defined and Cloud-based Secure Enterprise Network NETWORK + SECURITY IS SIMPLE AGAIN

Improved C&C Traffic Detection Using Multidimensional Model and Network Timeline Analysis

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

Secure Network Access for Personal Mobile Devices

Intelligent Cyber Security for Real World

ATTIVO NETWORKS THREATDEFEND INTEGRATION WITH MCAFEE SOLUTIONS

Security by Default: Enabling Transformation Through Cyber Resilience

Transcription:

Cisco Cloud Security How to Protect Business to Support Digital Transformation Dragan Novakovic Cybersecurity Consulting Systems Engineer January 2018.

Security Enables Digitization

Digital Disruption, Massive Scale 50B Devices Connected by 2020 $19T Opportunity Active Adversaries Attack surface Threat Actors Attack Sophistication Security Industry Rapidly expanding number of security companies Not interoperable Not open Changing Business Models Security Challenges Dynamic Threat Landscape Complexity and Fragmentation

Goal The Security for Effective Effectiveness Security Gap

If It s Digital Security Must Evolve

Architectural Approach: Integrated Mobile Users Branch Offices Network Capability Complexity Endpoint Cloud Roaming Laptops Corporate Networks

Premiere Portfolio in the Industry Best of Breed and Integrated Architecture Network Analytics UTM Cloud Access Security Email Secure Internet Gateway Advanced Malware Policy and Access NGFW/ NGIPS W W W Web

Security Enables Digitization Protect your Business During Digital Transformation Stop threats at the edge Control who gets onto your network Find and contain problems fast Protect users wherever they work Simplify network segmentation

Security Enables Digitization OUTCOMES Stop threats at the edge Protect users wherever they work Control who gets onto your network Simplify network segmentation Find and contain problems fast PRODUCTS SERVICES NGFW Risk Assessment Umbrella Architecture Review ISE Stealthwatch + TrustSec Network as a sensor + enforcer Architecture Segmentation Review Services AMP Active Threat Analytics SUMMARY Apply threat-centric visibility and control to your NGFW for truly effective protection at the perimeter. Protect all users regardless of location or device, and whether they are employees or guests. Stop the wrong people from accessing your network. Gain visibility into behavior from within the network. Stop threats from spreading within your organization. Find, stop and remove malicious content with effective tools that are simple to use.

Security Enables Digitization Protect your Business During Digital Transformation Umbrella + Architecture Review Apply consistent controls and polices for securing your mobile users as they move among many locations. Extend your NGFW protection beyond the perimeter with cloud-delivered security enabled at the DNS layer to protect users from malware, phishing and other malicious connections. Protect all users regardless of location or device, whether they are in the office, in a branch Stop threats or mobile on their device, and whether Control they who are gets employees or guest WiFi users. Find and contain at the onto your problems edge network fast Protect users wherever they work Simplify network segmentation

Security Enables Digitization Protect your Business During Digital Transformation AMP + Active Threat Analytics Threats will find a way past the best defenses, and then the race is on. Reduce the time it takes to find bad stuff on your network from days to hours. Traditional endpoint methods of signature detection Stop are threats slow, and threats move fast. Find, Control stop and who remove gets malicious content at the before it does any more damage onto with your effective tools that are edge simple to use. network Find and contain problems fast Protect users wherever they are Simplify network segmentation

Find and stop them in hours, not days VS.

AMP helps you to Make the unknown, known See once, block everywhere Accelerate security response

Continuously monitor to make the unknown, known Make the unknown, known See once, block everywhere Accelerate security response No threat symptoms displayed Sent information from internal server? IoC identified? Compromised Customer data Origin Threat Contained Initial device compromised Launched malicious file downloads Threat AMP continuously records all activity In most networks, there s no way to see threat progression or origin With AMP, trace back threat activity and remediate incidents quickly

See once, block everywhere Make the unknown, known See once, block everywhere Accelerate security response Protect, detect, and respond across your environment Sandboxing AMP AMP Cloud Automatically block threats seen outside your network NGFW NGIPS Endpoint WSA ESA ISR 3 rd party products APIs Augment the functionality of Cisco and 3 rd party products Talos AMP makes everything in your network better API integration

Accelerate security response Make the unknown, known See once, block everywhere Accelerate security response Understand which alerts need further investigation with precision Accelerate investigations and reduce management complexity Eliminate time-consuming and error-prone tasks Automate intelligencedriven security responses

More Ways To: Find and contain problems fast Investigate Cisco Investigate provides the most complete view of the relationships and evolution of Internet domains, IP addresses, and autonomous systems to pinpoint attackers infrastructures and predict future threats. Rapid Threat Containment Cisco Rapid Threat Containment uses an open integration of Cisco s security products, technologies from Cisco security partners, and the network control of the Cisco Identity Services Engine (ISE). Ransomware Defense Cisco Ransomware Defense reduces the risk of ransomware infections with a layered approach, from the DNS layer to the endpoint to the network, email, and the web.

Cisco Umbrella First line of defense for threats on the internet

Cisco Umbrella Cloud security platform Malware C2 Callbacks Phishing Built into the foundation of the internet Intelligence to see attacks before launched Visibility and protection everywhere 208.67.222.222 Enterprise-wide deployment in minutes Integrations to amplify existing investments

Where does Umbrella fit? Malware C2 Callbacks Phishing Benefits NGFW Netflow Proxy First line Block malware before it hits the enterprise Contains malware if already inside Sandbox AV AV HQ Router/UTM AV AV BRANCH AV ROAMING Internet access is faster Provision globally in minutes

It all starts with DNS DNS = Domain Name System First step in connecting to the internet Precedes file execution and IP connection Used by all devices Port agnostic Umbrella Cisco.com 72.163.4.161

Built into foundation of the internet Umbrella provides: Connection for safe requests Prevention for user and malwareinitiated connections Proxy inspection for risky domains Safe request Blocked request

ENFORCEMENT Intelligent proxy Requests for risky domains URL inspection Cisco Talos feeds Cisco WBRS Partner feeds Custom URL block list File inspection AV Engines Cisco AMP

Prevents connections before and during the attack Web and email-based infection Malvertising / exploit kit Phishing / web link Watering hole compromise Command and control callback Malicious payload drop Encryption keys Updated instructions Stop data exfiltration and ransomware encryption

Malware doesn t just happen Intelligence to see attacks before launched Build. Test. Launch. Repeat. Ransomware Web server Malware Web server www www Email delivery Domain/IP Malvertising Domain/IP ATTACK 1 ATTACK 2

Our view of the internet 125B requests per day 90M daily active users 15K enterprise customers 160+ countries worldwide

Intelligence to see attacks before launched Data Cisco Talos feed of malicious domains Umbrella DNS data 125B requests per day Security researchers Industry renown researchers Build models that can automatically classify and score domains and IPs Models Dozens of models continuously analyze millions of live events per second Automatically uncover malware, ransomware, and other threats

Intelligence Statistical models 2M+ live events per second 11B+ historical events Co-occurrence model Identifies other domains looked up in rapid succession of a given domain Natural language processing model Detect domain names that spoof terms and brands Spike rank model Detect domains with sudden spikes in traffic Predictive IP space monitoring Analyzes how servers are hosted to detect future malicious domains Dozens more models

Our efficacy Discover 3M+ daily new domain names Identify 60K+ daily malicious destinations Enforce 7M+ malicious destinations while resolving DNS

Visibility and protection for all activity, anywhere Umbrella HQ IoT Mobile Branch Roaming ON-NETWORK OFF-NETWORK All office locations Any device on your network Roaming laptops Every port and protocol ALL PORTS AND PROTOCOLS

Allowed, blocked, and proxied traffic per device or network IDENTITY REPORTS Quickly spot and remediate victims Top activity and categories per device or network

Local vs. global trends for malicious domains DESTINATION REPORTS Quickly assess extent of exposure Top identities associated with malicious activity

Total and newly seen cloud services Cloud apps by classification and traffic volume CLOUD SERVICES REPORT Effectively combat shadow IT

Enterprise-wide deployment in minutes On-network coverage With one setting change Integrated with Cisco ISR 4K series and Cisco WLAN controllers Off-network coverage ANY DEVICE ON NETWORK ROAMING LAPTOP BRANCH OFFICES With AnyConnect VPN client integration Or with any VPN using lightweight Umbrella client

Integrations to amplify existing security Block malicious domains from partner or custom systems YOUR CURRENT SECURITY STACK Threat analysis feed AMP Threat Grid + Others Umbrella Appliance-based detection Threat intelligence platform + Others + Others IOCs Cloud Access Security Broker Cloudlock + Others Custom integrations Python Script Bro IPS + Others

What sets Umbrella apart from other solutions Fastest and most reliable cloud infrastructure Broadest coverage of malicious destinations and files Most open platform for integration Easiest connect-to-cloud deployment Most predictive intelligence to stop threats earlier

Simple Effective Security Open Automated

Thank you

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback