Cisco Systems Korea

Similar documents
Threat Control and Containment in Intelligent Networks. Philippe Roggeband - Product Manager, Security, Emerging Markets

Cisco Self Defending Network

A Unified Threat Defense: The Need for Security Convergence

Business Strategy Theatre

Safe & Secure Environments for School. Ricky Elias Security Architect Advanced Technologies (Security)

NETWORK THREATS DEMAN

Putting Trust Into The Network Securing Your Network Through Trusted Access Control

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

Cisco Systems Korea Cisco Systems, Inc. All rights reserved. 1

Security Assessment Checklist

Solution Architecture

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

Security is Just Another Word without Collective Intelligence DS Benbow, VP Marketing

Cisco Cyber Range. Paul Qiu Senior Solutions Architect

Self Defending Networks

Internetwork Expert s CCNA Security Bootcamp. Common Security Threats

Wireless and Network Security Integration Solution Overview

Exam : Title : Security Solutions for Systems Engineers. Version : Demo

CIH

The Business Case for Security Information and Management Systems

IxLoad-Attack TM : Network Security Testing

Training UNIFIED SECURITY. Signature based packet analysis

Security Architect Northeast US Enterprise CISSP, GCIA, GCFA Cisco Systems. BRKSEC-2052_c Cisco Systems, Inc. All rights reserved.

The IINS acronym to this exam will remain but the title will change slightly, removing IOS from the title, making the new title.

Network. Arcstar Universal One

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access

Endpoint Protection : Last line of defense?

Implementing Cisco Network Security (IINS) 3.0

Unit 2 Assignment 2. Software Utilities?

2 ZyWALL UTM Application Note

Future-ready security for small and mid-size enterprises

ASA/PIX Security Appliance

Data Retrieval Firm Boosts Productivity while Protecting Customer Data

Cisco EXAM SBF for Account Managers - g33ky -

Cisco Network Admission Control (NAC) Solution

Computer Network Vulnerabilities

Converged World. Martin Capurro

August 14th, 2018 PRESENTED BY:

Chapter 10: Security. 2. What are the two types of general threats to computer security? Give examples of each.

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Chapter 4. Network Security. Part I

Evolution of Data Center Security Automated Security for Today s Dynamic Data Centers

Automating Security Response based on Internet Reputation

Teleworking and Security: IT All Begins with Endpoints. Jim Jessup Solutions Manager, Information Risk Management June 19, 2007

Surat Smart City Development Ltd. Surat Municipal Corporation 1

Endpoint web control overview guide

S.No. CCIE Security Written Exam Topics v4.0 Part I Infrastructure, Connectivity, Communications, Network Security

Gladiator Incident Alert

SYLLABUS. DIVISION: Business and Engineering Technology REVISED: FALL 2015 CREDIT HOURS: 4 HOURS/WK LEC: 4 HOURS/WK LAB: 0 LEC/LAB COMB: 4

4 Information Security

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Distributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013

SSL VPNs or IPsec VPNs The Challenges of Remote Access. February 2 nd, 2007 Chris Witeck- Director of Product Marketing

SAFE Architecture Guide. Places in the Network: Secure Internet Edge

Ethical Hacking and Prevention

Hardening the Education. with NGFW. Narongveth Yutithammanurak Business Development Manager 23 Feb 2012

CISCO EXAM QUESTIONS & ANSWERS

Cisco Security Enterprise License Agreement

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Reviewer s guide. PureMessage for Windows/Exchange Product tour

IC32E - Pre-Instructional Survey

Cisco ASA 5500 Series IPS Edition for the Enterprise

ActualTorrent. Professional company engaging Providing Valid Actual Torrent file for qualification exams.

SAFE Architecture Guide. Places in the Network: Secure Campus

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Chapter 1 B: Exploring the Network

Securing Your Business Against the Diversifying Targeted Attacks Leonard Sim

Securing the Converged Enterprise, Part I

CSA for Mobile Client Security

CHAPTER 3. Information Systems: Ethics, Privacy, and Security

GEARS + CounterACT. Advanced Compliance Enforcement for Healthcare. December 16, Presented by:

A Review Paper on Network Security Attacks and Defences

Cisco NAC Network Module for Integrated Services Routers

Security Challenges & Remedies for the Telecoms Operator and its Customers

Test Accredited Configuration Engineer (ACE) Exam PAN OS 6.0 Version

Cisco SR 520-T1 Secure Router

Integrating Microsoft Forefront Threat Management Gateway (TMG)

Maximum Security, Zero Compromise in Availability and Performance

New methods to protect the network. Deeper visibility with Cisco NGFW Next Generation Firewall

Defend. Discover. Remediate. An Integrated Security Strategy. Gary Osland Business Development Manager Cisco Systems Inc.

Cisco Firepower with Radware DDoS Mitigation

IT Digital Chat. July 14, 2017

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

The Internet of Everything is changing Everything

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Cyber Security Audit & Roadmap Business Process and

Campus Network Design

UTM 5000 WannaCry Technote

Exam: : VPN/Security. Ver :

Venusense UTM Introduction

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Cisco SA 500 Series Security Appliances

Cisco s Appliance-based Content Security: IronPort and Web Security

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Cisco ASA with FirePOWER services Eric Kostlan, Technical Marketing Engineer Security Technologies Group, Cisco Systems LABSEC-2339

Next Generation Firewall Performance Benchmarking Methodology Draft

Medium / Large Enterprises Next-Generation UTM NU-850C

Changing face of endpoint security

Transcription:

(kiseo@cisco.com) Cisco Systems Korea 2008 Cisco Systems, Inc. All rights reserved. 1

Agenda 2008 Cisco Systems, Inc. All rights reserved. 2

2008 Cisco Systems, Inc. All rights reserved. 3

Threats Are Becoming Increasingly Difficult to Detect and Mitigate Financial: Theft and Damage reat Sever rity Th Fame: Viruses and Malware Notoriety: Basic Intrusions and Viruses 1990 1995 2000 2005 2007 2010 2008 Cisco Systems, Inc. All rights reserved. 4

Writers First-Stage Abusers Middle Men Second-Stage Abusers End Value Tool Writers Hacker or Direct Attack Fame Malware Writers Worms Viruses Trojans Spyware Machine Harvesting Information Harvesting Internal Theft Abuse of Privilege Compromised Host and Application Botnet t Creation Botnet Management Personal Information Information Brokerage Extortionist DDoS for Hire Spammer Phisher Pharmer/DNS Poisoning Identity Theft Theft Espionage Extortion Commercial Sales Fraudulent Sales Click Fraud Electronic IP Leakage Financial Fraud 2008 Cisco Systems, Inc. All rights reserved. 5

Source: 2007 CSI Survey 2008 Cisco Systems, Inc. All rights reserved. 6

, DDoS 2008 Cisco Systems, Inc. All rights reserved. 7

2008 Cisco Systems, Inc. All rights reserved. 8

Training and Staffing Policy Implementation Configuration Configuration and and Management Management Event Sharing and Collaboration Event Sharing and Collaboration Threat Intelligence Threat Intelligence URL URL Filter Filter Host Host IPS IPS Web Web Application Fi Firewall Network Network IPS IPS NAC NAC Fi Firewall IPs IPsec VPN VPN SSL SSL VPN VPN AV AV Gateway XML XML Fi Firewall Se Security Ma ment ment Spam Spam Manage- Ga Gateway Integration ti Into the Network Infrastructure t 2008 Cisco Systems, Inc. All rights reserved. 9

SDN Integrated Adaptive Collaborative Network Security Endpoint Security Content Security Application Security Firewall N-IDS / IPS Router Switch Anti-Virus Anti-Spyware H-IPS Access Control Anti-Phising Content Filtering Email Security XML F/W Application F/W Traffic T Control Virus Prevention Malware Ml Prevention App. A Attack Prevention Worm Prevention ACL L2 Security Host Protection Network Admission Control URL Filtering Anti-Spam Data Loss Prevention XML Packet Inspection 2008 Cisco Systems, Inc. All rights reserved. 10

Port 25 Port 80 Content Security Network Security Locked the Network Doors, but E-Mail and Web Stayed Open 2008 Cisco Systems, Inc. All rights reserved. 11

75% Custom Web Applications Customized Packaged Applications Internal and Third-Party Code Business Logic and Code Network Firewall IDS/IPS Web Servers Operating Systems Application Servers Operating Systems Network Database Servers Operating Systems 50% of enterprises and government agencies are using XML, Web services or SOA. Source: Gartner XML accounted for 15% of internet traffic in 2005. By 2008, it is expected to account for 50%. Source: 451 Group 2008 Cisco Systems, Inc. All rights reserved. 12

2008 Cisco Systems, Inc. All rights reserved. 13

0111111010101000100001000100111110 ACL Firewall RFC2827 urpf CoPP NetflowN L2 Security IP TCP/UDP C / N-IDS / IPS Application Recognition (NBAR) Flexible Packet Matching (FPM) F/W w/ App. Engine Content C t t Security XML F/W App. F/W DDoS Solution H-IPSH Email Security DNS Safeguard Worm Packet Inspection App. Attack DDoS Protection Prevention Malformed App. Protection Data Loss Prevention 2008 Cisco Systems, Inc. All rights reserved. 14

, Application Inspection Content Security ASA 5500 Series Cat6K Sup32-PISA ACE XML Firewall ACE Application Firewall IronPort S Series (Web Security) IronPort C Series (Email Security) Endpoint Security NAC Appliance Cisco Security Agent (CSA) DDoS Attack Prevention Guard and Detector 2008 Cisco Systems, Inc. All rights reserved. 15

2008 Cisco Systems, Inc. All rights reserved. 16

: Guard Internet ASA 5500 Detector t CSA IronPort S Series DMZ IronPort C Series ACE XML Firewall ACE App. Firewall Campus 2008 Cisco Systems, Inc. All rights reserved. 17

: CSA Access Switch Security Distribution NAC Appliance Cat6K Sup32-PISA NBAR FPM 0111111010101000100001000100111110 Core Switch Security 2008 Cisco Systems, Inc. All rights reserved. 18

: Core Switch Security Aggregation Switch Security XML Firewall App. Firewall Access Detector Switch Security CSA 2008 Cisco Systems, Inc. All rights reserved. 19

2008 Cisco Systems, Inc. All rights reserved. 20

2008 Cisco Systems, Inc. All rights reserved. 21

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback