SlideShare une entreprise Scribd logo

Next Generation Security

Cisco Canada
Cisco Canada

Next Generation Security presentation for Cisco Connect Canada Tour 2014.

Technologie
1  sur  41
Télécharger pour lire hors ligne
Next Generation Security Rob Bleeker Security Consulting Systems Engineer CCIE# 2926, CISSP Justin Malczewski 1234567890
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3 The Industrialization of Hacking 1990 202020152010200520001995 Phishing, Low Sophistication Hacking Becomes an Industry Sophisticated Attacks, Complex Landscape Viruses 1990–2000 Worms 2000–2005 Spyware and Rootkits 2005–Today APTs Cyberware Today +
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4 How Bad – 2013 and Beyond 145 Million 152 Million 70 Million 60 Million 50 Million 50 Million and a lot more!!!!!!
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5 Needs to be a Better Approach Current approach has never worked! Imagine – Security as an Architecture
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6 The New Security Model BEFORE Discover Enforce Harden AFTER Scope Contain Remediate Attack Continuum Network Endpoint Mobile Virtual Cloud Detect Block Defend DURING Point in Time Continuous
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7 Cyber Attack Chain Recon Package Deliver Exploit Install CnC Act BEFORE Discover Enforce Harden AFTER Scope Contain Remediate During Detect Block Prevent Visibility and Context Firewall NGFW NAC + Identity Services VPN UTM NGIPS Web Security Email Security Advanced Malware Protection Network Behavior Analysis
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8 The better you can protect………. The More You See
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9 Visibility Control 0010 010 10010111001 10 100111 010 000100101 110011 01100111010000110000111000111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00 0111000 111010011 101 1100001 11000 1110100111 0010 010 10010111001 10 100111 010 000100101 110011 01100111010000110000111000111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00 0111000 111010011 101 1100001 11000 1110100111 CiscoSecurity Intelligence Operation (SIO) Cisco® SIO WWWEmail WebDevices IPS EndpointsNetworks More Than 150 Million DEPLOYED ENDPOINTS 100 TB DATA RECEIVED PER DAY 1.6 Million GLOBAL SENSORS 40% WORLDWIDE EMAIL TRAFFIC 13 Billion WEB REQUESTS Cloud AnyConnect®IPS ESA WSAASA WWW 3 to 5 MINUTE UPDATES More Than 200 PARAMETERS TRACKED More Than 5500 IPS SIGNATURES PRODUCED More Than 8 Million RULES PER DAY More Than 70 PUBLICATIONS PRODUCED Information Actions More Than 40 LANGUAGES More Than 80 PH.D, CCIE, CISSP, MSCE More Than $100 Million SPENT IN DYNAMIC RESEARCH AND DEVELOPMENT 24 Hours Daily OPERATIONS More Than 800 ENGINEERS, TECHNICIANS, AND RESEARCHERS
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10 Collective Security Intelligence IPS Rules Malware Protection Reputation Feeds Vulnerability Database Updates Sourcefire AEGIS™ Program Private and Public Threat Feeds Sandnets FireAMP™ Community Honeypots Advanced Microsoft and Industry Disclosures SPARK Program Snort and ClamAV Open Source Communities File Samples (>380,000 per Day) Sourcefire VRT® (Vulnerability Research Team) Sandboxing Machine Learning Big Data Infrastructure
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11 ASA with FirePower Services
Mission: Founded in 2001 by Marty Roesch Security from Cloud to Core • Market leader in (NG)IPS • Recent entrant to NGFW space with strong offering • Groundbreaking Advanced Malware Protection solution Innovative – 52+ patents issued or pending • Pioneer in IPS, context-driven security, advanced malware World-class research capability Owner of major Open Source security projects • Snort, ClamAV, Razorback
13 Sourcefire Security Solutions COLLECTIVE SECURITY INTELLIGENCE Management Center APPLIANCES | VIRTUAL NEXT- GENERATION FIREWALL NEXT- GENERATION INTRUSION PREVENTION ADVANCED MALWARE PROTECTION CONTEXTUAL AWARENESS HOSTS | VIRTUAL MOBILE APPLIANCES | VIRTUAL
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14 FirePOWER Services for ASA: Components ASA 5585-X FirePOWER Services Blade • Models: ASA 5512-X, 5515-X, 5525-X, 5545-X, and 5555-X • SSD Drive Required • FirePOWER Services Software Module • Licenses and Subscriptions • Models: ASA 5585-X-10, ASA 5585-X- 20, ASA 5585-X-40, ASA 5585-X-60 • New FirePOWER Services Hardware Module Required • Licenses and Subscriptions
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15 2014 NSS Labs SVM for NFGW
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16 Functional Distribution ACL NAT VPN Termination Routing Advanced Malware Protection AVC (App Control) NGIPS URL Filtering FirePOWER Services Module Base ASA
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17 Next Generation Security on a Trusted Firewall FirePOWER Services NGIPS, NGFW/AVC, AMP FireSIGHT Management Center Comprehensive SECOPS Workflows Cisco Security Manager (CSM) or ASDM Comprehensive NETOPS Workflows ASA Software
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19 Why does this matter • Application visibility efficacy is NOT a 100%.Today the best efficacy around App ID is about 65%. • If you are looking to strengthen your overall security posture then building policies with 65% efficacy is putting your organization at risk. This creates a hit and miss security model. • Application ID is non deterministic, applications are evasive, what happens with unknown applications. • Logging of unknown application should take place and silent drops are forbidden in security – you need to know what has happened even if the applications has not been identified Cisco Still Understands the Value of APP Visibility/Control • Application visibility and control and web filtering has been within Cisco’s portfolio for 5+ years. We have led this with our Cisco Ironport WSA and our CWS (Scansafe) solutions. (we have brought this quadrant leading product to our next generation ASA platform) • Built upon a strong traditional stateful firewall platform that has been proven within the industry. Cisco is solving the application ID efficacy with OpenAppID NGFW Realities OpenAppID
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20 NGFW Realities – The Blocks of Building the Best NGFW DifficulttoBuildatBest GoodGreat Poor How – Cisco will be adding FireAMP for Malware and SourceFire NGIPS and further ISE integration. Very Difficult to build the best of breed for all elements that make a NGFW. Note: the great, good, and poor changes depending on the product referenced. NGFW Today Traditional FW VPNAPP URL IPS Malware Visibility and Integration ASA with Firepower Services Traditional FW VPNAPP URL IPS Malware Visibility and Integration
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21 FirePOWER Services: Application Control • Control access for applications, users and devices • “Employees may view Facebook, but only Marketing may post to it” • “No one may use peer-to-peer file sharing apps” Over 3,000 apps, devices, and more!
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22 Application Control Social: Security and DLP Mobile: Enforce BYOD Policy Bandwidth: Recover Lost Bandwidth Security: Reduce Attack Surface
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23 FirePOWER Services: URL Filtering • Block non-business-related sites by category • Based on user and user group
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24 FireSIGHT™ Full Stack Visibility CATEGORIES EXAMPLES FirePOWER Services TYPICAL IPS TYPICAL NGFW Threats Attacks, Anomalies ✔ ✔ ✔ Users AD, LDAP, POP3 ✔ ✗ ✔ Web Applications Facebook Chat, Ebay ✔ ✗ ✔ Application Protocols HTTP, SMTP, SSH ✔ ✗ ✔ File Transfers PDF, Office, EXE, JAR ✔ ✗ ✔ Malware Conficker, Flame ✔ ✗ ✗ Command & Control Servers C&C Security Intelligence ✔ ✗ ✗ Client Applications Firefox, IE6, BitTorrent ✔ ✗ ✗ Network Servers Apache 2.3.1, IIS4 ✔ ✗ ✗ Operating Systems Windows, Linux ✔ ✗ ✗ Routers & Switches Cisco, Nortel, Wireless ✔ ✗ ✗ Mobile Devices iPhone, Android, Jail ✔ ✗ ✗ Printers HP, Xerox, Canon ✔ ✗ ✗ VoIP Phones Cisco phones ✔ ✗ ✗ Virtual Machines VMware, Xen, RHEV ✔ ✗ ✗ Contextual AwarenessInformation Superiority
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25 Correlates all intrusion events to an impact of the attack against the target ImpactAssessment IMPACT FLAG ADMINISTRATOR ACTION WHY Act Immediately, Vulnerable Event corresponds to vulnerability mapped to host Investigate, Potentially Vulnerable Relevant port open or protocol in use, but no vuln mapped Good to Know, Currently Not Vulnerable Relevant port not open or protocol not in use Good to Know, Unknown Target Monitored network, but unknown host Good to Know, Unknown Network Unmonitored network
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26 Cisco FireSIGHT Simplifies Operations • Impact Assessment and Recommended Rules Automate Routine Tasks
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27 Reduced Cost and Complexity • Multilayered protection in a single device • Highly scalable for branch, internet edge, and data centers • Automates security tasks oImpact assessment
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28 The Power of Continuous Analysis Point-in-time security sees a lighter, bullet, cufflink, pen & cigarette case… Wouldn’t it be nice to know if you’re dealing with something more deadly?
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29 Indications of Compromise (IoCs) IPS Events Malware Backdoors CnC Connections Exploit Kits Admin Privilege Escalations Web App Attacks SI Events Connections to Known CnC IPs Malware Events Malware Detections Malware Executions Office/PDF/Java Compromises Dropper Infections
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30 Advanced Malware Protection (FireAMP)
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31 Actual Disposition = Bad = Blocked Antivirus Sandboxing Initial Disposition = Clean Point-in-time Detection Retrospective Detection, Analysis Continues Initial Disposition = Clean Continuous Blind to scope of compromise Sleep Techniques Unknown Protocols Encryption Polymorphism Actual Disposition = Bad = Too Late!! Turns back time Visibility and Control are Key Not 100% Analysis Stops Beyond the Event Horizon Addresses limitations of point-in-time detection
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32 1) File Capture FirePOWER Services: Advanced Malware Malware Alert! 2) File Storage 4) Execution Report Available In Defense Center Network Traffic Collective Security Intelligence Sandbox 3) Send to Sandbox
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33 Visibility and Context
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34 Visibility and Context File Sent File Received File Executed File Moved File Quarantined
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35 FirePOWER Services for ASA: Subscriptions FirePOWER Services for ASA Included Appliance Features Configurable Fail Open Interfaces ✓ Connection/Flow Logging ✓ Network, User, and Application Discovery ✓ Traffic filtering / ACLs ✓ NSS Leading IPS Engine ✓ Comprehensive Threat Prevention ✓ Security Intelligence (C&C, Botnets, SPAM etc) ✓ Blocking of Files by Type, Protocol, and Direction ✓ Basic DLP in IPS Rules (SSN, Credit Card etc.) ✓ Access Control: Enforcement by Application ✓ Access Control: Enforcement by User ✓ IPS and App Updates IPS Rule and Application Updates Annual Fee URL Filtering URL Filtering Subscription Annual Fee Malware Protection Subscription for Malware Blocking, Continuous File Analysis, Malware Network Trajectory Annual Fee
High Availability and Clustering Max 2 Units Max 16 Units*
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37 Deploying ASA w/ FirePOWER Services • Available on all ASA platforms • State-sharing between Firewalls for high availability • L2 Transparent or L3 Routed deployment options • Failover Link • ASA provides valid, normalized flows to FirePOWER module • State sharing does not occur between FirePOWER Services Modules High Availability with ASA Failover
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38 Multi-ContextASADeployments • ASA can be configured in multi context mode such that traffic going through the ASA can be assigned different policies • These interfaces are reported to the FirePOWER blade and can be assigned to security zones that can be used in differentiated policies. • In this example, you could create one policy for traffic going from Context A Outside to Context A Inside. And then a different policy for Context B Outside to Context B Inside. • Note: There is no management segmentation inside the FirePOWER module similar to the context idea inside ASA configuration. Context A Context B Outside Inside
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39 Multi-ContextASADeployments Admin Context Context- 1
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40 DeployingASAw/ FirePOWER Services • Up to 8 ASA5585-X IPS • Stateless load balancing by external switch • L2 Transparent or L3 Routed deployment options • Support for vPC, VSS and LACP • Cluster Control Protocol/Link • State-sharing between Firewalls for symmetry and high availability • Every session has a primary and secondary owner ASA • ASA provides traffic symmetry to FirePOWER module • Scaling IPS with ASA5585-X Clustering
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41 WhyASAwith FirePOWER Services? • World’s most widely deployed, enterprise-class ASA stateful firewall • Granular Application Visibility and Control (AVC) • Industry-leading FirePOWER Next-Generation IPS (NGIPS) • Validated by NSS Labs as the best NGFW on the market today • Advanced malware protection CISCO ASA Identity-Policy Control & VPN URL Filtering (subscription) FireSIGHT Analytics & Automation Advanced Malware Protection (subscription) Application Visibility &Control Network Firewall Routing | Switching Clustering & High Availability WWW Cisco Collective Security Intelligence Enabled Built-in Network Profiling Intrusion Prevention (subscription)
Q & A

Recommandé

Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
Cisco Security Architecture
Cisco Security ArchitectureCisco Security Architecture
Cisco Security ArchitectureCisco Canada
 
Presentation cisco cloud security strategy
Presentation cisco cloud security strategyPresentation cisco cloud security strategy
Presentation cisco cloud security strategyxKinAnx
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Decisions
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco Canada
 
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS OverviewGuardEra Access Solutions, Inc.
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 

Recommandé

Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
Cisco Security Architecture
Cisco Security ArchitectureCisco Security Architecture
Cisco Security ArchitectureCisco Canada
 
Presentation cisco cloud security strategy
Presentation cisco cloud security strategyPresentation cisco cloud security strategy
Presentation cisco cloud security strategyxKinAnx
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Decisions
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco Canada
 
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS OverviewGuardEra Access Solutions, Inc.
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireGlobal Knowledge Training
 
IPS Best Practices
IPS Best PracticesIPS Best Practices
IPS Best PracticesHeather Axworthy
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Erin Sweeney
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpointsCisco Canada
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for merakiCisco Canada
 
The Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecurityThe Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecuritySkycure
 
The World Against the Bad, Cisco AMP Solution to the Rescue
The World Against the Bad, Cisco AMP Solution to the RescueThe World Against the Bad, Cisco AMP Solution to the Rescue
The World Against the Bad, Cisco AMP Solution to the RescueCisco Canada
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeCisco Enterprise Networks
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectRobb Boyd
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...BGA Cyber Security
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco Canada
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionCisco Canada
 
Cisco NGFW AMP
Cisco NGFW AMPCisco NGFW AMP
Cisco NGFW AMPCisco Canada
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Presentation cisco iron port email & web security
Presentation cisco iron port email & web securityPresentation cisco iron port email & web security
Presentation cisco iron port email & web securityxKinAnx
 
Sasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionSasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionDejan Jeremic
 
Building Up Network Security: An Introduction
Building Up Network Security: An Introduction Building Up Network Security: An Introduction
Building Up Network Security: An Introduction Global Knowledge Training
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation SecurityBGA Cyber Security
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Decisions
 

Contenu connexe

Tendances

Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireGlobal Knowledge Training
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Erin Sweeney
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpointsCisco Canada
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for merakiCisco Canada
 
The Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecurityThe Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecuritySkycure
 
The World Against the Bad, Cisco AMP Solution to the Rescue
The World Against the Bad, Cisco AMP Solution to the RescueThe World Against the Bad, Cisco AMP Solution to the Rescue
The World Against the Bad, Cisco AMP Solution to the RescueCisco Canada
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectRobb Boyd
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...BGA Cyber Security
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco Canada
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionCisco Canada
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Presentation cisco iron port email & web security
Presentation cisco iron port email & web securityPresentation cisco iron port email & web security
Presentation cisco iron port email & web securityxKinAnx
 
Sasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionSasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionDejan Jeremic
 
Building Up Network Security: An Introduction
Building Up Network Security: An Introduction Building Up Network Security: An Introduction
Building Up Network Security: An Introduction Global Knowledge Training
 

Tendances (20)

Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and Sourcefire
 
IPS Best Practices
IPS Best PracticesIPS Best Practices
IPS Best Practices
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
 
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
Mission Possible: Detect and Prevent CyberAttacks with Splunk and Palo Alto N...
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Cisco amp for endpoints
Cisco amp for endpointsCisco amp for endpoints
Cisco amp for endpoints
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for meraki
 
The Four Horsemen of Mobile Security
The Four Horsemen of Mobile SecurityThe Four Horsemen of Mobile Security
The Four Horsemen of Mobile Security
 
The World Against the Bad, Cisco AMP Solution to the Rescue
The World Against the Bad, Cisco AMP Solution to the RescueThe World Against the Bad, Cisco AMP Solution to the Rescue
The World Against the Bad, Cisco AMP Solution to the Rescue
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
 
Cisco NGFW AMP
Cisco NGFW AMPCisco NGFW AMP
Cisco NGFW AMP
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
Presentation cisco iron port email & web security
Presentation cisco iron port email & web securityPresentation cisco iron port email & web security
Presentation cisco iron port email & web security
 
Sasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionSasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protection
 
Building Up Network Security: An Introduction
Building Up Network Security: An Introduction Building Up Network Security: An Introduction
Building Up Network Security: An Introduction
 

Similaire à Next Generation Security

8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation SecurityBGA Cyber Security
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Decisions
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation SecurityCybera Inc.
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Decisions
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA Cyber Security
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...Chrysostomos Christofi
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...Cisco Canada
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsCisco Canada
 
Security and Virtualization in the Data Center
Security and Virtualization in the Data CenterSecurity and Virtualization in the Data Center
Security and Virtualization in the Data CenterCisco Canada
 
Cisco Live Cancun PR Session
Cisco Live Cancun PR SessionCisco Live Cancun PR Session
Cisco Live Cancun PR SessionFelipe Lamus
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromPROIDEA
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesOscar Romano
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaCisco do Brasil
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services Felipe Lamus
 
Cisco Cybersecurity #10YearChallenge
Cisco Cybersecurity #10YearChallengeCisco Cybersecurity #10YearChallenge
Cisco Cybersecurity #10YearChallengeCristian Garcia G.
 
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosCisco Canada
 
Cisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIACisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIARobb Boyd
 
Idc security roadshow may2015 Adrian Aron
Idc security roadshow may2015 Adrian AronIdc security roadshow may2015 Adrian Aron
Idc security roadshow may2015 Adrian AronDejan Jeremic
 
Firepower ngfw internet
Firepower ngfw internetFirepower ngfw internet
Firepower ngfw internetRony Melo
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 

Similaire à Next Generation Security (20)

8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation Security
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
 
During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...During the Next Generation Network and Data Centre – Now and into the Future ...
During the Next Generation Network and Data Centre – Now and into the Future ...
 
Behind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced ThreatsBehind the Curtain: Exposing Advanced Threats
Behind the Curtain: Exposing Advanced Threats
 
Security and Virtualization in the Data Center
Security and Virtualization in the Data CenterSecurity and Virtualization in the Data Center
Security and Virtualization in the Data Center
 
Cisco Live Cancun PR Session
Cisco Live Cancun PR SessionCisco Live Cancun PR Session
Cisco Live Cancun PR Session
 
CONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin NystromCONFidence2015: Real World Threat Hunting - Martin Nystrom
CONFidence2015: Real World Threat Hunting - Martin Nystrom
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services
 
Cisco Cybersecurity #10YearChallenge
Cisco Cybersecurity #10YearChallengeCisco Cybersecurity #10YearChallenge
Cisco Cybersecurity #10YearChallenge
 
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment Scenarios
 
Cisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIACisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIA
 
Idc security roadshow may2015 Adrian Aron
Idc security roadshow may2015 Adrian AronIdc security roadshow may2015 Adrian Aron
Idc security roadshow may2015 Adrian Aron
 
Firepower ngfw internet
Firepower ngfw internetFirepower ngfw internet
Firepower ngfw internet
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 

Plus de Cisco Canada

Cisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devopsCisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devopsCisco Canada
 
Cisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic frCisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic frCisco Canada
 
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal VirtualizationCisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal VirtualizationCisco Canada
 
Cisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dcCisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dcCisco Canada
 
Cisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla nsCisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla nsCisco Canada
 
Cisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse localeCisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse localeCisco Canada
 
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec CiscoCisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec CiscoCisco Canada
 
Cisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybridesCisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybridesCisco Canada
 
Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018Cisco Canada
 
Cisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v finalCisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v finalCisco Canada
 
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2Cisco Canada
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco Canada
 
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Canada
 
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kineticCisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kineticCisco Canada
 
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Canada
 
Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Canada
 
Cisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Canada
 
Cisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicingCisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicingCisco Canada
 
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco merakiCisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco merakiCisco Canada
 
Cisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zeroCisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zeroCisco Canada
 

Plus de Cisco Canada (20)

Cisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devopsCisco connect montreal 2018 net devops
Cisco connect montreal 2018 net devops
 
Cisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic frCisco connect montreal 2018 iot demo kinetic fr
Cisco connect montreal 2018 iot demo kinetic fr
 
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal VirtualizationCisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
Cisco connect montreal 2018 - Network Slicing: Horizontal Virtualization
 
Cisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dcCisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dc
 
Cisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla nsCisco connect montreal 2018 enterprise networks - say goodbye to vla ns
Cisco connect montreal 2018 enterprise networks - say goodbye to vla ns
 
Cisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse localeCisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse locale
 
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec CiscoCisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
Cisco Connect Montreal 2018 Securité : Sécuriser votre mobilité avec Cisco
 
Cisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybridesCisco connect montreal 2018 collaboration les services webex hybrides
Cisco connect montreal 2018 collaboration les services webex hybrides
 
Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018Integration cisco et microsoft connect montreal 2018
Integration cisco et microsoft connect montreal 2018
 
Cisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v finalCisco connect montreal 2018 compute v final
Cisco connect montreal 2018 compute v final
 
Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2Cisco connect montreal 2018 saalvare md-program-xr-v2
Cisco connect montreal 2018 saalvare md-program-xr-v2
 
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
Cisco connect montreal 2018 sd wan - delivering intent-based networking to th...
 
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
 
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kineticCisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
 
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
Cisco Connect Toronto 2018 IOT - unlock the power of data - securing the in...
 
Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet Overview
 
Cisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assurance
 
Cisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicingCisco Connect Toronto 2018 network-slicing
Cisco Connect Toronto 2018 network-slicing
 
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco merakiCisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
 
Cisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zeroCisco Connect Toronto 2018 sixty to zero
Cisco Connect Toronto 2018 sixty to zero
 

Dernier

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 

Dernier (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 

Next Generation Security

  • 1.
  • 2. Next Generation Security Rob Bleeker Security Consulting Systems Engineer CCIE# 2926, CISSP Justin Malczewski 1234567890
  • 3. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3 The Industrialization of Hacking 1990 202020152010200520001995 Phishing, Low Sophistication Hacking Becomes an Industry Sophisticated Attacks, Complex Landscape Viruses 1990–2000 Worms 2000–2005 Spyware and Rootkits 2005–Today APTs Cyberware Today +
  • 4. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4 How Bad – 2013 and Beyond 145 Million 152 Million 70 Million 60 Million 50 Million 50 Million and a lot more!!!!!!
  • 5. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5 Needs to be a Better Approach Current approach has never worked! Imagine – Security as an Architecture
  • 6. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6 The New Security Model BEFORE Discover Enforce Harden AFTER Scope Contain Remediate Attack Continuum Network Endpoint Mobile Virtual Cloud Detect Block Defend DURING Point in Time Continuous
  • 7. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7 Cyber Attack Chain Recon Package Deliver Exploit Install CnC Act BEFORE Discover Enforce Harden AFTER Scope Contain Remediate During Detect Block Prevent Visibility and Context Firewall NGFW NAC + Identity Services VPN UTM NGIPS Web Security Email Security Advanced Malware Protection Network Behavior Analysis
  • 8. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8 The better you can protect………. The More You See
  • 9. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9 Visibility Control 0010 010 10010111001 10 100111 010 000100101 110011 01100111010000110000111000111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00 0111000 111010011 101 1100001 11000 1110100111 0010 010 10010111001 10 100111 010 000100101 110011 01100111010000110000111000111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00 0111000 111010011 101 1100001 11000 1110100111 CiscoSecurity Intelligence Operation (SIO) Cisco® SIO WWWEmail WebDevices IPS EndpointsNetworks More Than 150 Million DEPLOYED ENDPOINTS 100 TB DATA RECEIVED PER DAY 1.6 Million GLOBAL SENSORS 40% WORLDWIDE EMAIL TRAFFIC 13 Billion WEB REQUESTS Cloud AnyConnect®IPS ESA WSAASA WWW 3 to 5 MINUTE UPDATES More Than 200 PARAMETERS TRACKED More Than 5500 IPS SIGNATURES PRODUCED More Than 8 Million RULES PER DAY More Than 70 PUBLICATIONS PRODUCED Information Actions More Than 40 LANGUAGES More Than 80 PH.D, CCIE, CISSP, MSCE More Than $100 Million SPENT IN DYNAMIC RESEARCH AND DEVELOPMENT 24 Hours Daily OPERATIONS More Than 800 ENGINEERS, TECHNICIANS, AND RESEARCHERS
  • 10. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10 Collective Security Intelligence IPS Rules Malware Protection Reputation Feeds Vulnerability Database Updates Sourcefire AEGIS™ Program Private and Public Threat Feeds Sandnets FireAMP™ Community Honeypots Advanced Microsoft and Industry Disclosures SPARK Program Snort and ClamAV Open Source Communities File Samples (>380,000 per Day) Sourcefire VRT® (Vulnerability Research Team) Sandboxing Machine Learning Big Data Infrastructure
  • 11. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11 ASA with FirePower Services
  • 12. Mission: Founded in 2001 by Marty Roesch Security from Cloud to Core • Market leader in (NG)IPS • Recent entrant to NGFW space with strong offering • Groundbreaking Advanced Malware Protection solution Innovative – 52+ patents issued or pending • Pioneer in IPS, context-driven security, advanced malware World-class research capability Owner of major Open Source security projects • Snort, ClamAV, Razorback
  • 13. 13 Sourcefire Security Solutions COLLECTIVE SECURITY INTELLIGENCE Management Center APPLIANCES | VIRTUAL NEXT- GENERATION FIREWALL NEXT- GENERATION INTRUSION PREVENTION ADVANCED MALWARE PROTECTION CONTEXTUAL AWARENESS HOSTS | VIRTUAL MOBILE APPLIANCES | VIRTUAL
  • 14. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14 FirePOWER Services for ASA: Components ASA 5585-X FirePOWER Services Blade • Models: ASA 5512-X, 5515-X, 5525-X, 5545-X, and 5555-X • SSD Drive Required • FirePOWER Services Software Module • Licenses and Subscriptions • Models: ASA 5585-X-10, ASA 5585-X- 20, ASA 5585-X-40, ASA 5585-X-60 • New FirePOWER Services Hardware Module Required • Licenses and Subscriptions
  • 15. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15 2014 NSS Labs SVM for NFGW
  • 16. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16 Functional Distribution ACL NAT VPN Termination Routing Advanced Malware Protection AVC (App Control) NGIPS URL Filtering FirePOWER Services Module Base ASA
  • 17. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17 Next Generation Security on a Trusted Firewall FirePOWER Services NGIPS, NGFW/AVC, AMP FireSIGHT Management Center Comprehensive SECOPS Workflows Cisco Security Manager (CSM) or ASDM Comprehensive NETOPS Workflows ASA Software
  • 18. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19 Why does this matter • Application visibility efficacy is NOT a 100%.Today the best efficacy around App ID is about 65%. • If you are looking to strengthen your overall security posture then building policies with 65% efficacy is putting your organization at risk. This creates a hit and miss security model. • Application ID is non deterministic, applications are evasive, what happens with unknown applications. • Logging of unknown application should take place and silent drops are forbidden in security – you need to know what has happened even if the applications has not been identified Cisco Still Understands the Value of APP Visibility/Control • Application visibility and control and web filtering has been within Cisco’s portfolio for 5+ years. We have led this with our Cisco Ironport WSA and our CWS (Scansafe) solutions. (we have brought this quadrant leading product to our next generation ASA platform) • Built upon a strong traditional stateful firewall platform that has been proven within the industry. Cisco is solving the application ID efficacy with OpenAppID NGFW Realities OpenAppID
  • 19. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20 NGFW Realities – The Blocks of Building the Best NGFW DifficulttoBuildatBest GoodGreat Poor How – Cisco will be adding FireAMP for Malware and SourceFire NGIPS and further ISE integration. Very Difficult to build the best of breed for all elements that make a NGFW. Note: the great, good, and poor changes depending on the product referenced. NGFW Today Traditional FW VPNAPP URL IPS Malware Visibility and Integration ASA with Firepower Services Traditional FW VPNAPP URL IPS Malware Visibility and Integration
  • 20. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21 FirePOWER Services: Application Control • Control access for applications, users and devices • “Employees may view Facebook, but only Marketing may post to it” • “No one may use peer-to-peer file sharing apps” Over 3,000 apps, devices, and more!
  • 21. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22 Application Control Social: Security and DLP Mobile: Enforce BYOD Policy Bandwidth: Recover Lost Bandwidth Security: Reduce Attack Surface
  • 22. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23 FirePOWER Services: URL Filtering • Block non-business-related sites by category • Based on user and user group
  • 23. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24 FireSIGHT™ Full Stack Visibility CATEGORIES EXAMPLES FirePOWER Services TYPICAL IPS TYPICAL NGFW Threats Attacks, Anomalies ✔ ✔ ✔ Users AD, LDAP, POP3 ✔ ✗ ✔ Web Applications Facebook Chat, Ebay ✔ ✗ ✔ Application Protocols HTTP, SMTP, SSH ✔ ✗ ✔ File Transfers PDF, Office, EXE, JAR ✔ ✗ ✔ Malware Conficker, Flame ✔ ✗ ✗ Command & Control Servers C&C Security Intelligence ✔ ✗ ✗ Client Applications Firefox, IE6, BitTorrent ✔ ✗ ✗ Network Servers Apache 2.3.1, IIS4 ✔ ✗ ✗ Operating Systems Windows, Linux ✔ ✗ ✗ Routers & Switches Cisco, Nortel, Wireless ✔ ✗ ✗ Mobile Devices iPhone, Android, Jail ✔ ✗ ✗ Printers HP, Xerox, Canon ✔ ✗ ✗ VoIP Phones Cisco phones ✔ ✗ ✗ Virtual Machines VMware, Xen, RHEV ✔ ✗ ✗ Contextual AwarenessInformation Superiority
  • 24. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25 Correlates all intrusion events to an impact of the attack against the target ImpactAssessment IMPACT FLAG ADMINISTRATOR ACTION WHY Act Immediately, Vulnerable Event corresponds to vulnerability mapped to host Investigate, Potentially Vulnerable Relevant port open or protocol in use, but no vuln mapped Good to Know, Currently Not Vulnerable Relevant port not open or protocol not in use Good to Know, Unknown Target Monitored network, but unknown host Good to Know, Unknown Network Unmonitored network
  • 25. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26 Cisco FireSIGHT Simplifies Operations • Impact Assessment and Recommended Rules Automate Routine Tasks
  • 26. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27 Reduced Cost and Complexity • Multilayered protection in a single device • Highly scalable for branch, internet edge, and data centers • Automates security tasks oImpact assessment
  • 27. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28 The Power of Continuous Analysis Point-in-time security sees a lighter, bullet, cufflink, pen & cigarette case… Wouldn’t it be nice to know if you’re dealing with something more deadly?
  • 28. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29 Indications of Compromise (IoCs) IPS Events Malware Backdoors CnC Connections Exploit Kits Admin Privilege Escalations Web App Attacks SI Events Connections to Known CnC IPs Malware Events Malware Detections Malware Executions Office/PDF/Java Compromises Dropper Infections
  • 29. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30 Advanced Malware Protection (FireAMP)
  • 30. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31 Actual Disposition = Bad = Blocked Antivirus Sandboxing Initial Disposition = Clean Point-in-time Detection Retrospective Detection, Analysis Continues Initial Disposition = Clean Continuous Blind to scope of compromise Sleep Techniques Unknown Protocols Encryption Polymorphism Actual Disposition = Bad = Too Late!! Turns back time Visibility and Control are Key Not 100% Analysis Stops Beyond the Event Horizon Addresses limitations of point-in-time detection
  • 31. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32 1) File Capture FirePOWER Services: Advanced Malware Malware Alert! 2) File Storage 4) Execution Report Available In Defense Center Network Traffic Collective Security Intelligence Sandbox 3) Send to Sandbox
  • 32. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33 Visibility and Context
  • 33. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34 Visibility and Context File Sent File Received File Executed File Moved File Quarantined
  • 34. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35 FirePOWER Services for ASA: Subscriptions FirePOWER Services for ASA Included Appliance Features Configurable Fail Open Interfaces ✓ Connection/Flow Logging ✓ Network, User, and Application Discovery ✓ Traffic filtering / ACLs ✓ NSS Leading IPS Engine ✓ Comprehensive Threat Prevention ✓ Security Intelligence (C&C, Botnets, SPAM etc) ✓ Blocking of Files by Type, Protocol, and Direction ✓ Basic DLP in IPS Rules (SSN, Credit Card etc.) ✓ Access Control: Enforcement by Application ✓ Access Control: Enforcement by User ✓ IPS and App Updates IPS Rule and Application Updates Annual Fee URL Filtering URL Filtering Subscription Annual Fee Malware Protection Subscription for Malware Blocking, Continuous File Analysis, Malware Network Trajectory Annual Fee
  • 35. High Availability and Clustering Max 2 Units Max 16 Units*
  • 36. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37 Deploying ASA w/ FirePOWER Services • Available on all ASA platforms • State-sharing between Firewalls for high availability • L2 Transparent or L3 Routed deployment options • Failover Link • ASA provides valid, normalized flows to FirePOWER module • State sharing does not occur between FirePOWER Services Modules High Availability with ASA Failover
  • 37. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38 Multi-ContextASADeployments • ASA can be configured in multi context mode such that traffic going through the ASA can be assigned different policies • These interfaces are reported to the FirePOWER blade and can be assigned to security zones that can be used in differentiated policies. • In this example, you could create one policy for traffic going from Context A Outside to Context A Inside. And then a different policy for Context B Outside to Context B Inside. • Note: There is no management segmentation inside the FirePOWER module similar to the context idea inside ASA configuration. Context A Context B Outside Inside
  • 38. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39 Multi-ContextASADeployments Admin Context Context- 1
  • 39. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40 DeployingASAw/ FirePOWER Services • Up to 8 ASA5585-X IPS • Stateless load balancing by external switch • L2 Transparent or L3 Routed deployment options • Support for vPC, VSS and LACP • Cluster Control Protocol/Link • State-sharing between Firewalls for symmetry and high availability • Every session has a primary and secondary owner ASA • ASA provides traffic symmetry to FirePOWER module • Scaling IPS with ASA5585-X Clustering
  • 40. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41 WhyASAwith FirePOWER Services? • World’s most widely deployed, enterprise-class ASA stateful firewall • Granular Application Visibility and Control (AVC) • Industry-leading FirePOWER Next-Generation IPS (NGIPS) • Validated by NSS Labs as the best NGFW on the market today • Advanced malware protection CISCO ASA Identity-Policy Control & VPN URL Filtering (subscription) FireSIGHT Analytics & Automation Advanced Malware Protection (subscription) Application Visibility &Control Network Firewall Routing | Switching Clustering & High Availability WWW Cisco Collective Security Intelligence Enabled Built-in Network Profiling Intrusion Prevention (subscription)
  • 41. Q & A