SlideShare une entreprise Scribd logo

Using Cisco pxGrid for Security Platform Integration: a deep dive

Cisco DevNet
Cisco DevNet

A session in the DevNet Zone at Cisco Live, Berlin. This session will cover: Functional and architectural basics of Cisco Platform Exchange Grid (pxGrid), the new publish/subscribe/query contextual information exchange framework for creating integration between DevNet Zone partner platforms and Cisco security products; Integration use-cases such as utilizing pxGrid for executing threat response actions on the network and using identity, endpoint device and user access privilege context to enhance our DevNet Zone partners analytics, forensics and reporting; First-hand developer perspective from DevNet Zone partner ID/IP who used pxGrid to integrate Ping Identity and Cisco Identity Services Engine.

Technologie
1  sur  40
Télécharger pour lire hors ligne
DEVNET-1124 Using Cisco pxGrid for Security Platform Integration John Eppich Technical Marketing Engineer David Koenig Head of Business Development and Strategy, Situational Corp. Ranjan Jain Security Architect, Cisco IT
Agenda • Functional and Architectural Basics of Cisco Platform Exchange Grid (pxGrid) • DevNet Partner & Cisco Security Integration Use-Cases • First-hand pxGrid Developer Perspective from DevNet partner Situational Corp • Customer Deployment perspective – Cisco IT pxGrid SECURITY THRU INTEGRATI ON
Context is the Currency of the Solution Integration Realm …but it’s not easy to execute I have NBAR info! I need identity… I have firewall logs! I need identity… I have sec events! I need reputation… I have NetFlow! I need entitlement… I have MDM info! I need location… I have app inventory info! I need posture… I have identity & device-type! I need app inventory & vulnerability… I have threat data! I need reputation… I have location! I need identity… But Integration Burden is on IT Departments We Need to Share Context & Take Network Actions I have reputation info! I need threat data… I have application info! I need location & auth-group…SIO
I have reputation info! I need threat data… I have MDM info! I need location… I have app inventory info! I need posture… I have application info! I need location & auth-group…SIO pxGrid Context Sharing Event Response Context is the Currency of the Solution Integration Realm …but it’s not easy to execute…but pxGrid accomplishes this I have NBAR info! I need identity… I have firewall logs! I need identity… I have sec events! I need reputation… I have NetFlow! I need entitlement… I have identity & device-type! I need app inventory & vulnerability… I have threat data! I need reputation… I have location! I need identity…
WHY CUSTOMERS CARE Cisco pxGrid – Context-Sharing & Network Mitigation Connecting Partners & Cisco Security Platforms, Connecting Partners-to-Partners Cisco Provides Network Context to Customer IT Platforms Use Eco-Partner Context for Cisco Network Policy for Customers Cisco Shares User/Device & Network Context with IT Infrastructure Cisco Receives Context from Eco- Partners to Make Better Network Access Policy 1 2 3 Help Customer IT Environments Reach into the Cisco Network CISCO PLATFORM ECO-PARTNER CONTEXT CISCO PLATFORM ECO-PARTNER CONTEXT ECO-PARTNER CISCO PLATFORM CISCO NETWORK ACTION MITIGATE Puts “Who, What Device, What Access” with Events. Way Better than Just IP Addresses! Creates a Single Place for Comprehensive Network Access Policy thru Integration Decreases Time, Effort and Cost to Responding to Security and Network Events
USE CASE: Contextual Awareness for Security/Network Event Prioritization, Response and Policy NETWORK ALERT! SRC/65.32.7.45 DST/165.1.4.9 : HTTP Is this event important? I need more info… Who is this? Is this a server? Smartphone? Is it still on the network? Where? Did this come over VPN? What’s their access level? What’s their posture? What else is on the network?
©2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8©2014 Cisco and/or its affiliates. All rights reserved. 8 “Sensitive Asset” “Other Asset” “Sensitive Asset” 87% of data breaches involve poor access rules… we need to do this better. Verizon Data Breach Report Access Criteria:  Who: User, Group USE CASE: Context from Cisco Identity Services Engine (ISE) to Application Control System to Increase Application Security
©2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9©2014 Cisco and/or its affiliates. All rights reserved. 9 ACCESS POLICY – “Critical Data” WHO = Exec Group Only WHAT = No Non-Registered Mobile WHERE = UK Only WHEN = UK Business Hours Only HOW = No VPN Access Vary this gent’s application access privilege based on device enrollment, geo-location and access method “Financial Reports” “Café Menus” “HR Database” ISE Context Completes the Picture – Granular Application Data Control Access Criteria  Non-Sensitive  Sensitive  Critical Data
Vulnerability Assessment Packet Capture & Forensics SIEM & Threat Defense IAM & SSO pxGrid SECURITY THRU INTEGRATION pxGrid – Industry Adoption Critical Mass as of June 2015 18 Partner Platforms and 9 Technology Areas Since Release 7 Months Ago Net/App Performance IoT Security Cisco ISE Cisco WSA Cloud Access Security ?
I have identity & device! I need geo-location & MDM… I have application info! I need location & device-type I have location! I need app & identity… Cisco ISE as pxGrid Controller Publish Publish Discover TopicDiscover Topic Continuous Flow Directed QuerypxGrid Context Sharing CISCO ISE Continuous Flow Directed Query I have sec events! I need identity & device… I have MDM info! I need location… How pxGrid Works: Partners Connecting to Cisco Security Platforms…and to Other Partners Authenticate  Authorize  Publish  Discover  Subscribe  Query
I have identity & device! I need geo-location & MDM… I have application info! I need location & device-type I have location! I need app & identity… ISE as pxGrid Controller Publish Publish Discover TopicDiscover Topic Continuous Flow Directed QuerypxGrid Context Sharing CISCO ISE Continuous Flow Directed Query I have sec events! I need identity & device… I have MDM info! I need location… How pxGrid Works: Partners Connecting to Cisco Security Platforms…and to Other Partners Authenticate  Authorize  Publish  Discover  Subscribe  Query Traditional APIs have many limitations - pxGrid addresses these issues: •Single-purpose function = need for many APIs/dev (and lots of testing) •Not configurable = too much/little info for interface systems (scale issues) •Pre-defined data exchange = wait until next release if you need a change •Polling architecture = can’t scale beyond 1 or 2 system integrations •Security can be “loose”
“1-touch” network mitigation action – from 3rd party partner console pxGrid ANC API ISE as unified policy point User/Device Quarantine Dynamic ACLs, Increase Inspection Adaptive Network Control provides the ability to: •Quarantine user devices from 3rd party products, such as SIEM systems •Enlist other Cisco infrastructure in the network response – such as dynamic ACLs on switches and ASA or increase IPS inspection levels •Who supports today: Lancope, Splunk, LogRhythm, NetIQ, Tenable, Bayshore, Rapid 7, Elastica pxGrid: Adaptive Network Control Makes Cisco Infrastructure a Unified Event Response Network
pxGrid Architecture & Components pxGrid Controller pxGrid Controller Responsible for Control Plane: •Establishing the “grid” instance •Authenticating clients on to the grid •Authorizing what clients can do on the grid •Maintaining directory of context information “topics” available on the grid pxGrid Client pxGrid Clients (Eco-Partner Platforms) Responsible for: •Utilizing pxGrid Client Libraries (in SDK) to communicate with the pxGrid Controller •If sharing contextual information, publishing it to a “topic” •If consuming contextual information, subscribing to appropriate “topic” •Filtering “topics” to exclude unwanted information •Ad-hoc query to “topics” pxGrid Client
Example: Evolution from REST to pxGrid Cisco ISE User/Device Context-Sharing Example Session Context sharing from ISE MnT Issues pxGrid Solution Periodic polling using REST API Publish & Subscribe notification push DB queries causing high I/O usage No DB query with published events caching Bulk download takes more than 3 hours for 200,000 endpoints using REST API • pxGrid provides XML streaming of sessions with pagination • Provides semantic filtering capability (ex: location) to download only a subset Receiving all attributes per session To only send interested attributes through syntactic filtering Use of syslog as interim approach - All events are processed Pubsub notification - only relevant events will be sent No visibility and mechanism to authorize, control who is accessing MnT • pxGrid provides single point of authentication and authorization, allowing only authorized systems to access the MnT • pxGrid provides visibility into topics, publishers, subscribers … Other issues: •requires opening up firewall ports for reverse web services calls •no support for federation •Lacks scale with endpoints increase • XMPP protocol supports bi-directionality with tunneling • XMPP supports federation • pxGrid scaling and HA is achieved by leveraging XMPP server architecture
Cisco pxGrid SDK Components & Function Component Function Grid Client Library (GCL) in C and Java • Software libraries for embedding in partner system • Connects partner system to the pxGrid Sample pxGrid Data Output • Sample data from Cisco ISE across a pxGrid connection to test with Sample Data Generator • Generates live session data across a pxGrid connection • Uses Cisco ISE user/device session data pxGrid Controller Virtual Machine for Testing • ISO of bundled Cisco ISE and pxGrid Controller for local testing in your lab Hosted Testing Sandbox • Enables developer to connect to an already setup test environment pxGrid Documentation: Tutorials, Development Guides, testing guides, • Complete documentation to guide the developer from concept to implementation to verification testing
A Closer Look at the pxGrid Connection Library… • Connection to pxGrid Server • Multiple pxGrid servers • Round-robin auto retries • Reports connection status • Client certificate based authentication • A root cert is installed in pxGrid server • pxGrid server verifies client certs are signed by the root cert • Capability subscription and publishing • Capability is a set of queries and notifications supported • pxGrid provides discovery of Capability • Notifications are sent to XMPP pub/sub • Queries are directly sent to Capability provider
How to Get Only the Context You Need… pxGrid Message Filtering • Allows subscriber to filter/restrict messages based on specified filter criteria. • Two kinds of filters: • Content Based Filters • Restrict messages based on the content of the message • e.g. an ASA device interested in receiving session information from ISE only for end points belonging to a subnet • Schema Based Filter • Allows clients to receive only a subset of attributes instead of the full message object • Not supported in this phase
How to Install and Test Using the pxGrid SDK 1. Install pxGrid Controller: Install Cisco ISE 1.3 ISO on a VM. 2. Setup pxGrid Controller/Client Key-stores and Trust-stores: Import samples certificates from SDK. These certificates will be used by the pxGrid client for mutual authentication to the pxGrid controller. 3. Enable pxGrid Controller: Enable pxGrid persona in Cisco ISE. 4. Setup pxGrid Test Client: Download SDK onto pxGrid client. This can be installing client libraries in your platform or hosting on an external test client (linux box, e.g. CentOS). 5. Authenticate pxGrid Client: Import the ISE identity sample cert into your platform or the linux client, and add to keystore. 6. Test with SDK Scripts: Run pxGrid sample scripts included in the SDK
Using the pxGrid Client Libraries Developer platforms interact with pxGrid by registering the appropriate query and notification callers and handlers as detailed below: • Query Handler: A provider must register query handler with the pxGrid client library to service a query that it needs to expose over pxGrid. • Query Caller: A query caller is created by assembling a request and calling the query method on the pxGrid connection. • Notification Handler: Registers a notification handler with the pxGrid connection to receive notifications for a capability. • Notifier: To be able to publish notifications, the developer platform must first invoke a publish capability method.
pxGrid Sample Scripts Currently Available in the SDK • Sample pxGrid scripts provide development partners with executable example code for how to use the API • These scripts can also be useful in demos with customers • Most commonly used pxGrid API scripts on Cisco ISE: • Register: registers pxGrid client to the pxGrid controller to an authorized session or ANC/EPS group. • Session Subscribe: pxGrid client subscribes to capability • Identity Group download: Downloads user identity information such as the user and profiled group information from active sessions in ISE • Session Query by IP: retrieves all active session from ISE based on IP address • Session Download: downloads all active sessions from ISE • ANC/EPS Quarantine: executes the Adaptive Network Control (ANC) quarantine action on ISE for a given IP address • ANC/EPS Unquarantine: executes the ANC/EPS unquarantine action on ISE for a given IP address • Capability: queries the registered pxGrid client name for available topic provided by the publisher (ISE in this case)
pxGrid on DevNet
pxGrid Sandbox now available on DevNet • DevNet Sandbox pxGrid environment allows users to integrate with pxGrid services on Cisco ISE
Developer perspective – Situational Corp.
• Situational is Venture backed Cisco Ecosystem Partner • Deep expertise in Identity and Access Management • Context Sharing Enables Enforcement of Security Policy • Two key use cases: • dot1x based Single Sign On • Device driven application security Security Integration At Work
• Use Case: Single Sign On based on dot1x Authentication • Example: Single network authentication provides secure authenticated access to cloud and web applications • Solution: Integrate Network Session with Application Sign On Security Integration At Work
• Use Case: Restrict application access based on device context • Example policy: Only employees using managed laptops can access patent research data stored in cloud application. • Solution: Integrate Network Access Control Policy and Identity and Access Management Security Integration At Work
• Technical Detail • Develop pxGrid Integration based on Session Query • Associate Client with User Session • Leverage User Identity and Session Attributes in IAM Standards including SAML Security Integration At Work
• Benefits • Significantly lower risk of core business operations • Extend value of in place security components • Minimal operational impact • Rapid development cycles Security Integration At Work
• Benefits • Significantly lower risk of core business operations • Extend value of in place security components • Minimal operational impact • Rapid development cycles Security Integration At Work
Customer Deployment Perspective – Cisco IT
About me 32 • Security Architect (IT) • Cisco IT Identity & Access team : 12 years • 11 years in core Identity and Access • 1 year in web and cloud security • Industry speaker at RSA, Gartner, CIS, OOW, IRM Goal for this session: Idea exchange among peers Questions: Interrupt as needed Ranjan Jain #identity_guy
ACCESS POLICY – “Critical Data” WHO = Exec Group Only Financial Reports Café Menus HR Database CFO Current Access Management Access Criteria  Sensitive  Non-Sensitive  Critical Data
Who? When? Where? How? What? Employee Customer/Partner Guest Personal Device Company Asset Wired Wireless VPN @ Starbucks Headquarters Weekends (8:00am – 5:00pm) PST Context Aware Security: Classification Attributes Kiosk Extranet Context Aware Security
ACCESS POLICY – “Critical Data” WHO = Exec Group Only WHAT = Registered Corp device only WHERE = US Only WHEN = US Business Hours Only HOW = No VPN Access Access Criteria  Sensitive  Non-Sensitive  Critical Data 1. Data sensitive access policies Financial Reports Café Menus HR Database Context Aware Security Use Cases CFO
2. Portable Assurance Level for Cloud Apps Context Aware Security Use Cases
Internet Only Access Full access No restrictions Limited Access Fully Compliant Trusted devices Manager Doesn’t meet Trusted Device Standard IT Analyst Engineer/Coder Some Trusted Device Elements Policy Decision Point Identity and Device drive Access Permission
Key Takeaways • Federated and Contextual security is the only secure way for Cloud and Mobility • ISE is the glue for contextual security • Visibility is important – into both network and endpoint • Standard based access management is the key Picture credit: http://www.impulse.com/
In Summary…and How to Get Started Cisco pxGrid Enables: • Integration between development partners and the Cisco security products • Many-to-many integration scalability • The ability to integrate once to pxGrid and re- use that implementation to interface with any other pxGrid platform (even other Cisco development partners) • Integrations with the Cisco Identity Services Engine (ISE) are available today Get Started: •Cisco Identity Services Engine (ISE) integrations available today •Use user-to-IP address bindings answer “who” in your platforms •Use device identification to answer “what type of device” in your platforms •Use mitigation capabilities to take actions on users/device from your platform •Access SDK, client libraries and tutorials at: https://developer.cisco.com/site/pxgrid/
Thank you

Recommandé

Demystfying container-networking
Demystfying container-networkingDemystfying container-networking
Demystfying container-networkingBalasundaram Natarajan
 
A Deep Dive Into Trove
A Deep Dive Into TroveA Deep Dive Into Trove
A Deep Dive Into TroveTesora
 
IP Source Guard
IP Source Guard IP Source Guard
IP Source Guard NetProtocol Xpert
 
Container orchestration overview
Container orchestration overviewContainer orchestration overview
Container orchestration overviewWyn B. Van Devanter
 
Ingress overview
Ingress overviewIngress overview
Ingress overviewHarshal Shah
 
Asignación de bloques de direcciones IPv6
Asignación de bloques de direcciones IPv6Asignación de bloques de direcciones IPv6
Asignación de bloques de direcciones IPv6Educática
 
[2018] 오픈스택 5년 운영의 경험
[2018] 오픈스택 5년 운영의 경험[2018] 오픈스택 5년 운영의 경험
[2018] 오픈스택 5년 운영의 경험NHN FORWARD
 
Openstack Swift - Lots of small files
Openstack Swift - Lots of small filesOpenstack Swift - Lots of small files
Openstack Swift - Lots of small filesAlexandre Lecuyer
 

Recommandé

Demystfying container-networking
Demystfying container-networkingDemystfying container-networking
Demystfying container-networkingBalasundaram Natarajan
 
A Deep Dive Into Trove
A Deep Dive Into TroveA Deep Dive Into Trove
A Deep Dive Into TroveTesora
 
IP Source Guard
IP Source Guard IP Source Guard
IP Source Guard NetProtocol Xpert
 
Container orchestration overview
Container orchestration overviewContainer orchestration overview
Container orchestration overviewWyn B. Van Devanter
 
Ingress overview
Ingress overviewIngress overview
Ingress overviewHarshal Shah
 
Asignación de bloques de direcciones IPv6
Asignación de bloques de direcciones IPv6Asignación de bloques de direcciones IPv6
Asignación de bloques de direcciones IPv6Educática
 
[2018] 오픈스택 5년 운영의 경험
[2018] 오픈스택 5년 운영의 경험[2018] 오픈스택 5년 운영의 경험
[2018] 오픈스택 5년 운영의 경험NHN FORWARD
 
Openstack Swift - Lots of small files
Openstack Swift - Lots of small filesOpenstack Swift - Lots of small files
Openstack Swift - Lots of small filesAlexandre Lecuyer
 
Monitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona DashboardsMonitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona DashboardsJulien Pivotto
 
Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016
Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016
Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016문기 박
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionPeng Xiao
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto NetworksLaurent Daudré-Vignier
 
Servidor DNS Ubuntu
Servidor DNS UbuntuServidor DNS Ubuntu
Servidor DNS UbuntuSergio Santos
 
IPsec y Certificaciones
IPsec y CertificacionesIPsec y Certificaciones
IPsec y CertificacionesLarry Ruiz Barcayola
 
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2InfraEngineer
 
KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)
KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)
KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)Channy Yun
 
OAuth 2.0 Integration Patterns with XACML
OAuth 2.0 Integration Patterns with XACMLOAuth 2.0 Integration Patterns with XACML
OAuth 2.0 Integration Patterns with XACMLPrabath Siriwardena
 
Part 1 - Binding Certificates (IFD)
Part 1 - Binding Certificates (IFD) Part 1 - Binding Certificates (IFD)
Part 1 - Binding Certificates (IFD)Naveen Kumar
 
시스코 wIPS 소개자료
시스코 wIPS 소개자료시스코 wIPS 소개자료
시스코 wIPS 소개자료활 김
 
Configuration ospf
Configuration ospfConfiguration ospf
Configuration ospfJoeongala
 
Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm
Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm
Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm NATS
 
MPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - ServicesMPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - ServicesEricsson
 
Library Operating System for Linux #netdev01
Library Operating System for Linux #netdev01Library Operating System for Linux #netdev01
Library Operating System for Linux #netdev01Hajime Tazaki
 
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018Netgate
 
Inter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentInter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentBangladesh Network Operators Group
 
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개OpenStack Korea Community
 
Proof of Concept Guide for ManageEngine OpManager
Proof of Concept Guide for ManageEngine OpManagerProof of Concept Guide for ManageEngine OpManager
Proof of Concept Guide for ManageEngine OpManagerManageEngine, Zoho Corporation
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and HowSneha Inguva
 
Social Media strategy
Social Media strategySocial Media strategy
Social Media strategyTuan Anh Nguyen
 
Software project management interview questions and answers
Software project management interview questions and answersSoftware project management interview questions and answers
Software project management interview questions and answerssimonthomas990
 

Contenu connexe

Tendances

Monitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona DashboardsMonitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona DashboardsJulien Pivotto
 
Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016
Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016
Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016문기 박
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionPeng Xiao
 
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2InfraEngineer
 
KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)
KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)
KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)Channy Yun
 
OAuth 2.0 Integration Patterns with XACML
OAuth 2.0 Integration Patterns with XACMLOAuth 2.0 Integration Patterns with XACML
OAuth 2.0 Integration Patterns with XACMLPrabath Siriwardena
 
Part 1 - Binding Certificates (IFD)
Part 1 - Binding Certificates (IFD) Part 1 - Binding Certificates (IFD)
Part 1 - Binding Certificates (IFD)Naveen Kumar
 
시스코 wIPS 소개자료
시스코 wIPS 소개자료시스코 wIPS 소개자료
시스코 wIPS 소개자료활 김
 
Configuration ospf
Configuration ospfConfiguration ospf
Configuration ospfJoeongala
 
Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm
Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm
Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm NATS
 
MPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - ServicesMPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - ServicesEricsson
 
Library Operating System for Linux #netdev01
Library Operating System for Linux #netdev01Library Operating System for Linux #netdev01
Library Operating System for Linux #netdev01Hajime Tazaki
 
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018Netgate
 
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개OpenStack Korea Community
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and HowSneha Inguva
 

Tendances (20)

Monitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona DashboardsMonitoring MySQL with Prometheus, Grafana and Percona Dashboards
Monitoring MySQL with Prometheus, Grafana and Percona Dashboards
 
Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016
Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016
Cloud, sdn and nfv 기술동향 atto-research-박문기-20171016
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 
Presentacion Palo Alto Networks
Presentacion Palo Alto NetworksPresentacion Palo Alto Networks
Presentacion Palo Alto Networks
 
Servidor DNS Ubuntu
Servidor DNS UbuntuServidor DNS Ubuntu
Servidor DNS Ubuntu
 
IPsec y Certificaciones
IPsec y CertificacionesIPsec y Certificaciones
IPsec y Certificaciones
 
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
[MeetUp][2nd] 오리뎅이의_쿠버네티스_네트워킹_v1.2
 
KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)
KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)
KubeMonkey를 통한 Chaos Engineering 실전 운영하기 - 윤석찬 (AWS 테크에반젤리스트)
 
OAuth 2.0 Integration Patterns with XACML
OAuth 2.0 Integration Patterns with XACMLOAuth 2.0 Integration Patterns with XACML
OAuth 2.0 Integration Patterns with XACML
 
Part 1 - Binding Certificates (IFD)
Part 1 - Binding Certificates (IFD) Part 1 - Binding Certificates (IFD)
Part 1 - Binding Certificates (IFD)
 
시스코 wIPS 소개자료
시스코 wIPS 소개자료시스코 wIPS 소개자료
시스코 wIPS 소개자료
 
Configuration ospf
Configuration ospfConfiguration ospf
Configuration ospf
 
Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm
Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm
Simple and Scalable Microservices: Using NATS with Docker Compose and Swarm
 
MPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - ServicesMPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - Services
 
Library Operating System for Linux #netdev01
Library Operating System for Linux #netdev01Library Operating System for Linux #netdev01
Library Operating System for Linux #netdev01
 
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
Monitoring pfSense 2.4 with SNMP - pfSense Hangout March 2018
 
Inter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentInter-AS MPLS VPN Deployment
Inter-AS MPLS VPN Deployment
 
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개
[OpenInfra Days Korea 2018] (Track 2) Neutron LBaaS 어디까지 왔니? - Octavia 소개
 
Proof of Concept Guide for ManageEngine OpManager
Proof of Concept Guide for ManageEngine OpManagerProof of Concept Guide for ManageEngine OpManager
Proof of Concept Guide for ManageEngine OpManager
 
Containers: The What, Why, and How
Containers: The What, Why, and HowContainers: The What, Why, and How
Containers: The What, Why, and How
 

En vedette

Software project management interview questions and answers
Software project management interview questions and answersSoftware project management interview questions and answers
Software project management interview questions and answerssimonthomas990
 
Fipp world media trends special report social media
Fipp world media trends special report social mediaFipp world media trends special report social media
Fipp world media trends special report social mediaTuan Anh Nguyen
 
Consumer Protection
Consumer ProtectionConsumer Protection
Consumer ProtectionEndcode_org
 
DEVNET-1186 Harnessing the Power of the Cloud to Detect Advanced Threats: Cog...
DEVNET-1186 Harnessing the Power of the Cloud to Detect Advanced Threats: Cog...DEVNET-1186 Harnessing the Power of the Cloud to Detect Advanced Threats: Cog...
DEVNET-1186 Harnessing the Power of the Cloud to Detect Advanced Threats: Cog...Cisco DevNet
 
6 Important Questions To Ask Before Becoming An Events Manager
6 Important Questions To Ask Before Becoming An Events Manager6 Important Questions To Ask Before Becoming An Events Manager
6 Important Questions To Ask Before Becoming An Events ManagerSkills Academy
 
Fipp world media trends special report video report
Fipp world media trends special report video reportFipp world media trends special report video report
Fipp world media trends special report video reportTuan Anh Nguyen
 
Presenting my edited photographs
Presenting my edited photographsPresenting my edited photographs
Presenting my edited photographsalexjr1996
 
DevNet UX Creative Design 101 workshop
DevNet UX Creative Design 101 workshopDevNet UX Creative Design 101 workshop
DevNet UX Creative Design 101 workshopCisco DevNet
 
презентация
презентацияпрезентация
презентацияsadas asdsad
 
Intro to Git: a hands-on workshop
Intro to Git: a hands-on workshopIntro to Git: a hands-on workshop
Intro to Git: a hands-on workshopCisco DevNet
 
2015 03-11 Opening EATRIS Finland, Helsinki
2015 03-11 Opening EATRIS Finland, Helsinki2015 03-11 Opening EATRIS Finland, Helsinki
2015 03-11 Opening EATRIS Finland, HelsinkiAlain van Gool
 
2016 06 Radboud Technology Centers
2016 06 Radboud Technology Centers2016 06 Radboud Technology Centers
2016 06 Radboud Technology CentersAlain van Gool
 
EU FP7 CarTarDis project overview April 2015
EU FP7 CarTarDis project overview April 2015EU FP7 CarTarDis project overview April 2015
EU FP7 CarTarDis project overview April 2015Alain van Gool
 
Bijlage 2-shell-ffs-reactor
Bijlage 2-shell-ffs-reactorBijlage 2-shell-ffs-reactor
Bijlage 2-shell-ffs-reactorpouya_ms
 
2015 06-02 Steering group 'Personalized Medicine: eligible or not'
2015 06-02 Steering group 'Personalized Medicine: eligible or not'2015 06-02 Steering group 'Personalized Medicine: eligible or not'
2015 06-02 Steering group 'Personalized Medicine: eligible or not'Alain van Gool
 
3 dalis. kas yra besimokantis miestas vaizdine medziaga svietejams
3 dalis. kas yra besimokantis miestas vaizdine medziaga svietejams3 dalis. kas yra besimokantis miestas vaizdine medziaga svietejams
3 dalis. kas yra besimokantis miestas vaizdine medziaga svietejamsvalentina valentina
 

En vedette (20)

Social Media strategy
Social Media strategySocial Media strategy
Social Media strategy
 
Software project management interview questions and answers
Software project management interview questions and answersSoftware project management interview questions and answers
Software project management interview questions and answers
 
Subcription vod
Subcription vod Subcription vod
Subcription vod
 
Fipp world media trends special report social media
Fipp world media trends special report social mediaFipp world media trends special report social media
Fipp world media trends special report social media
 
Consumer Protection
Consumer ProtectionConsumer Protection
Consumer Protection
 
DEVNET-1186 Harnessing the Power of the Cloud to Detect Advanced Threats: Cog...
DEVNET-1186 Harnessing the Power of the Cloud to Detect Advanced Threats: Cog...DEVNET-1186 Harnessing the Power of the Cloud to Detect Advanced Threats: Cog...
DEVNET-1186 Harnessing the Power of the Cloud to Detect Advanced Threats: Cog...
 
6 Important Questions To Ask Before Becoming An Events Manager
6 Important Questions To Ask Before Becoming An Events Manager6 Important Questions To Ask Before Becoming An Events Manager
6 Important Questions To Ask Before Becoming An Events Manager
 
Fipp world media trends special report video report
Fipp world media trends special report video reportFipp world media trends special report video report
Fipp world media trends special report video report
 
Presenting my edited photographs
Presenting my edited photographsPresenting my edited photographs
Presenting my edited photographs
 
Cfs proposal
Cfs proposalCfs proposal
Cfs proposal
 
DevNet UX Creative Design 101 workshop
DevNet UX Creative Design 101 workshopDevNet UX Creative Design 101 workshop
DevNet UX Creative Design 101 workshop
 
презентация
презентацияпрезентация
презентация
 
Intro to Git: a hands-on workshop
Intro to Git: a hands-on workshopIntro to Git: a hands-on workshop
Intro to Git: a hands-on workshop
 
2015 03-11 Opening EATRIS Finland, Helsinki
2015 03-11 Opening EATRIS Finland, Helsinki2015 03-11 Opening EATRIS Finland, Helsinki
2015 03-11 Opening EATRIS Finland, Helsinki
 
2016 06 Radboud Technology Centers
2016 06 Radboud Technology Centers2016 06 Radboud Technology Centers
2016 06 Radboud Technology Centers
 
EU FP7 CarTarDis project overview April 2015
EU FP7 CarTarDis project overview April 2015EU FP7 CarTarDis project overview April 2015
EU FP7 CarTarDis project overview April 2015
 
Bijlage 2-shell-ffs-reactor
Bijlage 2-shell-ffs-reactorBijlage 2-shell-ffs-reactor
Bijlage 2-shell-ffs-reactor
 
2015 06-02 Steering group 'Personalized Medicine: eligible or not'
2015 06-02 Steering group 'Personalized Medicine: eligible or not'2015 06-02 Steering group 'Personalized Medicine: eligible or not'
2015 06-02 Steering group 'Personalized Medicine: eligible or not'
 
3 dalis. kas yra besimokantis miestas vaizdine medziaga svietejams
3 dalis. kas yra besimokantis miestas vaizdine medziaga svietejams3 dalis. kas yra besimokantis miestas vaizdine medziaga svietejams
3 dalis. kas yra besimokantis miestas vaizdine medziaga svietejams
 
Patient confidentiality training
Patient confidentiality trainingPatient confidentiality training
Patient confidentiality training
 

Similaire à Using Cisco pxGrid for Security Platform Integration: a deep dive

DEVNET-1010 Using Cisco pxGrid for Security Platform Integration
DEVNET-1010 Using Cisco pxGrid for Security Platform IntegrationDEVNET-1010 Using Cisco pxGrid for Security Platform Integration
DEVNET-1010 Using Cisco pxGrid for Security Platform IntegrationCisco DevNet
 
DEVNET-1124 Cisco pxGrid: A New Architecture for Security Platform Integration
DEVNET-1124 Cisco pxGrid: A New Architecture for Security Platform IntegrationDEVNET-1124 Cisco pxGrid: A New Architecture for Security Platform Integration
DEVNET-1124 Cisco pxGrid: A New Architecture for Security Platform IntegrationCisco DevNet
 
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...Cisco DevNet
 
StampedeCon 2015 Keynote
StampedeCon 2015 KeynoteStampedeCon 2015 Keynote
StampedeCon 2015 KeynoteKen Owens
 
How Cisco Migrated from MapReduce Jobs to Spark Jobs - StampedeCon 2015
How Cisco Migrated from MapReduce Jobs to Spark Jobs - StampedeCon 2015How Cisco Migrated from MapReduce Jobs to Spark Jobs - StampedeCon 2015
How Cisco Migrated from MapReduce Jobs to Spark Jobs - StampedeCon 2015StampedeCon
 
Cisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Canada
 
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocence
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocenceCisco Connect Ottawa 2018 dna assurance shortest path to network innocence
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocenceCisco Canada
 
Why Automate the Network?
Why Automate the Network?Why Automate the Network?
Why Automate the Network?Hank Preston
 
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Canada
 
Cisco Connect Ottawa 2018 dna automation the evolution to intent-based netw...
Cisco Connect Ottawa 2018 dna automation the evolution to intent-based netw...Cisco Connect Ottawa 2018 dna automation the evolution to intent-based netw...
Cisco Connect Ottawa 2018 dna automation the evolution to intent-based netw...Cisco Canada
 
Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Canada
 
Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...
Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...
Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...Cisco Russia
 
The Sysdig Secure DevOps Platform
The Sysdig Secure DevOps PlatformThe Sysdig Secure DevOps Platform
The Sysdig Secure DevOps PlatformAshnikbiz
 
DLT analytics and AI workshop 13 march 2019
DLT analytics and AI workshop 13 march 2019DLT analytics and AI workshop 13 march 2019
DLT analytics and AI workshop 13 march 2019Stavros Zervoudakis
 
Cisco Security Technical Alliances
Cisco Security Technical AlliancesCisco Security Technical Alliances
Cisco Security Technical AlliancesCisco DevNet
 
Cisco Connect Ottawa 2018 dev net
Cisco Connect Ottawa 2018 dev netCisco Connect Ottawa 2018 dev net
Cisco Connect Ottawa 2018 dev netCisco Canada
 
The Current And Future State Of Service Mesh
The Current And Future State Of Service MeshThe Current And Future State Of Service Mesh
The Current And Future State Of Service MeshRam Vennam
 
FIWARE Global Summit - FIWARE Implementation of IDS Reference Architecture Co...
FIWARE Global Summit - FIWARE Implementation of IDS Reference Architecture Co...FIWARE Global Summit - FIWARE Implementation of IDS Reference Architecture Co...
FIWARE Global Summit - FIWARE Implementation of IDS Reference Architecture Co...FIWARE
 
SUGCON EU 2023 - Secure Composable SaaS.pptx
SUGCON EU 2023 - Secure Composable SaaS.pptxSUGCON EU 2023 - Secure Composable SaaS.pptx
SUGCON EU 2023 - Secure Composable SaaS.pptxVasiliy Fomichev
 
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kineticCisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kineticCisco Canada
 

Similaire à Using Cisco pxGrid for Security Platform Integration: a deep dive (20)

DEVNET-1010 Using Cisco pxGrid for Security Platform Integration
DEVNET-1010 Using Cisco pxGrid for Security Platform IntegrationDEVNET-1010 Using Cisco pxGrid for Security Platform Integration
DEVNET-1010 Using Cisco pxGrid for Security Platform Integration
 
DEVNET-1124 Cisco pxGrid: A New Architecture for Security Platform Integration
DEVNET-1124 Cisco pxGrid: A New Architecture for Security Platform IntegrationDEVNET-1124 Cisco pxGrid: A New Architecture for Security Platform Integration
DEVNET-1124 Cisco pxGrid: A New Architecture for Security Platform Integration
 
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
DEVNET-1123 CSTA - Cisco Security Technical Alliances, New Program for Ecosys...
 
StampedeCon 2015 Keynote
StampedeCon 2015 KeynoteStampedeCon 2015 Keynote
StampedeCon 2015 Keynote
 
How Cisco Migrated from MapReduce Jobs to Spark Jobs - StampedeCon 2015
How Cisco Migrated from MapReduce Jobs to Spark Jobs - StampedeCon 2015How Cisco Migrated from MapReduce Jobs to Spark Jobs - StampedeCon 2015
How Cisco Migrated from MapReduce Jobs to Spark Jobs - StampedeCon 2015
 
Cisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assuranceCisco Connect Toronto 2018 DNA assurance
Cisco Connect Toronto 2018 DNA assurance
 
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocence
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocenceCisco Connect Ottawa 2018 dna assurance shortest path to network innocence
Cisco Connect Ottawa 2018 dna assurance shortest path to network innocence
 
Why Automate the Network?
Why Automate the Network?Why Automate the Network?
Why Automate the Network?
 
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
Cisco Connect Toronto 2018 DNA automation-the evolution to intent-based net...
 
Cisco Connect Ottawa 2018 dna automation the evolution to intent-based netw...
Cisco Connect Ottawa 2018 dna automation the evolution to intent-based netw...Cisco Connect Ottawa 2018 dna automation the evolution to intent-based netw...
Cisco Connect Ottawa 2018 dna automation the evolution to intent-based netw...
 
Cisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet OverviewCisco Connect Toronto 2018 DevNet Overview
Cisco Connect Toronto 2018 DevNet Overview
 
Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...
Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...
Как развернуть кампусную сеть Cisco за 10 минут? Новые технологии для автомат...
 
The Sysdig Secure DevOps Platform
The Sysdig Secure DevOps PlatformThe Sysdig Secure DevOps Platform
The Sysdig Secure DevOps Platform
 
DLT analytics and AI workshop 13 march 2019
DLT analytics and AI workshop 13 march 2019DLT analytics and AI workshop 13 march 2019
DLT analytics and AI workshop 13 march 2019
 
Cisco Security Technical Alliances
Cisco Security Technical AlliancesCisco Security Technical Alliances
Cisco Security Technical Alliances
 
Cisco Connect Ottawa 2018 dev net
Cisco Connect Ottawa 2018 dev netCisco Connect Ottawa 2018 dev net
Cisco Connect Ottawa 2018 dev net
 
The Current And Future State Of Service Mesh
The Current And Future State Of Service MeshThe Current And Future State Of Service Mesh
The Current And Future State Of Service Mesh
 
FIWARE Global Summit - FIWARE Implementation of IDS Reference Architecture Co...
FIWARE Global Summit - FIWARE Implementation of IDS Reference Architecture Co...FIWARE Global Summit - FIWARE Implementation of IDS Reference Architecture Co...
FIWARE Global Summit - FIWARE Implementation of IDS Reference Architecture Co...
 
SUGCON EU 2023 - Secure Composable SaaS.pptx
SUGCON EU 2023 - Secure Composable SaaS.pptxSUGCON EU 2023 - Secure Composable SaaS.pptx
SUGCON EU 2023 - Secure Composable SaaS.pptx
 
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kineticCisco Connect Toronto 2018 an introduction to Cisco kinetic
Cisco Connect Toronto 2018 an introduction to Cisco kinetic
 

Plus de Cisco DevNet

How to Contribute to Ansible
How to Contribute to AnsibleHow to Contribute to Ansible
How to Contribute to AnsibleCisco DevNet
 
Rome 2017: Building advanced voice assistants and chat bots
Rome 2017: Building advanced voice assistants and chat botsRome 2017: Building advanced voice assistants and chat bots
Rome 2017: Building advanced voice assistants and chat botsCisco DevNet
 
How to Build Advanced Voice Assistants and Chatbots
How to Build Advanced Voice Assistants and ChatbotsHow to Build Advanced Voice Assistants and Chatbots
How to Build Advanced Voice Assistants and ChatbotsCisco DevNet
 
Cisco Spark and Tropo and the Programmable Web
Cisco Spark and Tropo and the Programmable WebCisco Spark and Tropo and the Programmable Web
Cisco Spark and Tropo and the Programmable WebCisco DevNet
 
Device Programmability with Cisco Plug-n-Play Solution
Device Programmability with Cisco Plug-n-Play SolutionDevice Programmability with Cisco Plug-n-Play Solution
Device Programmability with Cisco Plug-n-Play SolutionCisco DevNet
 
Building a WiFi Hotspot with NodeJS: Cisco Meraki - ExCap API
Building a WiFi Hotspot with NodeJS: Cisco Meraki - ExCap APIBuilding a WiFi Hotspot with NodeJS: Cisco Meraki - ExCap API
Building a WiFi Hotspot with NodeJS: Cisco Meraki - ExCap APICisco DevNet
 
Application Visibility and Experience through Flexible Netflow
Application Visibility and Experience through Flexible NetflowApplication Visibility and Experience through Flexible Netflow
Application Visibility and Experience through Flexible NetflowCisco DevNet
 
WAN Automation Engine API Deep Dive
WAN Automation Engine API Deep DiveWAN Automation Engine API Deep Dive
WAN Automation Engine API Deep DiveCisco DevNet
 
Cisco's Open Device Programmability Strategy: Open Discussion
Cisco's Open Device Programmability Strategy: Open DiscussionCisco's Open Device Programmability Strategy: Open Discussion
Cisco's Open Device Programmability Strategy: Open DiscussionCisco DevNet
 
Open Device Programmability: Hands-on Intro to RESTCONF (and a bit of NETCONF)
Open Device Programmability: Hands-on Intro to RESTCONF (and a bit of NETCONF)Open Device Programmability: Hands-on Intro to RESTCONF (and a bit of NETCONF)
Open Device Programmability: Hands-on Intro to RESTCONF (and a bit of NETCONF)Cisco DevNet
 
NETCONF & YANG Enablement of Network Devices
NETCONF & YANG Enablement of Network DevicesNETCONF & YANG Enablement of Network Devices
NETCONF & YANG Enablement of Network DevicesCisco DevNet
 
UCS Management APIs A Technical Deep Dive
UCS Management APIs A Technical Deep DiveUCS Management APIs A Technical Deep Dive
UCS Management APIs A Technical Deep DiveCisco DevNet
 
OpenStack Enabling DevOps
OpenStack Enabling DevOpsOpenStack Enabling DevOps
OpenStack Enabling DevOpsCisco DevNet
 
NetDevOps for the Network Dude: How to get started with API's, Ansible and Py...
NetDevOps for the Network Dude: How to get started with API's, Ansible and Py...NetDevOps for the Network Dude: How to get started with API's, Ansible and Py...
NetDevOps for the Network Dude: How to get started with API's, Ansible and Py...Cisco DevNet
 
Getting Started: Developing Tropo Applications
Getting Started: Developing Tropo ApplicationsGetting Started: Developing Tropo Applications
Getting Started: Developing Tropo ApplicationsCisco DevNet
 
Cisco Spark & Tropo API Workshop
Cisco Spark & Tropo API WorkshopCisco Spark & Tropo API Workshop
Cisco Spark & Tropo API WorkshopCisco DevNet
 
Coding 102 REST API Basics Using Spark
Coding 102 REST API Basics Using SparkCoding 102 REST API Basics Using Spark
Coding 102 REST API Basics Using SparkCisco DevNet
 
Cisco APIs: An Interactive Assistant for the Web2Day Developer Conference
Cisco APIs: An Interactive Assistant for the Web2Day Developer ConferenceCisco APIs: An Interactive Assistant for the Web2Day Developer Conference
Cisco APIs: An Interactive Assistant for the Web2Day Developer ConferenceCisco DevNet
 
DevNet Express - Spark & Tropo API - Lisbon May 2016
DevNet Express - Spark & Tropo API - Lisbon May 2016DevNet Express - Spark & Tropo API - Lisbon May 2016
DevNet Express - Spark & Tropo API - Lisbon May 2016Cisco DevNet
 
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016Cisco DevNet
 

Plus de Cisco DevNet (20)

How to Contribute to Ansible
How to Contribute to AnsibleHow to Contribute to Ansible
How to Contribute to Ansible
 
Rome 2017: Building advanced voice assistants and chat bots
Rome 2017: Building advanced voice assistants and chat botsRome 2017: Building advanced voice assistants and chat bots
Rome 2017: Building advanced voice assistants and chat bots
 
How to Build Advanced Voice Assistants and Chatbots
How to Build Advanced Voice Assistants and ChatbotsHow to Build Advanced Voice Assistants and Chatbots
How to Build Advanced Voice Assistants and Chatbots
 
Cisco Spark and Tropo and the Programmable Web
Cisco Spark and Tropo and the Programmable WebCisco Spark and Tropo and the Programmable Web
Cisco Spark and Tropo and the Programmable Web
 
Device Programmability with Cisco Plug-n-Play Solution
Device Programmability with Cisco Plug-n-Play SolutionDevice Programmability with Cisco Plug-n-Play Solution
Device Programmability with Cisco Plug-n-Play Solution
 
Building a WiFi Hotspot with NodeJS: Cisco Meraki - ExCap API
Building a WiFi Hotspot with NodeJS: Cisco Meraki - ExCap APIBuilding a WiFi Hotspot with NodeJS: Cisco Meraki - ExCap API
Building a WiFi Hotspot with NodeJS: Cisco Meraki - ExCap API
 
Application Visibility and Experience through Flexible Netflow
Application Visibility and Experience through Flexible NetflowApplication Visibility and Experience through Flexible Netflow
Application Visibility and Experience through Flexible Netflow
 
WAN Automation Engine API Deep Dive
WAN Automation Engine API Deep DiveWAN Automation Engine API Deep Dive
WAN Automation Engine API Deep Dive
 
Cisco's Open Device Programmability Strategy: Open Discussion
Cisco's Open Device Programmability Strategy: Open DiscussionCisco's Open Device Programmability Strategy: Open Discussion
Cisco's Open Device Programmability Strategy: Open Discussion
 
Open Device Programmability: Hands-on Intro to RESTCONF (and a bit of NETCONF)
Open Device Programmability: Hands-on Intro to RESTCONF (and a bit of NETCONF)Open Device Programmability: Hands-on Intro to RESTCONF (and a bit of NETCONF)
Open Device Programmability: Hands-on Intro to RESTCONF (and a bit of NETCONF)
 
NETCONF & YANG Enablement of Network Devices
NETCONF & YANG Enablement of Network DevicesNETCONF & YANG Enablement of Network Devices
NETCONF & YANG Enablement of Network Devices
 
UCS Management APIs A Technical Deep Dive
UCS Management APIs A Technical Deep DiveUCS Management APIs A Technical Deep Dive
UCS Management APIs A Technical Deep Dive
 
OpenStack Enabling DevOps
OpenStack Enabling DevOpsOpenStack Enabling DevOps
OpenStack Enabling DevOps
 
NetDevOps for the Network Dude: How to get started with API's, Ansible and Py...
NetDevOps for the Network Dude: How to get started with API's, Ansible and Py...NetDevOps for the Network Dude: How to get started with API's, Ansible and Py...
NetDevOps for the Network Dude: How to get started with API's, Ansible and Py...
 
Getting Started: Developing Tropo Applications
Getting Started: Developing Tropo ApplicationsGetting Started: Developing Tropo Applications
Getting Started: Developing Tropo Applications
 
Cisco Spark & Tropo API Workshop
Cisco Spark & Tropo API WorkshopCisco Spark & Tropo API Workshop
Cisco Spark & Tropo API Workshop
 
Coding 102 REST API Basics Using Spark
Coding 102 REST API Basics Using SparkCoding 102 REST API Basics Using Spark
Coding 102 REST API Basics Using Spark
 
Cisco APIs: An Interactive Assistant for the Web2Day Developer Conference
Cisco APIs: An Interactive Assistant for the Web2Day Developer ConferenceCisco APIs: An Interactive Assistant for the Web2Day Developer Conference
Cisco APIs: An Interactive Assistant for the Web2Day Developer Conference
 
DevNet Express - Spark & Tropo API - Lisbon May 2016
DevNet Express - Spark & Tropo API - Lisbon May 2016DevNet Express - Spark & Tropo API - Lisbon May 2016
DevNet Express - Spark & Tropo API - Lisbon May 2016
 
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016
DevNet @TAG - Spark & Tropo APIs - Milan/Rome May 2016
 

Dernier

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 

Dernier (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 

Using Cisco pxGrid for Security Platform Integration: a deep dive

  • 1.
  • 2. DEVNET-1124 Using Cisco pxGrid for Security Platform Integration John Eppich Technical Marketing Engineer David Koenig Head of Business Development and Strategy, Situational Corp. Ranjan Jain Security Architect, Cisco IT
  • 3. Agenda • Functional and Architectural Basics of Cisco Platform Exchange Grid (pxGrid) • DevNet Partner & Cisco Security Integration Use-Cases • First-hand pxGrid Developer Perspective from DevNet partner Situational Corp • Customer Deployment perspective – Cisco IT pxGrid SECURITY THRU INTEGRATI ON
  • 4. Context is the Currency of the Solution Integration Realm …but it’s not easy to execute I have NBAR info! I need identity… I have firewall logs! I need identity… I have sec events! I need reputation… I have NetFlow! I need entitlement… I have MDM info! I need location… I have app inventory info! I need posture… I have identity & device-type! I need app inventory & vulnerability… I have threat data! I need reputation… I have location! I need identity… But Integration Burden is on IT Departments We Need to Share Context & Take Network Actions I have reputation info! I need threat data… I have application info! I need location & auth-group…SIO
  • 5. I have reputation info! I need threat data… I have MDM info! I need location… I have app inventory info! I need posture… I have application info! I need location & auth-group…SIO pxGrid Context Sharing Event Response Context is the Currency of the Solution Integration Realm …but it’s not easy to execute…but pxGrid accomplishes this I have NBAR info! I need identity… I have firewall logs! I need identity… I have sec events! I need reputation… I have NetFlow! I need entitlement… I have identity & device-type! I need app inventory & vulnerability… I have threat data! I need reputation… I have location! I need identity…
  • 6. WHY CUSTOMERS CARE Cisco pxGrid – Context-Sharing & Network Mitigation Connecting Partners & Cisco Security Platforms, Connecting Partners-to-Partners Cisco Provides Network Context to Customer IT Platforms Use Eco-Partner Context for Cisco Network Policy for Customers Cisco Shares User/Device & Network Context with IT Infrastructure Cisco Receives Context from Eco- Partners to Make Better Network Access Policy 1 2 3 Help Customer IT Environments Reach into the Cisco Network CISCO PLATFORM ECO-PARTNER CONTEXT CISCO PLATFORM ECO-PARTNER CONTEXT ECO-PARTNER CISCO PLATFORM CISCO NETWORK ACTION MITIGATE Puts “Who, What Device, What Access” with Events. Way Better than Just IP Addresses! Creates a Single Place for Comprehensive Network Access Policy thru Integration Decreases Time, Effort and Cost to Responding to Security and Network Events
  • 7. USE CASE: Contextual Awareness for Security/Network Event Prioritization, Response and Policy NETWORK ALERT! SRC/65.32.7.45 DST/165.1.4.9 : HTTP Is this event important? I need more info… Who is this? Is this a server? Smartphone? Is it still on the network? Where? Did this come over VPN? What’s their access level? What’s their posture? What else is on the network?
  • 8. ©2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8©2014 Cisco and/or its affiliates. All rights reserved. 8 “Sensitive Asset” “Other Asset” “Sensitive Asset” 87% of data breaches involve poor access rules… we need to do this better. Verizon Data Breach Report Access Criteria:  Who: User, Group USE CASE: Context from Cisco Identity Services Engine (ISE) to Application Control System to Increase Application Security
  • 9. ©2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9©2014 Cisco and/or its affiliates. All rights reserved. 9 ACCESS POLICY – “Critical Data” WHO = Exec Group Only WHAT = No Non-Registered Mobile WHERE = UK Only WHEN = UK Business Hours Only HOW = No VPN Access Vary this gent’s application access privilege based on device enrollment, geo-location and access method “Financial Reports” “Café Menus” “HR Database” ISE Context Completes the Picture – Granular Application Data Control Access Criteria  Non-Sensitive  Sensitive  Critical Data
  • 10. Vulnerability Assessment Packet Capture & Forensics SIEM & Threat Defense IAM & SSO pxGrid SECURITY THRU INTEGRATION pxGrid – Industry Adoption Critical Mass as of June 2015 18 Partner Platforms and 9 Technology Areas Since Release 7 Months Ago Net/App Performance IoT Security Cisco ISE Cisco WSA Cloud Access Security ?
  • 11. I have identity & device! I need geo-location & MDM… I have application info! I need location & device-type I have location! I need app & identity… Cisco ISE as pxGrid Controller Publish Publish Discover TopicDiscover Topic Continuous Flow Directed QuerypxGrid Context Sharing CISCO ISE Continuous Flow Directed Query I have sec events! I need identity & device… I have MDM info! I need location… How pxGrid Works: Partners Connecting to Cisco Security Platforms…and to Other Partners Authenticate  Authorize  Publish  Discover  Subscribe  Query
  • 12. I have identity & device! I need geo-location & MDM… I have application info! I need location & device-type I have location! I need app & identity… ISE as pxGrid Controller Publish Publish Discover TopicDiscover Topic Continuous Flow Directed QuerypxGrid Context Sharing CISCO ISE Continuous Flow Directed Query I have sec events! I need identity & device… I have MDM info! I need location… How pxGrid Works: Partners Connecting to Cisco Security Platforms…and to Other Partners Authenticate  Authorize  Publish  Discover  Subscribe  Query Traditional APIs have many limitations - pxGrid addresses these issues: •Single-purpose function = need for many APIs/dev (and lots of testing) •Not configurable = too much/little info for interface systems (scale issues) •Pre-defined data exchange = wait until next release if you need a change •Polling architecture = can’t scale beyond 1 or 2 system integrations •Security can be “loose”
  • 13. “1-touch” network mitigation action – from 3rd party partner console pxGrid ANC API ISE as unified policy point User/Device Quarantine Dynamic ACLs, Increase Inspection Adaptive Network Control provides the ability to: •Quarantine user devices from 3rd party products, such as SIEM systems •Enlist other Cisco infrastructure in the network response – such as dynamic ACLs on switches and ASA or increase IPS inspection levels •Who supports today: Lancope, Splunk, LogRhythm, NetIQ, Tenable, Bayshore, Rapid 7, Elastica pxGrid: Adaptive Network Control Makes Cisco Infrastructure a Unified Event Response Network
  • 14. pxGrid Architecture & Components pxGrid Controller pxGrid Controller Responsible for Control Plane: •Establishing the “grid” instance •Authenticating clients on to the grid •Authorizing what clients can do on the grid •Maintaining directory of context information “topics” available on the grid pxGrid Client pxGrid Clients (Eco-Partner Platforms) Responsible for: •Utilizing pxGrid Client Libraries (in SDK) to communicate with the pxGrid Controller •If sharing contextual information, publishing it to a “topic” •If consuming contextual information, subscribing to appropriate “topic” •Filtering “topics” to exclude unwanted information •Ad-hoc query to “topics” pxGrid Client
  • 15. Example: Evolution from REST to pxGrid Cisco ISE User/Device Context-Sharing Example Session Context sharing from ISE MnT Issues pxGrid Solution Periodic polling using REST API Publish & Subscribe notification push DB queries causing high I/O usage No DB query with published events caching Bulk download takes more than 3 hours for 200,000 endpoints using REST API • pxGrid provides XML streaming of sessions with pagination • Provides semantic filtering capability (ex: location) to download only a subset Receiving all attributes per session To only send interested attributes through syntactic filtering Use of syslog as interim approach - All events are processed Pubsub notification - only relevant events will be sent No visibility and mechanism to authorize, control who is accessing MnT • pxGrid provides single point of authentication and authorization, allowing only authorized systems to access the MnT • pxGrid provides visibility into topics, publishers, subscribers … Other issues: •requires opening up firewall ports for reverse web services calls •no support for federation •Lacks scale with endpoints increase • XMPP protocol supports bi-directionality with tunneling • XMPP supports federation • pxGrid scaling and HA is achieved by leveraging XMPP server architecture
  • 16. Cisco pxGrid SDK Components & Function Component Function Grid Client Library (GCL) in C and Java • Software libraries for embedding in partner system • Connects partner system to the pxGrid Sample pxGrid Data Output • Sample data from Cisco ISE across a pxGrid connection to test with Sample Data Generator • Generates live session data across a pxGrid connection • Uses Cisco ISE user/device session data pxGrid Controller Virtual Machine for Testing • ISO of bundled Cisco ISE and pxGrid Controller for local testing in your lab Hosted Testing Sandbox • Enables developer to connect to an already setup test environment pxGrid Documentation: Tutorials, Development Guides, testing guides, • Complete documentation to guide the developer from concept to implementation to verification testing
  • 17. A Closer Look at the pxGrid Connection Library… • Connection to pxGrid Server • Multiple pxGrid servers • Round-robin auto retries • Reports connection status • Client certificate based authentication • A root cert is installed in pxGrid server • pxGrid server verifies client certs are signed by the root cert • Capability subscription and publishing • Capability is a set of queries and notifications supported • pxGrid provides discovery of Capability • Notifications are sent to XMPP pub/sub • Queries are directly sent to Capability provider
  • 18. How to Get Only the Context You Need… pxGrid Message Filtering • Allows subscriber to filter/restrict messages based on specified filter criteria. • Two kinds of filters: • Content Based Filters • Restrict messages based on the content of the message • e.g. an ASA device interested in receiving session information from ISE only for end points belonging to a subnet • Schema Based Filter • Allows clients to receive only a subset of attributes instead of the full message object • Not supported in this phase
  • 19. How to Install and Test Using the pxGrid SDK 1. Install pxGrid Controller: Install Cisco ISE 1.3 ISO on a VM. 2. Setup pxGrid Controller/Client Key-stores and Trust-stores: Import samples certificates from SDK. These certificates will be used by the pxGrid client for mutual authentication to the pxGrid controller. 3. Enable pxGrid Controller: Enable pxGrid persona in Cisco ISE. 4. Setup pxGrid Test Client: Download SDK onto pxGrid client. This can be installing client libraries in your platform or hosting on an external test client (linux box, e.g. CentOS). 5. Authenticate pxGrid Client: Import the ISE identity sample cert into your platform or the linux client, and add to keystore. 6. Test with SDK Scripts: Run pxGrid sample scripts included in the SDK
  • 20. Using the pxGrid Client Libraries Developer platforms interact with pxGrid by registering the appropriate query and notification callers and handlers as detailed below: • Query Handler: A provider must register query handler with the pxGrid client library to service a query that it needs to expose over pxGrid. • Query Caller: A query caller is created by assembling a request and calling the query method on the pxGrid connection. • Notification Handler: Registers a notification handler with the pxGrid connection to receive notifications for a capability. • Notifier: To be able to publish notifications, the developer platform must first invoke a publish capability method.
  • 21. pxGrid Sample Scripts Currently Available in the SDK • Sample pxGrid scripts provide development partners with executable example code for how to use the API • These scripts can also be useful in demos with customers • Most commonly used pxGrid API scripts on Cisco ISE: • Register: registers pxGrid client to the pxGrid controller to an authorized session or ANC/EPS group. • Session Subscribe: pxGrid client subscribes to capability • Identity Group download: Downloads user identity information such as the user and profiled group information from active sessions in ISE • Session Query by IP: retrieves all active session from ISE based on IP address • Session Download: downloads all active sessions from ISE • ANC/EPS Quarantine: executes the Adaptive Network Control (ANC) quarantine action on ISE for a given IP address • ANC/EPS Unquarantine: executes the ANC/EPS unquarantine action on ISE for a given IP address • Capability: queries the registered pxGrid client name for available topic provided by the publisher (ISE in this case)
  • 23. pxGrid Sandbox now available on DevNet • DevNet Sandbox pxGrid environment allows users to integrate with pxGrid services on Cisco ISE
  • 25. • Situational is Venture backed Cisco Ecosystem Partner • Deep expertise in Identity and Access Management • Context Sharing Enables Enforcement of Security Policy • Two key use cases: • dot1x based Single Sign On • Device driven application security Security Integration At Work
  • 26. • Use Case: Single Sign On based on dot1x Authentication • Example: Single network authentication provides secure authenticated access to cloud and web applications • Solution: Integrate Network Session with Application Sign On Security Integration At Work
  • 27. • Use Case: Restrict application access based on device context • Example policy: Only employees using managed laptops can access patent research data stored in cloud application. • Solution: Integrate Network Access Control Policy and Identity and Access Management Security Integration At Work
  • 28. • Technical Detail • Develop pxGrid Integration based on Session Query • Associate Client with User Session • Leverage User Identity and Session Attributes in IAM Standards including SAML Security Integration At Work
  • 29. • Benefits • Significantly lower risk of core business operations • Extend value of in place security components • Minimal operational impact • Rapid development cycles Security Integration At Work
  • 30. • Benefits • Significantly lower risk of core business operations • Extend value of in place security components • Minimal operational impact • Rapid development cycles Security Integration At Work
  • 32. About me 32 • Security Architect (IT) • Cisco IT Identity & Access team : 12 years • 11 years in core Identity and Access • 1 year in web and cloud security • Industry speaker at RSA, Gartner, CIS, OOW, IRM Goal for this session: Idea exchange among peers Questions: Interrupt as needed Ranjan Jain #identity_guy
  • 33. ACCESS POLICY – “Critical Data” WHO = Exec Group Only Financial Reports Café Menus HR Database CFO Current Access Management Access Criteria  Sensitive  Non-Sensitive  Critical Data
  • 34. Who? When? Where? How? What? Employee Customer/Partner Guest Personal Device Company Asset Wired Wireless VPN @ Starbucks Headquarters Weekends (8:00am – 5:00pm) PST Context Aware Security: Classification Attributes Kiosk Extranet Context Aware Security
  • 35. ACCESS POLICY – “Critical Data” WHO = Exec Group Only WHAT = Registered Corp device only WHERE = US Only WHEN = US Business Hours Only HOW = No VPN Access Access Criteria  Sensitive  Non-Sensitive  Critical Data 1. Data sensitive access policies Financial Reports Café Menus HR Database Context Aware Security Use Cases CFO
  • 36. 2. Portable Assurance Level for Cloud Apps Context Aware Security Use Cases
  • 37. Internet Only Access Full access No restrictions Limited Access Fully Compliant Trusted devices Manager Doesn’t meet Trusted Device Standard IT Analyst Engineer/Coder Some Trusted Device Elements Policy Decision Point Identity and Device drive Access Permission
  • 38. Key Takeaways • Federated and Contextual security is the only secure way for Cloud and Mobility • ISE is the glue for contextual security • Visibility is important – into both network and endpoint • Standard based access management is the key Picture credit: http://www.impulse.com/
  • 39. In Summary…and How to Get Started Cisco pxGrid Enables: • Integration between development partners and the Cisco security products • Many-to-many integration scalability • The ability to integrate once to pxGrid and re- use that implementation to interface with any other pxGrid platform (even other Cisco development partners) • Integrations with the Cisco Identity Services Engine (ISE) are available today Get Started: •Cisco Identity Services Engine (ISE) integrations available today •Use user-to-IP address bindings answer “who” in your platforms •Use device identification to answer “what type of device” in your platforms •Use mitigation capabilities to take actions on users/device from your platform •Access SDK, client libraries and tutorials at: https://developer.cisco.com/site/pxgrid/