Cisco Connect 2018 Singapore

1. Denis Donnelly
Cybersecurity Specialist
March 2018
Cybersecurity Strategy:
An Integrated Approach
It’s a matter of trust

2. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Can the Network Infrastructure be trusted?
2
Physical Isolation
Locked Cabinets
Limited staff access
Proprietary HW & SW
10 Years Ago Today
Risk
Physical Barriers
Break Down
Staff Related
Breaches Grow
Attackers are
Professional
 Nation-State
 Criminal
 Political
 Insider
 Social Engineering
 Outsourcing
 Internet
 Cloud
 Virtualization
 Open-Source

3. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
3BRKARC-1010
Chuck Robbins, CEO Cisco Systems
“Security is and will remain one of
our absolute highest priorities.”

4. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
175+
global government
certifications
150+
Cisco product lines
with Trustworthy
Technologies
80+ Red Team
20 Research Partnerships in 5 countries
70,000+
Employees
Sign Code
of Conduct
every year
14,
230
Security-specific
Enterprise
InfoSec/DP policies,
Audits
Security Advocates900+
35K+ Security Ninjas
Incident Responders100+
Mandatory Secure
Development Lifecycle
Value Chain
Security Program
Data Protection Program
Cisco Investment in Explicit Trust

5. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
A Security-Based
Culture
Verify Platform
Integrity
Protect the
Network
Building a Cyber-Resilient Network with
Trustworthy Systems
Embedded Security Evidence of TrustBuilt for
Today’s
Threats
Security Expertise
& Innovation

6. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Trustworthy Systems Levels
Platform
Integrity
Protect
the Network
ISE StealthwatchIP Source Guard ACLs
uRPFDHCP Snooping Port Security
Device Level Attack Protection
Intrusion Detection TrustSec FnF
Security
Culture
PSIRT
Advisories
Security
Training
Product
Security
Baseline
Threat
Modeling
Open Source
Registration
Supply Chain
Management
Solution Level Attack Protection
Counterfeit
Protections
Runtime
Defenses
Secure
Boot
Modern
Crypto
Image
Signing
Hardware
Trust Anchor
Secure Device
Onboarding
OS
Validation

7. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Secure Development Lifecycle (CSDL)
Perform
GAP
Analysis
Register and
Update Third
Party Software
Identify and
Address
Security
ThreatsPrevent
Security
Attacks
Detect
Security
Defects
Validate
Requirements
and Resiliency
Address risks: eliminate, mitigate,
manage
Eliminate preventable defect escapes
Use best-in-class security and data
protection/privacy tool sets
Integrate security & data protection /
privacy into build systems/workflow

8. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Third Party Software
Fundamentals
Minimize exposure by
• Perform gap analysis
• Establish maintenance plan
• Verify no backdoors
• Address all known vulnerabilities before FCS
Manages third party security alerts
• Register components with in a centralized database
• Contract support for critical security fixes
Planned response to security issues
• Follow established maintenance plan

9. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Security Awareness: Cisco Security Training
Practical application of security principles, techniques, and
implementation of role-specific CSDL elements; advanced
understanding of security concepts
Recognized security leader providing ongoing, significant contributions
internally at Cisco and externally in the industry
Lead on projects to improve product security; mentor other engineers
in increasing Security IQ
Familiarity with basic security vocabulary
and concepts; basic knowledge of Cisco
Secure Development Lifecycle
Drive change to improve trustworthiness; act upon the knowledge
within white and green belt

10. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Trustworthy Systems Levels
Platform
Integrity
Protect
the Network
ISE StealthwatchIP Source Guard ACLs
uRPFDHCP Snooping Port Security
Device Level Attack Protection
Intrusion Detection TrustSec FnF
Security
Culture
PSIRT
Advisories
Security
Training
Product
Security
Baseline
Threat
Modeling
Open Source
Registration
Supply Chain
Management
Solution Level Attack Protection
Counterfeit
Protections
Runtime
Defenses
Secure
Boot
Modern
Crypto
Image
Signing
Hardware
Trust Anchor
Secure Device
Onboarding
OS
Validation

11. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Jai Vijayan, DARKReading.
Software Modification on Network Elements
“In a troubling new development, threat actors looking
for different ways to break into and remain undetected
on enterprise networks appear to have begun targeting
routers connecting businesses to the Internet.”

12. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
12
Image Signing: How It Works
Signing
01000101
110011
Hash Function
Signing Hash With
Cisco Private Key
Embed Signature to
the Software

13. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
13
Image Signing: How It Works
Verification
Hash Function 01000101
110011
Verify Signature Hash
With Cisco Public Key
01000101
110011
Hash is Compared
to Verify Authenticity

14. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Attacking the Boot Sequence
BIOS
Fetch
Firmware
Instruction
set
Operating System
Start-up
Operating
System
 Changing the boot interface
 Booting from alternate device
 Bypassing Integrity checks
 Adding persistent code

15. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Secure Boot Starts from Protected Code
Firmware Instruction Set
(Boot Code) must be
protected against an
unauthorized modification
from outside

16. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
 Only authentic signed
Cisco software boots up
on a Cisco platform
 The boot process stops if
any step fails to
authenticate
 IOS “show software
authenticity” command
illustrates the results
Cisco Secure Boot
Anchors Secure Boot in Hardware to Create a Chain of Trust
Cisco Secure Boot
Boot Code Integrity Anchored in Hardware
Step 1
Hardware
Anchor
Microloader
CPU
Microloader
Step 2
Microloader
checks
bootloader
CPU
Bootloader
Step 3
Bootloader
checks OS
CPU
OS
Step 4
OS launched
Software
Authenticity:

17. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Trust Anchor Module (TAm)
Hardware-based Trust Anchor
 Anti-Theft & Anti-Tamper Chip Design
 Built-In Crypto Functions
 Immutable Identity with IEEE 802.1AR (Secure
UDI- X.509 cert)
 Secure Storage for Certificates and Objects
 Certifiable Entropy for Random Number Generation

18. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Counterfeiting is Real

19. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
*
*
How They Come Together: Cisco Secure Boot and
Trust Anchor module
Validating the Authenticity of Software Followed by Hardware
Step 1
Microloader
CPU
Microloader
Step 2
Microloader
checks Bootloader
CPU
Bootloader
Step 3
Bootloader
checks OS
CPU
OS
Step 4
OS launched
Trust Anchor
module
Step 5
Authenticity and
license checks
CPU
OS
Trust Anchor
module
Step 6
Trust Anchor
module provides
critical services
CPU
OS
Software authenticity check
Hardware authenticity check
* The first instructions that run on a CPU are either stored in immutable hardware so that they cannot be tampered with or are validated by the hardware

20. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Trustworthy Systems
Secure by Design
Evidence
of Trust
Holistic
Approach
Security Expertise
and Innovation
Built for
Today’s Threats
Organizations require a cyber-resilient network foundation for digitization
https://trust.cisco.com

21. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Q & A

22. © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential