Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.
Cisco CyberSecurity
Strategy
Ghassan Dreibi
Manager, Business Development
2000	
  1990	
   1995	
   2005	
   2010	
   2015	
   2020	
  
Viruses	
  
1990–2000	
  
Worms	
  
2000–2005	
  
Spyware	
 ...
“Captive Portal”
“It matches the pattern”
“No false positives,
no false negatives.”
Application
Control
FW/VPN
IDS / IPS
U...
CyberSecurity	
  
Personal
Files	
  
Financial
Data	
  
Emails	
  Photo	
  
Organiza4ons	
  are	
  more	
  confident	
  
but	
  increasingly	
  vulnerable	
  
90%	
  of	
  companies	
  are	
  	
  
co...
Countries	
  with	
  higher	
  block	
  ra4os	
  have	
  many	
  Web	
  servers	
  and	
  compromised	
  hosts	
  on	
  ne...
Complexity	
  and	
  Fragmented	
  
MOBILIT	
   CLOUD	
  
New	
  surface	
  for	
  threats	
  	
  
THREAT	
  
Internet	
  of	
  Things…and	
  Everything	
  
Every	
  company	
  becomes	
  a	
  technology	
  company,	
  	
  
Every	
 ...
APT’s	
  
Advanced	
  Persistent	
  Threats	
  	
  
Game	
  Console	
  /	
  
eCommerce	
  
77M	
  Accounts	
  Hacked	
  
Cloud	
  Service	
  
5M	
  Customer	
  Email	
  Recor...
100%
of top 500 companies with
malicious connection
detected
60%
“collected”
in hours
54%
of new
Threats Discovered
after ...
Access	
  
Gain	
  access	
  to	
  the	
  Network	
  
How	
  to	
  get	
  
access…	
  
Social	
  Medias	
  |	
  PEN	
  Drives	
  |	
  Social	
  Engineering	
  	
  	
  
73%	
  
Suspected	
  VPN	
  connec4ons	
  
Camouflage	
  |	
  Distrac4on	
  	
  	
  	
  
Stuxnet	
  
Industry	
  Segment	
  threat	
  
Stuxnet	
  Deployed	
  
Stuxnet	
  Detected	
  
BlackEnergy	
  
Launched	
  
2008	
   2009	
   2010	
   2011	
   2012	
   ...
Time	
  	
  
Time	
  to	
  reach	
  the	
  target….	
  
Time	
  to	
  be	
  detected….	
  
Time
Everywhere	
  
Security	
  Strategy	
  
Network
Servers
Operating
Systems
Routers
and
Switches
Mobile
Devices
Printers
VoIP
Phones
Virtual
Machines
Client
Applica...
See	
  more	
  …	
  
Understand	
  the	
  scope	
  of	
  aaack	
  
NETWORK	
  /	
  USER	
  	
  
CONTEXT	
  	
  	
  
How	
  
What	
  Who	
  
Where	
  When	
  
EXTERNAL	
  CONTEXT	
  
INTELLI...
Automa?on	
  
Beaer	
  informa4on…Beaer	
  decision	
  
Network	
  	
  
as	
  Sensor	
  
Network	
  as	
  Enforcer	
  
?
Threat-­‐Focused	
  
Detect,	
  Understand,	
  and	
  Stop	
  Threats	
  
?
Collective Security
Intelligence
Threat
Identified
Event History
Ho...
Con4nuous	
  Advanced	
  Threat	
  Protec4on	
  
ISE	
  +	
  Network,	
  Appliances	
  (NGFW/NGIPS)	
  
How
What
Who
Where...
Performance	
  |	
  Capacity	
  |	
  SLA	
  	
  
Cloud
Connected
Network
Mobile Router Firewall
The
Distributed
Perimeter
Collective
Security
Intelligence Telemetry Data T...
Shadow	
  IT	
  Risk	
  	
  
Assessment	
  Report	
  
Business	
  	
  
Readiness	
  RaEng™	
  
Audit	
  Score	
  
Shadow	
...
Service	
  
Provider	
  
Endpoint	
  
Data	
  Center	
  
Edge	
  
Campus	
  
Opera4onal	
  
Technology	
  
Branch	
  WAN	
...
AnyConnect
featuring
AMP for
Endpoints
FirePOWER
Threat
Defense for
ISR
ACI
Integration
with
TrustSec
Ruggedized
Cisco ASA...
Start	
  with	
  the	
  hardware	
  op4on	
  that	
  fits	
  best	
  
All with built-in Application Visibility and Control ...
Cisco ASA with FirePOWER
Identity-Policy
Control & VPN
URL Filtering
(Subscription)
FireSIGHT
Analytics &
Automation
Advan...
Deployment	
  
OpEons	
  
Virtual	
  Appliance	
  
MulE-­‐device	
  
Support	
  
Desktop	
   Tablet	
  Laptop	
  Mobile	
 ...
AMP
Advanced Malware
Protection
AMP	
  for	
  Networks	
  
AMP	
  on	
  Web	
  and	
  Email	
  Security	
  
Appliances	
  ...
Employee Tag
PCI POS Tag
Partner Tag
Non-Compliant Tag
Voice Tag
Employee Non-Compliant
Campus Core
Data Center
Data VLAN ...
PROTECTION
Integrated Security and Consistent Policy Enforcement (Physical & Virtual)
Active Monitoring & Comprehensive Di...
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Próxima SlideShare
Cargando en…5
×

Estratégia de segurança da Cisco (um diferencial para seus negócios)

446 visualizaciones

Publicado el

Entenda a estratégia de segurança da cisco e por quê ela é um diferencial para seus negócios

Publicado en: Tecnología
  • Sé el primero en comentar

Estratégia de segurança da Cisco (um diferencial para seus negócios)

  1. 1. Cisco CyberSecurity Strategy Ghassan Dreibi Manager, Business Development
  2. 2. 2000  1990   1995   2005   2010   2015   2020   Viruses   1990–2000   Worms   2000–2005   Spyware  and  Rootkits   2005–Today   APTs  Cyberware   Today  +   Hacking  Becomes   an  Industry   SophisEcated  AFacks,   Complex  Landscape   Phishing,  Low   SophisEcaEon    
  3. 3. “Captive Portal” “It matches the pattern” “No false positives, no false negatives.” Application Control FW/VPN IDS / IPS UTM NAC AV PKI “Block or Allow” “Fix the Firewall” “No key, no access” Sandboxing “Detect the Unknown” There  is  no  Silver  bullet    
  4. 4. CyberSecurity   Personal Files   Financial Data   Emails  Photo  
  5. 5. Organiza4ons  are  more  confident   but  increasingly  vulnerable   90%  of  companies  are     confident  about  their  policies     But  54%  admit  to  having  faced  public   scru?ny  following  a  security  breach.  
  6. 6. Countries  with  higher  block  ra4os  have  many  Web  servers  and  compromised  hosts  on  networks  within  their  borders.   Russia  0.936   Japan  1.134   China  4.126   Hong  Kong  6.255   France  4.197   Germany  1.277   Poland  1.421   Canada  0.863   U.S.  0.760   Brazil  1.135   Malware  on  a  Global  Scale   Malicious  actors  do  not  respect  country  boundaries.     Malware  Traffic   Expected  Traffic  
  7. 7. Complexity  and  Fragmented  
  8. 8. MOBILIT   CLOUD  
  9. 9. New  surface  for  threats    
  10. 10. THREAT  
  11. 11. Internet  of  Things…and  Everything   Every  company  becomes  a  technology  company,     Every  company  becomes  a  security  company  
  12. 12. APT’s   Advanced  Persistent  Threats    
  13. 13. Game  Console  /   eCommerce   77M  Accounts  Hacked   Cloud  Service   5M  Customer  Email  Records   Stolen  Through  Phishing   WiFi   45M  Customer  Records   Stolen   SCADA  Control   Water  U4lity  Disrup4on     by  Pump  Shutdown   Springfield  Water  Light   &  Power   Social  Engineering   40M  Secure  Tokens  Stolen   POS   110M  Credit  Cards  and   Personal  Info  Stolen  
  14. 14. 100% of top 500 companies with malicious connection detected 60% “collected” in hours 54% of new Threats Discovered after months
  15. 15. Access   Gain  access  to  the  Network  
  16. 16. How  to  get   access…   Social  Medias  |  PEN  Drives  |  Social  Engineering      
  17. 17. 73%   Suspected  VPN  connec4ons  
  18. 18. Camouflage  |  Distrac4on        
  19. 19. Stuxnet   Industry  Segment  threat  
  20. 20. Stuxnet  Deployed   Stuxnet  Detected   BlackEnergy   Launched   2008   2009   2010   2011   2012   2013   2014   2015   BlackEnergy  Detected  Havex  Detected*   Havex  Launched  
  21. 21. Time     Time  to  reach  the  target….  
  22. 22. Time  to  be  detected….   Time
  23. 23. Everywhere   Security  Strategy  
  24. 24. Network Servers Operating Systems Routers and Switches Mobile Devices Printers VoIP Phones Virtual Machines Client Applications Files Users Web Applications Application Protocols Services Malware Command and Control Servers Vulnerabilities NetFlow Network Behavior Processes
  25. 25. See  more  …  
  26. 26. Understand  the  scope  of  aaack  
  27. 27. NETWORK  /  USER     CONTEXT       How   What  Who   Where  When   EXTERNAL  CONTEXT   INTELLIGENCE  INFO     CONSISTENT  SECURE  ACCESS  POLICY   ACROSS  WIRED,  WIRELESS  and  VPN  
  28. 28. Automa?on   Beaer  informa4on…Beaer  decision  
  29. 29. Network     as  Sensor   Network  as  Enforcer  
  30. 30. ? Threat-­‐Focused  
  31. 31. Detect,  Understand,  and  Stop  Threats   ? Collective Security Intelligence Threat Identified Event History How What Who Where When ISE  +  Network,  Appliances  (NGFW/NGIPS)   Context AMP,  CWS,  Appliances   Recorded   Enforcement
  32. 32. Con4nuous  Advanced  Threat  Protec4on   ISE  +  Network,  Appliances  (NGFW/NGIPS)   How What Who Where When Collective Security Intelligence AMP,  CWS,  Appliances   Enforcement Event History AMP,  Threat  Defense   Continuous AnalysisContext
  33. 33. Performance  |  Capacity  |  SLA    
  34. 34. Cloud Connected Network Mobile Router Firewall The Distributed Perimeter Collective Security Intelligence Telemetry Data Threat Research Advanced Analytics 3M+ Cloud Web Security Users 6GB Web Traffic Examined, Protected Every Hour 75M Unique Hits Every Hour 10M Blocks Enforced Every Hour
  35. 35. Shadow  IT  Risk     Assessment  Report   Business     Readiness  RaEng™   Audit  Score   Shadow  Data     Risk  Assessment   Aher   StreamIQ™   ThreatScore™   ContentIQ™   Reports  &  Analysis   Cloud Apps ?   ? ??   ?  ?   ? IO IOI IO IOI Protect IO IOI IO IOI Cloud  SOC     Policy   IO IOI IO IOI ? 54  17   IO IOI IO IOI ?   ? IO IOI Audit Detect ? Investigate Web  Sec   Before  During   Securelet™ Gateway Elastica CloudSOC™ Other   Appliances   Firewall   In  collabora4on  with:   Data   Account   User   Security   OperaEons   Center   Analyze & Control
  36. 36. Service   Provider   Endpoint   Data  Center   Edge   Campus   Opera4onal   Technology   Branch  WAN   Ecosystem   Services   User  
  37. 37. AnyConnect featuring AMP for Endpoints FirePOWER Threat Defense for ISR ACI Integration with TrustSec Ruggedized Cisco ASA with FirePOWER Services pxGrid Ecosystem expansion ACI + FirePOWER Services Integration Threat- Centric Security for Service ProvidersCloud Web Security + Intelligent WAN Services User Cisco Hosted Identity Services
  38. 38. Start  with  the  hardware  op4on  that  fits  best   All with built-in Application Visibility and Control (AVC), network firewalling, and VPN capabilities Desktop 5506-X Wireless AP 5506W-X Ruggedized 5506H-X Rackmount 5508-X/5516-X Add  FirePOWER  Services*  for  enhanced  protec4on   *Available as subscriptions Next-­‐GeneraEon  Intrusion   PrevenEon  System  (NGIPS)   URL  Filtering  Advanced  Malware   ProtecEon  (AMP)   Choose  the  appropriate  management  solu4on     Appliance sold separately FireSIGHT  Management   Center   On-box manager comes standard AdapEve  Security  Device   Manager  (ASDM)    
  39. 39. Cisco ASA with FirePOWER Identity-Policy Control & VPN URL Filtering (Subscription) FireSIGHT Analytics & Automation Advanced Malware Protection (Subscription) Application Visibility & Control Network Firewall Routing | Switching Clustering & High Availability WWW Cisco Collective Security Intelligence Enabled Built-in Network Profiling Intrusion Prevention (Subscription) World’s  most  widely  deployed,  enterprise-­‐ class  ASA  stateful  firewall     Granular  Cisco®  Applica4on     Visibility  and  Control  (AVC)     Industry-­‐leading  FirePOWER     next-­‐genera4on  IPS  (NGIPS)     Reputa4on-­‐  and  category-­‐based     URL  filtering   Advanced  malware  protec4on  
  40. 40. Deployment   OpEons   Virtual  Appliance   MulE-­‐device   Support   Desktop   Tablet  Laptop  Mobile   Cloud   Managed  Hybrid  Hybrid   On-­‐Premises   Cloud  
  41. 41. AMP Advanced Malware Protection AMP  for  Networks   AMP  on  Web  and  Email  Security   Appliances   AMP  on  Cisco®    ASA  Firewall  with   FirePOWER  Services   AMP  for  Endpoints   AMP  for    Cloud  Web  Security     and  Hosted  Email   AMP  Private  Cloud     Virtual  Appliance   MAC OS Windows OS Android Mobile Virtual CWS   AMP  Threat  Grid     Malware  Analysis  +  Threat   Intelligence  Engine     Appliance  or  Cloud   *AMP for Endpoints can be launched from AnyConnect
  42. 42. Employee Tag PCI POS Tag Partner Tag Non-Compliant Tag Voice Tag Employee Non-Compliant Campus Core Data Center Data VLAN 20 ( PCI Segmenta4on within the same VLAN) Non-Compliant Access Layer Voice Employee PCI POS Partner SSL  VPN   ISE   ASA   Lancope/Nenlow   (SMC/FC)   Data  VLAN  20   Quaran4ne   ClassificaEon  Results:   Device  Type:  Apple  iPAD   User:  Mary   Group:  Employee   Corporate  Asset:  Yes   Malware  Detected  Yes   Data Center Firewall
  43. 43. PROTECTION Integrated Security and Consistent Policy Enforcement (Physical & Virtual) Active Monitoring & Comprehensive Diagnostics for Threat Mitigation PROVISIONING Simplified Service Chaining Dynamic Policy Management Rapid Instantiation PERFORMANCE On Demand Scalability Increased Clustering Size Multi-Site Clustering

×