4. Acerca del Grupo Logicalis Proveedor global de soluciones y servicios integrados de Tecnologías de la Información y las Comunicaciones – TIC- con foco en Colaboración, Data Centers, Servicios gerenciados y profesionales. Casa matrizen UK y operaciones en Europa, EstadosUnidos, América Latina y Asia Pacífico*. Ventas mayores a 1.000 millones de dólares. Más de 1.900 empleados en el mundo Más de 6.500 clientes a nivel global: corporativos, de sector público y de telecomunicaciones. Fuertes partnerships globales con empresaslíderes del mercadotecnológico. * En diciembre de 2009 Logicalis completó la adquisición de NetStar, integrador de sistemas actuando en Taiwan, Hong Kong, Malasia, Australia y Singapur
5. Grupo Logicalis – Presencia Internacional 5 (1) Ingresos de PLLAL, joint venture entre el Grupo Logicalis y Promon S.A. (2) Representa 6 semanas de facturación en el FY2010 de Logicalis Group. 5
6. Cobertura en América Latina Joint venture del grupo Logicalis y el grupobrasileñoPromon. Brasil San Pablo Río de Janeiro Brasilia Perú Lima Paraguay Asunción Chile Santiago Uruguay Montevideo Argentina Buenos Aires Córdoba Rosario Oficinas con apertura en FY11
36. Visión y Posicionamiento Business and Technology Working as One PERSONAS PROCESOS INFORMACIÓN Aportar visión de negocios al proceso de toma de decisiones en el ámbito tecnológico
47. Integración e implementación de soluciones- Project management
48. Nuestras Soluciones y Servicios El portfolio de Logicalis tiene como fin ayudar a nuestros clientes a utilizar la tecnología para acompañar y conducir sus procesos estratégico de negocio, a través de skills avanzados, productos líderes y experiencia comprobada. BUSINESS & TECHNOLOGY CONSULTING Access and Transport Technologies Information Security Networks & Systems Management Networking IT COMMUNICATIONS Collaboration, Voice and Video Data Centers ADVANCED SERVICES Managed Services, Training, Operations and Maintenance
101. 23 Seguridad de la Información ¿Qué se debe garantizar? 1.- Confiabilidad Se garantiza que la información es accesible sólo a aquellas personas autorizadas. 2.- Integridad Se salvaguarda la exactitud y totalidad de la información y los métodos de procesamiento y transmisión. 3.- Disponibilidad Se garantiza que los usuarios autorizados tienen acceso a la información y a los recursos relacionados toda vez que lo requieran.
113. En Rusia, se usan las redes sociales como un mercado on-line de compra y venta de números de tarjetas de crédito
114. En el 2007 había un dispositivo conectado cada 10 personas. En 2010 hay 5 dispositivos conectados por persona en el mundo
115. El ataque de DDoS creció un casi un 23% desde el año pasadoFuente: IC3 2009 Annual Report on Internet Crime Released Cisco 2010 Midyear Security Report
130. Arbor Peakflow: esta línea de productos permite tener una visibilidad y seguridad de cualquier red global IP, basada en 3 fuentes de datos: X-flow, BGP, y SNMP. Permite brindar servicios de Clean Pipes a los ISP.
131. Su uso es principalmente para ISPs o grandes empresas donde es importante la visibilidad y defensa de la red, siendo la misma de grandes proporciones.
132. Arbor Ellacoya e-Series: son equipos para visibilidad a capa 7, permitiendo además, controlar los flujos que circulan por la red, controlando (restringiendo o anulando) el ancho de banda utilizado por los clientes.
133.
134.
135. Provee un sistema de protección de la red del ISP, eliminando amenazas salientes de Botnets.
136. Protege a los usuarios del ISP contra el uso de sus PCs por parte de botnets.
137. Provee una plataforma escalable que soporta los ataques de DNS, con una muy alta disponibilidad.
143. Disolución de lasfronteras Policy Corporate Border Applications and Data Corporate Office Branch Office Home Office Airport Attackers Mobile User Coffee Shop Customers Partners
144. Cloud Computing esta “disolviendo”la fronterade la corporación Policy Corporate Border Applications and Data X as a Service Software as a Service Infrastructure as a Service Corporate Office Platform as a Service Branch Office Home Office Airport Attackers Mobile User Coffee Shop Customers Partners
145. La nueva red: sin fronteras Policy Corporate Border Applications and Data X as a Service Software as a Service Infrastructure as a Service Corporate Office Platform as a Service Branch Office Home Office Airport Attackers Mobile User Coffee Shop Customers Partners
146. Policy (Access Control, Acceptable Use, Malware, Data Security) 4 Policy Corporate Border Applications and Data X as a Service Software as a Service Infrastructure as a Service Corporate Office Platform as a Service Branch Office 1 2 3 Home Office Airport Attackers Mobile User Coffee Shop Customers BorderlessEnd Zones BorderlessInternet BorderlessData Center Partners Arquitectura para una seguridad sin fronteras
151. Top Exploits Email Security Spam (+85% del tráficomundial de correo) Viruses False-positives Denial-of-Service (DoS) Attacks Misdirected bounces (Ataques de Rebotes) Impersonation scams (Phishing) Bot-Net Networks
152. IronPortConsolida la seguridad y arquitectura de la plataforma de Correo Antes de IronPort Despues de IronPort Internet Internet Firewall Firewall MTAs Anti-Spam Anti-Virus Policy Management Mail Routing IronPort Email Security Appliance Groupware Groupware Users Users
165. SenderBaseEmail Reputation Database DomainBlacklist & Safelists Message CompositionData Other Data Global VolumeData Spam Traps ComplaintReports IP Blacklists & Whitelists Compromised Host Lists Web Site CompositionData IP Reputation Score - 10 +10 0
166.
167.
168. 3B daily web requestsEmail Security Solutions Web Security Solutions Firewalls IPS Devices
172. CorreoSeguroFácil de utilizarpara el remitente 2 1 1 Message isEncrypted & Pushed to Recipient 3 TLS User OpensSecured Messagein Browser Key is Stored User Authenticates and Receives Message Key Automated key management No desktop software requirements No new hardware required Decrypted Message Is displayed
194. Desafios de la WEB Recursos e informacioncasiilimitados, pero no hay privacidad o seguridadgarantizada Acceptable Use Violations Data Loss Malware Infections Challenges
195. 20% del trafico es “facil de clasificar” Trafico predecible, Dominios conocidos 80% del trafico es “dificil de clasificar” 110M sitios, creciendo 40% anualmente Mezcla de sitios legitimos, spyware y malware Traffic Volume Big Head Long Tail # of Sites Web Traffic
196.
197.
198.
199.
200.
201. Cisco IronPort S-SeriesA Powerful, Secure Web Gateway Solution Most effective defense against web-based malware Visibility and control for acceptable use and data loss High performance to ensure best end-user experience Integrated solution offering optimum TCO Management and Reporting Acceptable Use Policy Malware Defense Data Security AsyncOS for Web
210. Web Proxy & L4 Traffic Monitor T1 & T2 used for L4TM P1/M1 used for Web Proxy Web Proxy Deployment Options L4 Traffic Monitor Deployment Options Explicit Forward Span Port off a Switch Transparent off an L4 Switch Simplex Tap Transparent off a WCCP Router Duplex Tap
211. Intelligent Scanning Known good sites aren’t scanned ANTI-MALWARE SYSTEM IRONPORT WEB REPUTATION FILTERS DECRYPTION ENGINE Unknown sites are scanned by one or more engines Requested URLs Known bad sitesare blocked IronPort Web Reputation technology determines need for scanning by - IronPort Anti-Malware System - Decryption Engine
234. Cisco IronPort Email Security Services Cisco IronPort Hosted Email Security (No LDAP, No DLP) Cisco IronPort Hybrid Hosted Email Security (SaaS, LDAP y DLP) Cisco IronPort Managed Email Security (Managment delegado, mayor escalabilidad)
235. Opciones de Deployment FlexiblesPero el mismo lider del mercado en Email Security Cisco Security Operations Center En la “nube” (Cisco Datacenters) Customer Premise Equipment (CPE) Hybrid Hosted Email Security Hybrid Hosted Email Security Managed Email Security Hosted Email Security (SaaS) CUSTOMERPREMISE PoliticasUnificadas| Reporting Centralizado| ProteccionConsistente
236. Hosting dedicado - Email SecuritySolucion dedicada, reduccion de costos y rapido deployment Seguridad de Email en la “nube”, reduce la posibilidad de unafacilidentificacion Soluciondedicadaelimina los riesgos de contaminacionpor “compartirrecursos” Infraestructuraadministradaaseguracapacidadsi hay crecimiento de spam EliminaSpam & Malware Cisco Data Centers 1 Email “limpio” 2 Outbound Customer
237. Hosting Hibrido - Email SecurityMaxima Flexibilidad asegura un diseño optimo Diseñohibridopermite el control dividido, en la nube y en “casa del cliente” CPE- en el clientepermite el control avanzado con encripcion y soportepara DLP. EliminaSpam & Malware Cisco Data Centers 1 Email “limpio” 2 DLP& politicas de encripcion 3 Outbound Cliente
238. Managed Email SecuritySeguridad de correo “TOTAL” en manos de expertos Managed email provee la maxima reduccion de tareas y control La arquitectura del serviciopermiteaplicaciones del ladocliente o “en casa” Cisco SOC ofrece 24/7 management y monitoreoremoto Cisco Security Operations Center (SOC) Administracion Segurizada VPN Tunnel Cliente Email
We now have 2 main offices for Latin America - based in Sao Paulo (Brazil) and Buenos Aires (Argentina)The Brazilian operation that has merged with Logicalis, is now part of a holding company for the whole Latin American business. The operations in Argentina, Bolivia, Chile, Ecuador, Paraguay, Peru and Uruguay trade under the name of Logicalis (they have dropped the Softnet brand). In Brazil, the operation trades as PromonLogicalis.Logicalis is now the single largest independent network integrator for this region.
There is no question that the traditional corporate border is gone forever. In the past, applications, data centers and branch office networks were protected by perimeter devices such as firewalls and policy-based rule sets. The internet and attackers were outside the perimeter, although VPN and other technologies made it possible to grant controlled access for partners and customers. The perimeter was your line in the sand, where all your policies were set, and where your policy enforcement systems were located. Although it could be complex to manage this properly, this architecture was straightforward to understand and police. ------------------Cisco Promotion Points: Cisco Systems has about 350 partners with access through the perimeter. You can assume each partner has up to 350 partners of their own. Cisco had to move past the concept of the perimeter in order to secure its extranet.
However, the traditional network borders are disappearing. The way companies do enterprise computing and access information has changed, and will continue to change over the next five years. The two biggest architectural changes are mobility and cloud computing. A key driver behind mobility is the latest generation of smart phones, iPhones and handheld devices. These are internet-enabled, so they can access WebEx, Skype and YouTube. They may have VPN or other access into corporate applications. The mobile work force can now use laptops from home offices and coffee shops, as well as computers in airport kiosks. This is not just about email access – the mobile users and devices can now have the same capabilities as office systems. The browser and a vast number of powerful applets have radically expanded the things that can be accomplished remotely, and productivity is climbing. This productivity jump is a direct result of the connectivity and data sharing provided by the network. Yes, the device may have local data storage. Yes, there are security issues. But the huge increase in efficiency means that this genie is not going back in the bottle. More and more companies are spending time and energy around handheld computing. IT departments want to support new operating systems like Google Android, and are being asked to support platforms besides Windows. Cisco’s Borderless Network architecture provides security in this mobile, multi-platform, multi-vendor, multi-location environment. -------------------------------------------------------------------------------------------------------------------Cisco Promotion Points: Cisco helped build the internet backbone and corporate connectivity that makes data sharing possible.Microsoft is providing a new VPN technology in Windows, called Direct Access. While this competes against Cisco’s current and future VPN clients, Cisco supports Windows, Macs, BlackBerries, smart phones, iPhones and more, while Microsoft Direct Access supports Windows 7 only. Cisco shines in this heterogeneous environment.
The second big change is cloud computing. There are compelling reasons to move certain applications and services into the cloud. Cost savings and survivability are two main drivers, virtualization makes it easier to achieve and the network makes it transparent to users in any location. Typically the first wave of applications that we’ve seen move into the “cloud” included email. Email security is one of the apps that we’ve seen more of our customers, like you, having interest in.Another example is salesforce.com, a customer relationship management system. You can rent a Sun or Windows server for your own applications, and cut your management costs using Platform as a Service. Infrastructure as a Service could be a managed router environment, managed firewalls, or something else. These providers are specialists, and the savings from cloud computing can be substantial. But now you’ve got more users on more devices in more places in the network, and data residing in more places in the network. That’s a deadly combination for security. Consider what happens when your CFO uses a handheld to check your sales forecast at salesforce.com. That transaction, that connection never touches a firewall. It doesn’t touch a web proxy.
This is a diagram of the new, Borderless network environment we live in. Users, devices, cloud-based services and head-office resources are all accessible, but without traditional network perimeters. Cisco’s new architecture to secure this borderless network is able to restore the auditing, logging, access control, verification, malware policy and threat prevention. We’ve had to rethink how security is done, and how to accommodate this dramatic shift. We can help customers migrate to a protected network without borders, but this kind of security has to be “baked in” to the architecture and the products. Security as an afterthought is much less likely to restore the traditional levels of control. ----------------------------------------------------------------------------------Cisco Promotion Points: There is no single best practice for securing a Borderless Network – instead, Cisco’s new architecture is flexible and adaptable.
Cisco’s vision is around 4 pillarsFirst The borderless end zones – i.e. protecting the end user device from threats - whether it’s the smart phone, laptop, etc.Second is the Borderless Internet which is really the focus of this presentation. Central to this pillar is the cloud based as well as a unique “hybrid” deployment modelThe third pillar of the vision is the borderless data center where cisco’s vision is to provide security to the evolving data center. Aspects like inter-VM and intra-VM security are the areas where we are investigating.And finally the fourth pillar is that around policy. Our customers are telling us that regardless of the way information is accessed, they have to apply the same policies – whether it’s around access control, data security, acceptable use, etc.As you can see the cloud is the central to the strategy of Cisco’s SBN
Challenges in today’s IT are vast and diverse. IT budgets are flat or shrinking and these challenges are ever growing. This is driving the Enterprise toward hard requirements for firewall.These requirements include:A clear understanding of the threat environment which means a continuous update to software and security content to keep up with the latest threatsHigh performance platforms that are capable of keeping up with today’s traffic needs and allowing for growth as the threat environment evolvesFlexible deployment options to assure coverage of threats anywhere in the networkThat same flexibility of options applied to the new mobile teleworker and remote enviromentsSecurity applied to the latest voice and video communicationsAnd tying it all together with an operational model that make management effective and efficient
The CSIO piece that provides Cisco IronPort’s email security threat protection is Senderbase.It is the world’s first, largest and most thorough email & threat monitoring database. This chart illustrates some of the sources of senderbase information and the over 150 parameters we track in real time.- Global volume- Complaints, spamtraps- 3rd party blacklist and dynamic lists- Results of content filter scanning for spam and viruses- URLs with known risks of spamvertising, viruses, spyware- Website composition to look at suspicious payloads or known bad files- Domain registration information- Look at linking reputation of sites through hyperlinksBy having real time insight into this data we can see threats before anyone else in the industry and protect our customer base.Some of this information is available to the public at www.senderbase.org
At Cisco, we pioneered the whole conceptof reputation filtering that relied on the depth of email security data collected from a wide deployment sensor.However as the threat landscape has evolved, so have our techniques. The result is CSIO – Cisco Security Intelligence Operations – industry’s leading threat data base that gathers information from a wide variety of threat sources and converts them into dynamic rules to protect our customers in real time from new and evolving threats.The reason why CSIO is industry leading is because of the breadth and depth of threat information that we harness through it.By leveraging the rich security portfolio that Cisco has – comprised of both network security and content security offerings – we have effectively converted this broad deployment into – what we call sensors.These sensors send us anonymous threat data that gives us the vast visibility into the threat landscape. These sensors include web security sensors, email security sensors, IPS devices as well as firewall devices – providing threat information from various parts of the layers in the networking stack.To give you a sense of the breadth and depth of this sensor netwrok – we have visibility into 30% of the global email data base, we have more than 700,000+ devices on the network security side.
Lets shift gears from inbound email protection to outbound email controlCustomers today are faced with a number of different challenges Ensuring compliance with regulations like HIPAA, PCI, etcOr protecting trade secrets, confidential data, etcEmail is the primary vector of concern for organizations and hence it is important to discuss the variety of technologies that Cisco IronPort has for the email security infrastructure that help customers detect incidents and apply appropriate remediation to those incidents.That’s where the DLP and Encryption technologies from Cisco help. We are the industry’s first vendor that has a comprehensive DLP and Encryption solution available in the cloud only deployment model. This provides customers who’ve made the choice to move to the cloud a great solution to maintain regulatory compliance and adherence to company Acceptable Use Policies.The first step is one that allows customers to detect events.And on detecting events, the email security deployment can be configured to perform a number of different remediation options including encrypting the email, dropping the attachment, cc-ing to an HR/Legal inbox etc.
To explain how easy our secure messaging solution is, we will first show you how simple it is for the senders, then the receivers. The first is sending a message. The thing you want to convey here is that customers can instantly deploy PXE with a simple feature key, no additional management overhead. An email that is detected is as being required to have encryption would automatically be enrolled into the key management system, which is provided via Cisco registered envelope service hosted in the Cisco cloud. Then that message is pushed to the end-user and that end-user would retrieve the key from the Cisco registered envelope service and render that message in their browser. This provides for a host of center controls, because the fact that that message’s key is stored in host fashion. The sender can log-in to the registered envelope service and deal with tracking, secure, reply, recall and so on. And what makes this really powerful is the fact that we, meaning Cisco, never actually store that email message. All we are doing is storing the key, making it a high-performance, high-secure model for managing secure email.
HTTP is the New TCPOne can be reasonably sure that, no matter what the other firewall settings, Port 80 and Port 443 will be open. It’s the 24x7 path into and out of every enterprise.This is driven by business critical content and applications on the web. The secondary effect is that other applications, such as FTP, SOCKS, IM, P2P, and Video are also shifting to tunnel over HTTP to take advantage of the ubiquitous access.Result: HTTP now dominates at the enterprise edge, carrying numerous applications and types of information. In some cases, up to 90% of traffic traversing the enterprise edge is HTTP.This creates new security challenges for enterprise IT.ORFirst objective: establish the problem set and the concept of the Secure Web Gateway as the solution.Important to set this framework for the customer conversation: while we may not have the world’s best web proxy or the world’s best URL filtering, we do have the world’s best Secure Web Gateway. Establishing this framework helps qualify customer priorities vs our value prop, and helps position us for success relative to vendors focused on subsets of the problem space.Web has become the ubiquitous path into enterprises – and it’s overloaded with different applications and content that businesses want to handle differently.Saas applications like Saleforce and Netsuite; rich collaboration apps like WebEx; information discovery—researching prospects, learning about competitive products and market trends, or catching up on today’s news. The idea of locking down web access is unthinkable.And this has driven a second trend: taking advantage of that pipe in and out to tunnel apps over HTTP. A few years back, P2P apps like BitTorrent dominated Internet backbone traffic. Today that’s been replaced by HTTP-Video—the YouTube effect plus ubiquitous access. IM clients traversing the edge also tend to use HTTP more and more today, e.g. Yahoo releasing Yahoo Web Messenger. Legacy SOCKS applications transitioning to CONNECT.Result: HTTP now dominates at the enterprise edge, carrying numerous applications and types of information. In many ways, it has become the new TCP at the enterprise edge.
While the challenge has become multi-dimensional, the policy issues remain the same:There is a need to apply access controls to ensure the right people have access to the right parts of the network and applications.Acceptable Use controls for compliance and productivity, to ensure employees are using the web resources appropriately. Threat Protection to block all the bad stuff like malware, botnets, intrusions and spam from coming into the network.And finally data protection to ensure that confidential information is not getting out into the open or into wrong hands, either inadvertently or with a malicious intent.
Cisco IronPort Dynamic Vectoring and Streaming (DVS) engine
For maximum efficacy, a Secure Web Gateway needs to examine traffic at both the network layer and the application layer. Furthermore, a Web security appliance needs to combine signature based analysis as well as traffic based or "reputation" analysis to distinguish legitimate traffic from hostile spyware or malware. And it needs to deliver this without introducing any degradation in the end user browsing experience.The IronPort S-Series represents the next generation of Web technology, leveraging techniques developed for Web proxy caching but built from the ground up for security. Built on IronPort's proprietary AsyncOS operating system, the S-Series appliance offers extremely high performance scanning of Web content at both the network layer and the application layer using both signature and reputation based filtering. The IronPort S-Series Web Security Appliance is the industry’s first and only Web security appliance to combine traditional URL filtering, reputation filtering and multi-vendor anti-malware filtering on a single platform. This squarely addresses the growing challenges of both securing and controlling Web traffic while enjoying a low Total Cost of Ownership (TCO). Enterprise-class management and reporting tools deliver ease of administration, flexibility and control, and complete visibility into policy-related and threat-related activities.
Choice also takes the form of flexible deployment options leveraging the same market-leading email security technologyCustomers can now choose from hosted, hybrid hosted, managed appliances or self-managed appliances based on the form factor that they preferCisco can leverage our data center to host all or parts of the equipment, can out-task manage the devices on the customer premise, or divide the control between the cloud and customer premise.Regardless of the deployment option, customers retain co-managed access while maintaining a common policy, centralized reporting and consistent protection
Let’s look at the various deployment optionsFirst is dedicated hosted email securityHere the email security devices reside in the Cisco data center minimizing the customer’s data center requirementsThe dedicated nature of the service ensures that the customer’s sensitive data is not leaked and eliminates the “shared fate” risk of critical outagesThe customer can be assured of spam growth headroom with future capacity assurance. Meaning that Cisco will take the necessary steps to scale the infrastructure behind the seems to provide the highest level of service for the rated user count.DIAGRAM: In the diagram you can see that both the inbound and outbound filtering is done on the appliances hosted in the Cisco data center. After removing inbound spam and viruses, the clean email is passed to the customer.
Next, let’s look at the Hybrid Hosted email security offeringThis solution divides the control between the “cloud” and the customer premise. The inbound filtering is done in the Cisco cloud prior to the traffic entering the customer premise. Outbound control policies are applied on the customer premise where customers want to prevent the leakage of sensitive information or to encrypt the email traffic to ensure security and confidentialityNOTE: Emphasize what we are, best of both worlds. Scalability, consolidated reporting. First vendor to deliver – others make the claim but we are actually the first ones to pull it off.
And lastly, let’s look at managed email security which provides the highest level of out-taskingThe Cisco Remote Management Services provides vigilant 24x7 remote management and monitoring on behalf of the customerProvides a predictable cost model that the CFO will appreciate.Email continues to flow through the on-premise infrastructure where both inbound and outbound filtering is applied. Cisco RMS accesses the on-premise appliance via a VPN tunnel delivered by the dedicated VPN router