SlideShare una empresa de Scribd logo

Cisco Security portfolio update

Descargar como PPTX, PDF
Atanas Gergiminov
Atanas Gergiminov

Cisco Switching and Security portfolio update What’s new in the firewall? Firepower portfolio Device Management Subscriptions New SMB switches

Dispositivos y hardware
1 de 34
Cisco Switching and Security portfolio update Atanas Gergiminov System Engineer PolyComp 2019
Agenda What’s new in the firewall? • Firepower portfolio • Device Management • Subscriptions New SMB switches Demo
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Cisco’s Comprehensive Security Portfolio Integrated security portfolioWorld-class security controls Consistent policies and visibility Duo Multi-Factor Authentication Identity Services Engine (ISE) AMP for Endpoints Firepower Management Center (FMC) Firepower Device Manager (FDM) Cisco Threat Response (CTR) Application Centric Infrastructure Cisco Defense Orchestrator (CDO) Rapid Threat Containment TrustSec Firepower Threat Defense (FTD) Multi-Instance ASA Clustering Firepower Platforms Talos Stealthwatch
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Firewall Validated Use Cases Branch RA VPN Cloud/Virtual Data Center NGIPS Internet Edge Where Cisco can help
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Firepower Portfolio ASA 5508/16 NEW FPR 4115/25/45 NEW FPR 1010 NEW FPR 1120/40 FPR 2110/20/30/40 FPR 9300 Series SM-40 SM-48 SM-56 NEW ASA 5525/45/55 FPR 4110/20/40/50 SM-24 SM-36 SM-44 650 Mbps AVC 650 Mbps AVC+IPS 1.5-2.2 Gbps AVC 1.5-2.2 Gbps AVC+IPS 2-8.5 Gbps AVC 2-8.5 Gbps AVC+IPS Stand-alone device: 12-53 Gbps AVC 10-47 Gbps AVC+IPS 6 Six node cluster: Up to 254 Gbps AVC Up to 226 Gbps AVC+IPS One Module: 30-70 Gbps AVC 24-64 Gbps AVC+IPS Six node (2 chassis) cluster: Up to 336 Gbps AVC Up to 307 Gbps AVC+IPS SOHO/ SMB Branch Office Mid-Size Enterprise Large Enterprise Data Center Service Provider
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 4 Core • 1.2 Gbps AVC • 1.1 Gbps AVC+IPS 8 Core • 2.4 Gbps AVC • 2.2 Gbps AVC+IPS 12 Core • 3.6 Gbps AVC • 3.3 Gbps AVC+IPS Firepower NGFW: FTD Virtual Platforms Private Cloud • 1.2 Gbps AVC • 1.1 Gbps AVC+IPSc AWS Instance types • c3.xlarge • c4.xlarge • c5.xlarge Azure Instance types • Standard D3 • D3v2 Public Cloud
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential NGFW Hardware 2019 Update As the threat landscape evolves, our NGFW portfolio does too. Gain more features and better performance at the same or lower price point. Better performance • Up to 3.5x boost in NGFW throughput • Up to 5x boost in VPN throughput More connections • Up to 2x more connections per second (CPS) Improved encrypted traffic throughput • Up to 3x boost in encrypted traffic performance
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential NEW: Firepower 1000 Series Small business and branch office security with superior price / performance NEW *POE and L2 support expected 2H CY2019 NEW Firepower 1010 • High–performance desktop NGFW • PoE, 8 10/100/1000 Base-T RJ45 switching ports* • Stateful firewall, AVC, NGIPS, AMP, URL filtering 650Mbps NGFW throughput Firepower 1120/40 • High–performance Rackmount NGFW • 8 10/100/1000Base-T RJ45 switching ports, 4 1000Base-F SFP switching ports • Stateful firewall, AVC, NGIPS, AMP, URL filtering 1120-1.5Gbps NGFW Throughput 1140-2.2Gbps NGFW Throughput
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Firepower NGFW: ISA3000 Provides FTD to Manufacturing Maximum Firewall Throughput 2 Gbps Ideal for industrial environments • Hardened design • DC power supply • DIN rail Two models of ISA 3000 • 2 x Copper + 2 x Fiber data interfaces • 4 x Copper data interfaces Industrial features include • Alarm port: 2 x alarm input, 1 x alarm output • SD card auto backup/restore • Hardware bypass for transparent mode firewall
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Firewall Policy Powered by Talos & OpenApp ID Security Intelligence: Block latest malicious IPs, URLs and FQDNs AVC with OpenAppID: Identify and control over 4,000+ pre-defined apps AVC with OpenAppID: Easily create custom application detectors URL Categories: Classify 280M+ URLs using 80+ categories Category-based Policy Creation Admin Allow Block DNS Sinkhole 01001010100 00100101101 Security feeds URL | IP | DNS Control traffic based on IP, URL, FQDN, or application NGFW Allow BlockWarn
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Integrated TLS Decryption Decrypt traffic in hardware or software Inspect deciphered packets Track and log all TLS sessions Finds encrypted threat while reducing performance impact • TLS hardware acceleration delivers high-performance inspection of encrypted traffic • Centralized enforcement of TLS certificate policies • Examples: Blocking self-signed encrypted traffic, specified TLS version, cypher suites Encrypted Traffic Log TLS decryption engine NGIPS Enforcement decisions AVC elicit gambling https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$&^*#$@#$.com https://www.%$&^*#$@#$.com
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Site-to-Site VPN Easily and securely interconnect remote sites • IKEv1/IKEv2 policy-based VPN • Easy topology-based management of VPN on multiple peers • Point-to-point • Hub and Spoke • Full Mesh • Flexible authentication options – pre-shared key (automatic) and certificates Point-to-Point Hub and Spoke Full Mesh FTD FTD FTD FTD Router Third Party Device or or Hub
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Remote Access VPN with DUO Provide ubiquitous secure access from remote and roaming users • Posture assessment • Uses TLS, DTLS or IKEv2 • Easy wizard-based configuration • Integration with LDAP and RADIUS • Identity based security policies • Enhanced security with 2 FA/MFA provided by Duo Extend access remotely Protect important data Maintain application performance Support multiple sites AnyConnect RA VPN Client
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Smart Licenses Smart Licensing is Different Limited View Customers do not know what they own. PAK Registration Manually register each device. Device-Specific Licenses are specific to only one device. Complete View Software, services, and devices in easy-to-use portal. Easy Registration No PAKs. Easy activation. Ready to use. Company-Specific Flexible licensing. Use across devices. Classic Licenses Automated Provisioning | Efficient Consumption | License Portability
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Partner Holding Account Smart Account Types Customer Smart Account • Where licenses are deposited and managed • Can be managed by customer directly, designated VAR or authorized party through CSSM or LRP Virtual Accounts (Organize by business unit, product type, geo, etc.) • Partner or reseller store smart enabled products temporarily, before depositing them into an end customer Smart Account. • Note: It is recommended that partners deposit licenses directly into the Customer Smart Account because licenses can only be consumed in the Customer Smart Account
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Smart Licensing Deployment Options
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Management Designed for the User For easy on-box management of single FTD or pair of FTDs running in HA For centralized cloud-based policy management of multiple deployments *For FTD release 6.4 or higher Helps administrators enforce consistent access policies, rapidly troubleshoot security events, and view summarized reports across the deployment Cisco Firepower Device Manager (FDM) Cisco Defense Orchestrator (CDO) Cisco Firepower Management Center (FMC) On premise Centralized Manager SecOps Focused On-box manager NetOps Focused Cloud Based Centralized Manager NetOps Focused Coexist Flexibility of cloud or on-premises options Common APIsSecurity Integrations
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Wizard-Based Guided Workflows Optimized for Commercial Co-exists with Cloud Management Firepower Device Manager
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Network Users HQ Data Center Admin Branch What is Cisco Defense Orchestrator (CDO)? Roaming Users Cloud applicationsSD-WAN Policy - CDO Visibility & Evening - SAL Incident response - CTR FTD AMP ASA FTD Consistently manage policies across your Cisco security products. CDO is a cloud-based application that cuts through complexity to save time and keep your organization protected against the latest threats.
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential CDO Supported Platforms Hardware Minimum Software ASA 5500-X ASA 8.4 FTD 6.4 Firepower 1000 ASA 9.13 FTD 6.4 Firepower 2100 ASA 8.4 FTD 6.4 Firepower 4100 ASA 8.4 Coming soon Firepower 9300 ASA 8.4 Coming soon Virtual – Private Cloud KVM, VMWare ASA 8.4 FTD 6.4 Virtual – Public Cloud AWS, Azure ASA 8.4 Coming soon Meraki MX Latest software update
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Firewall Throughput 250 Mbps 250 Mbps 450 Mbps 450 Mbps 450 Mbps 450 Mbps VPN Throughput 100 Mbps 100 Mbps 200 Mbps 200 Mbps 200 Mbps 200 Mbps Gigabit WAN Ports 2 (1 shared) 2 2 (1 shared) 2 2 (1 shared) 2 Gigabit LAN Ports 4 10 4 10 4 10 PoE+ Ports - 2 - 2 - 2 Wi-Fi (on W models) 802.11ac 802.11ac 802.11ac Wave 2 802.11ac Wave 2 - 802.11ac Wave 2 Embedded Cellular - - - - CAT 6 LTE CAT 6 LTE MX64/64W MX67CMX67/67W MX68/68W MX68CWMX65/65W MX Security & SD-WAN Small Branch Portfolio Improved performance and embedded LTE Advanced
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Ready to get started? Upgrade your NGFW today! Sign up for a free trial: FMC Trial CDO Trial
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential • Fire Jumper Program https://communities.cisco.com/docs/DOC-55046 • NGFW & NGIPS Competency Area https://communities.cisco.com/docs/DOC-57815 • Web & Email Security Competency Area https://communities.cisco.com/docs/DOC-57817 • Policy & Access Competency Area https://communities.cisco.com/docs/DOC-57780 • Advanced Threat Competency Area https://communities.cisco.com/docs/DOC-57818 • Proof of Value (PoV) & Best Practice Docs https://communities.cisco.com/docs/DOC-65405 • dCloud https://dcloud.cisco.com • Digital Network Architecture (DNA) https://dcloud2-rtp.cisco.com/dCloud/dna.jsp Resources  Security Community https://www.cisco.com/go/securitychannels  Voice of the Engineer https://communities.cisco.com/docs/DOC-30718  Tech Talks https://communities.cisco.com/docs/DOC-30977  Competitive Battle cards https://communities.cisco.com/docs/DOC-56271  Partner Help http://www.cisco.com/go/ph  Umbrella Partner Portal https://communities.cisco.com/docs/DOC-64565  NGFW Sizing guide https://communities.cisco.com/docs/DOC-70837
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Partner Incentives and Promotions • ASA Refresh: www.cisco.com/go/asamigration • IPS Refresh: www.cisco.com/go/ipsmigration • AnyConnect Refresh: www.cisco.com/go/anyconnectmigration • ACS to ISE Refresh: www.cisco.com/acs-ise-migration • Security Ignite: http://www.cisco.com/web/partners/incentives_and_promotions/security-ignite.html • Security Bundles: http://www.cisco.com/c/en/us/partners/sell-integrate-consult/incentives-promotions/security-solution-bundle.html Additional Resources
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Key Help Resources Customer Facing Websites • Smart Account Home CCO Page: www.cisco.com/go/smartaccounts • Smart Licensing CCO Page: www.cisco.com/go/smartlicensing • Smart Licensing ‘Satellite’ CCO Page: www.cisco.com/go/smartsatellite • Best Practices & Usage Guides: http://forums.cisco.com/ecom/web/operations-exchange/sot • Sample Config Guide: http://www.cisco.com/c/dam/en/us/products/collateral/cloud-systems-management/smart- software-manager-satellite/smart-software-prod-config-guide.pdf • Cisco Security Licensing and Software Access: https://communities.cisco.com/docs/DOC-55301 • Security Voice of the Engineer (VoE): https://communities.cisco.com/docs/DOC-30718 Getting Help • GLO Support: Fully supported by GLO 24x7. • licensing@cisco.com • General Questions: ask-smartlicensing@cisco.com • Portal Issues: smart-ops-support@cisco.com • Migration Issues: smart-ops-support@cisco.com • Satellite Issues: cs-cssm-satellite@cisco.com Training • Live Training: Register for you or your customer at: • https://communities.cisco.com/docs/DOC-59481#anch2 • Youtube Training Videos: https://www.youtube.com/channel/UCABaWsiDScw_w6kvPcDIjHw • Cisco.com Training Videos & Demos: • http://www.cisco.com/web/ordering/smart-software- manager/index.html
ThankYou cisco@polycomp.b g

Recomendados

Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallCisco Canada
 
SDWAN vs MPLS: What Enterprises need?
SDWAN vs MPLS: What Enterprises need?SDWAN vs MPLS: What Enterprises need?
SDWAN vs MPLS: What Enterprises need?Haris Chughtai
 
Cisco ASA Firepower
Cisco ASA FirepowerCisco ASA Firepower
Cisco ASA FirepowerAnwesh Dixit
 
Cisco ASA Firewalls
Cisco ASA FirewallsCisco ASA Firewalls
Cisco ASA FirewallsBryley Systems Inc.
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Anwesh Dixit
 
Cisco Live Brksec 3032 - NGFW Clustering
Cisco Live Brksec 3032 - NGFW ClusteringCisco Live Brksec 3032 - NGFW Clustering
Cisco Live Brksec 3032 - NGFW Clusteringib_cims
 
CCNP Security-Firewall
CCNP Security-FirewallCCNP Security-Firewall
CCNP Security-Firewallmohannadalhanahnah
 
Understanding Cisco Next Generation SD-WAN Solution
Understanding Cisco Next Generation SD-WAN SolutionUnderstanding Cisco Next Generation SD-WAN Solution
Understanding Cisco Next Generation SD-WAN SolutionCisco Canada
 

Recomendados

Putting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallPutting Firepower Into The Next Generation Firewall
Putting Firepower Into The Next Generation FirewallCisco Canada
 
SDWAN vs MPLS: What Enterprises need?
SDWAN vs MPLS: What Enterprises need?SDWAN vs MPLS: What Enterprises need?
SDWAN vs MPLS: What Enterprises need?Haris Chughtai
 
Cisco ASA Firepower
Cisco ASA FirepowerCisco ASA Firepower
Cisco ASA FirepowerAnwesh Dixit
 
Cisco ASA Firewalls
Cisco ASA FirewallsCisco ASA Firewalls
Cisco ASA FirewallsBryley Systems Inc.
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Anwesh Dixit
 
Cisco Live Brksec 3032 - NGFW Clustering
Cisco Live Brksec 3032 - NGFW ClusteringCisco Live Brksec 3032 - NGFW Clustering
Cisco Live Brksec 3032 - NGFW Clusteringib_cims
 
CCNP Security-Firewall
CCNP Security-FirewallCCNP Security-Firewall
CCNP Security-Firewallmohannadalhanahnah
 
Understanding Cisco Next Generation SD-WAN Solution
Understanding Cisco Next Generation SD-WAN SolutionUnderstanding Cisco Next Generation SD-WAN Solution
Understanding Cisco Next Generation SD-WAN SolutionCisco Canada
 
Cisco Security Architecture
Cisco Security ArchitectureCisco Security Architecture
Cisco Security ArchitectureCisco Canada
 
The business case for SD WAN in the enterprise
The business case for SD WAN in the enterprise The business case for SD WAN in the enterprise
The business case for SD WAN in the enterprise Colt Technology Services
 
Cisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfCisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfTaherAzzam2
 
Understanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyUnderstanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyCisco Canada
 
Firepower ngfw internet
Firepower ngfw internetFirepower ngfw internet
Firepower ngfw internetRony Melo
 
The Akamai Security Portfolio
The Akamai Security PortfolioThe Akamai Security Portfolio
The Akamai Security PortfolioElisabeth Bitsch-Christensen
 
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfAryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfKlausSchwegler
 
What is SASE
What is SASEWhat is SASE
What is SASEAdi Ruppin
 
The Data Center Network Evolution
The Data Center Network EvolutionThe Data Center Network Evolution
The Data Center Network EvolutionCisco Canada
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?QOS Networks
 
ACI Hands-on Lab
ACI Hands-on LabACI Hands-on Lab
ACI Hands-on LabCisco Canada
 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routingWilfredzeng
 
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudMaximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudVeloCloud Networks, Inc.
 
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...Cisco Canada
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Canada
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptxaungyekhant1
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Enterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WANEnterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WANToshal Dudhwala
 
Introduction to nexux from zero to Hero
Introduction to nexux from zero to HeroIntroduction to nexux from zero to Hero
Introduction to nexux from zero to HeroDhruv Sharma
 
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosCisco Canada
 
SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform Cisco Service Provider
 

Más contenido relacionado

La actualidad más candente

Cisco Security Architecture
Cisco Security ArchitectureCisco Security Architecture
Cisco Security ArchitectureCisco Canada
 
The business case for SD WAN in the enterprise
The business case for SD WAN in the enterprise The business case for SD WAN in the enterprise
The business case for SD WAN in the enterprise Colt Technology Services
 
Cisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfCisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfTaherAzzam2
 
Understanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyUnderstanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyCisco Canada
 
Firepower ngfw internet
Firepower ngfw internetFirepower ngfw internet
Firepower ngfw internetRony Melo
 
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfAryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfKlausSchwegler
 
The Data Center Network Evolution
The Data Center Network EvolutionThe Data Center Network Evolution
The Data Center Network EvolutionCisco Canada
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?QOS Networks
 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routingWilfredzeng
 
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudMaximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudVeloCloud Networks, Inc.
 
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...Cisco Canada
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Canada
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptxaungyekhant1
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Enterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WANEnterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WANToshal Dudhwala
 
Introduction to nexux from zero to Hero
Introduction to nexux from zero to HeroIntroduction to nexux from zero to Hero
Introduction to nexux from zero to HeroDhruv Sharma
 

La actualidad más candente (20)

Cisco Security Architecture
Cisco Security ArchitectureCisco Security Architecture
Cisco Security Architecture
 
The business case for SD WAN in the enterprise
The business case for SD WAN in the enterprise The business case for SD WAN in the enterprise
The business case for SD WAN in the enterprise
 
Cisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfCisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdf
 
Understanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN TechnologyUnderstanding Cisco’ Next Generation SD-WAN Technology
Understanding Cisco’ Next Generation SD-WAN Technology
 
Firepower ngfw internet
Firepower ngfw internetFirepower ngfw internet
Firepower ngfw internet
 
The Akamai Security Portfolio
The Akamai Security PortfolioThe Akamai Security Portfolio
The Akamai Security Portfolio
 
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdfAryaka Bringing SASE to Life with a Zero Trust WAN.pdf
Aryaka Bringing SASE to Life with a Zero Trust WAN.pdf
 
What is SASE
What is SASEWhat is SASE
What is SASE
 
The Data Center Network Evolution
The Data Center Network EvolutionThe Data Center Network Evolution
The Data Center Network Evolution
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
 
What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?What is SASE and How Can Partners Talk About it?
What is SASE and How Can Partners Talk About it?
 
ACI Hands-on Lab
ACI Hands-on LabACI Hands-on Lab
ACI Hands-on Lab
 
Vxlan control plane and routing
Vxlan control plane and routingVxlan control plane and routing
Vxlan control plane and routing
 
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloudMaximizing SD-WAN Architecture with Service Chaining - VeloCloud
Maximizing SD-WAN Architecture with Service Chaining - VeloCloud
 
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
Cisco Connect Halifax 2018 Understanding Cisco's next generation sd-wan sol...
 
Cisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network IntuitiveCisco Digital Network Architecture - Introducing the Network Intuitive
Cisco Digital Network Architecture - Introducing the Network Intuitive
 
4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx4_Session 1- Universal ZTNA.pptx
4_Session 1- Universal ZTNA.pptx
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Enterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WANEnterprise WAN Evolution with SD-WAN
Enterprise WAN Evolution with SD-WAN
 
Introduction to nexux from zero to Hero
Introduction to nexux from zero to HeroIntroduction to nexux from zero to Hero
Introduction to nexux from zero to Hero
 

Similar a Cisco Security portfolio update

ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosCisco Canada
 
TechWiseTV Workshop: ASR 9000
TechWiseTV Workshop: ASR 9000 TechWiseTV Workshop: ASR 9000
TechWiseTV Workshop: ASR 9000 Robb Boyd
 
Cisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dcCisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dcCisco Canada
 
Hosted Security as a Service - Solution Architecture Design
Hosted Security as a Service - Solution Architecture DesignHosted Security as a Service - Solution Architecture Design
Hosted Security as a Service - Solution Architecture DesignCisco Canada
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Canada
 
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation FirewallCisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation FirewallCisco Canada
 
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)Cisco Canada
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaCisco do Brasil
 
Cisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIACisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIARobb Boyd
 
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...Cisco Russia
 
Cisco Powered: Your Trusted Source for Cloud and Managed Services
Cisco Powered: Your Trusted Source for Cloud and Managed ServicesCisco Powered: Your Trusted Source for Cloud and Managed Services
Cisco Powered: Your Trusted Source for Cloud and Managed ServicesCisco Canada
 
MX Deep Dive PPT
MX Deep Dive PPTMX Deep Dive PPT
MX Deep Dive PPTomar awad
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...Chrysostomos Christofi
 
Cisco Connect Ottawa 2018 the intelligent network with Cisco Meraki
Cisco Connect Ottawa 2018 the intelligent network with Cisco MerakiCisco Connect Ottawa 2018 the intelligent network with Cisco Meraki
Cisco Connect Ottawa 2018 the intelligent network with Cisco MerakiCisco Canada
 
Application Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centreApplication Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centreCisco Canada
 
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco merakiCisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco merakiCisco Canada
 
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...Cisco Canada
 
Achieving Network Deployment Flexibility with Mirantis OpenStack
Achieving Network Deployment Flexibility with Mirantis OpenStackAchieving Network Deployment Flexibility with Mirantis OpenStack
Achieving Network Deployment Flexibility with Mirantis OpenStackEric Zhaohui Ji
 

Similar a Cisco Security portfolio update (20)

ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment Scenarios
 
SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform SP 5G: Unified Enablement Platform
SP 5G: Unified Enablement Platform
 
TechWiseTV Workshop: ASR 9000
TechWiseTV Workshop: ASR 9000 TechWiseTV Workshop: ASR 9000
TechWiseTV Workshop: ASR 9000
 
Cisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dcCisco connect montreal 2018 secure dc
Cisco connect montreal 2018 secure dc
 
Hosted Security as a Service - Solution Architecture Design
Hosted Security as a Service - Solution Architecture DesignHosted Security as a Service - Solution Architecture Design
Hosted Security as a Service - Solution Architecture Design
 
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
Cisco Connect Toronto 2018 sd-wan - delivering intent-based networking to t...
 
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation FirewallCisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
 
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
SP Virtual Managed Services (VMS) for Intelligent WAN (IWAN)
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de SegurançaProteja seus clientes - Gerenciamento dos Serviços de Segurança
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
 
Cisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIACisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIA
 
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
 
Cisco Powered: Your Trusted Source for Cloud and Managed Services
Cisco Powered: Your Trusted Source for Cloud and Managed ServicesCisco Powered: Your Trusted Source for Cloud and Managed Services
Cisco Powered: Your Trusted Source for Cloud and Managed Services
 
MX Deep Dive PPT
MX Deep Dive PPTMX Deep Dive PPT
MX Deep Dive PPT
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
 
Cisco Connect Ottawa 2018 the intelligent network with Cisco Meraki
Cisco Connect Ottawa 2018 the intelligent network with Cisco MerakiCisco Connect Ottawa 2018 the intelligent network with Cisco Meraki
Cisco Connect Ottawa 2018 the intelligent network with Cisco Meraki
 
Application Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centreApplication Centric Infrastructure (ACI), the policy driven data centre
Application Centric Infrastructure (ACI), the policy driven data centre
 
BRKCRS-2110.pdf
BRKCRS-2110.pdfBRKCRS-2110.pdf
BRKCRS-2110.pdf
 
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco merakiCisco Connect Toronto 2018 the intelligent network with cisco meraki
Cisco Connect Toronto 2018 the intelligent network with cisco meraki
 
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
Cisco connect winnipeg 2018 understanding cisco's next generation sdwan sol...
 
Achieving Network Deployment Flexibility with Mirantis OpenStack
Achieving Network Deployment Flexibility with Mirantis OpenStackAchieving Network Deployment Flexibility with Mirantis OpenStack
Achieving Network Deployment Flexibility with Mirantis OpenStack
 

Más de Atanas Gergiminov

Microsoft Azure - Introduction to microsoft's public cloud
Microsoft Azure - Introduction to microsoft's public cloudMicrosoft Azure - Introduction to microsoft's public cloud
Microsoft Azure - Introduction to microsoft's public cloudAtanas Gergiminov
 
Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses Atanas Gergiminov
 
New Cisco Small Business Products
New Cisco Small Business ProductsNew Cisco Small Business Products
New Cisco Small Business ProductsAtanas Gergiminov
 
Meraki cloud managed products
Meraki cloud managed productsMeraki cloud managed products
Meraki cloud managed productsAtanas Gergiminov
 
Cisco Small and Midsize Business Training
Cisco Small and Midsize Business TrainingCisco Small and Midsize Business Training
Cisco Small and Midsize Business TrainingAtanas Gergiminov
 

Más de Atanas Gergiminov (8)

Azure hands on lab
Azure hands on labAzure hands on lab
Azure hands on lab
 
Modern Devices Management
Modern Devices ManagementModern Devices Management
Modern Devices Management
 
Microsoft Azure - Introduction to microsoft's public cloud
Microsoft Azure - Introduction to microsoft's public cloudMicrosoft Azure - Introduction to microsoft's public cloud
Microsoft Azure - Introduction to microsoft's public cloud
 
Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses
 
New Cisco Small Business Products
New Cisco Small Business ProductsNew Cisco Small Business Products
New Cisco Small Business Products
 
Meraki cloud managed products
Meraki cloud managed productsMeraki cloud managed products
Meraki cloud managed products
 
New Cisco Access Points
New Cisco Access PointsNew Cisco Access Points
New Cisco Access Points
 
Cisco Small and Midsize Business Training
Cisco Small and Midsize Business TrainingCisco Small and Midsize Business Training
Cisco Small and Midsize Business Training
 

Último

Top Rated Pune Call Girls Ravet ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Ravet ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Ravet ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Ravet ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Call Girls in Nagpur High Profile
 
Book Paid Lohegaon Call Girls Pune 8250192130Low Budget Full Independent High...
Book Paid Lohegaon Call Girls Pune 8250192130Low Budget Full Independent High...Book Paid Lohegaon Call Girls Pune 8250192130Low Budget Full Independent High...
Book Paid Lohegaon Call Girls Pune 8250192130Low Budget Full Independent High...ranjana rawat
 
Call Girls Chikhali Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chikhali Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Chikhali Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chikhali Call Me 7737669865 Budget Friendly No Advance Bookingroncy bisnoi
 
怎样办理圣芭芭拉分校毕业证(UCSB毕业证书)成绩单留信认证
怎样办理圣芭芭拉分校毕业证(UCSB毕业证书)成绩单留信认证怎样办理圣芭芭拉分校毕业证(UCSB毕业证书)成绩单留信认证
怎样办理圣芭芭拉分校毕业证(UCSB毕业证书)成绩单留信认证ehyxf
 
Top Rated Pune Call Girls Katraj ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Katraj ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...Top Rated Pune Call Girls Katraj ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Katraj ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...Call Girls in Nagpur High Profile
 
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)kojalkojal131
 
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)amitlee9823
 
Introduction-to-4x4-SRAM-Memory-Block.pptx
Introduction-to-4x4-SRAM-Memory-Block.pptxIntroduction-to-4x4-SRAM-Memory-Block.pptx
Introduction-to-4x4-SRAM-Memory-Block.pptxJaiLegal
 
Develop Keyboard Skill.pptx er power point
Develop Keyboard Skill.pptx er power pointDevelop Keyboard Skill.pptx er power point
Develop Keyboard Skill.pptx er power pointGetawu
 
Call Girls In RT Nagar ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In RT Nagar ☎ 7737669865 🥵 Book Your One night StandCall Girls In RT Nagar ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In RT Nagar ☎ 7737669865 🥵 Book Your One night Standamitlee9823
 
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...amitlee9823
 
Book Sex Workers Available Pune Call Girls Yerwada 6297143586 Call Hot India...
Book Sex Workers Available Pune Call Girls Yerwada 6297143586 Call Hot India...Book Sex Workers Available Pune Call Girls Yerwada 6297143586 Call Hot India...
Book Sex Workers Available Pune Call Girls Yerwada 6297143586 Call Hot India...Call Girls in Nagpur High Profile
 
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...Call Girls in Nagpur High Profile
 
Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...amitlee9823
 
(👉Ridhima)👉VIP Model Call Girls Mulund ( Mumbai) Call ON 9967824496 Starting ...
(👉Ridhima)👉VIP Model Call Girls Mulund ( Mumbai) Call ON 9967824496 Starting ...(👉Ridhima)👉VIP Model Call Girls Mulund ( Mumbai) Call ON 9967824496 Starting ...
(👉Ridhima)👉VIP Model Call Girls Mulund ( Mumbai) Call ON 9967824496 Starting ...motiram463
 
HLH PPT.ppt very important topic to discuss
HLH PPT.ppt very important topic to discussHLH PPT.ppt very important topic to discuss
HLH PPT.ppt very important topic to discussDrMSajidNoor
 
Pooja 9892124323, Call girls Services and Mumbai Escort Service Near Hotel Th...
Pooja 9892124323, Call girls Services and Mumbai Escort Service Near Hotel Th...Pooja 9892124323, Call girls Services and Mumbai Escort Service Near Hotel Th...
Pooja 9892124323, Call girls Services and Mumbai Escort Service Near Hotel Th...Pooja Nehwal
 
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)amitlee9823
 

Último (20)

Top Rated Pune Call Girls Ravet ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Ravet ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...Top Rated Pune Call Girls Ravet ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
Top Rated Pune Call Girls Ravet ⟟ 6297143586 ⟟ Call Me For Genuine Sex Servi...
 
Book Paid Lohegaon Call Girls Pune 8250192130Low Budget Full Independent High...
Book Paid Lohegaon Call Girls Pune 8250192130Low Budget Full Independent High...Book Paid Lohegaon Call Girls Pune 8250192130Low Budget Full Independent High...
Book Paid Lohegaon Call Girls Pune 8250192130Low Budget Full Independent High...
 
Call Girls Chikhali Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chikhali Call Me 7737669865 Budget Friendly No Advance BookingCall Girls Chikhali Call Me 7737669865 Budget Friendly No Advance Booking
Call Girls Chikhali Call Me 7737669865 Budget Friendly No Advance Booking
 
(ISHITA) Call Girls Service Aurangabad Call Now 8617697112 Aurangabad Escorts...
(ISHITA) Call Girls Service Aurangabad Call Now 8617697112 Aurangabad Escorts...(ISHITA) Call Girls Service Aurangabad Call Now 8617697112 Aurangabad Escorts...
(ISHITA) Call Girls Service Aurangabad Call Now 8617697112 Aurangabad Escorts...
 
怎样办理圣芭芭拉分校毕业证(UCSB毕业证书)成绩单留信认证
怎样办理圣芭芭拉分校毕业证(UCSB毕业证书)成绩单留信认证怎样办理圣芭芭拉分校毕业证(UCSB毕业证书)成绩单留信认证
怎样办理圣芭芭拉分校毕业证(UCSB毕业证书)成绩单留信认证
 
Top Rated Pune Call Girls Katraj ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Katraj ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...Top Rated Pune Call Girls Katraj ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
Top Rated Pune Call Girls Katraj ⟟ 6297143586 ⟟ Call Me For Genuine Sex Serv...
 
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)
(=Towel) Dubai Call Girls O525547819 Call Girls In Dubai (Fav0r)
 
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Arekere ☎ 7737669865☎ Book Your One night Stand (Bangalore)
 
CHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Mayapuri (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Introduction-to-4x4-SRAM-Memory-Block.pptx
Introduction-to-4x4-SRAM-Memory-Block.pptxIntroduction-to-4x4-SRAM-Memory-Block.pptx
Introduction-to-4x4-SRAM-Memory-Block.pptx
 
Develop Keyboard Skill.pptx er power point
Develop Keyboard Skill.pptx er power pointDevelop Keyboard Skill.pptx er power point
Develop Keyboard Skill.pptx er power point
 
Call Girls In RT Nagar ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In RT Nagar ☎ 7737669865 🥵 Book Your One night StandCall Girls In RT Nagar ☎ 7737669865 🥵 Book Your One night Stand
Call Girls In RT Nagar ☎ 7737669865 🥵 Book Your One night Stand
 
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...
Call Girls Banashankari Just Call 👗 7737669865 👗 Top Class Call Girl Service ...
 
Book Sex Workers Available Pune Call Girls Yerwada 6297143586 Call Hot India...
Book Sex Workers Available Pune Call Girls Yerwada 6297143586 Call Hot India...Book Sex Workers Available Pune Call Girls Yerwada 6297143586 Call Hot India...
Book Sex Workers Available Pune Call Girls Yerwada 6297143586 Call Hot India...
 
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...
VVIP Pune Call Girls Warje (7001035870) Pune Escorts Nearby with Complete Sat...
 
Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Kalyan Call On 9920725232 With Body to body massage wit...
 
(👉Ridhima)👉VIP Model Call Girls Mulund ( Mumbai) Call ON 9967824496 Starting ...
(👉Ridhima)👉VIP Model Call Girls Mulund ( Mumbai) Call ON 9967824496 Starting ...(👉Ridhima)👉VIP Model Call Girls Mulund ( Mumbai) Call ON 9967824496 Starting ...
(👉Ridhima)👉VIP Model Call Girls Mulund ( Mumbai) Call ON 9967824496 Starting ...
 
HLH PPT.ppt very important topic to discuss
HLH PPT.ppt very important topic to discussHLH PPT.ppt very important topic to discuss
HLH PPT.ppt very important topic to discuss
 
Pooja 9892124323, Call girls Services and Mumbai Escort Service Near Hotel Th...
Pooja 9892124323, Call girls Services and Mumbai Escort Service Near Hotel Th...Pooja 9892124323, Call girls Services and Mumbai Escort Service Near Hotel Th...
Pooja 9892124323, Call girls Services and Mumbai Escort Service Near Hotel Th...
 
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)
Escorts Service Sanjay Nagar ☎ 7737669865☎ Book Your One night Stand (Bangalore)
 

Cisco Security portfolio update

  • 1. Cisco Switching and Security portfolio update Atanas Gergiminov System Engineer PolyComp 2019
  • 2. Agenda What’s new in the firewall? • Firepower portfolio • Device Management • Subscriptions New SMB switches Demo
  • 3. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Cisco’s Comprehensive Security Portfolio Integrated security portfolioWorld-class security controls Consistent policies and visibility Duo Multi-Factor Authentication Identity Services Engine (ISE) AMP for Endpoints Firepower Management Center (FMC) Firepower Device Manager (FDM) Cisco Threat Response (CTR) Application Centric Infrastructure Cisco Defense Orchestrator (CDO) Rapid Threat Containment TrustSec Firepower Threat Defense (FTD) Multi-Instance ASA Clustering Firepower Platforms Talos Stealthwatch
  • 4. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Firewall Validated Use Cases Branch RA VPN Cloud/Virtual Data Center NGIPS Internet Edge Where Cisco can help
  • 5. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Firepower Portfolio ASA 5508/16 NEW FPR 4115/25/45 NEW FPR 1010 NEW FPR 1120/40 FPR 2110/20/30/40 FPR 9300 Series SM-40 SM-48 SM-56 NEW ASA 5525/45/55 FPR 4110/20/40/50 SM-24 SM-36 SM-44 650 Mbps AVC 650 Mbps AVC+IPS 1.5-2.2 Gbps AVC 1.5-2.2 Gbps AVC+IPS 2-8.5 Gbps AVC 2-8.5 Gbps AVC+IPS Stand-alone device: 12-53 Gbps AVC 10-47 Gbps AVC+IPS 6 Six node cluster: Up to 254 Gbps AVC Up to 226 Gbps AVC+IPS One Module: 30-70 Gbps AVC 24-64 Gbps AVC+IPS Six node (2 chassis) cluster: Up to 336 Gbps AVC Up to 307 Gbps AVC+IPS SOHO/ SMB Branch Office Mid-Size Enterprise Large Enterprise Data Center Service Provider
  • 6. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential 4 Core • 1.2 Gbps AVC • 1.1 Gbps AVC+IPS 8 Core • 2.4 Gbps AVC • 2.2 Gbps AVC+IPS 12 Core • 3.6 Gbps AVC • 3.3 Gbps AVC+IPS Firepower NGFW: FTD Virtual Platforms Private Cloud • 1.2 Gbps AVC • 1.1 Gbps AVC+IPSc AWS Instance types • c3.xlarge • c4.xlarge • c5.xlarge Azure Instance types • Standard D3 • D3v2 Public Cloud
  • 7. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential NGFW Hardware 2019 Update As the threat landscape evolves, our NGFW portfolio does too. Gain more features and better performance at the same or lower price point. Better performance • Up to 3.5x boost in NGFW throughput • Up to 5x boost in VPN throughput More connections • Up to 2x more connections per second (CPS) Improved encrypted traffic throughput • Up to 3x boost in encrypted traffic performance
  • 8. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential NEW: Firepower 1000 Series Small business and branch office security with superior price / performance NEW *POE and L2 support expected 2H CY2019 NEW Firepower 1010 • High–performance desktop NGFW • PoE, 8 10/100/1000 Base-T RJ45 switching ports* • Stateful firewall, AVC, NGIPS, AMP, URL filtering 650Mbps NGFW throughput Firepower 1120/40 • High–performance Rackmount NGFW • 8 10/100/1000Base-T RJ45 switching ports, 4 1000Base-F SFP switching ports • Stateful firewall, AVC, NGIPS, AMP, URL filtering 1120-1.5Gbps NGFW Throughput 1140-2.2Gbps NGFW Throughput
  • 9. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Firepower NGFW: ISA3000 Provides FTD to Manufacturing Maximum Firewall Throughput 2 Gbps Ideal for industrial environments • Hardened design • DC power supply • DIN rail Two models of ISA 3000 • 2 x Copper + 2 x Fiber data interfaces • 4 x Copper data interfaces Industrial features include • Alarm port: 2 x alarm input, 1 x alarm output • SD card auto backup/restore • Hardware bypass for transparent mode firewall
  • 10. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Firewall Policy Powered by Talos & OpenApp ID Security Intelligence: Block latest malicious IPs, URLs and FQDNs AVC with OpenAppID: Identify and control over 4,000+ pre-defined apps AVC with OpenAppID: Easily create custom application detectors URL Categories: Classify 280M+ URLs using 80+ categories Category-based Policy Creation Admin Allow Block DNS Sinkhole 01001010100 00100101101 Security feeds URL | IP | DNS Control traffic based on IP, URL, FQDN, or application NGFW Allow BlockWarn
  • 11. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Integrated TLS Decryption Decrypt traffic in hardware or software Inspect deciphered packets Track and log all TLS sessions Finds encrypted threat while reducing performance impact • TLS hardware acceleration delivers high-performance inspection of encrypted traffic • Centralized enforcement of TLS certificate policies • Examples: Blocking self-signed encrypted traffic, specified TLS version, cypher suites Encrypted Traffic Log TLS decryption engine NGIPS Enforcement decisions AVC elicit gambling https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$*#$@#$.com https://www.%$&^*#$@#$.com https://www.%$&^*#$@#$.com
  • 12. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Site-to-Site VPN Easily and securely interconnect remote sites • IKEv1/IKEv2 policy-based VPN • Easy topology-based management of VPN on multiple peers • Point-to-point • Hub and Spoke • Full Mesh • Flexible authentication options – pre-shared key (automatic) and certificates Point-to-Point Hub and Spoke Full Mesh FTD FTD FTD FTD Router Third Party Device or or Hub
  • 13. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Remote Access VPN with DUO Provide ubiquitous secure access from remote and roaming users • Posture assessment • Uses TLS, DTLS or IKEv2 • Easy wizard-based configuration • Integration with LDAP and RADIUS • Identity based security policies • Enhanced security with 2 FA/MFA provided by Duo Extend access remotely Protect important data Maintain application performance Support multiple sites AnyConnect RA VPN Client
  • 14. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
  • 15. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
  • 16. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Smart Licenses Smart Licensing is Different Limited View Customers do not know what they own. PAK Registration Manually register each device. Device-Specific Licenses are specific to only one device. Complete View Software, services, and devices in easy-to-use portal. Easy Registration No PAKs. Easy activation. Ready to use. Company-Specific Flexible licensing. Use across devices. Classic Licenses Automated Provisioning | Efficient Consumption | License Portability
  • 17. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Partner Holding Account Smart Account Types Customer Smart Account • Where licenses are deposited and managed • Can be managed by customer directly, designated VAR or authorized party through CSSM or LRP Virtual Accounts (Organize by business unit, product type, geo, etc.) • Partner or reseller store smart enabled products temporarily, before depositing them into an end customer Smart Account. • Note: It is recommended that partners deposit licenses directly into the Customer Smart Account because licenses can only be consumed in the Customer Smart Account
  • 18. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Smart Licensing Deployment Options
  • 19. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Management Designed for the User For easy on-box management of single FTD or pair of FTDs running in HA For centralized cloud-based policy management of multiple deployments *For FTD release 6.4 or higher Helps administrators enforce consistent access policies, rapidly troubleshoot security events, and view summarized reports across the deployment Cisco Firepower Device Manager (FDM) Cisco Defense Orchestrator (CDO) Cisco Firepower Management Center (FMC) On premise Centralized Manager SecOps Focused On-box manager NetOps Focused Cloud Based Centralized Manager NetOps Focused Coexist Flexibility of cloud or on-premises options Common APIsSecurity Integrations
  • 20. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Wizard-Based Guided Workflows Optimized for Commercial Co-exists with Cloud Management Firepower Device Manager
  • 21. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Network Users HQ Data Center Admin Branch What is Cisco Defense Orchestrator (CDO)? Roaming Users Cloud applicationsSD-WAN Policy - CDO Visibility & Evening - SAL Incident response - CTR FTD AMP ASA FTD Consistently manage policies across your Cisco security products. CDO is a cloud-based application that cuts through complexity to save time and keep your organization protected against the latest threats.
  • 22. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential CDO Supported Platforms Hardware Minimum Software ASA 5500-X ASA 8.4 FTD 6.4 Firepower 1000 ASA 9.13 FTD 6.4 Firepower 2100 ASA 8.4 FTD 6.4 Firepower 4100 ASA 8.4 Coming soon Firepower 9300 ASA 8.4 Coming soon Virtual – Private Cloud KVM, VMWare ASA 8.4 FTD 6.4 Virtual – Public Cloud AWS, Azure ASA 8.4 Coming soon Meraki MX Latest software update
  • 23. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Firewall Throughput 250 Mbps 250 Mbps 450 Mbps 450 Mbps 450 Mbps 450 Mbps VPN Throughput 100 Mbps 100 Mbps 200 Mbps 200 Mbps 200 Mbps 200 Mbps Gigabit WAN Ports 2 (1 shared) 2 2 (1 shared) 2 2 (1 shared) 2 Gigabit LAN Ports 4 10 4 10 4 10 PoE+ Ports - 2 - 2 - 2 Wi-Fi (on W models) 802.11ac 802.11ac 802.11ac Wave 2 802.11ac Wave 2 - 802.11ac Wave 2 Embedded Cellular - - - - CAT 6 LTE CAT 6 LTE MX64/64W MX67CMX67/67W MX68/68W MX68CWMX65/65W MX Security & SD-WAN Small Branch Portfolio Improved performance and embedded LTE Advanced
  • 24. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
  • 25. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
  • 26. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
  • 27. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
  • 28. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
  • 29. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential
  • 30. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Ready to get started? Upgrade your NGFW today! Sign up for a free trial: FMC Trial CDO Trial
  • 31. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential • Fire Jumper Program https://communities.cisco.com/docs/DOC-55046 • NGFW & NGIPS Competency Area https://communities.cisco.com/docs/DOC-57815 • Web & Email Security Competency Area https://communities.cisco.com/docs/DOC-57817 • Policy & Access Competency Area https://communities.cisco.com/docs/DOC-57780 • Advanced Threat Competency Area https://communities.cisco.com/docs/DOC-57818 • Proof of Value (PoV) & Best Practice Docs https://communities.cisco.com/docs/DOC-65405 • dCloud https://dcloud.cisco.com • Digital Network Architecture (DNA) https://dcloud2-rtp.cisco.com/dCloud/dna.jsp Resources  Security Community https://www.cisco.com/go/securitychannels  Voice of the Engineer https://communities.cisco.com/docs/DOC-30718  Tech Talks https://communities.cisco.com/docs/DOC-30977  Competitive Battle cards https://communities.cisco.com/docs/DOC-56271  Partner Help http://www.cisco.com/go/ph  Umbrella Partner Portal https://communities.cisco.com/docs/DOC-64565  NGFW Sizing guide https://communities.cisco.com/docs/DOC-70837
  • 32. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Partner Incentives and Promotions • ASA Refresh: www.cisco.com/go/asamigration • IPS Refresh: www.cisco.com/go/ipsmigration • AnyConnect Refresh: www.cisco.com/go/anyconnectmigration • ACS to ISE Refresh: www.cisco.com/acs-ise-migration • Security Ignite: http://www.cisco.com/web/partners/incentives_and_promotions/security-ignite.html • Security Bundles: http://www.cisco.com/c/en/us/partners/sell-integrate-consult/incentives-promotions/security-solution-bundle.html Additional Resources
  • 33. © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Partner Confidential Key Help Resources Customer Facing Websites • Smart Account Home CCO Page: www.cisco.com/go/smartaccounts • Smart Licensing CCO Page: www.cisco.com/go/smartlicensing • Smart Licensing ‘Satellite’ CCO Page: www.cisco.com/go/smartsatellite • Best Practices & Usage Guides: http://forums.cisco.com/ecom/web/operations-exchange/sot • Sample Config Guide: http://www.cisco.com/c/dam/en/us/products/collateral/cloud-systems-management/smart- software-manager-satellite/smart-software-prod-config-guide.pdf • Cisco Security Licensing and Software Access: https://communities.cisco.com/docs/DOC-55301 • Security Voice of the Engineer (VoE): https://communities.cisco.com/docs/DOC-30718 Getting Help • GLO Support: Fully supported by GLO 24x7. • licensing@cisco.com • General Questions: ask-smartlicensing@cisco.com • Portal Issues: smart-ops-support@cisco.com • Migration Issues: smart-ops-support@cisco.com • Satellite Issues: cs-cssm-satellite@cisco.com Training • Live Training: Register for you or your customer at: • https://communities.cisco.com/docs/DOC-59481#anch2 • Youtube Training Videos: https://www.youtube.com/channel/UCABaWsiDScw_w6kvPcDIjHw • Cisco.com Training Videos & Demos: • http://www.cisco.com/web/ordering/smart-software- manager/index.html

Notas del editor

  1. Speaker Notes Format Why is this slide covered? – a high level overview to show Cisco has a wide breadth of platforms – we are not just a End Point, or Firewall, or IPS, or Email, Web, DNS, Analytics …….. We have proven evidence we are leaders in all of these What are the 2 or 3 specific points we must get across on this slide? – It takes contextual knowledge of the entire eco system to provide those last few percentage points of confidence in stopping threats. Blended Advanced Persistent Threats that are very stealthy and try to get past point in time solutions can be uncovered quicker when we have visibility across all of these. Customers don’t need to purchase all of Cisco’s solutions to get all of these benefits because Talos correlates and consolidates data globally from customers to leverage specific data locally to all customers. Is this a competitive positive for Cisco?
  2. 13 x4 ==52
  3. Talos is the threat intelligence group at Cisco. We are here to fight the good fight — we work to keep our customers, and users at large, safe from malicious actors. Defense in depth even within a firewall is a key design goal for any security policy. FTD has a variety controls to ensure the tightest security layer as well as enforce acceptable use policies.   The flexibility in place includes inspection and controls across the L4-7 packet information. FTD can be configured to pull in feeds from Talos in the form of Security intelligence. This feed allows the NGFW to intelligently block or allow flows based on IP, URLs and FQDN.   Application control is also a critical requirement. What apps are end users allowed to use and from which zone in your network? Are they allowed to interact with all the micro apps on a website? Can they even use the app in the first place? We have over 4000 pre-defined apps at your control. But we know apps are always changing and you may have your own app you want to control, so AVC and OpenAppID can be easily customized to meet your specific application control needs   Yet another layer of security control fall under the URL categories. Based on Cisco’s Talos intelligence, administrators can define the processing of DNS layer requests. Do you want to block certain categories? Or just report the end user visiting those sites? Do you want to block on the reputation of a specific site based on the possibility of a site being compromised?   Combining all of these controls within the very easy to understand and control policy definition process provides a superior defense in depth layer of security.
  4. Speaker Notes Format Why is this slide covered? This is a critical value that addresses a significant pain point for our customers. Encrypted traffic causes a blind spot to our customers. This blind spot can be for good reasons because the stream should not be investigated, maybe it’s an employees banking information or HR data. BUT – what about the malicious traffic now also hiding in the encrypted flows. We must provide the ability to intelligently chose what to decrypt and analyze and more importantly not severely impact the performance of the solution. What are the 2 or 3 specific points we must get across on this slide? We provide industry leading performance and control capabilities around how we handle encrypted traffic. We can do this in software and in purpose built hardware. We also provide very detailed logging information around these sessions. Is this a competitive positive for Cisco? Encryption can be used for good, we secure our banking information, we like to see that lock on the website when we do our online shopping. But it is also used for the questionable and in many cases used by the criminal actors. With today’s networks becoming more and more blind to the ever increasing percentage of encrypted traffic, we can no longer take it for granted. Your firewall must be able to understand what is going on. This is usually done by decrypting the flow as a man in the middle. We then scan and understand what is going on with our access policy rules. The firewall, for the allowed/good traffic then needs to re-encrypt the traffic on and send it on its way. This, when done in SW only, imposes a significant inspection tax. Your firewall slows down. You end up tuning or turning off engines in your firewall in order to maintain performance. Many times you are forced to buy a much larger firewall to just support this inspection. Not with Cisco’s NGFW architecture. Imbedded in our hardware we have architected TLS decrypt and encrypt with HW assistance. This greatly reduces the performance impact of understanding what is flowing over those encrypted conversations. With over 80% of your traffic being encrypted, you also require a method to enforce what type of encryption is used for the traffic you want to allow. FTD can enforce the version of TLS encryption as well as the cipher strength. We can allow or block if the cert is self signed or not, what cypher suites are allowed or not allowed. The combination of these controls allows our customers to enforce the policies around what types of encryption is used as well as what flows over or is allowed to pass. We provide detailed an extensive tracking and logging the TLS sessions themselves.
  5. Speaker Notes Format Why is this slide covered? While this may not be a significant differentiation for a NGFW, it is required for many deployments. We support the majority of the VPN architectures. What are the 2 or 3 specific points we must get across on this slide? Is this a competitive positive for Cisco? Speaker’s Notes: Your firewall in many cases is also the termination point for your VPN connections as well. These connections can be site to site or end user vpn tunnels. FTD has inherited much of the VPN technology from our long history with ASA. We have added in enhanced configuration and reporting tools to make deployment easier. These VPN architectures can be defined as point to point, hub and spoke or full mesh. We provide an easy to understand graphical representation of these deployments to reduce the potential of errors and decrease the amount of time to setup, enforce and trouble-shoot VPN configurations.
  6. Firepower Performance Estimator https://ngfwpe.cisco.com/dashboard?code=r9CcrIc4_LfbNA5yj8mJMiISP0fWAz1WPRwAAADO
  7. Speaker Notes Format Why is this slide covered? To review with the customer that we have many ways to manage our environment. See if the customer has a requirement or desire for on prem or cloud based management. Explain that we have flexible choice and over time, the power to choose which consumption model required will improve (CDO on 4100 and 9300 coming in 6.5, etc) What are the 2 or 3 specific points we must get across on this slide? Cisco provides in depth management solutions across the consumption models. These models can be chosen by either where they want to manage their devices OR what group is managing the devices (Security or Network) Is this a competitive positive for Cisco? Choosing the correct manager for your next generation firewall is an important step in designing your deployment. it really comes down to your core cases and requirements when you are choosing the right manager for your deployment. Cisco provides several options to its customers, ranging from on-box, to on-prem, to cloud based management. We will dive deeper into each of these in the following slides. The on-box manager which for the Firepower Threat Defense (FTD) is the graphical, intuitive, firepower device manager is a free with the FTD device but limits you to managing devices individually. Firepower Device Manager (FDM) enables easy on box reporting, policy and configuration management of common tasks. Centralized management is available in two consumption models; on premise and cloud. Lets take a look at on-prem first. The Firepower Management Center (FMC) which provides comprehensive security administration and automation of multiple devices. Customers can leverage FMC to centrally manage both stateful services, configurations and policies and the Firepower firewall features in a single image. In the cloud, we have the Cisco Defense Orchestrator (CDO) which enable centralized cloud-based policy orchestrations and reporting for multiple sites and multiple security products (ASA, FTD, Meraki with more being added over time) from a single cloud based interface.
  8. As we step into achieving a larger GOAL You can already get a glimpse of it with FDM; our local FTD manager which is supported on low and mid range platforms today, with modern ux and workflows which are optimized for the commercial usecase And one of the key benefits is that it is made to co-exist with our Cloud Manager CDO
  9. The network operations teams need a solution that can: Manage Policy Changes Across Many Devices Consistently and Easily: Critical to maintaining your security posture, but is time consuming and prone to human error when doing this across MANY devices. Simple, Efficient and Effective policy management is critical. Your Business Is Not Static: As your business evolves you need a solution that will scale to meet the needs of your business! Adding devices needs to be easier and consistent. Ongoing management holistically across devices is critical! Running the most optimal, secure environment is required! We Must Be Ahead of the Threats: Updating a platforms firmware or policy cannot take days when our company is at risk. It MUST happen quickly! And lastly, Do More With Less: On top of the increased workload, you are often expected to meet growing demands with a team that just isn’t getting any bigger. Overall, this means you need an integrated security solution that is not only effective, but also simpler and consistent to manage. You need a systematic to improve your security posture and provide robust security policy management across all of your locations. In addition CDO will soon add, AWS, Umbrella SIG, Meraki MX, and Cisco Secure SD-WAN to its capability set. Write and set policy once, eliminating the chance of human error, and bringing consistency to your security posture across the entire hybrid network Speaker - FYI Where are CDO Data Centers? AWS – US West (Oregon) AWS – US East  (Virginia) AWS – EU Central (Frankfurt) Can I sell CDO if out of region?   YES!   CDO transactions are low overhead and we have clients all over the world with services out of the US or EMEAR. ASA (available) - Shared objects, Shared policies, Device management, CLI automation FTD (June 2019) - Layer 3, 4 and 7, IPS and malware, Objects, policies, Device management Meraki (June 2019) - Layer 3 rules, NAT Shared objects with ASA and FTD AWS (August 2019) - Security groups orchestration, VPN topology SD-WAN (Dec 2019) - Policy management, VPN management
  10. CDO is an open platform leveraging APIs, making it easy for us to extend CDO to additional platforms Note: Meraki support available August 2019 FTD 6.5 is expected in Fall 2019 Cisco.com/go/cdo Find details about pricing and demos on Salesconnect Free CDO with new hardware sales as part of our “Ignite the Firewall” partner program
  11. Slide 21-23: Should clean up, but I can take the lead on this one. I’ll probably incorporate into one or two slides.
  12. Slide 21-23: Should clean up, but I can take the lead on this one. I’ll probably incorporate into one or two slides.
  13. Slide 21-23: Should clean up, but I can take the lead on this one. I’ll probably incorporate into one or two slides.