Cisco Cyber Security Strategy Juergen Borsing [email protected] Product Sales Specialist Security Changes WoW BIGGEST CONCERN!!! In den Schlagzeilen © 2015 Cisco und/oder Partnerunternehmen. Alle Rechte vorbehalten. Vertrauliche Informationen von Cisco 3 Potsdamer Konferenz für Nationale CyberSicherheit Dr. Hans-Georg Maaßen Präsident des Bundesamtes für Verfassungsschutz, …die alte Weltordnung, so wie wir sie kannten, ist in Auflösung begriffen", ohne dass die neue bereits zu erkennen sei …die Cyberwelt als "Achillesferse westlicher Nationen”… "Wir hängen ab vom Netz, wir hängen am Netz". © 2015 Cisco und/oder Partnerunternehmen. Alle Rechte vorbehalten. Vertrauliche Informationen von Cisco 4 Potsdamer Konferenz für Nationale CyberSicherheit Arne Schönbohm Präsident des Bundesamtes für Sicherheit in der Informationstechnik …seien etwa ein Drittel aller Unternehmen von Ransomware betroffen …Schönbohm unterstreicht, dass Cybersicherheit keine Aufgabe ist, dass man auf Knopfdruck abschließen kann © 2015 Cisco und/oder Partnerunternehmen. Alle Rechte vorbehalten. Vertrauliche Informationen von Cisco 5 Potsdamer Konferenz für Nationale CyberSicherheit Peter Henzler Vize-Präsident des Bundeskriminalamts (BKA) … den neuen Trend "Crime as a Service" ein: Im sichtbaren Netz wie auch im Darknet könne man Schadsoftware kaufen oder sich neu schreiben lassen, Botnetze wahlweise erwerben oder auch mieten …etwa 50 Darknet-Marktplätze weltweit seien dem BKA bekannt: "Die funktionieren genauso wie die EbayPlattform” © 2015 Cisco und/oder Partnerunternehmen. Alle Rechte vorbehalten. Vertrauliche Informationen von Cisco 6 Industrialization of Hacking There is a multi-billion dollar global industry targeting your prized assets $ Malware Development $2500 $450 Billion (commercial malware) to $1 Trillion Social Security $1 Credit Card Data $0.25-$60 Bank Account Info >$1000 depending on account type and balance Exploits $1000$300K Facebook Accounts $1 for an account with 15 friends Mobile Malware $150 DDoS DDoS as A Service ~$7/hour Medical Records >$50 Spam $50/500K emails © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7 Aktuelle Security Industrie…. Too Many Disparate Security Point-Products Mean Gaps in Protection Overall performance Fragmented offerings across multiple vendors Time to detection Cost â Less communication between disparate point-products More lag in finding threats Higher total cost to build and run â Better communication between components Faster time to detection Lower opex and easier to manage vs Integrated advanced security solution The threat-centric security model BEFORE DURING Discover Enforce Harden Network AFTER Detect Block Defend Endpoint Threat Intelligence Mobile Point in Time Scope Contain Remediate Virtual Continuous Cloud Umfassendstes Portfolio in der Industrie Integrated for Best Threat Protection Threat Intelligence Advanced Threat NGFW/NGIPS Network Integrated Cloud UTM Policy and Access WWW Email Web Visibility Best of Breed | Architectural Approach Schneller werden bei intelligenten Angriffen! Much Faster Than Most Organizations Discover Breaches Industry 100 DAYS Cisco VS. Less than -13 Hours Source: Cisco Annual Security Report, 2016 PROTECTING YOUR NETWORK Threat Landscape TA L O S I N T E L B R E A K D O W N Daily Malware Samples 18.5 BILLION AMP requests Telemetry Full Time Threat Intel Researchers INTEL SHARING THREAT INTEL 1.5 MILLION 250+ 600 BILLION Daily Email Messages MILLIONS Aspis Of Telemetry Agents Crete 16 BILLION Daily Web Requests 4 Global Honeypot network Internet-Wide Scanning ISACs AEGIS Global Data Centers Over 100 Vulnerability Discovery (Internal) Open Source Communities 3rd Party Programs (MAPP) Threat Intelligence Partners 1100 Threat Traps TA L O S P R O D U C T S & I N T E L L I G E N C E Talos develops the threat intelligence detection that goes into all Cisco Security products and services. Email Open Source End Point Cloud Web Network Services Intelligence PRODUCTS ESA SpamCop SenderBase Snort Rules ClamAV Sigs AMP ClamAV CWS OpenDNS WSA FirePower ClamAV ATA IR ThreatGrid Cloud & End Point IOCs Malware Protection URL, Domain, IP Reputation Vulnerability Protection Custom Protection Cloud & End Point IOCs Malware Protection URL, Domain, IP Reputation Network Protection DETECTION SERVICES Email Reputation Malware Protection URL, Domain, IP Reputation Phishing Protection Vulnerability Protection Malware Protection Policy & Control Cloud & End Point IOCs Malware Protection IP Reputation URL, Domain, IP Reputation Malware Protection AVC URL, Domain, IP Reputation Malware Protection AVC Policy & Control Malware Protection URL, Domain, IP Reputation Vulnerability Protection Advanced Malware Protection AMP Everywhere: See Once, Protect Everywhere Visibility Threat Intelligence AMP Intelligence Sharing WWW Endpoint Networks Web Email The AMP Everywhere Architecture AMP Protection Across the Extended Network for an Integrated Threat Defense AMP on Firepower NGIPS Appliance (AMP for Networks) AMP on Cisco® ASA Firewall with Firepower Services Remote Endpoints AMP Threat Intelligence Cloud Threat Grid Malware Analysis + Threat Intelligence Engine AMP for Endpoints AMP Private Cloud Virtual Appliance AMP on Web and Email Security Appliances AMP for Endpoints CWS/CTA AMP on Cloud Web Security and Hosted Email AMP on ISR with Firepower Services Windows OS Android Mobile Virtual MAC OS AMP for Endpoints can be launched from AnyConnect CentOS, Red Hat Linux for servers and datacenters pxGrid – Industry Adoption Critical Mass 30 Partner Product Integrations and 12 Technology Areas in First Year of Release IAM & SSO SIEM & Threat Defense ? Vulnerability Assessment Packet Capture & Forensics Net/App Performance CiscopxGrid IoT Security Firewall & Access Control Rapid Threat Containment (RTC) SECURITYTHRU INTEGRATION Cloud Access Security DDI Cisco ISE Cisco WSA Cisco FirePOWER pxGrid-Enabled ISE Partners: • RTC: Cisco FirePower, Bayshore, E8, Elastica, Hawk, Huntsman, Infoblox, Invincea, Lancope, LogRhythm, NetIQ, Rapid7, SAINT, Splunk, Tenable • Firewall: Check Point, Infoblox, Bayshore • DDI: Infoblox • Cloud: Elastica, SkyHigh Networks • Net/App: LiveAction, Savvius • SIEM/TD: Splunk, Lancope, NetIQ, LogRhythm, FortScale, Rapid7 • IAM: Ping, NetIQ, SecureAuth • Vulnerability: Rapid7, Tenable, SAINT • IoT Security: Bayshore Networks • P-Cap/Forensics: Emulex • Cisco: WSA, FirePower, ISE Other ISE Partners: • SIEM/TD: ArcSight, IBM QRadar, Tibco LogLogic, Symantec • MDM/EMM: Cisco Meraki, MobileIron, AirWatch, JAMF, SOTI, Symantec, Citrix, IBM, Good, SAP, Tangoe, Globo, Absolute Why Cisco Market Leader Investment Protection Strongest Portfolio & connected Architecture AMP Everywhere TALOS Team Open Interface pxGrid Cloud Security
© Copyright 2025 ExpyDoc
