SlideShare a Scribd company logo

The Network as a Sensor, Cisco and Lancope

Cisco Enterprise Networks
Cisco Enterprise Networks

Your network holds the key to defending your organization. The Cisco switches, routers, and wireless solutions you deploy can complement and empower your security systems. Cisco provides a broad portfolio of capabilities to improve your defenses across the entire attack continuum. This presentation outlines how you can use your network as a sensor to protect your data, your customers, and your reputation. Register to Watch Webcast: http://cs.co/9003CRsH Join the Conversation: http://cs.co/9008CRt6

Technology
1 of 35
Download to read offline
The Network as a Sensor Brian Korn, Sr. Marketing Manager, Cisco Chris Smithee, Director of Strategic Alliances, Lancope Securing the Enterprise Network Complementing Advanced Malware Protection and Traditional Security
Cisco Confidential 2© 2013-2014 Cisco and/or its affiliates. All rights reserved. Agenda • Security Market Trends You are Already Infected, Erosion of Trust Attack Surface and Sophistication Increasing Discovery of Breaches and Mitigation May Take Months • The Threat Centric Security Model Before, During, After An Attack • The Role of the Network for Security Network Complements Advanced Malware Protection and Perimeter Security Network as a Sensor - You Can’t Protect What You Can’t See Network as an Enforcer Network as a Mitigation Accelerator
Cisco Confidential 3© 2013-2014 Cisco and/or its affiliates. All rights reserved. Global Enterprise Networks are Under Attack Did You Know That You Are Already Infected? Malicious Traffic is Visible on 100% of Corporate Networks* Cisco 2014 Annual Security Report *Companies connect to domains that host malicious files or services
Cisco Confidential 4© 2013-2014 Cisco and/or its affiliates. All rights reserved. Enterprise Attack Surface is Increasing Sophisticated Threats Difficult to Detect Slow and Complex Mitigation *PonemonInstituteStudy
Enterprise Attack Surface Is Increasing Driven by Increase in Mobility, Cloud Services, and IoT Growth in M2M IP Traffic 2013–18**50BIoT Connected “Smart Objects” by 2020* 36X * Cisco IBSG, ** Cisco VNI: Global Mobile Data Traffic Forecast 2013-2018 3.3 55% 77BMobile Devices Per Knowledge Worker* IP Traffic Mobile by 2017** App Downloads in 2014*** * Cisco IBSG, ** Cisco 2013 VNI, *** IDC 545 3X 44%Cloud Cloud Apps Per Organization* Cloud Traffic Growth by 2017** Annual Cloud Workload Growth*** * Skyhigh Networks Industry Report, ** Cisco Global Cloud Index, *** Cisco VNI Global Mobile Data Traffic Forecast,
The Industrialization of Hacking: Cyber Crime as a Business Threats Grow More Sophisticated Every Day Criminals Know More About Your Network Than You Do Initial Malware May Remain Dormant For Months to Learn Vulnerabilities and Network Custom Malware Developed to Attack After Learning Your Vulnerabilities Viruses 1990–2000 Worms 2000–2005 Spyware and Rootkits 2005–Today APTs Cyberware Today + Sophisticated Attacks, Attack As Service Phishing, Low Sophistication 20001990 1995 2005 2010 2015 2020 Hacking Becomes an Industry
Welcome to the Hackers’ Economy Source: CNBC Global Cybercrime Market: $450B-$1T How Industrial Hackers Monetize the Opportunity Social Security $1 Medical Record >$50 DDoS as a Service ~$7/hour DDoS Credit Card Data $0.25−$60 Bank Account Info >$1000 depending on account type and balance $ Exploits $100k-$300K Facebook Account $1 for an account with 15 friends Spam $50/500K emails Malware Development $2500 (commercial malware) Mobile Malware $150
Threat Mitigation and Remediation Takes Even Longer Discovery of Breaches Takes a Long Time Attackers are Fast, Defenders are Slow Malicious Breaches take 80 Days to Discover 123 Days to Resolve on Average Ponemon Institute Study 100% of companies connect to domains that host malicious files or services 60% of data is stolen in hours 54% of breaches remain undiscovered for months
“Treat Every User as Hostile.” Stolen Identity, Malicious Intent CIO of a Global Investment Banking, Securities, Investment Management Firm An Erosion of Trust Nothing Should be Trusted – Apps, Certificates, Cloud, Devices, Users… “Treat Enterprise as Untrusted.” Senior Executive of a Global Internet Search Firm
“Network Security is Critical” Network has the Visibility of Devices, Users, Location, and Applications
Cisco Confidential 11© 2013-2014 Cisco and/or its affiliates. All rights reserved. Art of Network Security Strategic Advice Unite the Forces Advanced Malware Protection Threat Centric Security Network as a Sensor, Enforcer, and Mitigation Accelerator
Cisco Confidential 12© 2013-2014 Cisco and/or its affiliates. All rights reserved. ATTACK CONTINUUM The Threat Centric Security Model BEFORE Discover Enforce Harden AFTER Scope Contain Remediate Detect Block Defend DURING Visibility & Defense Across the Entire Attack Continuum Network as a Sensor Network as an Enforcer
Cisco Confidential 13© 2013-2014 Cisco and/or its affiliates. All rights reserved. You Can’t Protect What You Can’t See The Network Gives Deep and Broad Visibility 0101 0100 1011 0101 0100 1011 0101 0100 1011 0101 0100 1011
Cisco Confidential 14© 2013-2014 Cisco and/or its affiliates. All rights reserved. What Can the Network Do for You? Network as Sensor Detect Anomalous Traffic Flows, Malware e.g. Communication with Malicious Hosts, Internal Malware Propagation, Data Exfiltration Detect App Usage, User Access Policy Violations e.g. Contractor Accessing Financial Data Detect Rogue Devices, APs and More e.g. Maintenance Contractor Connecting an Unauthorized AP in Bank Branch to Breach
Cisco Confidential 15© 2013-2014 Cisco and/or its affiliates. All rights reserved. NetFlow – The Heart of Network as a Sensor Path to Self Learning Networks Network Flows are Attack Signatures A Powerful Information Source for Every Network Conversation Each and Every Network Conversation over an Extended Period of Time Source and Destination IP Address, IP Ports, Time, Data Transferred, and More Stored for Future Analysis A Critical Tool to Identify a Security Breach Identify Anomalous Activity Reconstruct the Sequence of Events Forensic Evidence and Regulatory Compliance NetFlow for Full Details, NetFlow-Lite for 1/n Samples
Cisco Confidential 16© 2013-2014 Cisco and/or its affiliates. All rights reserved. Drilling into a single flow provides a plethora of information Lancope StealthWatch Provides Detailed Visibility
 802.1X  MAB  WebAuth CISCO SWITCHES, ROUTERS, WIRELESS ACCESS POINTS ISE: Network-Wide Policy Enforcement Unified Policies Across the Distributed Enterprise Identity (802.1X)-Enabled Network IDENTITY CONTEXT WHO WHAT WHERE WHEN HOW  Guest Access  Profiling  Posture Security Camera G/W Vicky Sanchez Francois Didier Frank Lee Personal iPad Agentless Asset Chicago Branch Employee, Marketing Wireline 3 p.m. Consultant HQ - Strategy Remote Access 6 p.m. Guest Wireless 9 a.m. Employee Owned Wireless HQ
Cisco Confidential 18© 2013-2014 Cisco and/or its affiliates. All rights reserved. • Not Intuitive • Complex • Long Time to Identity User Device, Location Network as a Sensor More Intelligence, Richer Context – NetFlow, ISE & Lancope Integration Identity Malicious Traffic Faster with More Context Enhanced Visibility – User, Location, Device Before Now Host 1.2.3.4 Scanning Ports of Host 3.3.3.3 Host 1.2.3.4 Scanning Ports of Host 3.3.3.3 VPN Laptop Seattle Finance POS Ethernet New York B. Thomas
Cisco Confidential 19© 2013-2014 Cisco and/or its affiliates. All rights reserved. StealthWatch Use Cases Context-Aware Visibility • Network, application and user activity • East-West traffic monitoring • Advanced Persistent Threats • Insider Threat • DDoS • Data Exfiltration • In-depth, flow-based forensic analysis of suspicious incidents • Scalable repository of security information • Application Awareness • Capacity Planning • Performance Monitoring • Troubleshooting • Cisco ISE • Monitor privileged access • Policy enforcement Threat Detection Incident Response Network Diagnostics User Monitoring
© 2014 Lancope, Inc. All rights reserved.© 2014 Lancope, Inc. All rights reserved. Stop Problems Before They Become Crises ImpacttotheBusiness($) credit card data compromised attack identified vulnerability closed attack thwarted early warning attack identified vulnerability closed attack onset STEALTHWATCH REDUCES MTTK Company with StealthWatch Company with Legacy Monitoring Tools ~70% of Incident Response is spent on MTTK “Worm outbreaks impact revenue by up to $250k / hour. StealthWatch pays for itself in 30 minutes.” F500 Media Conglomerate 259% ROI MTTK Time
Cisco Confidential 21© 2013-2014 Cisco and/or its affiliates. All rights reserved. Art of Network Security Strategic Advice Know Your Normal Network as a Sensor Traffic, Flows, Apps, Devices, Users
Cisco Confidential 22© 2013-2014 Cisco and/or its affiliates. All rights reserved. Network as an Enforcer
Cisco Confidential 23© 2013-2014 Cisco and/or its affiliates. All rights reserved. What Can the Network Do for You? Network as Enforcer Segment the Network to Contain the Attack TrustSec - Secure Group Tagging, VRF, ISE and More Encrypt the Traffic to Protect the Data in Motion MACsec for Wired, DTLS for Wireless, IPSec/SSL for WAN and More Secure The Branch for Direct Internet Access IWAN, Cloud Web Security and More
Cisco Confidential 24© 2013-2014 Cisco and/or its affiliates. All rights reserved. Art of Network Security Strategic Advice Divide and Defend Segment the Network to Contain the Attack TrustSec, ISE, VLAN/VRF/EVN, ACLs
Cisco Confidential 25© 2013-2014 Cisco and/or its affiliates. All rights reserved. Network as an Enforcer Segment the Network and Enforce Policy to Contain the Attack Segment Network To Contain the Attack Access Control For Granular and Consistent Policy User Access Control based on Device, Location, Network Type, Time, and More (ISE) Physical and Virtual Port-Level Permit and Denial (Access Control Lists) Consistent Policy Across Wired/Wireless/Remote Access (ISE, Unified Access Switches) Role-Based, Topology and Access-Independent Access Control (TrustSec/SGT, ISE) Network Segmentation (VLAN, TrustSec/SGT, VRF/EVN)
Cisco Confidential 26© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco TrustSec Identity-Based Software Defined Segmentation Flexible and Scalable Policy Enforcement Switch Router DC FW DC Switch Simplified Access Management Accelerated Security Operations Consistent Policy Anywhere Who can talk to whom Who can access protected assets How systems can talk to other systems Desired Policy
Cisco Confidential 28© 2013-2014 Cisco and/or its affiliates. All rights reserved. Block Stolen Credentials from Accessing Credit Card Data TrustSec Identity-Based Segmentation to Contain the Attack Enforce ISE Cisco Identity Service Engine Credit Card Data Criminal with stolen maintenance contractor identity tries to access credit card data Traffic is tagged with maintenance contractor user group identity TrustSec policy blocks access to credit card data due to maintenance group tag mismatch with financial group tag ISE enforces policy across Wired, Wireless, and VPN Security Group Tags Detect
Cisco Confidential 29© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco TrustSec with Lancope StealthWatch Campus/DC Switches/WLC Cisco Routers / 3rd Vendor Devices Network Sensors & Enforcers TrustSec Security Group Tag Confidential Data Mitigation Identity Lancope StealthWatch Quarantine /Capture Data RepositoriesAnalytics & Policy ISE Transactional Details (NetFlow)
Cisco Confidential 30© 2013-2014 Cisco and/or its affiliates. All rights reserved. Art of Network Security Strategic Advice Enable Built-In Network Defenses You Have Already Invested in Your Network Activate TrustSec, NetFlow, Encryption, and More.
Cisco Confidential 31© 2013-2014 Cisco and/or its affiliates. All rights reserved. Network as a Mitigation Accelerator
Cisco Confidential 32© 2013-2014 Cisco and/or its affiliates. All rights reserved. What Can the Network Do for You? Network as a Mitigation Accelerator Decrease Time to Remediation e.g. SourceFire Integration for Network-Wide Rapid Threat Detection and Mitigation Automate Configuration and Provisioning e.g. ACL, QoS, and Secure Branch Automation Enable Open, Programmable Network Abstraction e.g. RESTful API Integration, CLI Hardware Compatibility
Cisco Confidential 33© 2013-2014 Cisco and/or its affiliates. All rights reserved. Attackers are Fast, Defenders are Slow Today’s Security Model - Complex, Not Fast Enough Discovery of Breaches Takes a Long Time Threat Mitigation Takes a Long Time Too
Cisco Confidential 34© 2013-2014 Cisco and/or its affiliates. All rights reserved. Policy-Based Security at Scale Open & Automated Enabled By APIC-EM Cisco Vision: Network as Security Sensor and Enforcer, Accelerated by ACI Current direction of roadmap Sensor Enforcer
Cisco Confidential 35© 2013-2014 Cisco and/or its affiliates. All rights reserved. Art of Network Security Strategic Advice Unite the Forces Advanced Malware Protection Threat Centric Security Network as a Sensor, Enforcer, and Mitigation Accelerator
Thank you.

Recommended

Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherLancope, Inc.
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco Canada
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for merakiCisco Canada
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectRobb Boyd
 
Cisco Security Architecture
Cisco Security ArchitectureCisco Security Architecture
Cisco Security ArchitectureCisco Canada
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 

Recommended

Cisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherCisco, Sourcefire and Lancope - Better Together
Cisco, Sourcefire and Lancope - Better TogetherLancope, Inc.
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco Canada
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for merakiCisco Canada
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectRobb Boyd
 
Cisco Security Architecture
Cisco Security ArchitectureCisco Security Architecture
Cisco Security ArchitectureCisco Canada
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewallsCastleforce
 
Cisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attackCisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attackCisco Canada
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Belsoft
 
Meraki powered services bell
Meraki powered services bellMeraki powered services bell
Meraki powered services bellCisco Canada
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year ProjectMOHAMMEDELALAM1
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallMundo Contact
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireGlobal Knowledge Training
 
TechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISETechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISERobb Boyd
 
Sasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionSasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionDejan Jeremic
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesOscar Romano
 
Presentation cisco cloud security strategy
Presentation cisco cloud security strategyPresentation cisco cloud security strategy
Presentation cisco cloud security strategyxKinAnx
 
Cisco's 2016 Annual Security report
Cisco's 2016 Annual Security reportCisco's 2016 Annual Security report
Cisco's 2016 Annual Security reportCisco Canada
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosCisco Canada
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services Felipe Lamus
 
Cisco Network Insider: Three Ways to Secure your Network
Cisco Network Insider: Three Ways to Secure your NetworkCisco Network Insider: Three Ways to Secure your Network
Cisco Network Insider: Three Ways to Secure your NetworkRobb Boyd
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)BAKOTECH
 
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks VMworld
 
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...Cisco Russia
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 

More Related Content

What's hot

Cisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attackCisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attackCisco Canada
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Belsoft
 
Meraki powered services bell
Meraki powered services bellMeraki powered services bell
Meraki powered services bellCisco Canada
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallMundo Contact
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...Amazon Web Services
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireGlobal Knowledge Training
 
TechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISETechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISERobb Boyd
 
Sasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionSasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionDejan Jeremic
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesOscar Romano
 
Presentation cisco cloud security strategy
Presentation cisco cloud security strategyPresentation cisco cloud security strategy
Presentation cisco cloud security strategyxKinAnx
 
Cisco's 2016 Annual Security report
Cisco's 2016 Annual Security reportCisco's 2016 Annual Security report
Cisco's 2016 Annual Security reportCisco Canada
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosCisco Canada
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services Felipe Lamus
 
Cisco Network Insider: Three Ways to Secure your Network
Cisco Network Insider: Three Ways to Secure your NetworkCisco Network Insider: Three Ways to Secure your Network
Cisco Network Insider: Three Ways to Secure your NetworkRobb Boyd
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)BAKOTECH
 
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks VMworld
 

What's hot (20)

Cisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attackCisco Connect Toronto 2017 - Anatomy-of-attack
Cisco Connect Toronto 2017 - Anatomy-of-attack
 
Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013Palo Alto Networks 28.5.2013
Palo Alto Networks 28.5.2013
 
Meraki powered services bell
Meraki powered services bellMeraki powered services bell
Meraki powered services bell
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year Project
 
Palo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation FirewallPalo Alto Networks y la tecnología de Next Generation Firewall
Palo Alto Networks y la tecnología de Next Generation Firewall
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and Sourcefire
 
TechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISETechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISE
 
Sasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protectionSasa milic, cisco advanced malware protection
Sasa milic, cisco advanced malware protection
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
 
Presentation cisco cloud security strategy
Presentation cisco cloud security strategyPresentation cisco cloud security strategy
Presentation cisco cloud security strategy
 
Cisco's 2016 Annual Security report
Cisco's 2016 Annual Security reportCisco's 2016 Annual Security report
Cisco's 2016 Annual Security report
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the Noise
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSec
 
ASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment ScenariosASA Firepower NGFW Update and Deployment Scenarios
ASA Firepower NGFW Update and Deployment Scenarios
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services
 
Cisco Network Insider: Three Ways to Secure your Network
Cisco Network Insider: Three Ways to Secure your NetworkCisco Network Insider: Three Ways to Secure your Network
Cisco Network Insider: Three Ways to Secure your Network
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
 
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
 

Viewers also liked

Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...Cisco Russia
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Cyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughCyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughSavvius, Inc
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkEng. Mohammed Ahmed Siddiqui
 
Reducing Cost with DNA Automation
Reducing Cost with DNA AutomationReducing Cost with DNA Automation
Reducing Cost with DNA AutomationCisco Canada
 
Network Security and Visibility through NetFlow
Network Security and Visibility through NetFlowNetwork Security and Visibility through NetFlow
Network Security and Visibility through NetFlowLancope, Inc.
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention systemNikhil Raj
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Anwesh Dixit
 
Hacking & its types
Hacking & its typesHacking & its types
Hacking & its typesSai Sakoji
 
The Future Of Work & The Work Of The Future
The Future Of Work & The Work Of The FutureThe Future Of Work & The Work Of The Future
The Future Of Work & The Work Of The FutureArturo Pelayo
 

Viewers also liked (10)

Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
Решения конвергентного доступа Cisco. Обновление продуктовой линейки коммутат...
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
 
Cyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enoughCyber Security - IDS/IPS is not enough
Cyber Security - IDS/IPS is not enough
 
Introduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for networkIntroduction to Intrusion detection and prevention system for network
Introduction to Intrusion detection and prevention system for network
 
Reducing Cost with DNA Automation
Reducing Cost with DNA AutomationReducing Cost with DNA Automation
Reducing Cost with DNA Automation
 
Network Security and Visibility through NetFlow
Network Security and Visibility through NetFlowNetwork Security and Visibility through NetFlow
Network Security and Visibility through NetFlow
 
Intrusion detection and prevention system
Intrusion detection and prevention systemIntrusion detection and prevention system
Intrusion detection and prevention system
 
Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)Cisco Identity Services Engine (ISE)
Cisco Identity Services Engine (ISE)
 
Hacking & its types
Hacking & its typesHacking & its types
Hacking & its types
 
The Future Of Work & The Work Of The Future
The Future Of Work & The Work Of The FutureThe Future Of Work & The Work Of The Future
The Future Of Work & The Work Of The Future
 

Similar to The Network as a Sensor, Cisco and Lancope

Cisco Content Security
Cisco Content SecurityCisco Content Security
Cisco Content SecurityCisco Canada
 
Cisco Live Cancun PR Session
Cisco Live Cancun PR SessionCisco Live Cancun PR Session
Cisco Live Cancun PR SessionFelipe Lamus
 
How Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & SecureHow Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & Securescoopnewsgroup
 
A rede como um sensor de segurança
A rede como um sensor de segurança A rede como um sensor de segurança
A rede como um sensor de segurança Cisco do Brasil
 
Cisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIACisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIARobb Boyd
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionCisco Canada
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutionsAlan Rudd
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Decisions
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation SecurityCybera Inc.
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...Chrysostomos Christofi
 
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYIDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYForgeRock
 
Idc security roadshow may2015 Adrian Aron
Idc security roadshow may2015 Adrian AronIdc security roadshow may2015 Adrian Aron
Idc security roadshow may2015 Adrian AronDejan Jeremic
 
Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences Markit
 
Web Security and Network Security
Web Security and Network SecurityWeb Security and Network Security
Web Security and Network Securitycrussell79
 
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin RodillasTI Safe
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyCloudflare
 

Similar to The Network as a Sensor, Cisco and Lancope (20)

Cisco Content Security
Cisco Content SecurityCisco Content Security
Cisco Content Security
 
Cisco Live Cancun PR Session
Cisco Live Cancun PR SessionCisco Live Cancun PR Session
Cisco Live Cancun PR Session
 
How Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & SecureHow Zero Trust Makes the Mission Simple & Secure
How Zero Trust Makes the Mission Simple & Secure
 
A rede como um sensor de segurança
A rede como um sensor de segurança A rede como um sensor de segurança
A rede como um sensor de segurança
 
Cisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIACisco Network Insider Series: Securing Your Branch for DIA
Cisco Network Insider Series: Securing Your Branch for DIA
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended Network
 
Information Security
Information SecurityInformation Security
Information Security
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutions
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation Security
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
 
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITYIDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
IDENTITY IS THE FIRST STEP TO TRUE NETWORK SECURITY
 
Idc security roadshow may2015 Adrian Aron
Idc security roadshow may2015 Adrian AronIdc security roadshow may2015 Adrian Aron
Idc security roadshow may2015 Adrian Aron
 
Cisco Managed Security
Cisco Managed SecurityCisco Managed Security
Cisco Managed Security
 
Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences Cyber security providers adopt strategic defences
Cyber security providers adopt strategic defences
 
Web Security and Network Security
Web Security and Network SecurityWeb Security and Network Security
Web Security and Network Security
 
[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas[CLASS 2014] Palestra Técnica - Delfin Rodillas
[CLASS 2014] Palestra Técnica - Delfin Rodillas
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 

More from Cisco Enterprise Networks

Simplify WAN Deployment with the Cisco IWAN Application
Simplify WAN Deployment with the Cisco IWAN ApplicationSimplify WAN Deployment with the Cisco IWAN Application
Simplify WAN Deployment with the Cisco IWAN ApplicationCisco Enterprise Networks
 
Get More for Less with the New Cisco Catalyst 6840-X Series Switch
Get More for Less with the New Cisco Catalyst 6840-X Series SwitchGet More for Less with the New Cisco Catalyst 6840-X Series Switch
Get More for Less with the New Cisco Catalyst 6840-X Series SwitchCisco Enterprise Networks
 
Software-Defined WAN: A Real World Success Story
Software-Defined WAN: A Real World Success StorySoftware-Defined WAN: A Real World Success Story
Software-Defined WAN: A Real World Success StoryCisco Enterprise Networks
 
Future Proofing Your Network with the New Cisco Catalyst 3850 10G Aggregation...
Future Proofing Your Network with the New Cisco Catalyst 3850 10G Aggregation...Future Proofing Your Network with the New Cisco Catalyst 3850 10G Aggregation...
Future Proofing Your Network with the New Cisco Catalyst 3850 10G Aggregation...Cisco Enterprise Networks
 
Enabling the Digital Leap: Strategies for K–12 Schools
Enabling the Digital Leap: Strategies for K–12 SchoolsEnabling the Digital Leap: Strategies for K–12 Schools
Enabling the Digital Leap: Strategies for K–12 SchoolsCisco Enterprise Networks
 
Cisco Catalyst 2960-X, 2960-CX, and 3560-CX Platforms - The Greenest Catalyst...
Cisco Catalyst 2960-X, 2960-CX, and 3560-CX Platforms - The Greenest Catalyst...Cisco Catalyst 2960-X, 2960-CX, and 3560-CX Platforms - The Greenest Catalyst...
Cisco Catalyst 2960-X, 2960-CX, and 3560-CX Platforms - The Greenest Catalyst...Cisco Enterprise Networks
 
Maximize Application Performance and Bandwidth Efficiency with WAN Optimization
Maximize Application Performance and Bandwidth Efficiency with WAN OptimizationMaximize Application Performance and Bandwidth Efficiency with WAN Optimization
Maximize Application Performance and Bandwidth Efficiency with WAN OptimizationCisco Enterprise Networks
 
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...Cisco Enterprise Networks
 

More from Cisco Enterprise Networks (11)

Verizon Managed SD-WAN with Cisco IWAN
Verizon Managed SD-WAN with Cisco IWAN Verizon Managed SD-WAN with Cisco IWAN
Verizon Managed SD-WAN with Cisco IWAN
 
Simplify WAN Deployment with the Cisco IWAN Application
Simplify WAN Deployment with the Cisco IWAN ApplicationSimplify WAN Deployment with the Cisco IWAN Application
Simplify WAN Deployment with the Cisco IWAN Application
 
An SD-WAN Bill of Rights
An SD-WAN Bill of RightsAn SD-WAN Bill of Rights
An SD-WAN Bill of Rights
 
Get More for Less with the New Cisco Catalyst 6840-X Series Switch
Get More for Less with the New Cisco Catalyst 6840-X Series SwitchGet More for Less with the New Cisco Catalyst 6840-X Series Switch
Get More for Less with the New Cisco Catalyst 6840-X Series Switch
 
Preparing Your Network for 802.11ac Wave 2
Preparing Your Network for 802.11ac Wave 2Preparing Your Network for 802.11ac Wave 2
Preparing Your Network for 802.11ac Wave 2
 
Software-Defined WAN: A Real World Success Story
Software-Defined WAN: A Real World Success StorySoftware-Defined WAN: A Real World Success Story
Software-Defined WAN: A Real World Success Story
 
Future Proofing Your Network with the New Cisco Catalyst 3850 10G Aggregation...
Future Proofing Your Network with the New Cisco Catalyst 3850 10G Aggregation...Future Proofing Your Network with the New Cisco Catalyst 3850 10G Aggregation...
Future Proofing Your Network with the New Cisco Catalyst 3850 10G Aggregation...
 
Enabling the Digital Leap: Strategies for K–12 Schools
Enabling the Digital Leap: Strategies for K–12 SchoolsEnabling the Digital Leap: Strategies for K–12 Schools
Enabling the Digital Leap: Strategies for K–12 Schools
 
Cisco Catalyst 2960-X, 2960-CX, and 3560-CX Platforms - The Greenest Catalyst...
Cisco Catalyst 2960-X, 2960-CX, and 3560-CX Platforms - The Greenest Catalyst...Cisco Catalyst 2960-X, 2960-CX, and 3560-CX Platforms - The Greenest Catalyst...
Cisco Catalyst 2960-X, 2960-CX, and 3560-CX Platforms - The Greenest Catalyst...
 
Maximize Application Performance and Bandwidth Efficiency with WAN Optimization
Maximize Application Performance and Bandwidth Efficiency with WAN OptimizationMaximize Application Performance and Bandwidth Efficiency with WAN Optimization
Maximize Application Performance and Bandwidth Efficiency with WAN Optimization
 
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
Speed Hybrid WAN Deployment with the New Cisco Intelligent WAN Design Guide -...
 

Recently uploaded

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 

The Network as a Sensor, Cisco and Lancope

  • 1. The Network as a Sensor Brian Korn, Sr. Marketing Manager, Cisco Chris Smithee, Director of Strategic Alliances, Lancope Securing the Enterprise Network Complementing Advanced Malware Protection and Traditional Security
  • 2. Cisco Confidential 2© 2013-2014 Cisco and/or its affiliates. All rights reserved. Agenda • Security Market Trends You are Already Infected, Erosion of Trust Attack Surface and Sophistication Increasing Discovery of Breaches and Mitigation May Take Months • The Threat Centric Security Model Before, During, After An Attack • The Role of the Network for Security Network Complements Advanced Malware Protection and Perimeter Security Network as a Sensor - You Can’t Protect What You Can’t See Network as an Enforcer Network as a Mitigation Accelerator
  • 3. Cisco Confidential 3© 2013-2014 Cisco and/or its affiliates. All rights reserved. Global Enterprise Networks are Under Attack Did You Know That You Are Already Infected? Malicious Traffic is Visible on 100% of Corporate Networks* Cisco 2014 Annual Security Report *Companies connect to domains that host malicious files or services
  • 4. Cisco Confidential 4© 2013-2014 Cisco and/or its affiliates. All rights reserved. Enterprise Attack Surface is Increasing Sophisticated Threats Difficult to Detect Slow and Complex Mitigation *PonemonInstituteStudy
  • 5. Enterprise Attack Surface Is Increasing Driven by Increase in Mobility, Cloud Services, and IoT Growth in M2M IP Traffic 2013–18**50BIoT Connected “Smart Objects” by 2020* 36X * Cisco IBSG, ** Cisco VNI: Global Mobile Data Traffic Forecast 2013-2018 3.3 55% 77BMobile Devices Per Knowledge Worker* IP Traffic Mobile by 2017** App Downloads in 2014*** * Cisco IBSG, ** Cisco 2013 VNI, *** IDC 545 3X 44%Cloud Cloud Apps Per Organization* Cloud Traffic Growth by 2017** Annual Cloud Workload Growth*** * Skyhigh Networks Industry Report, ** Cisco Global Cloud Index, *** Cisco VNI Global Mobile Data Traffic Forecast,
  • 6. The Industrialization of Hacking: Cyber Crime as a Business Threats Grow More Sophisticated Every Day Criminals Know More About Your Network Than You Do Initial Malware May Remain Dormant For Months to Learn Vulnerabilities and Network Custom Malware Developed to Attack After Learning Your Vulnerabilities Viruses 1990–2000 Worms 2000–2005 Spyware and Rootkits 2005–Today APTs Cyberware Today + Sophisticated Attacks, Attack As Service Phishing, Low Sophistication 20001990 1995 2005 2010 2015 2020 Hacking Becomes an Industry
  • 7. Welcome to the Hackers’ Economy Source: CNBC Global Cybercrime Market: $450B-$1T How Industrial Hackers Monetize the Opportunity Social Security $1 Medical Record >$50 DDoS as a Service ~$7/hour DDoS Credit Card Data $0.25−$60 Bank Account Info >$1000 depending on account type and balance $ Exploits $100k-$300K Facebook Account $1 for an account with 15 friends Spam $50/500K emails Malware Development $2500 (commercial malware) Mobile Malware $150
  • 8. Threat Mitigation and Remediation Takes Even Longer Discovery of Breaches Takes a Long Time Attackers are Fast, Defenders are Slow Malicious Breaches take 80 Days to Discover 123 Days to Resolve on Average Ponemon Institute Study 100% of companies connect to domains that host malicious files or services 60% of data is stolen in hours 54% of breaches remain undiscovered for months
  • 9. “Treat Every User as Hostile.” Stolen Identity, Malicious Intent CIO of a Global Investment Banking, Securities, Investment Management Firm An Erosion of Trust Nothing Should be Trusted – Apps, Certificates, Cloud, Devices, Users… “Treat Enterprise as Untrusted.” Senior Executive of a Global Internet Search Firm
  • 10. “Network Security is Critical” Network has the Visibility of Devices, Users, Location, and Applications
  • 11. Cisco Confidential 11© 2013-2014 Cisco and/or its affiliates. All rights reserved. Art of Network Security Strategic Advice Unite the Forces Advanced Malware Protection Threat Centric Security Network as a Sensor, Enforcer, and Mitigation Accelerator
  • 12. Cisco Confidential 12© 2013-2014 Cisco and/or its affiliates. All rights reserved. ATTACK CONTINUUM The Threat Centric Security Model BEFORE Discover Enforce Harden AFTER Scope Contain Remediate Detect Block Defend DURING Visibility & Defense Across the Entire Attack Continuum Network as a Sensor Network as an Enforcer
  • 13. Cisco Confidential 13© 2013-2014 Cisco and/or its affiliates. All rights reserved. You Can’t Protect What You Can’t See The Network Gives Deep and Broad Visibility 0101 0100 1011 0101 0100 1011 0101 0100 1011 0101 0100 1011
  • 14. Cisco Confidential 14© 2013-2014 Cisco and/or its affiliates. All rights reserved. What Can the Network Do for You? Network as Sensor Detect Anomalous Traffic Flows, Malware e.g. Communication with Malicious Hosts, Internal Malware Propagation, Data Exfiltration Detect App Usage, User Access Policy Violations e.g. Contractor Accessing Financial Data Detect Rogue Devices, APs and More e.g. Maintenance Contractor Connecting an Unauthorized AP in Bank Branch to Breach
  • 15. Cisco Confidential 15© 2013-2014 Cisco and/or its affiliates. All rights reserved. NetFlow – The Heart of Network as a Sensor Path to Self Learning Networks Network Flows are Attack Signatures A Powerful Information Source for Every Network Conversation Each and Every Network Conversation over an Extended Period of Time Source and Destination IP Address, IP Ports, Time, Data Transferred, and More Stored for Future Analysis A Critical Tool to Identify a Security Breach Identify Anomalous Activity Reconstruct the Sequence of Events Forensic Evidence and Regulatory Compliance NetFlow for Full Details, NetFlow-Lite for 1/n Samples
  • 16. Cisco Confidential 16© 2013-2014 Cisco and/or its affiliates. All rights reserved. Drilling into a single flow provides a plethora of information Lancope StealthWatch Provides Detailed Visibility
  • 17.  802.1X  MAB  WebAuth CISCO SWITCHES, ROUTERS, WIRELESS ACCESS POINTS ISE: Network-Wide Policy Enforcement Unified Policies Across the Distributed Enterprise Identity (802.1X)-Enabled Network IDENTITY CONTEXT WHO WHAT WHERE WHEN HOW  Guest Access  Profiling  Posture Security Camera G/W Vicky Sanchez Francois Didier Frank Lee Personal iPad Agentless Asset Chicago Branch Employee, Marketing Wireline 3 p.m. Consultant HQ - Strategy Remote Access 6 p.m. Guest Wireless 9 a.m. Employee Owned Wireless HQ
  • 18. Cisco Confidential 18© 2013-2014 Cisco and/or its affiliates. All rights reserved. • Not Intuitive • Complex • Long Time to Identity User Device, Location Network as a Sensor More Intelligence, Richer Context – NetFlow, ISE & Lancope Integration Identity Malicious Traffic Faster with More Context Enhanced Visibility – User, Location, Device Before Now Host 1.2.3.4 Scanning Ports of Host 3.3.3.3 Host 1.2.3.4 Scanning Ports of Host 3.3.3.3 VPN Laptop Seattle Finance POS Ethernet New York B. Thomas
  • 19. Cisco Confidential 19© 2013-2014 Cisco and/or its affiliates. All rights reserved. StealthWatch Use Cases Context-Aware Visibility • Network, application and user activity • East-West traffic monitoring • Advanced Persistent Threats • Insider Threat • DDoS • Data Exfiltration • In-depth, flow-based forensic analysis of suspicious incidents • Scalable repository of security information • Application Awareness • Capacity Planning • Performance Monitoring • Troubleshooting • Cisco ISE • Monitor privileged access • Policy enforcement Threat Detection Incident Response Network Diagnostics User Monitoring
  • 20. © 2014 Lancope, Inc. All rights reserved.© 2014 Lancope, Inc. All rights reserved. Stop Problems Before They Become Crises ImpacttotheBusiness($) credit card data compromised attack identified vulnerability closed attack thwarted early warning attack identified vulnerability closed attack onset STEALTHWATCH REDUCES MTTK Company with StealthWatch Company with Legacy Monitoring Tools ~70% of Incident Response is spent on MTTK “Worm outbreaks impact revenue by up to $250k / hour. StealthWatch pays for itself in 30 minutes.” F500 Media Conglomerate 259% ROI MTTK Time
  • 21. Cisco Confidential 21© 2013-2014 Cisco and/or its affiliates. All rights reserved. Art of Network Security Strategic Advice Know Your Normal Network as a Sensor Traffic, Flows, Apps, Devices, Users
  • 22. Cisco Confidential 22© 2013-2014 Cisco and/or its affiliates. All rights reserved. Network as an Enforcer
  • 23. Cisco Confidential 23© 2013-2014 Cisco and/or its affiliates. All rights reserved. What Can the Network Do for You? Network as Enforcer Segment the Network to Contain the Attack TrustSec - Secure Group Tagging, VRF, ISE and More Encrypt the Traffic to Protect the Data in Motion MACsec for Wired, DTLS for Wireless, IPSec/SSL for WAN and More Secure The Branch for Direct Internet Access IWAN, Cloud Web Security and More
  • 24. Cisco Confidential 24© 2013-2014 Cisco and/or its affiliates. All rights reserved. Art of Network Security Strategic Advice Divide and Defend Segment the Network to Contain the Attack TrustSec, ISE, VLAN/VRF/EVN, ACLs
  • 25. Cisco Confidential 25© 2013-2014 Cisco and/or its affiliates. All rights reserved. Network as an Enforcer Segment the Network and Enforce Policy to Contain the Attack Segment Network To Contain the Attack Access Control For Granular and Consistent Policy User Access Control based on Device, Location, Network Type, Time, and More (ISE) Physical and Virtual Port-Level Permit and Denial (Access Control Lists) Consistent Policy Across Wired/Wireless/Remote Access (ISE, Unified Access Switches) Role-Based, Topology and Access-Independent Access Control (TrustSec/SGT, ISE) Network Segmentation (VLAN, TrustSec/SGT, VRF/EVN)
  • 26. Cisco Confidential 26© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco TrustSec Identity-Based Software Defined Segmentation Flexible and Scalable Policy Enforcement Switch Router DC FW DC Switch Simplified Access Management Accelerated Security Operations Consistent Policy Anywhere Who can talk to whom Who can access protected assets How systems can talk to other systems Desired Policy
  • 27. Cisco Confidential 28© 2013-2014 Cisco and/or its affiliates. All rights reserved. Block Stolen Credentials from Accessing Credit Card Data TrustSec Identity-Based Segmentation to Contain the Attack Enforce ISE Cisco Identity Service Engine Credit Card Data Criminal with stolen maintenance contractor identity tries to access credit card data Traffic is tagged with maintenance contractor user group identity TrustSec policy blocks access to credit card data due to maintenance group tag mismatch with financial group tag ISE enforces policy across Wired, Wireless, and VPN Security Group Tags Detect
  • 28. Cisco Confidential 29© 2013-2014 Cisco and/or its affiliates. All rights reserved. Cisco TrustSec with Lancope StealthWatch Campus/DC Switches/WLC Cisco Routers / 3rd Vendor Devices Network Sensors & Enforcers TrustSec Security Group Tag Confidential Data Mitigation Identity Lancope StealthWatch Quarantine /Capture Data RepositoriesAnalytics & Policy ISE Transactional Details (NetFlow)
  • 29. Cisco Confidential 30© 2013-2014 Cisco and/or its affiliates. All rights reserved. Art of Network Security Strategic Advice Enable Built-In Network Defenses You Have Already Invested in Your Network Activate TrustSec, NetFlow, Encryption, and More.
  • 30. Cisco Confidential 31© 2013-2014 Cisco and/or its affiliates. All rights reserved. Network as a Mitigation Accelerator
  • 31. Cisco Confidential 32© 2013-2014 Cisco and/or its affiliates. All rights reserved. What Can the Network Do for You? Network as a Mitigation Accelerator Decrease Time to Remediation e.g. SourceFire Integration for Network-Wide Rapid Threat Detection and Mitigation Automate Configuration and Provisioning e.g. ACL, QoS, and Secure Branch Automation Enable Open, Programmable Network Abstraction e.g. RESTful API Integration, CLI Hardware Compatibility
  • 32. Cisco Confidential 33© 2013-2014 Cisco and/or its affiliates. All rights reserved. Attackers are Fast, Defenders are Slow Today’s Security Model - Complex, Not Fast Enough Discovery of Breaches Takes a Long Time Threat Mitigation Takes a Long Time Too
  • 33. Cisco Confidential 34© 2013-2014 Cisco and/or its affiliates. All rights reserved. Policy-Based Security at Scale Open & Automated Enabled By APIC-EM Cisco Vision: Network as Security Sensor and Enforcer, Accelerated by ACI Current direction of roadmap Sensor Enforcer
  • 34. Cisco Confidential 35© 2013-2014 Cisco and/or its affiliates. All rights reserved. Art of Network Security Strategic Advice Unite the Forces Advanced Malware Protection Threat Centric Security Network as a Sensor, Enforcer, and Mitigation Accelerator