Your SlideShare is downloading. ×
0
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Presentación IronPort Products
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Presentación IronPort Products

8,398

Published on

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
8,398
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
96
Comments
0
Likes
1
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Cisco IronPort ProductsDario OpezzoRegional Manager – IronPortCisco - STBUdaopezzo@cisco.com
  • 2. Frontera Convencional Policy Corporate Border Applications and Data Corporate Office Branch Office Attackers Customers PartnersPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 2
  • 3. Cloud Computing esta “disolviendo” la frontera del Data Center Policy Corporate Border Applications and Data Corporate Office Branch Office Home Office Airport Mobile User Attackers Coffee Shop Partners CustomersPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 3
  • 4. Cloud Computing esta “disolviendo” la frontera del Data Center Policy Corporate Border Platform Infrastructure as a Service as a Service Applications Software X and Data as a Service as a Service Corporate Office Branch Office Home Office Airport Mobile User Attackers Coffee Shop Partners CustomersPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 4
  • 5. Cloud Computing esta “disolviendo” la frontera del Data Center Policy Corporate Border Platform Infrastructure as a Service as a Service Applications Software X and Data as a Service as a Service Corporate Office Branch Office Home Office Airport Mobile User Attackers Coffee Shop Partners CustomersPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 5
  • 6. Arquitectura para una seguridad sin fronteras 4 Policy (Access Control, Acceptable Use, Malware, Data Security) Policy 3 Corporate Border Data Center Borderless Platform Infrastructure as a Service as a Service Applications Software X and Data as a Service as a Service Corporate Office 2 Internet Borderless Branch Office 1 End Zones Borderless Home Office Airport Mobile User Attackers Coffee Shop Partners CustomersPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 6
  • 7. El desafio hoy es Equilibrar fuerzas…. Globalization Threats Mobility Acceptable Use Collaboration Enterprise SaaS Data LossPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 7
  • 8. Cisco Security Products Overview Comprehensive Security, Flexible Delivery Application Level Network Level Data Center / Campus FWSM ACE Web App Network ASA 5500 Firewall Admission Control IPS 4200 Corporate HQ Cisco Security Cisco IronPort Cisco IronPort C-Series S-Series IPS 4200 ASA 5500 Intelligence Operations Branch Office Cisco IronPort ISR ASA 5500 Centralized S-Series Management Teleworker Clientless Network Cisco AnyConnect Access VPN ClientPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 8
  • 9. Cisco IronPort Gateway Security Products  Internet Internet IronPort SenderBase BLOCK Incoming Threats APPLICATION-SPECIFIC SECURITY GATEWAYS ENCRYPTION EMAIL WEB Appliance Security Appliance Security Appliance CENTRALIZE Administration PROTECT Corporate Assets Data Loss Prevention Security MANAGEMENT Appliance CLIENTS Web Security | Email Security | Security Management | EncryptionPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 9
  • 10. Cisco IronPort Email Security AppliancesPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 10
  • 11. Top Exploits Email Security 1. Spam (mas del 85% del trafico mundial) 2. Viruses 3. False-positives 4. Denial-of-Service (DoS) Attacks 5. Misdirected bounces (Ataques de Rebotes) 6. Impersonation scams (Phishing) 7. Bot-Net NetworksPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 11
  • 12. IronPort Consolida la seguridad y arquitectura de la plataforma de Correo Antes de IronPort Despues de IronPort Internet Internet Firewall Firewall MTAs Anti-Spam Anti-Virus IronPort Email Security Appliance Policy Management Mail Routing Groupware Groupware Users UsersPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 12
  • 13. IronPort C Series - Features  MTA (Mail Transfer Agent) propietario, sistema operativo AsyncOS  Antispam  Antivirus  Filtro de epidemia de Virus (Proteccion preventiva Antivirus)  Reputation Filters ( Proteccion preventiva Antispam)  Encripcion  DLP – RSA integrado en el sistema operativoPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 13
  • 14. Plataforma  Plataforma modular  Inspección de trafico modulo x modulo  Activacion de los modulo basado en las politicas configurados por usuario, dominio, IP o grupo.  Autenticacion y politicas integradas con AD, LDAP y Radius.  Proteccion contra Email Marketing  Intelligent Multiscan (doble motor Antispam para outbound traffic).Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 14
  • 15. Arquitectura Email Security Inbound Security, Outbound Control INBOUND Spam Virus SECURITY Defense Defense Management CISCO IRONPORT ASYNCOS™ EMAIL PLATFORM Data Loss Secure OUTBOUND CONTROL Prevention MessagingPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 15
  • 16. SenderBase Email Reputation Database Domain Complaint Blacklist & Reports Safelists IP Blacklists & Whitelists Compromised Spam Traps Host Lists Message Web Site Composition Composition Data Data Global Volume Other Data Data IP Reputation Score - 10 0 +10Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 16
  • 17. Cisco Security Intelligence Operations Proteccion en tiempo real Firewall Web Sensor Sensor Web Firewall Email Sensor Sensor Email Sensor Sensor IPS Sensor Web IPS Sensor Sensor Email Sensor IPS Email Sensor Sensor Content Security Network Security  30% global email Cisco Security  IPS devices Intelligence Operations  3B daily web requests  Firewalls (700,000+ devices) Email Security Web Security Firewalls IPS Devices Solutions SolutionsPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 17
  • 18. Arquitectura Antispam Multi-layer Spam Defense Senderbase IronPort Reputation Filtering Anti-Spam Who? How? Score What? Where? Block 90% >99% Catch Rate of Spam < 1 in 1 mil False PositivesPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 18
  • 19. Arquitectura Antivirus Multi-layer Virus Defense Virus Outbreak Filters Anti-Virus T=0 T = 5 mins T = 15 mins -zip (exe) files -zip (exe) files -zip (exe) files -Size 50 to -Size 50 to 55 KB 55KB -“Price” in the filenamePresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 19
  • 20. Control correo saliente HR/Legal Corporate DLP Review Policies HIPPA HIPAA Trade Encryption Encryption PCI Secrets SB-1386 Dropped Company SMTP Attachment Reputation PCI Security Enforcement Array Detection RemediationPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 20
  • 21. Correo Seguro Facil de utilizar para el remitente 1 Message is Encrypted & Pushed to Recipient TLS 3 Key is Stored User Opens 1 2 Secured Message in Browser User Authenticates and Receives Message Key  Automated key management  No desktop software requirements  No new hardware required Decrypted Message Is displayedPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 21
  • 22. Correo Seguro Facil de utilizar para destinatario 1 2 Open Attachment Enter Password Send to Anyone no Certificates no Plug-Ins 3 View MessagePresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 22
  • 23. Visibilidad y Control Facil para el Administrador Guaranteed Recall Guaranteed Read ReceiptPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 23
  • 24. Comprehensive Email Management  Configure Anti-Spam, Anti-Virus, Content Filters, Preventive AV, Encryption and DLP all in one user interfacePresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 24
  • 25. Modelos y sizing  C170 – hasta 1000 users.  C370 – hasta 5000 users.  C670 – mas de 5000 y hasta 10000 o mas usuarios.  Licenciamiento por cantidad de usuarios.  No se vende sin soporte.  No se vende el software sin el appliance.  No corre en VMWare.Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 25
  • 26. Performance  Soporta hasta 10.000 conexiones concurrentes  Mas de 250.000 mail/hora (C670) como MTA puro  Aproximadamente 110.000 mail hora con todos los servicios activos.  Mas del 80% del trafico spam es bloqueado en el borde sin entrar a la red del cliente  Soporta 2 engines AS (IPAS y Cloudmark)  Soporta 2 engines AV (Sophos y McAfee)Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 26
  • 27. Licencias & Servicios  MTA y sistema operativo  Reputation Filters  Antispam  Antivirus  Filtro epidemia de virus (VoF)  Encripcion  Modulo DLPPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 27
  • 28. Cisco IronPort Web Security AppliancesPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 28
  • 29. Web HTTP es el nuevo TCP  Crecimiento en el mundo de los negocios FTP IM  Crecimiento en SOAP Video aplicaciones RPC “tunelizadas”  Proliferacion de redes socialesPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 29
  • 30. Desafios de la WEB Recursos e informacion casi ilimitados, pero no hay privacidad o seguridad garantizada Acceptable Use Violations Data Malware Loss Challenges InfectionsPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 30
  • 31. Web Traffic The Long Tail Gets Longer 20% del trafico es “facil de clasificar” Trafico predecible, Dominios conocidos 80% del trafico es “dificil de clasificar” 110M sitios, creciendo 40% anualmente Mezcla de sitios legitimos, spyware y malware Traffic Volume Big Head Long Tail # of SitesPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 31
  • 32. Cisco IronPort S-Series Next Generation Secure Web Gateway Cisco IronPort Web Usage Controls  Industry-leading visibility and protection  Real-Time Dynamic Content Analysis for the Dark Web Data Security Cisco IronPort  Integrated data security Web Reputation for easy enforcement of Filters common sense policies  Proactive protection  Integration with external against emerging threats products for advanced  Blocks 70% of malware DLP traffic at the connection Cisco IronPort S-Series level Cisco IronPort DVS Anti-Malware Engine  Blocks malware based on deep content analysis  Multiple anti-malware and anti-virus technologies running in parallelPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 32
  • 33. Next Generation Secure Web Gateway Before IronPort After IronPort Internet Internet Firewall Firewall Web Proxy & Caching Anti-Spyware Anti-Virus IronPort S-Series Anti-Phishing URL Filtering Policy Management Users UsersPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 33
  • 34. Cisco IronPort S-Series A Powerful, Secure Web Gateway Solution  Most effective defense against web-based malware  Visibility and control for acceptable use and data loss  High performance to ensure best end-user experience  Integrated solution offering optimum TCO Management and Reporting Acceptable Use Malware Data Security Policy Defense AsyncOS for WebPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 34
  • 35. IronPort S Series - Features  Proxy (HTTP,HTTPS, FTP) y Web Cache  Monitor de L4 (Analisis de los 65535 TCP ports )  Inspección de trafico HTTPs  Cisco IronPort Web Usage Controls (URL Filter)  Web Reputation  Anti-Malware  Applications Control Software Tunneled Collaboration as a Service Applications ftp://ftp.funet.fi/pub/Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 35
  • 36. Integrated L4 Traffic Monitor Comprehensive Controls  Scans all 65,535 ports at wire speed  Internet  Supports “monitor only” or “monitor & block” modes X X Firewall  Ability to exempt sources and/or destinations Port 80  Automated updates IronPort S-Series PROXY L4 TRAFFIC MONITOR X XPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 36
  • 37. Web Proxy & L4 Traffic Monitor T1 & T2 used for L4TM P1/M1 used for Web Proxy Web Proxy Deployment Options L4 Traffic Monitor Deployment Options Explicit Forward Span Port off a Switch Transparent off an L4 Switch Simplex Tap Transparent off a WCCP Router Duplex TapPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 37
  • 38. Intelligent Scanning Known good sites aren’t scanned ANTI-MALWARE SYSTEM IRONPORT WEB REPUTATION FILTERS Unknown sites are DECRYPTION Requested scanned by one or ENGINE more engines URLs Known bad sites are blocked  IronPort Web Reputation technology determines need for scanning by - IronPort Anti-Malware System - Decryption EnginePresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 38
  • 39. Introducing Cisco IronPort Web Usage Controls A Spotlight for the Dark Web URL Lookup in Database  Industry-leading URL database efficacy • 65 categories Gambling www.sportsbook.com/ URL Database • Updated every 5 minutes Uncategorized • Powered by Cisco SIO URL Keyword Analysis  Real-time Dynamic Content Analysis Engine accurately www.casinoonthe.net/ Gambling identifies over 90% of Real-time Dynamic Uncategorized Dark Web content in Content Analysis commonly blocked categories Dynamic Content Analysis Engine Analyze Site Content GamblingPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 39
  • 40. Cisco Security Intelligence Operations (SIO) Unmatched Visibility Drives Unparalleled Efficacy Cisco IronPort Web Security Appliances on Customer Premises Updates published every 5 Customer minutes Administrators URL Categorization Uncategorized Requests URLs Cisco SIO Analysis and Processing Master URL Database External Feeds Crawler Targeting Traffic Data from Crowd Sourcing Cisco IronPort Email Security Appliances, Manual Web Cisco IPS, and Cisco Categorization Crawlers ASA sensorsPresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 40
  • 41. Industry-leading Accuracy With Multiple Verdict Engines WEBROOT & SOPHOS  Best-of-breed signatures - Webroot & Sophos  Broad coverage - Addresses full range of threats  Complete signature set - URLs, domains, CLSIDs, binaries, checksums, user agents and morePresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 41
  • 42. Modelos y sizing  S170 – hasta 1000 users.  S370 – hasta 5000 users.  S670 – hasta 10000 o mas usuarios.  Licenciamiento por cantidad de usuarios.  No se vende sin soporte.  No se vende el software sin el appliance.  No corre en VMWarePresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 42
  • 43. Performance  Soporta hasta 100.000 sesiones simultaneas  1900 a 2100 requests seg. (aprox. 7M/hora)  100 a 200Mb de throughput depende de los modulos activos.  No in-line, baja latencia 5 a 15 ms  Un solo S670 capaz de soportar 10k o 20k users.Presentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 43
  • 44. Licencias & Servicios  Proxy (HTTP,HTTPS,FTP) y Web Cache  Monitor de L4  Inspección de trafico HTTPs  Web usage Controls (URL Filter)  Web Reputation  Anti-Malware McAfee AntiMalware Webroot AntiMalwarePresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 44
  • 45. Q&APresentation_ID © 2006 Cisco Systems, Inc. All rights reserved. Cisco Confidential 51

×