Road show chile 2010 v2

7,423 views

Published on

Published in: Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
7,423
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
11
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • We now have 2 main offices for Latin America - based in Sao Paulo (Brazil) and Buenos Aires (Argentina)The Brazilian operation that has merged with Logicalis, is now part of a holding company for the whole Latin American business. The operations in Argentina, Bolivia, Chile, Ecuador, Paraguay, Peru and Uruguay trade under the name of Logicalis (they have dropped the Softnet brand). In Brazil, the operation trades as PromonLogicalis.Logicalis is now the single largest independent network integrator for this region.
  • There is no question that the traditional corporate border is gone forever. In the past, applications, data centers and branch office networks were protected by perimeter devices such as firewalls and policy-based rule sets. The internet and attackers were outside the perimeter, although VPN and other technologies made it possible to grant controlled access for partners and customers. The perimeter was your line in the sand, where all your policies were set, and where your policy enforcement systems were located. Although it could be complex to manage this properly, this architecture was straightforward to understand and police. ------------------Cisco Promotion Points: Cisco Systems has about 350 partners with access through the perimeter. You can assume each partner has up to 350 partners of their own. Cisco had to move past the concept of the perimeter in order to secure its extranet.
  • However, the traditional network borders are disappearing. The way companies do enterprise computing and access information has changed, and will continue to change over the next five years. The two biggest architectural changes are mobility and cloud computing. A key driver behind mobility is the latest generation of smart phones, iPhones and handheld devices. These are internet-enabled, so they can access WebEx, Skype and YouTube. They may have VPN or other access into corporate applications. The mobile work force can now use laptops from home offices and coffee shops, as well as computers in airport kiosks. This is not just about email access – the mobile users and devices can now have the same capabilities as office systems. The browser and a vast number of powerful applets have radically expanded the things that can be accomplished remotely, and productivity is climbing. This productivity jump is a direct result of the connectivity and data sharing provided by the network. Yes, the device may have local data storage. Yes, there are security issues. But the huge increase in efficiency means that this genie is not going back in the bottle. More and more companies are spending time and energy around handheld computing. IT departments want to support new operating systems like Google Android, and are being asked to support platforms besides Windows. Cisco’s Borderless Network architecture provides security in this mobile, multi-platform, multi-vendor, multi-location environment. -------------------------------------------------------------------------------------------------------------------Cisco Promotion Points: Cisco helped build the internet backbone and corporate connectivity that makes data sharing possible.Microsoft is providing a new VPN technology in Windows, called Direct Access. While this competes against Cisco’s current and future VPN clients, Cisco supports Windows, Macs, BlackBerries, smart phones, iPhones and more, while Microsoft Direct Access supports Windows 7 only. Cisco shines in this heterogeneous environment.
  • The second big change is cloud computing. There are compelling reasons to move certain applications and services into the cloud. Cost savings and survivability are two main drivers, virtualization makes it easier to achieve and the network makes it transparent to users in any location. Typically the first wave of applications that we’ve seen move into the “cloud” included email. Email security is one of the apps that we’ve seen more of our customers, like you, having interest in.Another example is salesforce.com, a customer relationship management system. You can rent a Sun or Windows server for your own applications, and cut your management costs using Platform as a Service. Infrastructure as a Service could be a managed router environment, managed firewalls, or something else. These providers are specialists, and the savings from cloud computing can be substantial. But now you’ve got more users on more devices in more places in the network, and data residing in more places in the network. That’s a deadly combination for security. Consider what happens when your CFO uses a handheld to check your sales forecast at salesforce.com. That transaction, that connection never touches a firewall. It doesn’t touch a web proxy.
  • This is a diagram of the new, Borderless network environment we live in. Users, devices, cloud-based services and head-office resources are all accessible, but without traditional network perimeters. Cisco’s new architecture to secure this borderless network is able to restore the auditing, logging, access control, verification, malware policy and threat prevention. We’ve had to rethink how security is done, and how to accommodate this dramatic shift. We can help customers migrate to a protected network without borders, but this kind of security has to be “baked in” to the architecture and the products. Security as an afterthought is much less likely to restore the traditional levels of control. ----------------------------------------------------------------------------------Cisco Promotion Points: There is no single best practice for securing a Borderless Network – instead, Cisco’s new architecture is flexible and adaptable.
  • Cisco’s vision is around 4 pillarsFirst The borderless end zones – i.e. protecting the end user device from threats - whether it’s the smart phone, laptop, etc.Second is the Borderless Internet which is really the focus of this presentation. Central to this pillar is the cloud based as well as a unique “hybrid” deployment modelThe third pillar of the vision is the borderless data center where cisco’s vision is to provide security to the evolving data center. Aspects like inter-VM and intra-VM security are the areas where we are investigating.And finally the fourth pillar is that around policy. Our customers are telling us that regardless of the way information is accessed, they have to apply the same policies – whether it’s around access control, data security, acceptable use, etc.As you can see the cloud is the central to the strategy of Cisco’s SBN
  • Challenges in today’s IT are vast and diverse. IT budgets are flat or shrinking and these challenges are ever growing. This is driving the Enterprise toward hard requirements for firewall.These requirements include:A clear understanding of the threat environment which means a continuous update to software and security content to keep up with the latest threatsHigh performance platforms that are capable of keeping up with today’s traffic needs and allowing for growth as the threat environment evolvesFlexible deployment options to assure coverage of threats anywhere in the networkThat same flexibility of options applied to the new mobile teleworker and remote enviromentsSecurity applied to the latest voice and video communicationsAnd tying it all together with an operational model that make management effective and efficient
  • The CSIO piece that provides Cisco IronPort’s email security threat protection is Senderbase.It is the world’s first, largest and most thorough email & threat monitoring database. This chart illustrates some of the sources of senderbase information and the over 150 parameters we track in real time.- Global volume- Complaints, spamtraps- 3rd party blacklist and dynamic lists- Results of content filter scanning for spam and viruses- URLs with known risks of spamvertising, viruses, spyware- Website composition to look at suspicious payloads or known bad files- Domain registration information- Look at linking reputation of sites through hyperlinksBy having real time insight into this data we can see threats before anyone else in the industry and protect our customer base.Some of this information is available to the public at www.senderbase.org
  • At Cisco, we pioneered the whole conceptof reputation filtering that relied on the depth of email security data collected from a wide deployment sensor.However as the threat landscape has evolved, so have our techniques. The result is CSIO – Cisco Security Intelligence Operations – industry’s leading threat data base that gathers information from a wide variety of threat sources and converts them into dynamic rules to protect our customers in real time from new and evolving threats.The reason why CSIO is industry leading is because of the breadth and depth of threat information that we harness through it.By leveraging the rich security portfolio that Cisco has – comprised of both network security and content security offerings – we have effectively converted this broad deployment into – what we call sensors.These sensors send us anonymous threat data that gives us the vast visibility into the threat landscape. These sensors include web security sensors, email security sensors, IPS devices as well as firewall devices – providing threat information from various parts of the layers in the networking stack.To give you a sense of the breadth and depth of this sensor netwrok – we have visibility into 30% of the global email data base, we have more than 700,000+ devices on the network security side.
  • Lets shift gears from inbound email protection to outbound email controlCustomers today are faced with a number of different challenges Ensuring compliance with regulations like HIPAA, PCI, etcOr protecting trade secrets, confidential data, etcEmail is the primary vector of concern for organizations and hence it is important to discuss the variety of technologies that Cisco IronPort has for the email security infrastructure that help customers detect incidents and apply appropriate remediation to those incidents.That’s where the DLP and Encryption technologies from Cisco help. We are the industry’s first vendor that has a comprehensive DLP and Encryption solution available in the cloud only deployment model. This provides customers who’ve made the choice to move to the cloud a great solution to maintain regulatory compliance and adherence to company Acceptable Use Policies.The first step is one that allows customers to detect events.And on detecting events, the email security deployment can be configured to perform a number of different remediation options including encrypting the email, dropping the attachment, cc-ing to an HR/Legal inbox etc.
  • To explain how easy our secure messaging solution is, we will first show you how simple it is for the senders, then the receivers. The first is sending a message. The thing you want to convey here is that customers can instantly deploy PXE with a simple feature key, no additional management overhead. An email that is detected is as being required to have encryption would automatically be enrolled into the key management system, which is provided via Cisco registered envelope service hosted in the Cisco cloud. Then that message is pushed to the end-user and that end-user would retrieve the key from the Cisco registered envelope service and render that message in their browser. This provides for a host of center controls, because the fact that that message’s key is stored in host fashion. The sender can log-in to the registered envelope service and deal with tracking, secure, reply, recall and so on. And what makes this really powerful is the fact that we, meaning Cisco, never actually store that email message. All we are doing is storing the key, making it a high-performance, high-secure model for managing secure email.
  • HTTP is the New TCPOne can be reasonably sure that, no matter what the other firewall settings, Port 80 and Port 443 will be open. It’s the 24x7 path into and out of every enterprise.This is driven by business critical content and applications on the web. The secondary effect is that other applications, such as FTP, SOCKS, IM, P2P, and Video are also shifting to tunnel over HTTP to take advantage of the ubiquitous access.Result: HTTP now dominates at the enterprise edge, carrying numerous applications and types of information. In some cases, up to 90% of traffic traversing the enterprise edge is HTTP.This creates new security challenges for enterprise IT.ORFirst objective: establish the problem set and the concept of the Secure Web Gateway as the solution.Important to set this framework for the customer conversation: while we may not have the world’s best web proxy or the world’s best URL filtering, we do have the world’s best Secure Web Gateway. Establishing this framework helps qualify customer priorities vs our value prop, and helps position us for success relative to vendors focused on subsets of the problem space.Web has become the ubiquitous path into enterprises – and it’s overloaded with different applications and content that businesses want to handle differently.Saas applications like Saleforce and Netsuite; rich collaboration apps like WebEx; information discovery—researching prospects, learning about competitive products and market trends, or catching up on today’s news. The idea of locking down web access is unthinkable.And this has driven a second trend: taking advantage of that pipe in and out to tunnel apps over HTTP. A few years back, P2P apps like BitTorrent dominated Internet backbone traffic. Today that’s been replaced by HTTP-Video—the YouTube effect plus ubiquitous access. IM clients traversing the edge also tend to use HTTP more and more today, e.g. Yahoo releasing Yahoo Web Messenger. Legacy SOCKS applications transitioning to CONNECT.Result: HTTP now dominates at the enterprise edge, carrying numerous applications and types of information. In many ways, it has become the new TCP at the enterprise edge.
  • While the challenge has become multi-dimensional, the policy issues remain the same:There is a need to apply access controls to ensure the right people have access to the right parts of the network and applications.Acceptable Use controls for compliance and productivity, to ensure employees are using the web resources appropriately. Threat Protection to block all the bad stuff like malware, botnets, intrusions and spam from coming into the network.And finally data protection to ensure that confidential information is not getting out into the open or into wrong hands, either inadvertently or with a malicious intent.
  • Cisco IronPort Dynamic Vectoring and Streaming (DVS) engine
  • For maximum efficacy, a Secure Web Gateway needs to examine traffic at both the network layer and the application layer. Furthermore, a Web security appliance needs to combine signature based analysis as well as traffic based or "reputation" analysis to distinguish legitimate traffic from hostile spyware or malware. And it needs to deliver this without introducing any degradation in the end user browsing experience.The IronPort S-Series represents the next generation of Web technology, leveraging techniques developed for Web proxy caching but built from the ground up for security. Built on IronPort's proprietary AsyncOS operating system, the S-Series appliance offers extremely high performance scanning of Web content at both the network layer and the application layer using both signature and reputation based filtering. The IronPort S-Series Web Security Appliance is the industry’s first and only Web security appliance to combine traditional URL filtering, reputation filtering and multi-vendor anti-malware filtering on a single platform. This squarely addresses the growing challenges of both securing and controlling Web traffic while enjoying a low Total Cost of Ownership (TCO). Enterprise-class management and reporting tools deliver ease of administration, flexibility and control, and complete visibility into policy-related and threat-related activities.
  • Choice also takes the form of flexible deployment options leveraging the same market-leading email security technologyCustomers can now choose from hosted, hybrid hosted, managed appliances or self-managed appliances based on the form factor that they preferCisco can leverage our data center to host all or parts of the equipment, can out-task manage the devices on the customer premise, or divide the control between the cloud and customer premise.Regardless of the deployment option, customers retain co-managed access while maintaining a common policy, centralized reporting and consistent protection
  • Let’s look at the various deployment optionsFirst is dedicated hosted email securityHere the email security devices reside in the Cisco data center minimizing the customer’s data center requirementsThe dedicated nature of the service ensures that the customer’s sensitive data is not leaked and eliminates the “shared fate” risk of critical outagesThe customer can be assured of spam growth headroom with future capacity assurance. Meaning that Cisco will take the necessary steps to scale the infrastructure behind the seems to provide the highest level of service for the rated user count.DIAGRAM: In the diagram you can see that both the inbound and outbound filtering is done on the appliances hosted in the Cisco data center. After removing inbound spam and viruses, the clean email is passed to the customer.
  • Next, let’s look at the Hybrid Hosted email security offeringThis solution divides the control between the “cloud” and the customer premise. The inbound filtering is done in the Cisco cloud prior to the traffic entering the customer premise. Outbound control policies are applied on the customer premise where customers want to prevent the leakage of sensitive information or to encrypt the email traffic to ensure security and confidentialityNOTE: Emphasize what we are, best of both worlds. Scalability, consolidated reporting. First vendor to deliver – others make the claim but we are actually the first ones to pull it off.
  • And lastly, let’s look at managed email security which provides the highest level of out-taskingThe Cisco Remote Management Services provides vigilant 24x7 remote management and monitoring on behalf of the customerProvides a predictable cost model that the CFO will appreciate.Email continues to flow through the on-premise infrastructure where both inbound and outbound filtering is applied. Cisco RMS accesses the on-premise appliance via a VPN tunnel delivered by the dedicated VPN router
  • Road show chile 2010 v2

    1. 1. Security Roadshow<br />Chile, Diciembre 2010<br />
    2. 2. Agenda<br />Institucional Logicalis<br />Historia de la Seguridad de la Información<br />Esquemas de redes<br />Presentación Ironport<br />BestPractices<br />
    3. 3. Antonio Díaz<br />Engineering Manager / Chile<br />Institucional Logicalis<br />
    4. 4. Acerca del Grupo Logicalis<br />Proveedor global de soluciones y servicios integrados de Tecnologías de la Información y las Comunicaciones – TIC- con foco en Colaboración, Data Centers, Servicios gerenciados y profesionales.<br />Casa matrizen UK y operaciones en Europa, EstadosUnidos, América Latina y Asia Pacífico*.<br />Ventas mayores a 1.000 millones de dólares.<br />Más de 1.900 empleados en el mundo<br />Más de 6.500 clientes a nivel global: corporativos, de sector público y de telecomunicaciones.<br />Fuertes partnerships globales con empresaslíderes del mercadotecnológico. <br />* En diciembre de 2009 Logicalis completó la adquisición de NetStar, integrador de sistemas actuando en Taiwan, Hong Kong, Malasia, Australia y Singapur<br />
    5. 5. Grupo Logicalis – Presencia Internacional<br />5<br /> (1) Ingresos de PLLAL, joint venture entre el Grupo Logicalis y Promon S.A.<br /> (2) Representa 6 semanas de facturación en el FY2010 de Logicalis Group. <br />5<br />
    6. 6. Cobertura en América Latina Joint venture del grupo Logicalis y el grupobrasileñoPromon.<br />Brasil<br />San Pablo<br />Río de Janeiro<br />Brasilia<br />Perú<br />Lima<br />Paraguay<br />Asunción<br />Chile<br />Santiago<br />Uruguay<br />Montevideo<br />Argentina<br />Buenos Aires<br />Córdoba<br />Rosario<br />Oficinas con apertura en FY11<br />
    7. 7. Acerca de Logicalis Southern Cone<br /><ul><li>Operaciones en Argentina, Chile, Paraguay,</li></ul> Perú y Uruguay.<br /><ul><li>Más de 20 años de trayectoria en el mercado regional.
    8. 8. 12 años consecutivos como GoldPartner de Cisco.
    9. 9. Profesionales altamente capacitados y </li></ul> certificados anualmente<br /><ul><li>Alianzas estratégicas con empresas de</li></ul> tecnología líderes.<br />
    10. 10. Certificaciones y Reconocimientos en América Latina <br />Certificaciones Cisco - LATAM<br /><ul><li>Cisco Gold Partner desde 1998
    11. 11. Master UC Specialization
    12. 12. Cisco Authorized SP Video Partner
    13. 13. Cisco Learning Solution Partner
    14. 14. Advanced Data Center Networking Infrastructure
    15. 15. Advanced Data Center Storage Networking
    16. 16. Advanced Routing & Switching
    17. 17. Advanced Security
    18. 18. Advanced Unified Communications
    19. 19. Advanced Wireless LAN
    20. 20. ATP - Cisco TelePresence Satellite
    21. 21. ATP – Data Center Unified Computing Satellite
    22. 22. ATP - Outdoor Wireless Mesh Satellite
    23. 23. ATP – WiMAX Satellite
    24. 24. ATP - Customer Voice Portal
    25. 25. ATP - Unified Contact Center Enterprise
    26. 26. ATP - Video Surveillance
    27. 27. WebEx Commission Pilot Program
    28. 28. Managed Services Certified Partner Advanced
    29. 29. Authorized Managed Services White Label Producer</li></ul> Reconocimientos<br />2009<br /><ul><li>Global Technology Excellence Partner of the Year (Emerging Markets)
    30. 30. LATAM Technology Excellence Partner of the Year – Virtualisation
    31. 31. LATAM Enterprise Partner of the Year
    32. 32. Brasil Technology Excellence Partner of the Year Virtualisation
    33. 33. Brasil Service Provider Partner of the Year
    34. 34. Southern Cone Enterprise Partner of the Year</li></ul>2008<br /><ul><li>Cisco Enterprise Partner of the Year (S.A.S.)</li></ul>ATP: Authorized Technology Provider<br />ATP: Authorized Technology Provider (Proveedor autorizado para integrar esas soluciones)<br />
    35. 35. Nuestros Partners<br />
    36. 36. Visión y Posicionamiento<br />Business and Technology Working as One<br />PERSONAS<br />PROCESOS<br />INFORMACIÓN<br />Aportar<br />visión de negocios<br />al proceso de toma de decisiones <br />en el ámbito tecnológico<br />
    37. 37. Proceso con los clientes<br />- Entendimiento de la demanda<br /><ul><li> Visión consultiva tecnológica
    38. 38. Visión consultiva del negocio
    39. 39. Mantenimiento 24x7
    40. 40. Monitoreo
    41. 41. Resolución de incidentes
    42. 42. Elaboración de arquitectura tecnológica y diseño de soluciones</li></ul>- Ingeniería, Especificación técnica<br /><ul><li> Operación asistida: on site o remota
    43. 43. Full operation
    44. 44. Knowledge transfer
    45. 45. Training
    46. 46. Servicios profesionales y técnicos
    47. 47. Integración e implementación de soluciones</li></ul>- Project management<br />
    48. 48. Nuestras Soluciones y Servicios<br />El portfolio de Logicalis tiene como fin ayudar a nuestros clientes a utilizar la tecnología para acompañar y conducir sus procesos estratégico de negocio, a través de skills avanzados, productos líderes y experiencia comprobada. <br />BUSINESS & TECHNOLOGY CONSULTING<br />Access and Transport Technologies<br />Information Security<br />Networks & <br />Systems Management<br />Networking<br />IT<br />COMMUNICATIONS<br />Collaboration, Voice and Video<br />Data Centers<br />ADVANCED SERVICES<br />Managed Services, Training, Operations and Maintenance<br />
    49. 49. Re-CERTIFIED <br />2010<br />Portfolio de Soluciones Communications<br /><ul><li>Collaboration, Voice & Video</li></ul>Soluciones de colaboración empresarial integradas con herramientas de video, incluyendo video conferencia de alta definición, comunicaciones unificadas, DMS, video vigilancia y otras aplicaciones.<br /><ul><li>Networking</li></ul>Soluciones para Enterprise, Sector Público y Service Providers, incluyendo LAN, WAN, Metro/Carrier Ethernet y Backbones IP y redes MPLS de alta performance.<br /><ul><li>Access & Transport Technologies</li></ul>Tecnologías de acceso y transporte broadband y ultrabroadband cableado o wireless(incluyendo xDSL, FTTx, PON, WiMAX, DWDM, entre otros)principalmente enfocadas en el mercado de infraestructura de Service Providers<br />
    50. 50. Portfolio de Soluciones IT<br /><ul><li> Information Security</li></ul>Herramientas de protección contra todo tipo de amenazas a la integridad de los datos corporativos, incluyendofirewalls, IPS/IDS, plataformas SIM, protección de DNS y soluciones de autenticación fuerte. <br /><ul><li> NSM (Networks & Systems Management)</li></ul>Plataformas de gestión para Enterprise y Carriers, para red y entorno de infraestructura IT completamente virtualizados, incluyendoCapacity Planning, Inventario, Gestión de Fallas, Soluciones de Performance y Billing/ Mediation.<br /><ul><li> Data Centers</li></ul>Soluciones enfocadas en un mejor uso de recursos y una mayor performance, en línea con los conceptos de Green IT y Cloud Computing. Incluyen servidores, herramientas de virtualización, sistemas de almacenamiento, energía y soluciones de infraestructura.<br />
    51. 51. Portfolio de Servicios <br /><ul><li>Business & Technology Consulting </li></ul>Asesoramiento respecto al impacto de la adopción de tecnología sobre el negocio, basado en modelos y metodologías de referencia estándares de la industria, comoITIL, eTOM, PMBoK.<br /><ul><li>Advanced Services</li></ul>Servicios gerenciados, outsourcing, operaciones on-site y remotas, capacitación; agregando valor a las organizaciones al permitir que se focalicen en su negocio.<br />
    52. 52. Principales Clientes en la Región<br /><ul><li>ItaipuBinacional (Brasil, Paraguay)
    53. 53. Ambev (Argentina, Bolivia, Paraguay)
    54. 54. Cargill (Argentina, Paraguay)
    55. 55. Banco Santander (Argentina, Uruguay, Brazil, Chile)
    56. 56. Red Clara (Argentina, Chile, Peru, Mexico, Brazil, Panama)
    57. 57. British Petroleum (Argentina)
    58. 58. Chevron (Argentina)
    59. 59. Ford Motors (Argentina, Chile)
    60. 60. General Electric (Argentina)
    61. 61. Tata Consultancy (Argentina)
    62. 62. Citibank (Argentina, Chile, Paraguay, Perú)
    63. 63. BHP (Chile)
    64. 64. Shell (Chile, Centro America , El salvador, Guatemala, Mexico, Honduras)
    65. 65. Endesa (Chilectra)
    66. 66. Asea Brown Boveri (ABB)
    67. 67. CelulosaArauco
    68. 68. Repsol YPF (Argentina, Peru, Brasil, Chile, Ecuador, Venezuela, Trinidad y Tobago, USA, Canadá)
    69. 69. General Motors (Argentina, Brasil)
    70. 70. Claro (Argentina, Brasil, Chile, Paraguay)
    71. 71. PetrobrasEnergía (Argentina, Brasil, Paraguay, Uruguay, Peru)
    72. 72. Telmex (Argentina, Brasil, Chile)
    73. 73. Telefónica (Argentina, Brasil, Chile, Uruguay, Peru)
    74. 74. HSBC (Argentina, Paraguay, Chile, Peru)
    75. 75. BancoSupervielle (Argentina)
    76. 76. BancoItaú (Argentina, Brasil, Paraguay, Uruguay)
    77. 77. British American Tobacco (Chile)
    78. 78. ArcelorMittal (Argentina)
    79. 79. Oracle (Argentina, Chile)
    80. 80. FIAT (Brasil, Argentina)
    81. 81. Suez Energy Andino
    82. 82. Quintec</li></li></ul><li>Historia de la Seguridad de la información<br />Hugo Stupenengo<br />Solutions Development Manager Security<br />Southern Cone<br />
    83. 83. Antes de ARPANET: Computadores previos a 1969<br /><ul><li> Su seguridad era únicamente física
    84. 84. Cerrando con llave donde se encontraba la computadora alcanzaba para brindarle seguridad
    85. 85. Los sistemas eran altamente complejos de operar
    86. 86. Comenzaron a producirse en 1946
    87. 87. En 1961 se instaló la primer computadora en Chile, un IBM 1401 para el servicio de Aduanas de Valparaiso</li></ul>18<br />
    88. 88. ARPANET: sus comienzos en 1969<br /><ul><li>Fue diseñada para conectar la red de defensa de Estados Unidos
    89. 89. Inicialmente conecto a las universidades de Stanford, Utah, UC Los Angeles y UC Santa Barbara (4 nodos)
    90. 90. En 1981 tenía 213 nodos
    91. 91. Con estas primeras conexiones, surgió la necesidad de controlar las mismas. Por ello se comenzó a utilizar un equipo llamado Firewall </li></li></ul><li>Los 90’s. Inicio de las conexiones remotas<br />20<br /><ul><li>Se comenzó con las conexiones Dial-Up
    92. 92. Se comenzó a compartir información desde una computadora a otra
    93. 93. Cambio nuevamente la problemática de la seguridad
    94. 94. Se comenzaron a usar VPN o Redes Privadas Virtuales
    95. 95. Se comenzaron a usar Concentradores de VPNs
    96. 96. Se continúan usando los Firewalls para controlar las conexiones </li></li></ul><li>Año 2000<br />21<br /><ul><li>En la década del 2000 se vio como se incrementa el tráfico. Comenzaron los servicios de banda ancha
    97. 97. También cambian los tipos de servicios que se quieren ofrecer por Internet
    98. 98. Cambian los vectores por los que se reciben los ataques
    99. 99. Cambia nuevamente la forma en que debemos defendernos
    100. 100. Comenzamos con la inspección de los contenidos y no solamente las conexiones</li></li></ul><li>22<br />Resumen de los cambios ocurridos<br />
    101. 101. 23<br />Seguridad de la Información<br />¿Qué se debe garantizar?<br />1.- Confiabilidad<br />Se garantiza que la información es accesible sólo a aquellas personas autorizadas.<br />2.- Integridad<br />Se salvaguarda la exactitud y totalidad de la información y los métodos de procesamiento y transmisión.<br />3.- Disponibilidad<br />Se garantiza que los usuarios autorizados tienen acceso a la información y a los recursos relacionados toda vez que lo requieran.<br />
    102. 102. Que cambio en estos años?<br /><ul><li>Ingreso de las redes Sociales
    103. 103. Conectividad aumentada con nuevos equipos que se conectan a las redes
    104. 104. Virtualización de los servicios en la nube (SaaS)</li></ul>24<br />
    105. 105. Uso de redes sociales en el trabajo<br /><ul><li>Las redes sociales llegaron para quedarse
    106. 106. Muchas empresas las usan para mejorar su funcionamiento
    107. 107. La llamada generación Y usa este tipo de servicios por sobre el email
    108. 108. Si una empresa decide restringir su uso, los empleados siempre encuentran la manera de acceder
    109. 109. Pero esto trae aparejado un nuevo problema de seguridad</li></ul>25<br />
    110. 110. 26<br />Existen peligros nuevos?<br />
    111. 111. Estadísticas<br />
    112. 112. Datos interesantes <br />28<br /><ul><li>En los Estados Unidos, durante el 2009 se perdieron casi el doble (560 millones de dólares, frente a los 265 del año 2008) de dinero que el año anterior
    113. 113. En Rusia, se usan las redes sociales como un mercado on-line de compra y venta de números de tarjetas de crédito
    114. 114. En el 2007 había un dispositivo conectado cada 10 personas. En 2010 hay 5 dispositivos conectados por persona en el mundo
    115. 115. El ataque de DDoS creció un casi un 23% desde el año pasado</li></ul>Fuente: IC3 2009 Annual Report on Internet Crime Released<br />Cisco 2010 Midyear Security Report <br />
    116. 116. Crecimiento del Spam<br />29<br /><ul><li>El Spam va a crecer un 30% por sobre los valores de2009
    117. 117. Ahora los ataques usan múltiples vectores, siendo el Spam uno de ellos</li></li></ul><li>Mayores ataques de los últimos 12 meses<br /><ul><li>En este ultimo año, se han homogeneizado las cantidades de los reportes, siendo más numerosos los ataques mayores a 1 Gbps</li></li></ul><li>Mayores problemas esperados los próximos 12 meses<br /><ul><li>Con referencia a los informes del año pasado, las botnets no serán el mayor problema, pasando a ser el mismo los ataques de DDoS a vínculos o servicios
    118. 118. Se cree que los ataques de envenamiento de DNS van a caer debido a las medidas tomadas por los ISPs</li></li></ul><li>Vectores de ataque de los últimos 12 meses<br />
    119. 119. Cantidad de ataques por mes<br />
    120. 120. Métodos de detección de ataques<br /><ul><li>El principal método de detección sigue siendo el uso de herramientas basadas en flujos
    121. 121. Increíblemente el siguiente método es la llamada de los clientes
    122. 122. Luego el resto de los métodos</li></li></ul><li>Esquemas de Redes<br />
    123. 123. Internet<br />Esquema general de una red hace 10 años<br />
    124. 124. 37<br />Esquema de una gran empresa<br />
    125. 125. Arbor Networks<br />
    126. 126. Arbor Networks<br />39<br /><ul><li> El foco principal de Arbor es la provisión de productos que brindan servicios seguros sobre redes globales. Sus soluciones de visibilidad y seguridad son consideradas “best-in-class”.
    127. 127. Arbor comercializa básicamente dos líneas de productos:
    128. 128. Arbor Peakflow
    129. 129. Arbor Ellacoya e-Series
    130. 130. Arbor Peakflow: esta línea de productos permite tener una visibilidad y seguridad de cualquier red global IP, basada en 3 fuentes de datos: X-flow, BGP, y SNMP. Permite brindar servicios de Clean Pipes a los ISP.
    131. 131. Su uso es principalmente para ISPs o grandes empresas donde es importante la visibilidad y defensa de la red, siendo la misma de grandes proporciones.
    132. 132. Arbor Ellacoya e-Series: son equipos para visibilidad a capa 7, permitiendo además, controlar los flujos que circulan por la red, controlando (restringiendo o anulando) el ancho de banda utilizado por los clientes.
    133. 133. Su uso es mayoritariamente para ISPs donde se desea controlar el ancho de banda por aplicación.</li></li></ul><li>Nominum<br />
    134. 134. Nominum<br /><ul><li>Empresa líder en el mercado brindando servicios de DNS.
    135. 135. Provee un sistema de protección de la red del ISP, eliminando amenazas salientes de Botnets.
    136. 136. Protege a los usuarios del ISP contra el uso de sus PCs por parte de botnets.
    137. 137. Provee una plataforma escalable que soporta los ataques de DNS, con una muy alta disponibilidad.
    138. 138. Elimina una gran parte del SPAM saliente desde la red del ISP.
    139. 139. Provee un filtrado de URLs completas para prevenir el uso de páginas infectadas por parte de los usuarios finales.</li></ul>41<br />
    140. 140. Presentación Ironport<br />Gerardo Buhler<br />Systems Engineer / Chile<br />CCSP<br />
    141. 141. Cisco IronportProducts<br />
    142. 142. FronteraConvencional<br />Policy<br />Corporate Border<br />Applications and Data<br />Corporate Office<br />Branch Office<br />Attackers<br />Customers<br />Partners<br />
    143. 143. Disolución de lasfronteras<br />Policy<br />Corporate Border<br />Applications and Data<br />Corporate Office<br />Branch Office<br />Home Office<br />Airport<br />Attackers<br />Mobile User<br />Coffee Shop<br />Customers<br />Partners<br />
    144. 144. Cloud Computing esta “disolviendo”la fronterade la corporación<br />Policy<br />Corporate Border<br />Applications and Data<br />X<br />as a Service<br />Software<br />as a Service<br />Infrastructure<br />as a Service<br />Corporate Office<br />Platform<br />as a Service<br />Branch Office<br />Home Office<br />Airport<br />Attackers<br />Mobile User<br />Coffee Shop<br />Customers<br />Partners<br />
    145. 145. La nueva red: sin fronteras<br />Policy<br />Corporate Border<br />Applications and Data<br />X<br />as a Service<br />Software<br />as a Service<br />Infrastructure<br />as a Service<br />Corporate Office<br />Platform<br />as a Service<br />Branch Office<br />Home Office<br />Airport<br />Attackers<br />Mobile User<br />Coffee Shop<br />Customers<br />Partners<br />
    146. 146. Policy (Access Control, Acceptable Use, Malware, Data Security)<br />4<br />Policy<br />Corporate Border<br />Applications and Data<br />X<br />as a Service<br />Software<br />as a Service<br />Infrastructure<br />as a Service<br />Corporate Office<br />Platform<br />as a Service<br />Branch Office<br />1<br />2<br />3<br />Home Office<br />Airport<br />Attackers<br />Mobile User<br />Coffee Shop<br />Customers<br />BorderlessEnd Zones<br />BorderlessInternet<br />BorderlessData Center<br />Partners<br />Arquitectura para una seguridad sin fronteras<br />
    147. 147. El desafiohoyesEquilibrarfuerzas….<br />Globalization<br />Threats<br />Mobility<br />Enterprise SaaS<br />Acceptable Use<br />Collaboration<br />Data Loss<br />
    148. 148. Cisco Security Products OverviewComprehensive Security, Flexible Delivery<br />Network Level<br />Application Level<br />Data Center / Campus<br />FWSM<br />ASA 5500<br />Network Admission Control<br />IPS 4200<br />Cisco Security Intelligence Operations<br />Corporate HQ<br />Cisco IronPort S-Series<br />Cisco IronPort C-Series<br />ASA 5500<br />IPS 4200<br />Branch Office<br />Centralized<br />Management<br />Cisco IronPort S-Series<br />ISR<br />ASA 5500<br />Teleworker<br />Cisco AnyConnect VPN Client<br />Clientless Network Access<br />
    149. 149. Cisco IronPort Gateway Security Products<br />Internet<br />Internet<br />IronPortSenderBase<br />BLOCK Incoming Threats<br />APPLICATION-SPECIFIC<br />SECURITY GATEWAYS<br />EMAIL<br />Security Appliance<br />WEB<br />Security Appliance<br />ENCRYPTION<br />Appliance<br />CENTRALIZE Administration<br />PROTECT Corporate Assets<br />Data Loss Prevention<br />Security MANAGEMENT Appliance<br />CLIENTS<br />Web Security | Email Security | Security Management | Encryption<br />
    150. 150. Cisco IronPort Email Security Appliances<br />
    151. 151. Top Exploits Email Security<br />Spam (+85% del tráficomundial de correo)<br />Viruses<br />False-positives<br />Denial-of-Service (DoS) Attacks<br />Misdirected bounces (Ataques de Rebotes)<br />Impersonation scams (Phishing)<br />Bot-Net Networks<br />
    152. 152. IronPortConsolida la seguridad y arquitectura de la plataforma de Correo<br />Antes de IronPort<br />Despues de IronPort<br />Internet<br />Internet<br />Firewall<br />Firewall<br />MTAs<br />Anti-Spam<br />Anti-Virus<br />Policy Management<br />Mail Routing<br />IronPort Email Security Appliance<br />Groupware<br />Groupware<br />Users<br />Users<br />
    153. 153. IronPort C Series - Features<br /><ul><li>MTA (Mail Transfer Agent) propietario, sistema operativo AsyncOS
    154. 154. Antispam
    155. 155. Antivirus
    156. 156. Filtro de epidemia de Virus (protección preventiva antivirus)
    157. 157. ReputationFilters (protección preventiva antispam)
    158. 158. Encripción
    159. 159. DLP – RSA integrado en el sistema operativo</li></li></ul><li>Plataforma<br /><ul><li>Plataforma modular
    160. 160. Inspección de tráfico módulo x módulo
    161. 161. Activación de los módulos basada en políticas, configurados por usuario, dominio, IP o grupo.
    162. 162. Autenticación y políticas integradas con AD, LDAP y RADIUS.
    163. 163. Protección contra Email Marketing
    164. 164. IntelligentMultiscan (doble motor Antispam para outboundtraffic)</li></li></ul><li>Arquitectura Email SecurityInbound Security, Outbound Control<br />SpamDefense<br />VirusDefense<br />INBOUND SECURITY<br />CISCO IRONPORT ASYNCOS™ EMAIL PLATFORM<br />Management<br />Secure Messaging<br />Data Loss Prevention<br />OUTBOUND CONTROL<br />
    165. 165. SenderBaseEmail Reputation Database<br />DomainBlacklist & Safelists<br />Message CompositionData<br />Other Data<br />Global VolumeData<br />Spam Traps<br />ComplaintReports<br />IP Blacklists & Whitelists<br />Compromised Host Lists<br />Web Site CompositionData<br />IP Reputation Score<br />- 10<br />+10<br />0<br />
    166. 166. Cisco Security Intelligence Operations (CSIO)Protección en tiempo real<br />FirewallSensor<br />WebSensor<br />WebSensor<br />FirewallSensor<br />EmailSensor<br />EmailSensor<br />IPSSensor<br />WebSensor<br />IPSSensor<br />EmailSensor<br />EmailSensor<br />IPSSensor<br />Cisco SecurityIntelligence Operations<br />Network Security<br /><ul><li>IPS devices
    167. 167. Firewalls (700,000+ devices)</li></ul>Content Security<br /><ul><li>30% global email
    168. 168. 3B daily web requests</li></ul>Email Security Solutions<br />Web Security Solutions<br />Firewalls<br />IPS Devices<br />
    169. 169. ArquitecturaAntispam<br />Multi-layer Spam Defense<br />SenderbaseReputation Filtering<br />IronPortAnti-Spam<br />Who?<br />How?<br />Score<br />What?<br />Where?<br />>99% Catch Rate<br />< 1 in 1 mil False Positives<br />Block 90%of Spam<br />
    170. 170. Arquitectura Antivirus<br />Multi-layer Virus Defense<br />Virus Outbreak Filters<br />Anti-Virus<br />T = 5 mins<br />-zip (exe) files-Size 50 to55 KB<br />T = 0<br />-zip (exe) files<br />T = 15 mins<br />-zip (exe) files<br />-Size 50 to 55KB<br />-“Price” in the filename<br />
    171. 171. Control correosaliente<br />Corporate Policies<br />DLP<br />HIPAA<br />HIPAA<br />PCI<br />SB-1386<br />Encryption<br />Trade Secrets<br />DroppedAttachment<br />Detection<br />Remediation<br />HR/LegalReview<br />Encryption<br />Company Reputation<br />SMTP<br />PCI<br />Security Enforcement Array<br />
    172. 172. CorreoSeguroFácil de utilizarpara el remitente<br />2<br />1<br />1<br />Message isEncrypted & Pushed to Recipient<br />3<br />TLS<br />User OpensSecured Messagein Browser<br />Key is Stored<br />User Authenticates and Receives Message Key<br />Automated key management<br />No desktop software requirements<br />No new hardware required<br />Decrypted Message Is displayed<br />
    173. 173. CorreoSeguroFácil de utilizarparadestinatario<br />1<br />2<br />3<br />Open Attachment<br />Enter Password<br />Send to Anyone<br />no Certificates<br />no Plug-Ins<br />View Message<br />
    174. 174. Visibilidad y ControlFacilpara el Administrador<br />Guaranteed Read Receipt<br />Guaranteed Recall<br />
    175. 175. Comprehensive Email Management<br /><ul><li>Configure Anti-Spam, Anti-Virus, Content Filters, Preventive AV, Encryption and DLP all in one user interface</li></li></ul><li>Modelos y sizing<br /><ul><li>C170 – hasta 1000 users.
    176. 176. C370 – hasta 5000 users.
    177. 177. C670 – mas de 5000 y hasta 10000 o mas usuarios.
    178. 178. Licenciamiento por cantidad de usuarios.
    179. 179. No se vende sin soporte.
    180. 180. No se vende el software sin el appliance.
    181. 181. No corre en VMWare. </li></li></ul><li>Performance<br /><ul><li>Soporta hasta 10.000 conexiones concurrentes
    182. 182. Mas de 250.000 mail/hora (C670) como MTA puro
    183. 183. Aproximadamente 110.000 mail hora con todos los servicios activos.
    184. 184. Mas del 80% del trafico spam es bloqueado en el borde sin entrar a la red del cliente
    185. 185. Soporta 2 engines AS (IPAS y Cloudmark)
    186. 186. Soporta 2 engines AV (Sophos y McAfee)</li></li></ul><li>Licencias & Servicios<br /><ul><li>MTA y sistema operativo
    187. 187. ReputationFilters
    188. 188. Antispam
    189. 189. Antivirus
    190. 190. Filtro epidemia de virus (VOF)
    191. 191. Encripción
    192. 192. Modulo DLP</li></li></ul><li>Cisco IronPort Web Security Appliances<br />
    193. 193. Web<br />HTTP es el nuevoTCP<br />RPC<br />FTP<br /><ul><li>Crecimiento en el mundo de los negocios</li></ul>IM<br /><ul><li>Crecimiento en aplicaciones “tunelizadas”</li></ul>Video<br /><ul><li>Proliferacion de redessociales</li></ul>SOAP<br />
    194. 194. Desafios de la WEB<br />Recursos e informacioncasiilimitados, pero no hay privacidad o seguridadgarantizada<br />Acceptable Use Violations<br />Data <br />Loss<br />Malware<br />Infections<br />Challenges<br />
    195. 195. 20% del trafico es “facil de clasificar”<br />Trafico predecible,<br />Dominios conocidos<br />80% del trafico es “dificil de clasificar”<br />110M sitios, creciendo 40% anualmente<br />Mezcla de sitios legitimos, spyware y malware<br />Traffic Volume<br />Big Head<br />Long Tail<br /># of Sites<br />Web Traffic<br />
    196. 196. Cisco IronPort S-SeriesNext Generation Secure Web Gateway<br />Cisco IronPort Web Usage Controls<br /><ul><li>Industry-leading visibility and protection
    197. 197. Real-Time Dynamic Content Analysis for the Dark Web</li></ul>Cisco IronPort Web Reputation Filters<br /><ul><li>Proactive protection against emerging threats
    198. 198. Blocks 70% of malware traffic at the connection level</li></ul>Data Security<br /><ul><li>Integrated data security for easy enforcement of common sense policies
    199. 199. Integration with external products for advanced DLP</li></ul>Cisco IronPort S-Series<br />Cisco IronPort DVS Anti-Malware Engine<br /><ul><li>Blocks malware based on deep content analysis
    200. 200. Multiple anti-malware and anti-virus technologies running in parallel</li></li></ul><li>Next Generation Secure Web Gateway<br />Before IronPort<br />Internet<br />Firewall<br />Web Proxy & Caching<br />Anti-Spyware<br />Anti-Virus<br />Anti-Phishing<br />URL Filtering<br />Policy Management<br />Users<br />After IronPort<br />Internet<br />Firewall<br />IronPort S-Series<br />Users<br />
    201. 201. Cisco IronPort S-SeriesA Powerful, Secure Web Gateway Solution<br />Most effective defense against web-based malware<br />Visibility and control for acceptable use and data loss<br />High performance to ensure best end-user experience<br />Integrated solution offering optimum TCO<br />Management and Reporting<br />Acceptable Use Policy<br />Malware Defense<br />Data Security<br />AsyncOS for Web<br />
    202. 202. IronPort S Series - Features <br /><ul><li>Proxy (HTTP,HTTPS, FTP) y Web Cache
    203. 203. Monitor de L4 (Analisis de los 65535 TCPports )
    204. 204. Inspección de trafico HTTPs
    205. 205. Cisco IronPort Web UsageControls (URLFilter)
    206. 206. Web Reputation
    207. 207. Anti-Malware
    208. 208. Applications Control</li></ul>Softwareas a Service<br />Tunneled Applications<br />Collaboration<br />ftp://ftp.funet.fi/pub/<br />
    209. 209. Integrated L4 Traffic MonitorComprehensive Controls<br />Scans all 65,535 ports at wire speed<br />Supports “monitor only” or “monitor & block” modes<br />Ability to exempt sources and/or destinations<br />Automated updates<br /><ul><li>Internet</li></ul>X<br />X<br />Firewall<br />Port 80<br />IronPort S-Series<br />PROXY<br />L4 TRAFFICMONITOR<br />X<br />X<br />
    210. 210. Web Proxy & L4 Traffic Monitor<br />T1 & T2 used for L4TM<br />P1/M1 used for Web Proxy<br />Web Proxy Deployment Options<br />L4 Traffic Monitor Deployment Options<br />Explicit Forward<br />Span Port off a Switch<br />Transparent off an L4 Switch<br />Simplex Tap<br />Transparent off a WCCP Router<br />Duplex Tap<br />
    211. 211. Intelligent Scanning<br />Known good sites aren’t scanned<br />ANTI-MALWARE<br />SYSTEM<br />IRONPORT<br />WEB REPUTATION<br />FILTERS<br />DECRYPTION<br />ENGINE<br />Unknown sites are scanned by one or more engines<br />Requested<br />URLs<br />Known bad sitesare blocked<br />IronPort Web Reputation technology determines need for scanning by<br />- IronPort Anti-Malware System<br />- Decryption Engine<br />
    212. 212. Cisco IronPort Web Usage Controls A Spotlight for the Dark Web<br />Industry-leading URL database efficacy<br /><ul><li> 65 categories
    213. 213. Updated every 5 minutes
    214. 214. Powered by Cisco SIO</li></ul>Real-time Dynamic Content Analysis Engine accurately identifies over 90% of Dark Web content in commonly blocked categories<br />URL Lookup in Database<br />Gambling<br />www.sportsbook.com/<br />URL Database<br />Uncategorized<br />URL Keyword Analysis<br />Gambling<br />www.casinoonthe.net/<br />Real-time Dynamic Content Analysis<br />Uncategorized<br />Dynamic Content Analysis Engine<br />Gambling<br />Analyze Site Content<br />
    215. 215. Cisco IronPort Web Security Appliances on Customer Premises<br />Security Intelligence Operations (SIO)Unmatched Visibility Drives Unparalleled Efficacy<br />Updates published every 5 minutes<br />Customer Administrators<br />Uncategorized URLs<br />URL Categorization Requests<br />Cisco SIO<br />Analysis and Processing<br />Master URL Database<br />External Feeds<br />Crawler Targeting<br />Traffic Data from Cisco IronPort Email Security Appliances, Cisco IPS, and Cisco ASA sensors<br />Crowd Sourcing<br />Manual Categorization<br />Web Crawlers<br />
    216. 216. Industry-leading AccuracyWith Multiple Verdict Engines<br />Sophos<br />WEBROOT &SOPHOS<br />Best-of-breed signatures - Webroot & Sophos<br />Broad coverage - Addresses full range of threats<br />Complete signature set - URLs, domains, CLSIDs, binaries, checksums, user agents and more<br />
    217. 217. Modelos y sizing<br /><ul><li>S170 – hasta 1000 users.
    218. 218. S370 – hasta 5000 users.
    219. 219. S670 – hasta 10000 o mas usuarios.
    220. 220. Licenciamiento por cantidad de usuarios.
    221. 221. No se vende sin soporte.
    222. 222. No se vende el software sin el appliance.
    223. 223. No corre en VMWare</li></li></ul><li>Performance<br /><ul><li>Soporta hasta 100.000 sesiones simultaneas
    224. 224. 1900 a 2100 requestsseg. (aprox. 7M/hora)
    225. 225. 100 a 200 Mbps de throughput (depende de los módulos activos)
    226. 226. No in-line: baja latencia 5 a 15 ms
    227. 227. Un solo S670 es capaz de soportar 10k o 20k users.</li></li></ul><li>Licencias & Servicios<br /><ul><li>Proxy (HTTP, HTTPS, FTP) y Web Cache
    228. 228. Monitor de L4
    229. 229. Inspección de trafico HTTPS
    230. 230. Web usageControls (URLFilter)
    231. 231. Web Reputation
    232. 232. Anti-Malware</li></ul>SophosAntiMalware<br />WebrootAntiMalware<br />
    233. 233. Cisco IronPort Security Services<br />
    234. 234. Cisco IronPort Email Security Services<br />Cisco IronPort Hosted Email Security (No LDAP, No DLP)<br />Cisco IronPort Hybrid Hosted Email Security (SaaS, LDAP y DLP)<br />Cisco IronPort Managed Email Security (Managment delegado, mayor escalabilidad)<br />
    235. 235. Opciones de Deployment FlexiblesPero el mismo lider del mercado en Email Security<br />Cisco Security Operations Center<br />En la “nube”<br />(Cisco Datacenters)<br />Customer Premise Equipment (CPE)<br />Hybrid<br />Hosted Email Security<br />Hybrid<br />Hosted Email Security<br />Managed Email Security<br />Hosted Email Security (SaaS)<br />CUSTOMERPREMISE<br />PoliticasUnificadas| Reporting Centralizado| ProteccionConsistente<br />
    236. 236. Hosting dedicado - Email SecuritySolucion dedicada, reduccion de costos y rapido deployment<br />Seguridad de Email en la “nube”, reduce la posibilidad de unafacilidentificacion<br />Soluciondedicadaelimina los riesgos de contaminacionpor “compartirrecursos”<br />Infraestructuraadministradaaseguracapacidadsi hay crecimiento de spam<br />EliminaSpam & Malware<br />Cisco <br />Data Centers<br />1<br />Email “limpio”<br />2<br />Outbound<br />Customer<br />
    237. 237. Hosting Hibrido - Email SecurityMaxima Flexibilidad asegura un diseño optimo<br />Diseñohibridopermite el control dividido, en la nube y en “casa del cliente”<br />CPE- en el clientepermite el control avanzado con encripcion y soportepara DLP.<br />EliminaSpam & Malware<br />Cisco <br />Data Centers<br />1<br />Email “limpio”<br />2<br />DLP& politicas de encripcion<br />3<br />Outbound<br />Cliente<br />
    238. 238. Managed Email SecuritySeguridad de correo “TOTAL” en manos de expertos<br />Managed email provee la maxima reduccion de tareas y control<br />La arquitectura del serviciopermiteaplicaciones del ladocliente o “en casa”<br />Cisco SOC ofrece 24/7 management y monitoreoremoto<br />Cisco Security Operations Center (SOC)<br /> Administracion<br />Segurizada<br />VPN Tunnel<br />Cliente<br />Email <br />
    239. 239. Preguntas?<br />
    240. 240. BestPractices<br />
    241. 241. Tips para tener en cuenta<br /><ul><li> Como concepto general, la seguridad de la red debe evolucionar continuamente. Un modelo practico para ello es el de PPDIOO. (Preparar, Planear, Diseñar, Implementar, Operar, y Optimizar)
    242. 242. La seguridad debe evolucionar, como también lo hace todo el resto de la red, y en paralelo a esa evolución
    243. 243. La educación de los usuarios es fundamental para el éxito de la seguridad
    244. 244. Si se toman medidas bloqueando todos los accesos, los usuarios buscaran nuevas formas de acceder a Internet, lo cual es aun más riesgoso
    245. 245. Hay que tener en cuenta no solamente que pasa en la red, sino también en los equipos de los usuarios</li></li></ul><li>Items a considerar<br /><ul><li> Tener políticas de seguridad definidas
    246. 246. Entrenar y concientizar a todos los usuarios
    247. 247. Testear permanentemente la red
    248. 248. Encriptar toda la información, no solamente en los Data Centers, sino también en los EndPoints
    249. 249. Controlar todos los accesos a la red
    250. 250. Probar los procedimientos de recuperación periódicamente</li></li></ul><li>Muchas Gracias<br />

    ×