Successfully reported this slideshow.
Securing the Next Generation Network and
Data Centre – Now and into the Future –
Vision, Roadmap, and Execution
B-EN-01-B
...
Cisco and/or its affiliates. All rights reserved.Session FAQ Forum Cisco Public
House Keeping Notes – Wednesday April 16, ...
Cisco and/or its affiliates. All rights reserved.Session FAQ Forum Cisco Public
Complete Your Paper Session Evaluation – W...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Recent Events Have Eroded Trust
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
"We can trust the NSA
because without a doub...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
The Industrialization of Hacking
20001990 19...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Any Device to Any Cloud
Public Cloud Private...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
The Security Problem
Changing
Business Model...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Comprehensive Security Portfolio
IPS & NGIP...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
The New Security Model
BEFORE
Discover
Enfo...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Network-Integrated,
Broad Sensor Base,
Cont...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Visibility-Driven
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Need Both Breadth and Depth
Network Endpoin...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Cisco Fabric Provides Pervasive Visibility
...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
?
Threat-Focused
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Detect, Understand, and Stop Threats
?
Coll...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Continuous Advanced Threat Protection
ISE +...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Today’s Security Appliances
WWW
Context-
Aw...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Management
Security
Services and
Applicatio...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
The Security Perimeter in the Cloud
The
Dis...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Develop Ecosystems for Cisco Security
Cisco...
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Visibility and Context
Firewall
NGFW
NAC + ...
Questions?
26
During the Next Generation Network and Data Centre – Now and into the Future – Vision, Roadmap and Execution
During the Next Generation Network and Data Centre – Now and into the Future – Vision, Roadmap and Execution
Upcoming SlideShare
Loading in …5
×

During the Next Generation Network and Data Centre – Now and into the Future – Vision, Roadmap and Execution

1,095 views

Published on

Rapid changes in the world around us, driven by cloud, mobility and the Internet of Everything, are creating significant opportunities for global organizations. With these environmental changes, the sophistication with which cyber threats and attacks are carried out continues to grow rapidly, and attackers are increasingly able to circumvent traditional security systems. To learn more, please visit our website here: http://www.cisco.com/web/CA/index.html

Published in: Technology, Education
  • Be the first to comment

  • Be the first to like this

During the Next Generation Network and Data Centre – Now and into the Future – Vision, Roadmap and Execution

  1. 1. Securing the Next Generation Network and Data Centre – Now and into the Future – Vision, Roadmap, and Execution B-EN-01-B Bret Hartman Vice President and Chief Technology Officer, Cisco Security Business Group
  2. 2. Cisco and/or its affiliates. All rights reserved.Session FAQ Forum Cisco Public House Keeping Notes – Wednesday April 16, 2014 Thank you for attending Cisco Connect Toronto 2014, here are a few housekeeping notes to ensure we all enjoy the session today.  Please ensure your cellphones are set on silent to ensure no one is disturbed during the session  Please hold all questions until the end of these session to ensure all material is covered 2
  3. 3. Cisco and/or its affiliates. All rights reserved.Session FAQ Forum Cisco Public Complete Your Paper Session Evaluation – Wednesday April 16 Give us your feedback and you could win 1 of 2 fabulous prizes in a random draw. Complete and return your paper evaluation form to the Room Attendant at the end of the session. Winners will be announced today at the end of the session. You must be present to win! Please visit the Concierge desk to pick up your prize redemption slip. Visit them at BOOTH# 407
  4. 4. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4 Recent Events Have Eroded Trust
  5. 5. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5 "We can trust the NSA because without a doubt it is history's most powerful, pervasive, sophisticated surveillance agency ever to be totally pwned by a 29- year-old with a thumb drive”
  6. 6. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6 The Industrialization of Hacking 20001990 1995 2005 2010 2015 2020 Viruses 1990–2000 Worms 2000–2005 Spyware and Rootkits 2005–Today APTs Cyberware Today + Hacking Becomes an Industry Sophisticated Attacks, Complex Landscape Phishing, Low Sophistication
  7. 7. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7 Any Device to Any Cloud Public Cloud Private Cloud Public Cloud
  8. 8. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9 The Security Problem Changing Business Models Dynamic Threat Landscape Complexity and Fragmentation
  9. 9. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10 Comprehensive Security Portfolio IPS & NGIPS • Cisco IPS 4300 Series • Cisco ASA 5500-X Series integrated IPS Web Security • Cisco Web Security Appliance (WSA) • Cisco Virtual Web Security Appliance (vWSA) • Cisco Cloud Web Security Firewall & NGFW • Cisco ASA 5500-X Series • Cisco ASA 5500-X w/ NGFW license • Cisco ASA 5585-X w/ NGFW blade Advanced Malware Protection NAC + Identity Services • Cisco Identity Services Engine (ISE) • Cisco Access Control Server (ACS) Email Security • Cisco Email Security Appliance (ESA) • Cisco Virtual Email Security Appliance (vESA) • Cisco Cloud Email Security • Cisco UTM • Meraki MX VPN • Cisco AnyConnect VPN
  10. 10. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11 The New Security Model BEFORE Discover Enforce Harden AFTER Scope Contain Remediate Attack Continuum Network Endpoint Mobile Virtual Cloud Detect Block Defend DURING Point in Time Continuous
  11. 11. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12 Network-Integrated, Broad Sensor Base, Context and Automation Continuous Advanced Threat Protection, Cloud-Based Security Intelligence Agile and Open Platforms, Built for Scale, Consistent Control, Management Strategic Imperatives Network Endpoint Mobile Virtual Cloud Visibility-Driven Threat-Focused Platform-Based
  12. 12. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13 Visibility-Driven
  13. 13. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14 Need Both Breadth and Depth Network Endpoint Mobile Virtual Cloud BREADTH DEPTH Who What Where When How
  14. 14. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15 Cisco Fabric Provides Pervasive Visibility Network Servers Operating Systems Routers and Switches Mobile Devices Printers VoIP Phones Virtual Machines Client Applications Files Users Web Applications Application Protocols Services Malware Command and Control Servers Vulnerabilities NetFlow Network Behavior Processes
  15. 15. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16 ? Threat-Focused
  16. 16. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17 Detect, Understand, and Stop Threats ? Collective Security Intelligence Threat Identified Event History How What Who Where When ISE + Network, Appliances (NGFW/NGIPS) Context AMP, CWS, Appliances Recorded Enforcement
  17. 17. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18 Continuous Advanced Threat Protection ISE + Network, Appliances (NGFW/NGIPS) How What Who Where When Collective Security Intelligence AMP, CWS, Appliances Enforcement Event History AMP, Threat Defense Continuous AnalysisContext
  18. 18. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19 Today’s Security Appliances WWW Context- Aware Functions IPS Functions Malware Functions VPN Functions Traditional Firewall Functions
  19. 19. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20 Management Security Services and Applications Security Services Platform Infrastructure Element Layer Platform-Based Security Architecture Common Security Policy & Management Common Security Policy and Management Orchestration Security Management APIs Cisco ONE APIs Platform APIs Cloud Intelligence APIs Physical Appliance Virtual Cloud Access Control Context Awareness Content Inspection Application Visibility Threat Prevention Device API: OnePK™, OpenFlow, CLI Cisco Networking Operating Systems (Enterprise, Data Center, Service Provider) Route–Switch–ComputeASIC Data Plane Software Data Plane APIs APIs Cisco Security Applications Third-Party Security Applications
  20. 20. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21 The Security Perimeter in the Cloud The Distributed Perimeter Cloud Connected Network Collective Security Intelligence Telemetry Data Threat Research Advanced Analytics Mobile Router Firewall 3M+ Cloud Web Security Users 6 GB Web Traffic Examined, Protected Every Hour 75M Unique Hits Every Hour 10M Blocks Enforced Every Hour
  21. 21. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22 Develop Ecosystems for Cisco Security Cisco Current Partner Ecosystem Mobility (MDM), Threat (SIEM), Cloud Partner to Deliver Complete Solutions Open Platform Architecture Enables Develop SSP Partner Ecosystem ISE as “Context Directory Service” Embed Security in Broader IT Solutions Lancope, Network as a Sensor Drive the Value of the Network
  22. 22. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25 Visibility and Context Firewall NGFW NAC + Identity Services VPN UTM NGIPS Web Security Email Security Advanced Malware Protection Network Behavior Analysis Covering the Entire Attack Continuum BEFORE Discover Enforce Harden AFTER Scope Contain Remediate Attack Continuum Detect Block Defend DURING
  23. 23. Questions? 26

×