Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Isday 2017 - Atelier Cisco


Published on

Solutions de sécurité Cisco

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Isday 2017 - Atelier Cisco

  1. 1. Solving Security with Cisco
  2. 2. 50B Devices Connected by 2020 $19T Opportunity Digital Disruption, Massive Scale Active Adversaries Security Industry Attack surface Threat Actors Attack Sophistication Rapidly expanding number of security companies Not interoperable Not open Changing Business Models Dynamic Threat Landscape Complexity and Fragmentation Security Challenges
  3. 3. Security Challenges Globally Ransomware Mobile Work Force IoT Cloud Applications Automation Cost Complexity People Shortage
  4. 4. How Often is Your Board Formally Updated on Cybersecurity Risks? Monthly Quarterly Semi-Annual Annually Never 4% Source: Survey of 100 Global CISO’s February 2017 9% 38% 57% 29% 21% 25% 13% 4% 0% 2015 2017
  5. 5. Source: Ben Walker, Marketing Executive at vouchercloud – April 5, 2015 90% of the world’s data today has been created in the last 2 years alone Today, DATA is where the money is
  6. 6. Firewall Last 20 years of security: Got a problem? Buy a Box
  7. 7. The Industry Has You Covered…
  8. 8. Cisco Security Closes the Gap The Security Effectiveness Gap
  9. 9. – Threat Intelligence Services Integrated Threat Defense Endpoint CloudNetwork The Most Complete Security Portfolio in the Industry © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  10. 10. Unrivaled global threat research and intelligence 00I00 I00I0I II0I0I 0II0I I0I00I0I0 0II0I0II 0I00I0I I0 00 II0III0I 0II0II0I II00I0I0 0I00I0I00 I0I0 I0I0 I00I0I00 III00II 0II00II I0I0II0II0 I0 I0 I00 00I0 I000 0II0 00 III00II I000I0I I000I0I I000I0I II 0I00 I0I000 0II0 00 00I I0I0I0 I0I0III000 I0I00I0I 0II0I0 I00I0I0I0I 000 II0II0I0I0I I0I0I0I 0I0I0I0I 0I0I00I0 I0I0I0I 0II0I0I0I 0II00 I00I0I0 0I00I0I I00I0I0 I0I0I0I 0I0I0I 0I0I0I0 00I0I0 0I0I0I0 I0I0I00I 0I0I 0I0I 0I0I I0I0I 0I00I0I III00II 0II00II I0I000 0II0 00I0I00 I0 I000I0I 0II 0I0I0I III00II 0II00II 0I0I0I0I 0I I0 I00 000II0 I0I0 0II0 00 24  7  365 Operations 100 TB Of Data Received Daily 1.5 MILLION Daily Malware Samples 600 BILLION Daily Email Messages 16 BILLION Daily Web Requests MILLIONS Of Telemetry Agents 4 Global Data Centers Over 100 Threat Intelligence Partners 250+ Full Time Threat Intel Researchers
  11. 11. 38%+ TCO* Reduction Cisco Architectural Approach Helps Customers Save Money * Final Results Firewall VPN Email Security Web Security DLP SIEM Replacement Box Failover Persistent Threats IDS Firewall 2.0 VPN 2.0 Email Security 2.0 Web Security 2.0 DLP 2.0 SIEM 2.0 Replacement Box 2.0 Failover 2.0 Persistent Threats 2.0 IDS 2.0Point Products Approach Cisco Architectural Approach
  12. 12. Find and contain problems fast Simplify network segmentation Control who gets onto your network Protect users wherever they work Stop threats at the edge Security Enables Digitization Protect your Business During Digital Transformation
  13. 13. Anticipate, block, and respond to threats Cisco Firepower NGFW
  14. 14. OpenAppID Application Visibility & Control Provide next-generation visibility into app usage See and understand risks Enforce granular access control Prioritize traffic and limit rates Create detectors for custom apps Cisco database • 4,000+ apps • 180,000+ Micro-apps Network & users        1 2 Prioritize traffic
  15. 15. OpenAppID Extend AVC to proprietary and custom apps Easily customize application detectors Detect custom and proprietary apps Share detectors with other users Open-SourceSelf-Service
  16. 16. Web controls Block or allow access to URLs and domains Classify 280M+ URLs Filter sites using 80+ categories Manage “allow/block” lists easily Block latest malicious URLs Category-based Policy Creation Allow Block Admin Cisco URL Database DNS Sinkhole 01001010100 00100101101 Security feeds URL | IP | DNS NGFW Filtering BlockAllow Safe Search gambling  
  17. 17. Next-Generation Intrusion Prevention System (NGIPS) Understand threat details and quickly respond Communications App & Device Data 01011101001 010 010001101 010010 10 10 Data packets Prioritize response Blended threats • Network profiling • Phishing attacks • Innocuous payloads • Infrequent callouts 3 1 2 Accept Block Automate policies ISE Scan network traffic Correlate data Detect stealthy threats Respond based on priority
  18. 18. c File Reputation Advanced Malware Protection (AMP) Uncover hidden threats in the environment • Known Signatures • Fuzzy Fingerprinting • Indications of compromise  Block known malware Investigate files safely Detect new threats Respond to alerts File & Device Trajectory AMP for Network Log  Threat Grid Sandboxing • Advanced Analytics • Dynamic analysis • Threat intelligence ? AMP for Endpoint Log Threat Disposition Enforcement across all endpoints RiskySafeUncertain Sandbox Analysis
  19. 19. Cisco Advanced Malware Protection (AMP) Deployment Options Get Visibility and Control across all attack vectors to defend against today’s most advanced threats. Protect your Endpoints! Get visibility into file and executable- level activity, and remediate advanced malware on devices running Windows, Mac OS, Linux, and Android. Supercharge your next-generation firewall by turning on AMP capabilities on the Cisco Firepower NGFW or the Cisco ASA with Firepower Services. Get deep visibility into threat activity and block advanced malware with AMP deployed as a network- Add AMP to a Cisco Web Security Appliance (WSA) or Cisco Cloud Web Security (CWS) and get visibility and control to defend against advanced threats launched from the web. Add AMP to a Cisco Email Security Appliance (ESA) and get visibility and control to defend against advanced threats launched via email. Combat and block network- based threats by deploying AMP capabilities on the Cisco Integrated Services Router (ISR). For high privacy environments that restrict the use of the public cloud, use an on-premises, air-gapped private cloud deployment of AMP for Networks or AMP for Endpoints. An on-premises appliance or cloud-based solution for static and dynamic malware analysis (sandboxing) and threat intelligence. based solution running on AMP-bundled security appliances (NGIPS).AMP for Endpoints AMP for Firewalls AMP for Networks AMP for Email AMP for ISR AMP for Web Threat Grid AMP for Private Cloud Virtual Appliance
  20. 20. Available in multiple deployment options Cisco Firepower Threat Defense on ASA 5500-X Cisco Firepower™ 4100 Series and 9300 New Appliances And on high-end performance appliances… Also available as standalone solutions Dedicated AMP NGIP S only Physical, virtual, and cloud options • AWS • Azure Cisco Firepower Threat Defense on 2100
  21. 21. Management
  22. 22. Firepower Management Center Easily manage NGFWs across multiple sites Manage across many sites Control access and set policies Investigate incidents Prioritize response Firepower Management Center Centralized management for multi-site deployments Multi-domain management Role-based access control High availability APIs and pxGrid integration NGIPS Firewall & AVC AMP Security Intelligence …Available in physical and virtual options
  23. 23. Premiere Portfolio in the Industry UTM Network Analytics Advanced Malware Secure Internet Gateway WebW W W Policy and Access Email NGFW/ NGIPS Cloud Access Security
  24. 24. MERCI POURVOTRE PRESENCE! Marc GUEROULT Security Account Manager