Cisco's cloud security strategy emphasizes a borderless network architecture, addressing challenges in cloud migration while balancing flexibility and security. The company offers a hybrid security platform that integrates both on-premise and cloud solutions, focusing on user mobility and persistent security. Key features include improved visibility, co-management capabilities, and proactive threat protection, supported by Cisco's global threat intelligence operations.

1. Ambika Gadre
Senior Director, Product Management
Cisco Cloud Security Strategy

2. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 2
Cisco’s Architecture for Borderless
Network Security
Borderless
DataCenter
3
Borderless
Internet
Borderless
EndZones
Policy
Corporate Border
Branch Office
Applications
and Data
Corporate Office
Policy
(Access Control, Acceptable Use, Malware, Data Security)4
Attackers
Coffee
ShopCustomers
Airport
Mobile
User Partners
Platform
as a Service
Infrastructure
as a Service
X
as a Service
Software
as a Service
2
1

3. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 3
Migration to the Cloud:
Opposing Forces
Accelerators Inhibitors
Financial
Resources
Predictable Op-Ex
Operational
Maintenance
Datacenter footprint
Security
Privacy
Reliability
Control
Management
Visibility

4. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 4
Flexible Delivery Models
OnOn--PremisesPremises CloudCloud HybridHybrid ManagedManaged
Award-Winning
Technology
Dedicated SaaS
Infrastructure
Best of Both
Worlds
Fully Managed
on Premises

5. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 5
Co-Management
Maximum Flexibility At Your Finger Tips
Cisco SolutionCisco SolutionCompetitionCompetition
Ticket based delays
End-user frustration
Decreases efficiency
WhereWhere’’s mys my
message?message?
Granular access
Zero delays
Improved productivity

6. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 6
Single Pane of Management
Improved Visibility & Control
Common
Tracking
Reporting
Management
?
!

7. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 7
Hybrid Email Security
Best of Both Worlds
Identical feature set
Flexible deployment
Inbound: Mail Hygiene
Outbound:
Sensitive Data Protection
Application Deployment
Anti-Spam
DLP Encryption
Anti-VirusAnti-Virus

8. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 8
Cisco Cloud Email Security Strategy

9. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 9
Complementary
Capabilities
ScanSafe: Accelerating Cisco’s
Cloud Security Vision
Endpoint footprint
Powerful enforcement engines
Network integration
Threat protection
Proven multi-tenant cloud
platform
Global footprint
Hosted operations
Zero day threat protection
Service provider enablement
Accelerating Cisco’s
Borderless Security Vision
Persistent Security More Advanced
Scanning
Hybrid Delivery
Unified Policy
Across Form Factors

10. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 10
Secure, Persistent Connectivity
Network Follows User—It Just Works
Corporate Office Mobile User Home Office
Cellular / Wi-Fi
Wired Wi-Fi
Secure,
Consistent
Access
Voice—Video—Apps—Data

11. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 11
Persistent Security and Policy Enforcement
Choice of Form Factor: Cloud or On-Premise
News Email
Social Networking Enterprise SaaS
Cisco Web Security
Appliance
Information Sharing
Between ASA and WSA
Corporate AD
ASAAnyConnect
Anywhere+
(Transitioning to AnyConnect)

12. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 12
Cloud Security Platform
Scalable and Extensible Architecture
Monitoring and Alerts
Interface
Event Manager Interface, SNMP,
Email Alerts, Syslog, W3C
logging, 3rd Party API
Directory Interfaces
(Identity, Authentication,
NAC, SSO, AAA, Groups,
Active Directory, LDAP)
Cisco Security
Intelligence
Operations
Other
Systems
3rd Party Service Integration APIs
Programmatic APIs
Identity and Authentication
L2-L4
Access
Control
Engine
Secure
Connection
Management
Engine
Web
Enforcement
Engine
Email
Enforcement
Engine
ConfigurationInterfaces
CustomerPartnerAdministrator
3rd Party
Services
Open DLP
(Future)
External Archiving
(Future)
Other Other
CiscoSecurityEnforcementEngines
Voice and
Video
Enforcement
Engine
(Future)

13. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 13
Revolutionizing Web Reporting
Enabling Business Decisions

14. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 14
Flexibility
Unified Reporting and Tracking
Benchmark company vs.
industry trends
Message and user
tracking
Unified view with
on-premise reports
Insight to refine policy
to address business
needs

15. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 15
Cisco Security Intelligence Operations
Global
Threat
Telemetry
Global
Threat
Telemetry
8:03 GMT Sensor Detects
Hacker Probing
Bank Branch
in Chicago
Ad Agency HQ
in London
ISP Datacenter
in Moscow
8:00 GMT Sensor Detects
New Malware
8:07 GMT Sensor Detects
New Botnet
8:10 GMT
All Cisco Customers Protected
8:10 GMT
All Cisco Customers Protected
Cisco
SensorBase
Threat
Operations Center
Advanced
Algorithms
© 2009 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 15
Higher Threat Coverage, Greater Accuracy, Proactive Protection

16. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialPresentation_ID 16
Zero-day Protection with Outbreak
Intelligence