The document discusses Cisco Smart Net Total Care and its ability to help with alert management. It notes some of the challenges with current manual alert tracking methods. Smart Net Total Care provides visibility into a company's Cisco install base and product alerts. It allows users to view detailed alert information, prioritize alerts based on factors like security and business impact, and identify affected devices. The presentation recommends developing a consistent process for reviewing alerts to help reduce the chance of network outages.
Colin Robbins, Managing Consultant from Qonex, looks at the government-backed scheme and gives a basic guideline on how SME’s can achieve Cyber Essentials.
First presented at the East Midlands Cyber Security Conference and Expo.
For more cyber security resources visit www.qonex.com
Here are the slides from Farid Jiandani & Joe Onisick's PuppetConf 2016 presentation called PuppetConf 2016: Application Centric Automation with Puppet & Cisco. Watch the videos at https://www.youtube.com/playlist?list=PLV86BgbREluVjwwt-9UL8u2Uy8xnzpIqa
Colin Robbins, Managing Consultant from Qonex, looks at the government-backed scheme and gives a basic guideline on how SME’s can achieve Cyber Essentials.
First presented at the East Midlands Cyber Security Conference and Expo.
For more cyber security resources visit www.qonex.com
Here are the slides from Farid Jiandani & Joe Onisick's PuppetConf 2016 presentation called PuppetConf 2016: Application Centric Automation with Puppet & Cisco. Watch the videos at https://www.youtube.com/playlist?list=PLV86BgbREluVjwwt-9UL8u2Uy8xnzpIqa
As technology becomes more powerful, business processes becomes more complex, and risks exponentially increases yet remain unattended - the need to ensure security has never been greater.
There are 17,500 businesses certified when the BS7799 standard was introduced in 1995 and subsequently, the International version ISO 27001:2005. While these measures have held merits and have helped organizations protect their data against loss, damage, and theft, it has reached the point where there is an undeniable need for a change!
Eight years in the making, ISO finally updated and released ISO 27001:2013 that officially cancels and replaces the previous standard ISO 27001:2005 for ISMS.
Join us for the Philippines' pioneer forum on the salient aspects of the revised standard ISO 27001:2013 officially titled Information technology - Security Techniques - Information Security Management Systems - Requirements.
AV-Test, a leading international and independent service provider in the fields of IT security and anti-virus research, has awarded F-Secure with Best Protection 2013 award for Windows corporate endpoint products.
Choosing IT security does not need to be hard or time taking. Business Suite puts all the necessary elements into one package to make your life easier, and your business safer.
Business Suite puts you on the driver's seat, giving you the necessary tools to centrally manage the whole IT environment. The in-depth features give you full control to what is allowed in your network.
Business Suite includes security products from the gateway level to endpoints, with versatile management features for demanding IT environments.
Despite the constant stream of drama-filled news about the latest security exploits, many businesses lag behind in making investments in patch management. Whether the mindset is “Windows updates itself” or “we’ll deal with problems as they occur” – many have yet to invest in a regular patch management program. Explaining patch management is not only necessary but is in fact vital to business productivity and continuity.
Join N-able’s Scott Parker for some great data and hard numbers on patch management and some tips on how to get your customers on a regular patch management program. He’ll cover:
• How to position patch management (and deal with common objections)
• Where are the missing patches?
• What are the consequences of unpatched systems?
Proactive behavior-based protection combined with automatic software updates and advanced tools to control web access provide the best protection for workstations and laptops.
Client Security offers award-winning protection for Windows computers. F-Secure has received the "Best protection" award from AV-Test four years in a row which clearly shows that you can trust us to keep your PCs safe.
Michael Jarmark is a successful entrepreneur who has founded multiple technology based companies and products.Michael Jarmark was only twenty when he developed technology to help block the spread of adware and spyware.
Does your business deal with confidential information?
Complete protection for inbound and outbound email communication. Messaging Security Gateway blocks unwanted and harmful messages, and eliminates the possibility of data leakage.
Filter incoming mails, hide and encrypt your emails, block leaks, communicate in private, and keep your secrets truly secret.
F-Secure Policy Manager - onsite security management with superior controlF-Secure Corporation
Get on top of your IT security and manage risks centrally.
Policy Manager gives you the control of your IT security. You decide what sites your employees are allowed to access, and what software is allowed to be run the web.
F-Secure Policy Manager automates daily operations such as protection of new computers and removal of disconnected hosts. This allows you to focus on more critical issues. Multiple administrators with different admin level rights can work simultaneously and you can control their access rights individually.
Powerful, modern, and designed to solve challenging security needs as easily as possible,
Protection Service For Business is one of the world’s leading multi-endpoint security solutions.
F-Secure Email and Server Security takes server protection to the same level as F-Secure Client Security, which has been rated by AV-TEST as providing the best protection in the world. The combination of email and server security in the same package, along with several performance improving features, makes the solution easier to install and maintain.
Passing PCI audits can be a painful experience, but it doesn’t have to be that way. Tripwire solutions are used by eight of the top ten global retailers and we’ve helped thousands of customers achieve and maintain PCI compliance since version one of the PCI regulations.
Aaron Warner, Systems Engineer Manager at Tripwire, shows you how to:
-Avoid the top three mistakes of PCI compliance audits
-Build audit-ready PCI reports with less effort
-Stay PCI compliant once you’ve passed an audit
As technology becomes more powerful, business processes becomes more complex, and risks exponentially increases yet remain unattended - the need to ensure security has never been greater.
There are 17,500 businesses certified when the BS7799 standard was introduced in 1995 and subsequently, the International version ISO 27001:2005. While these measures have held merits and have helped organizations protect their data against loss, damage, and theft, it has reached the point where there is an undeniable need for a change!
Eight years in the making, ISO finally updated and released ISO 27001:2013 that officially cancels and replaces the previous standard ISO 27001:2005 for ISMS.
Join us for the Philippines' pioneer forum on the salient aspects of the revised standard ISO 27001:2013 officially titled Information technology - Security Techniques - Information Security Management Systems - Requirements.
AV-Test, a leading international and independent service provider in the fields of IT security and anti-virus research, has awarded F-Secure with Best Protection 2013 award for Windows corporate endpoint products.
Choosing IT security does not need to be hard or time taking. Business Suite puts all the necessary elements into one package to make your life easier, and your business safer.
Business Suite puts you on the driver's seat, giving you the necessary tools to centrally manage the whole IT environment. The in-depth features give you full control to what is allowed in your network.
Business Suite includes security products from the gateway level to endpoints, with versatile management features for demanding IT environments.
Despite the constant stream of drama-filled news about the latest security exploits, many businesses lag behind in making investments in patch management. Whether the mindset is “Windows updates itself” or “we’ll deal with problems as they occur” – many have yet to invest in a regular patch management program. Explaining patch management is not only necessary but is in fact vital to business productivity and continuity.
Join N-able’s Scott Parker for some great data and hard numbers on patch management and some tips on how to get your customers on a regular patch management program. He’ll cover:
• How to position patch management (and deal with common objections)
• Where are the missing patches?
• What are the consequences of unpatched systems?
Proactive behavior-based protection combined with automatic software updates and advanced tools to control web access provide the best protection for workstations and laptops.
Client Security offers award-winning protection for Windows computers. F-Secure has received the "Best protection" award from AV-Test four years in a row which clearly shows that you can trust us to keep your PCs safe.
Michael Jarmark is a successful entrepreneur who has founded multiple technology based companies and products.Michael Jarmark was only twenty when he developed technology to help block the spread of adware and spyware.
Does your business deal with confidential information?
Complete protection for inbound and outbound email communication. Messaging Security Gateway blocks unwanted and harmful messages, and eliminates the possibility of data leakage.
Filter incoming mails, hide and encrypt your emails, block leaks, communicate in private, and keep your secrets truly secret.
F-Secure Policy Manager - onsite security management with superior controlF-Secure Corporation
Get on top of your IT security and manage risks centrally.
Policy Manager gives you the control of your IT security. You decide what sites your employees are allowed to access, and what software is allowed to be run the web.
F-Secure Policy Manager automates daily operations such as protection of new computers and removal of disconnected hosts. This allows you to focus on more critical issues. Multiple administrators with different admin level rights can work simultaneously and you can control their access rights individually.
Powerful, modern, and designed to solve challenging security needs as easily as possible,
Protection Service For Business is one of the world’s leading multi-endpoint security solutions.
F-Secure Email and Server Security takes server protection to the same level as F-Secure Client Security, which has been rated by AV-TEST as providing the best protection in the world. The combination of email and server security in the same package, along with several performance improving features, makes the solution easier to install and maintain.
Passing PCI audits can be a painful experience, but it doesn’t have to be that way. Tripwire solutions are used by eight of the top ten global retailers and we’ve helped thousands of customers achieve and maintain PCI compliance since version one of the PCI regulations.
Aaron Warner, Systems Engineer Manager at Tripwire, shows you how to:
-Avoid the top three mistakes of PCI compliance audits
-Build audit-ready PCI reports with less effort
-Stay PCI compliant once you’ve passed an audit
During the Next Generation Network and Data Centre – Now and into the Future ...Cisco Canada
Rapid changes in the world around us, driven by cloud, mobility and the Internet of Everything, are creating significant opportunities for global organizations. With these environmental changes, the sophistication with which cyber threats and attacks are carried out continues to grow rapidly, and attackers are increasingly able to circumvent traditional security systems. To learn more, please visit our website here: http://www.cisco.com/web/CA/index.html
Security and Virtualization in the Data CenterCisco Canada
The evolving complexity of the data center is placing increased demand on the network and security teams to come up with inventive methods for enforcing security policies in these ever-changing environments. The goal of this session is to provide participants with an understanding of features and design recommendations for integrating security into the data center environment. This session will focus on recommendations for securing next-generation data center architectures. Areas of focus include security services integration, leveraging device virtualization, and considerations and recommendations for server virtualization. The target audience are security and data center administrators.
IBM BigFix: Closing the Endpoint Gap Between IT Ops and SecurityIBM Security
View on-demand presentation here: securityintelligence.com/events/ibm-bigfix-closing-the-endpoint-gap-between-it-ops-and-security/
Many organizations have siloed teams, with IT Security and Operations performing functions independently using disparate tools. Every new tool, handoff, and process between these two teams creates another opportunity for your defenses to be breached and for additional time and cost to be added.
IBM® BigFix® provides a single platform for Endpoint Security and Management to help protect all your endpoints — from roaming endpoints such as a laptop in a coffee shop to point-of-sale (POS) devices connecting through partner sites. It allows your teams to operate in unison and continuously monitor each endpoint for potential threats and enforce compliance with security, regulatory, and operational policies.
Learn how you can quickly respond to an attack without losing productivity!
Ten Things You Should not Forget in Mainframe Security CA Technologies
Given the current state of security and breaches in the news every day, you won’t want to miss this session. We will cover the top 10 areas that you should be reviewing as a security practitioner that most organizations overlook. With the knowledge taken from this session, you will be able to better educate your staff and auditors about how to take security to the next level for your business and protect z/OS®.
For more information, please visit http://cainc.to/Nv2VOe
From the largest to the smallest company, the inescapable truth is that with the click of a few keys or even a simple phone call, intruders can bypass all of your carefully constructed security. According to the Ponemon Institute's 2015 Cost of Data Breach Study, the average total cost of a data breach increased from $3.52 million to $3.79 million in 2014.
While a number of major data breaches have made the news, often overlooked are the events and decisions that set the stage for the breach to occur. In this hour-long webinar, Global Knowledge instructor Phill Shade will walk through a number of key areas in which today's decisions set the stage for tomorrow's breach.
Panda Adaptive Defense 360 is the first and only product in the market to combine in a single solution Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) capabilities.
Do you want to get to know more about Adaptive Defense 360?
- Test a demo: http://bit.ly/21jl4Bi
- Talk to an expert: http://bit.ly/1Ouzvve
- Get more info: http://bit.ly/21jljMu
Best Practices for Intelligent ComplianceBMC Software
How do you keep yourself from being a victim of the next hacking scandal? Move beyond compliance to intelligent compliance to close the Security/Operations gap.
How to Perform Continuous Vulnerability ManagementIvanti
Without treating security as an ongoing process, hackers will find, weaponize, deploy, and attack your infrastructure faster than your team can patch. At the same time, the experience of your IT team working with the security group is frustrating and leads to many, many hours of manual work. Learn how to stay ahead of the bad guys and improve the experience for your team with continuous vulnerability management.
Similar to Sntcapril2 decreasenetworkriskwithalertmanagementdraftv2-150417114740-conversion-gate02 (20)
Session Description:
Good morning (afternoon). Today’s discussion will focus on how to prevent network disruption by proactively identifying and managing Cisco alerts that impact your network devices.
Poll question: How do you track and manage alerts today?
Review one-off email notifications – review notice & determine impacted devices
When they open a case with TAC, they find their a bulletin addressing the problem
Cisco support community / industry sites
No formal process in place
Poll question: How do you track and manage alerts today?
[Recap the manual methods after the audience participates in the poll question]
Here are a few of the manual tracking methods we find today:
Customers are reviewing one-off email notifications
Alert are discovered during a TAC call and they find a bulletin addressing the problem
Periodic searching on the Cisco support community or industry sites
In some cases, there isn’t a formal process in place
Typical alerts include:
Hardware alerts: Hardware end-of-life and end-of-support reminders.
Software alerts: Software end-of-engineering, end-of-life, and end-of support reminders.
PSIRT alerts: Product Security Incident Response Team. Security advisories, notifications of threats, and vulnerabilities.
Field notice alerts: Published notifications of significant product issues that typically require an upgrade, workaround, or other action.
What are some of the issues you run into when dealing with alerts?
Are you getting too many alerts and having trouble knowing if they apply to your network?
How do you identify devices that have security alerts and/or notifications?
How do I manage security vulnerabilities? Which alerts should we prioritize?
Do you find managing your alerts to be a labor intensive process?
Today, we’re going to show you how Smart Net Total Care addresses these challenges.
Introduce Smart Net Total Care
Cisco Smart Net Total Care is a next-generation support service that helps you:
Automatically maintain a comprehensive and up-to-date view of your Cisco installed base
Manage your support contracts to see what’s covered, what’s due to expire, and if you have any uncovered devices
Identify Cisco products that are reaching end-of-life, end-of-sale, or end-of-support
Easily see what has moved, been added or changed in your network.
Perform network device planning and budgeting activities
And the topic for today’s session…
Easily see the alerts that apply to your network, and which devices are affected.
Here’s a what the highly intuitive and customizable SNTC dashboard looks like. As you can see, SNTC quickly delivers actionable information and insights into your network.
We’re going to show how Smart Net Total Care help you effectively and efficiently manage and track Cisco security, hardware, and software alerts, and Cisco field notices.
● Easily list alerts that apply to your network, and which devices are affected, helping prioritize activity.
● Acknowledge those alerts that have been reviewed or mitigated, providing you with a concise and persistent list of activities and alerts needing attention.
● See which Cisco alerts have been generated, and alerts activities associated with your devices, during a specific time period.
Do you have a method for tracking PSIRT or security alerts specific the equipment on your network?
An important first step in getting the most from your alerts is determining which alerts apply to you and which could put your network at risk. Investing some time in organizing and updating network alerts can make a world of difference.
Prioritizing Alerts:
When it comes to prioritizing alerts, every team should have its own set of critical considerations. Here are some important factors that should make the list:
Security vulnerabilities – these need to be adjusted your specific environment.
The level of impact on business operations. Does impacted device affect your Service-level agreements?
Equipment replacement costs
Device location
Software and hardware lifecycles – mitigate risk and plan for upgrades to equipment that is no longer supported
Alerts provide list of hardware and software alerts, PSIRTs, and Field notices. Users can drill down to see increasing detail.
Now we see the relevant details of those devices to quickly focus where attention needs to be taken.
Here you can see more details regarding how the alert works and how your customer can drill down to see affected devices as well as the actual alert text.
Status updates and notes become part of the record for the device.
Example Case Study
Customer challenge:
We recently worked with a healthcare organization who was looking for a more efficient way to manage their alerts. Being in a medical environment, security was very important so they needed a way to ensure vulnerabilities were being addressed. How did they keep track of all of the alerts coming in? They assigned a member of their IT staff to manually review PSIRTS and security advisories. As you can imagine, this was a very labor intensive task to review every PSIRT manually. First they had to determine if the alert even applied to their network. If it did, they would then assess the risk level, find the impacted devices, and lookup the detail on how to remediate the issue.
Business Outcome:
When we put Smart Net Total Care in, it became much easier to see and prioritize the PSIRTS based on their environment.
With a tracking system in place, they were able to confirm alerts were addressed
Network risk was reduced based on timely alerts and responses
IT resources were reallocate to more strategic IT initiatives
STAT: Consistent device tracking and up-to-date maintenance reduce the chance of network outages by 40 percent.
Quick Tips for Tracking Alerts
1. Develop a consistent process for reviewing alerts.
2. Prioritize alerts according to your specific business needs.
3. Tag alerts that require action and develop a clear and concise list of actionable alerts.
Flag and comment on alerts “Action Required” “Assign to security group to review and complete by X/X”
(Continued on next slide)
Quick Tips for Tracking Alerts Continued…
4. Record how you have responded to each alert: whether you addressed the alert or chose not to address it and why.
Alert drops off after action has been completed
5. Maintain detailed information, so other team members have important background on hand when addressing remediation steps or when TAC support is needed.
Comments, actions taken
6. Use a delta report to keep track of what’s new and what’s been addressed
To summarize, SNTC helps customers to:
Preempt network disruption by proactively identifying issues
Easily determine which alerts apply their Cisco devices
Know which alerts are putting my network at risk - prioritize alerts
View detailed alert information and the recommended actions for remediation
Track which alerts have already been addressed
Know which devices in my network are running old versions of software and creating security vulnerabilities
Thanks for your time and attention today. Do you have any questions?