security // cisco regional roadshow
TRANSCRIPT
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
"More protection..."
"... is what we need"
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Breach/Detection Time Delta is Not Improving
6
Source: Verizon 2014 Data Breach Investigations Report
Hours/Days
Weeks/Months
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
If you knew you were going to be compromised, would you do security differently?
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
BEFORE
Control
Enforce
Harden
AFTER
Scope
Contain
Remediate
Detect
Block
Defend
DURING
A Threat-Centric Approach
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
A Somewhat Modern Way of Thinking About Security
Threat Focused: Deep Understanding of Threats
Visibility Driven: See It, Show It, Share It
Integrated: Entire Attack Continuum
Platform Based: Physical, Virtual, Network, Endpoint
Transformative: Fast, Automated, Integrated
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Network Servers
Operating Systems
Routers and
Switches
Mobile Devices
Printers
VoIP Phones
Virtual Machines
Client Applications
Files
Users
Web Applications
Application Protocols
Services
Malware
Command and Control
Servers
Vulnerabilities
NetFlow
Network Behavior
Processes
Visibility Driven: See It, Show It, Share It
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Putting It All Together
?
Collective Security Intelligence
Event History
How
What
Who
Where
When
Firewall
FireSight + Identity Services
VPN
NGFW UTM
Discover, Enforce, Harden
BEFORE
NGFW / NGIPS
Web/Email
Endpoint
Detect, Block, Defend
DURING
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Putting It All Together
How
What
Who
Where
When
Collective Security Intelligence
Event History
Firewall
FireSight + Identity Services
VPN
NGFW UTM
Discover, Enforce, Harden
BEFORE
NGIPS
Web/Email
Endpoint
Detect, Block, Defend
DURING Advanced Malware Protection
Network Behavior Analysis
Scope, Contain, Remediate
AFTER
Too many products: no integration, don't share information,
no single source of threat intelligence
Device policies: slow, complex, manual, time-consuming
Zone segmentation: inflexible, slow, unenforceable
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
BEFORE
Control
Enforce
Harden
AFTER
Scope
Contain
Remediate
Detect
Block
Defend
DURING
Threat Visibility That's Clear, Accurate and Automated
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Policies That Are Intuitive, Network Integrated and Low-Touch
DEVICES, APPLICATIONS, CONTEXT
WLAN LAN REMOTE ACCESS
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Segmentation That's Flexible, Fast and Automated
© 2013-2014 Cisco and/or its affiliates. All rights reserved.
“So do any network security vendors understand data center and what’s needed to accommodate network security? Cisco certainly does.”
“Cisco is disrupting the advanced threat defense industry.”
“… AMP will be one of the most beneficial aspects of the [Sourcefire] acquisition.”
“Based on our (Breach Detection Systems) reports, Advanced Malware Protection from Cisco should be on everyone’s short list.”
2014 Vendor Rating for Security: Positive
“The AMP products will provide deeper capability to Cisco's role in providing
secure services for the Internet of Everything (IoE).”
Best of Breed and Integrated