Cisco DC Security Architecture Yesterday's network security was about the Security Challenges • Not enough threat visibility in the network, workloads
Previous PDF | Next PDF |
[PDF] Security Architecture - Cisco
Cisco's Network Security Architecture Borderless Presentation_ID Cisco Security Architecture For Enterprise (SAFE) Security Reference Architecture
[PDF] Cisco Security Architecture Assessment Service
Cisco® architecture assessments are conducted using the Cisco Security Control Framework This vendor- independent control framework is built from industry
[PDF] Cisco DC Security Architecture
Cisco DC Security Architecture Yesterday's network security was about the Security Challenges • Not enough threat visibility in the network, workloads
[PDF] Cisco Security Architecture for Media At-a-Glance
What Cisco Security Architecture Can Do for Your Media Business ○ Protect your infrastructure, premium content, and customer information ○ Allow you to
[PDF] SAFE Security Architecture Toolkit - July 2018 - Cisco
Cisco Public SAFE Security Architecture Toolkit Table of Contents • SAFE Toolkit Overview • Capabilities Flows and Endpoints • Architectures • Designs
[PDF] SAFE Secure Internet Architecture Guide
This is a sample list of SaaS applications and not a complete list The Cisco Security SaaS offers are broken up into 4 categories: Secure Access to Apps, Secure
[PDF] SAFE Overview Guide
All rights reserved This document is Cisco Public Information SAFE Overview Guide Threats, Capabilities, and the Security Reference Architecture Contents
[PDF] Cisco Security Architecture Assessment Service - Micro Technology
The Cisco Security Architecture Assessment Service allows you to implement a comprehensive security architecture by identifying gaps in your security
[PDF] Cisco SAFE Overview: Validated Next-Generation Security
The Greatest Security Threat? Accidental Security Architecture ▫ Fear-based security decisions ▫ Product- or feature
[PDF] SAFE Security
The Cisco The Foundation for Secure Borderless Networks Cisco® SAFE is a security reference architecture that provides detailed design and implementation
[PDF] cisco security services platform
[PDF] cisco set time ntp
[PDF] cisco switch set clock ntp
[PDF] cisco switch set time ntp
[PDF] cisco umbrella
[PDF] cisco umbrella cloud security platform
[PDF] cisco wireless router configuration step by step pdf
[PDF] cisco wireless router wap4410n configuration
[PDF] cisco wrt54gh wireless router configuration
[PDF] cissp associate on resume
[PDF] cissp endorsement
[PDF] cissp exam cost
[PDF] cissp syllabus
[PDF] cissp track
Bing Reaport
Cybersecurity Sales Specialist
M: +639992217765
E: ereaport@cisco.com
Cisco DC Security
Architecture
© 2018 Cisco and/or its affiliates. All rights reserved. KHVPHUGM\·V QHPRRUN VHŃXULP\ RMV MNRXP POH perimeterRouters and switches each had one job
Firewalls secured
your perimeterFirewall
Visibility
Segmentation
Threat Protection
.QRRLQJ ROMP·V RQ \RXU QHPRRUN RMV limited to visibility from the firewall © 2018 Cisco and/or its affiliates. All rights reserved.Business apps
Salesforce, Office 365,
G Suite, etc.
Branch office
Critical infrastructure
Amazon, Rackspace,
Windows Azure, etc.
Roaming laptops
Workplace
desktopsBusiness
appsCritical
infrastructureInternet
The way we work has changed
© 2018 Cisco and/or its affiliates. All rights reserved.The Modern Data Center is Incredibly Complex
Big and Fast Data
Virtualization
Expanded attack surface
Increase in east-west traffic
Hybrid Cloud
Multi cloud orchestration
Workload portability
Zero trust model
Application Architecture
Continuous development | Micro Services | APIs
© 2018 Cisco and/or its affiliates. All rights reserved.Network
Challenges
Outage/degraded service
Insufficient visibility into the
network, workload, applicationRising security breaches
and destruction of service (DeOS) attacksIncreasing regulatory compliance
requirements and auditsRising ACL/FW rule complexity
and administration burden © 2018 Cisco and/or its affiliates. All rights reserved.Security
Challenges
Not enough threat visibilityin the
network, workloads, applicationsInconsistent policies across
workloadsToo many point security vendors
Hackers are more sophisticated
Attack surface is too broad
© 2018 Cisco and/or its affiliates. All rights reserved.Securing networks is a challenge that intensifies when networking and security technologies are decoupled
Difficult infrastructure choices
create a dilemma between performance and securityInfrastructure
Piecemeal security solutions
complicate the network and let threats slip throughSecurity
Complex system integration
takes too much time and leaves room for errorNetworking
© 2018 Cisco and/or its affiliates. All rights reserved.Threats are more
numerous and complexThreats are using encryption
to evade detectionMore IoT devices
connect everydayUsers work anywhere
across many devicesBy 2020, 2/3rdsof all IP traffic will
come from wireless and mobile devicesDigitization complicates visibility
Market demands have taken the network beyond your perimeter2YHU 20% ŃRQQHŃPHG ´POLQJV
will be in use by 2020Companies experienced a 27.4%
average increase in security breaches in 20173X increase in encrypted
communication from malware in a12-month period
© 2018 Cisco and/or its affiliates. All rights reserved.Network
Usxaers
HQData Center
AdminBranch
SEE every conversationUnderstand what
is NORMALBe alerted to
CHANGE
KNOW every hostRespond to
THREATS quickly
Effective security depends on total visibility
Roaming Users
Cloud © 2018 Cisco and/or its affiliates. All rights reserved.7OH ([LVPLQJ 6HŃXULP\ 6PMŃN"
Firewall
VPNEmail Security
Web Security
DLP SIEMReplacement Box
Failover
Persistent Threats
IDSFirewall 2.0
VPN 2.0
Email Security 2.0
Web Security 2.0
DLP 2.0
SIEM 2.0
Replacement Box 2.0
Failover 2.0
Persistent Threats 2.0
IDS 2.0
© 2018 Cisco and/or its affiliates. All rights reserved. Adding point solutions adds complexity and can make you less secure55% Of customers rely on more
than 5 vendorsto secure their network154% Of legitimate security alerts
are not remediateddue to lack of integrated defense systems2100 days Industry average
to detect a common threats31Cisco 2017 Annual Cybersecurity Report
2Cisco 2017 Annual Cybersecurity Report
3Cisco 2016 Mid-Year Cybersecurity Report
© 2018 Cisco and/or its affiliates. All rights reserved. How?Has it
affected us? Why?Is it bad?
Customer
© 2018 Cisco and/or its affiliates. All rights reserved.Threat
Intelligence
Internal
Monitoring
Customer
© 2018 Cisco and/or its affiliates. All rights reserved.Internal
Monitoring
Threat
Intelligence
Customer
© 2018 Cisco and/or its affiliates. All rights reserved.Visibility
Complete visibility of users,
devices, networks, applications, workloads and processesThreat Protection
Quickly detect, block, and respond to
attacks before hackers can steal data or disrupt operationsSegmentation
Prevent attackers from moving
laterally east-west with application whitelisting and micro-segmentationCisco Data Center Security
© 2018 Cisco and/or its affiliates. All rights reserved.Fortify the Security
Posture
Strategically place next-gen
security gatewaysfor more effective protectionThe Solution: Network + Security
Enlist the Rest of your Network for SecurityDetect threats everywhereSee and analyze all traffic across the
extended networkContain and isolate threats
Dynamically enforce software-defined
segmentation based on business rolesTypical Network:
<10 firewalls <100 routers <1000 switches© 2017 Cisco and/or its affiliates. All rights reserved. © 2017 Cisco and/or its affiliates. All rights reserved.
(IIHŃPLYH VHŃXULP\ GRHVQ·P"Impede performance
Add complexity
Create blind spots
Without straining the network
© 2017 Cisco and/or its affiliates. All rights reserved.A powerful information source for
every network conversationA critical tool to identify a
security breachCisco network telemetry for security awareness
Network Flows Highlight Malicious Behavior
© 2017 Cisco and/or its affiliates. All rights reserved. TimeResponse
Detection
Threat
Is our security posture effective?
© 2018 Cisco and/or its affiliates. All rights reserved. Source: Verizon 2014 Data Breach Investigations ReportTime to compromise
Time to discovery 25%
50%75%
100%
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
Percent of breaches where time to compromise (orange)/ time to discovery (blue) was days or less
Time to Detection100
Industry Days
Industry Result
© 2018 Cisco and/or its affiliates. All rights reserved.Cisco Security Strategy
© 2018 Cisco and/or its affiliates. All rights reserved.Architecture
Integrated
Portfolio
Best of breed
Intelligence
Cloud-delivered
© 2018 Cisco and/or its affiliates. All rights reserved.FLVŃR·V HQPHJUMPHG 6HŃXULP\ 3RUPIROLR
150security tech partners