© 2002, Cisco Systems, Inc. All rights reserved. Secure Networking for Business Continuity

Agenda Business Resilience Security Issues Legacy vs. Network Security Cisco’s SAFE Blueprint Cisco Security Development Predictions and Summary Business Resilience Security Issues Legacy vs. Network Security Cisco’s SAFE Blueprint Cisco Security Development Predictions and Summary

Drivers of the Internet Race New Competition Organization Structure Profits, Cash Flow, Productivity Empowered Workforce Educated Leaders Global Competition Competitive Advantage Survival New Revenue 2002 Internet Economy

E-Learning Workforce Optimization E-Commerce Customer Care Supply Chain Today’s Internet Business Environment

Individual Inconvenience Broad Workforce Impact Impact on Productivity Flight Delay Snow Sick child Earthquake Virus/Worm Hurricane Accident Stops Traffic Security Breach Power Outage Late to Meeting Disaster National Holiday Dentist Appointment Unanticipated Meeting with Boss Car Battery Won’t Start Rain War Personal Vacation Corrupted Data Customer Crisis Move to New Office New Product Release Facing More Challenges Than Ever Spectrum of Disruption

What Would You Do If Your… Headquarters and data center were destroyed? Network that supported 5000 desktops and servers was ruined? Corporate employees were displaced? PBX phone communications were disrupted? 45 Branch offices were unable to access mission-critical applications?

The Makings of a Resilient Business Business Continuance Synchronized data centers across a metro network ensured fast recovery Business Protection Data and communications secured over public networks using VPN technology provided continued access Business Agility IP telephony network enabled continuous voice communications Instant offices in hotel rooms, using wireless and VPN technologies allowed key personnel to get back to work Voice traffic rerouted over IP to alternate PSTN gateways in Europe, enabled communications with customers Lehman Bros. Reopened for Business the Next Day

In the Event of Disruption, Can You … Ensure critical systems and networks are continuously available? Restore mission critical applications? Provide uninterrupted workforce productivity with a secure instant office?

How Much Down-Time Can You Afford? Revenue loss Customer dissatisfaction Lost productivity Brand dilution Legal liability Financial performance $1,107,274 Retail $1,202,444 Insurance $1,344,461 Information Technology $1,495,134 Financial Institutions $1, Manufacturing $2,066,245 Telecommunications $2,817,846 Energy Revenue/Hour Industry Sector Source: Meta Group 11/2000

Achieving Stability in an Unpredictable World Gartner, January 2002 re·sil·ience (ri-zil’-yens)— Injecting security, protection and recovery into dispersed and far-flung organizations so that they can bounce back from any kind of setback, whether a natural disaster, a hostile economic change, a competitive onslaught, cyber-espionage or a terrorist attack. Business Resilience

Business Resilience Objectives Predictable performance Non-stop e-business Disaster recovery and asset protection Decentralized and mobilized resources Flexible communications Networked Virtual Organizations are Agile

Supply Chain Management E-Commerce E-Learning Workforce Optimization Customer Care Security.... Critical Enabler for Business Resilience Requires Defense-in-Depth Requires multiple components Integration into e-business infrastructure Requires comprehensive blueprint Requires Defense-in-Depth Requires multiple components Integration into e-business infrastructure Requires comprehensive blueprint

Information Theft Virus Attacks Information Theft Virus Attacks Threats Increasing Security Awareness Internet Data Interception Unprotected Assets Data Interception Unprotected Assets Denial of Service Unauthorized Entry Denial of Service Unauthorized Entry “HomePage” Worm Crawling Around the Globe - Information Week White House Site Hit by Another DOS Attack - Cnet News Study: Sites Attacked 4,000 Times a Week -ZD News

Security and the Evolving Enterprise Needs Sophistication of Hacker Tools Packet Forging/ Spoofing Password Guessing Self Replicating Code Password Cracking Exploiting Known Vulnerabilities Disabling Audits Back Doors Hijacking Sessions Sweepers Sniffers Stealth Diagnostics Technical Knowledge Required High Low 2000

% of Respondents Experiencing These Security Breaches Outsider / External Breaches 80% 89% 24% 48% 37% 39% 25% 21% Source: Goldman Sachs

What’s the Impact of Not Properly Securing Your Network ? Cost—directly affects bottom line 186 organizations* reported hack attempts totaling nearly $378 million. Average loss per respondent nearly $2,000,000 Credibility—end-user perception Can your end-user trust your network? Productivity—ability to use your system Downtime is lost time and revenue Viability—can ultimately affect your business Where will your company be in 1 year… 5 years? Liability—are you responsible? If you don’t take actions to stop outbound attacks, are you liable for damages inflicted on others? * FBI and Computer Security Institute(CSI)―2001

It’s About “Business Continuity” “ We security folks have got to stop treating security like it’s a separate problem from network management. Error detection, intrusion detection, and link outages – these are all aspects of the same network management problem.” Marcus Ranum CEO, Network Flight Recorder One of the Fathers of the Modern Firewall

The Network of Five Years Ago Closed Network Remote Site PSTN Frame Relay X.25 Leased Line PSTN

Legacy Security Solutions Most security designed when networks were simple and static Primarily single-point products (access- control) with no network integration or intelligence Such legacy products are still seen as default security solutions (a “cure-all”) Today, there are serious drawbacks to relying on such “overlay” security to protect sophisticated networks and services

Internet connections have dramatically increased as a frequent point of attack (from 59% in 2000 to 70% in 2001.) Of those organizations reporting attacks, we learn:  27% say they don't know if there had been unauthorized access or misuse  21% reported from two to five incidents in one year  58% reported ten or more incidents in a single year – something isn’t working! Computer Security Institute & FBI Report March, 2001 Case in Point…

Code Red and Nimda Worm Impacts Rapid penetration and propagation through existing security solutions Extensive impact; expensive recovery Exploited existing and known vulnerabilities, and bypassed legacy security devices Could be prevented and mitigated Rapid penetration and propagation through existing security solutions Extensive impact; expensive recovery Exploited existing and known vulnerabilities, and bypassed legacy security devices Could be prevented and mitigated

Impact of Recent Worms Major Computer Company... Code Red/Nimda $9 million for remediation 12,000 IT hours for Code Red 6,500 IT hours for Nimda Multibillion dollar financial institution... Nimda 75% of core routers down at any given time Lost trading server for half day ($13 million impact) Important Lesson Learned: Security Needs to Be Designed and Implemented Around, In and Through the Network Important Lesson Learned: Security Needs to Be Designed and Implemented Around, In and Through the Network

The Network Today

Today’s Threats Attackers are taking advantage of complex networks and sophisticated Internet services In this environment, everything is a target: Routers, Switches, Hosts, Networks (local and remote), Applications, Operating Systems, Security Devices, Remote Users, Business Partners, Extranets, etc. Threats to today’s networks are not addressed by most legacy security products In fact, there is no single security device which can protect all of these targets

Prevent damage from indiscriminate cyber attacks e.g. worms and viruses Technology Enablers Business Need Protect business operations against directed attacks e.g. hackers, fraudsters Complete Security System Planning for Business Protection

What Customers Want A Network-based “Intelligent” Solution Integration of security into all processes Bridge gap between Network Ops and Security Ops Security foundation for current technology Security foundation for new technology – no “fork-lift” upgrades Integrated Voice, Video, and Data traffic Support for Wireless and Remote Access QoS for differentiated handling of network traffic Defense in depth Build security into the network, not just the perimeter End-to-end networking solution Integration of security into all processes Bridge gap between Network Ops and Security Ops Security foundation for current technology Security foundation for new technology – no “fork-lift” upgrades Integrated Voice, Video, and Data traffic Support for Wireless and Remote Access QoS for differentiated handling of network traffic Defense in depth Build security into the network, not just the perimeter End-to-end networking solution

Cisco Security Directions Mission Accelerate deployment of security and e-business infrastructures Strategy Embrace integration into e-business infrastructure and technology initiatives Provide most comprehensive security/ VPN solution Utilize solutions and services ecosystems/partners Mission Accelerate deployment of security and e-business infrastructures Strategy Embrace integration into e-business infrastructure and technology initiatives Provide most comprehensive security/ VPN solution Utilize solutions and services ecosystems/partners

An Integrated System-Wide Approach End-to-end coordinated network+security system approach Defense in depth Protects hosts and networks Scalable system-wide security management policy, configuration, administration, monitoring Appliance and Router Firewalls, IDS, VPNs Single point of contact for network and security technical assistance, support and professional services Fast problem resolution Lower cost of ownership

Integrates security and network issues Includes specific configurations for Cisco and partner solutions Based on existing, shipping capabilities Over 3,000 hours of lab testing Currently, five SAFE white papers: SAFE for Enterprise, SAFE for SMB, SAFE Blueprint for IP Telephony, Wireless LAN Security in Depth, Combating Internet Worms Integrates security and network issues Includes specific configurations for Cisco and partner solutions Based on existing, shipping capabilities Over 3,000 hours of lab testing Currently, five SAFE white papers: SAFE for Enterprise, SAFE for SMB, SAFE Blueprint for IP Telephony, Wireless LAN Security in Depth, Combating Internet Worms SAFE Security Blueprint

ManagementBuildingDistribution Core Edge ServerE-Commerce Corporate Internet VPN/Remote Access WAN ISP PSTN FR/ATM SAFE: Securing E-Business

To Edge Distribution Module To VPN/Remote Access Module To ISP Module Public Web Servers Content Inspection Servers Cisco IDS Appliance Cisco IOS Router Cisco PIX Firewall Inspect Outbound Traffic for unauthorized URLs Stateful Packet Filtering Basic Layer 7 Filtering Host DoS Mitigation Spoof Mitigation DDoS Rate-Limiting Basic Filtering Broad Layer 4–7 Analysis SMTP Content Inspection Host IDS for local attack mitigation Focused Layer 4–7 Analysis SAFE: “Corporate Internet” Module

Deploy Security as an Integrated System Secure Transport Card Readers Security Room CCTV Secured Doors and Vaults Surveillance and Alarms Patrolling Security Guard Firewalls and Router ACLs Network and Host-based Intrusion Detection Scanner Centralized Security and Policy Management Identity, AAA, Access Control Servers and Certificate Authorities Encryption and Virtual Private Networks (VPN’s)

Identity Secure Connectivity Perimeter Security Monitoring Security Management Defense-in-Depth Firewalls VPN IDS/Scanning Authentication Policy Integration – into network infrastructure compatibility with network services Integration – functional interoperability intelligent interaction between elements Convergence – with other technology initiatives mobility/wireless, IP telephony, voice/video-enabled VPNs

Action Plan: Implementing a Process 1.Develop a comprehensive security policy Based on assessment of assets, threats, vulnerabilities 2.Implement it Focus on key exposures Build defense in depth Security and network experts engage In-source or out-source 3.Monitor and audit It’s what you don’t know... Be selective 4.React—according to plan Recovery needs to be rapid and organized Involve partners—in advance 5.Repeat Cycle! Continuous improvement to address new threats

Trends / Predictions Security is going Mainstream Fundamental to e-business—not an afterthought Security is going to Main Street Every small business will be an e-business Increased outsourcing of solutions and services Security extends everywhere The Internet home and the Mobile Office The Bar will continue to be raised Criticality of e-business applications Increased regulation Comprehensive solutions will win Security integrated into voice, video, wireless infrastructures Security is going Mainstream Fundamental to e-business—not an afterthought Security is going to Main Street Every small business will be an e-business Increased outsourcing of solutions and services Security extends everywhere The Internet home and the Mobile Office The Bar will continue to be raised Criticality of e-business applications Increased regulation Comprehensive solutions will win Security integrated into voice, video, wireless infrastructures

Prediction IT Security Organizations rethinking security after September 11 Focus of IT security will shift from the “Three As” (authentication, authorization, administration) to business continuity Physical and IT security will be integrated Organizations rethinking security after September 11 Focus of IT security will shift from the “Three As” (authentication, authorization, administration) to business continuity Physical and IT security will be integrated Prediction: Rationale: Organizations will reset their IT security plans in 2002 Source: IDC 2001; * Security Authorization, Authentication, Administration

Cisco’s Leadership Obligation Leading provider of networking equipment Leading provider of Security/VPN solutions SAFE network security blueprint brings networking and Security/VPN together Development efforts focused on network- intelligent Security/VPN solutions Strong partnership program around Security/VPN solutions

Internet Vital to Core of Business/ Government Security Fundamental to Health of Internet Attacks Increasing Dramatically – Targeted at New Network and Internet Services Security Must be Part of Network Infrastructure Partnership (Business and Government) Critical to a Global Security Strategy We Want to Partner With You Internet Vital to Core of Business/ Government Security Fundamental to Health of Internet Attacks Increasing Dramatically – Targeted at New Network and Internet Services Security Must be Part of Network Infrastructure Partnership (Business and Government) Critical to a Global Security Strategy We Want to Partner With You In Summary...

More Information

40 © 2001, Cisco Systems, Inc. All rights reserved.