CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

Slides:

Advertisements

Similar presentations

Applying Technical Solutions. The ables Addressable Arguable Reasonable.

Advertisements

Guide to Network Defense and Countermeasures Second Edition

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

16254_08_2002 © 2002, Cisco Systems, Inc. All rights reserved. Cisco’s Security Vision Mario Mazzola Chief Development Officer August 29, 2002.

Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Chapter 12 Network Security.

MSIT 458: Information Security & Assurance By Curtis Pethley.

Unified Logs and Reporting for Hybrid Centralized Management

Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Information Security in Real Business

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S

Virtual Private Networking Karlene R. Samuels COSC513.

Firewall 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

© 2003, Cisco Systems, Inc. All rights reserved _07_2003_Richardson_c11 Security Strategy Update Self Defending Network Initiative Network Admission.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Enterprise Network Architecture SAFE Suhento Gunawan Systems Engineer.

Secure Network Design: Designing a Secure Local Area Network IT352 | Network Security |Najwa AlGhamdi1 Case Study

1 © 2001, Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID Cisco Easy VPN Solutions Applications and Implementation with Cisco IOS.

Network Topology. Cisco 2921 Integrated Services Router Security Embedded hardware-accelerated VPN encryption Secure collaborative communications with.

Copyright Microsoft Corp Ramnish Singh IT Advisor Microsoft Corporation Secure Remote Access Challenges, Choices, Best Practices.

Chapter 11: Dial-Up Connectivity in Remote Access Designs

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 10 – Implementing the Cisco Adaptive Security.

© 2007 Cisco Systems, Inc. All rights reserved.ISCW-Mod3_L7 1 Network Security 2 Module 6 – Configure Remote Access VPN.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

Copyright © 2004 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 IPSec or SSL VPN? Decision Criteria.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

PURE SECURITY Check Point UTM-1 Luděk Hrdina Marketing Manager, Eastern Europe Check Point Software Technologies Kongres bezpečnosti sítí 11. dubna 2007,

RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.

1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

Dell Connected Security Solutions Simplify & unify.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

Implementing Network Access Protection

Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

1 Chapter 12: VPN Connectivity in Remote Access Designs Designs That Include VPN Remote Access Essential VPN Remote Access Design Concepts Data Protection.

Lanxin Ma Institute of High Energy physics (IHEP) Chinese Academy of Sciences September 30, 2004 CHEP 2004, Interlaken The Security Protection System at.

Module 11: Implementing ISA Server 2004 Enterprise Edition.

Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.

1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.

The Infrastructure Optimization Journey Kamel Abu Ayash Microsoft Corporation.

© Copyright 2011 Elitecore Technologies Pvt. Ltd. All Rights Reserved. Securing You Centralized Security Management with Cyberoam Central.

© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.

Configuring Network Access Protection

1 Week #5 Routing and NAT Network Overview Configuring Routing Configuring Network Address Translation Troubleshooting Routing and Remote Access.

Unleashing the Power of IP Communications™ Calling Across The Boundaries Mike Burkett, VP Products September 2002.

Understand Network Isolation Part 2 LESSON 3.3_B Security Fundamentals.

1 Chapter 13: RADIUS in Remote Access Designs Designs That Include RADIUS Essential RADIUS Design Concepts Data Protection in RADIUS Designs RADIUS Design.

Copyright © 2008 Juniper Networks, Inc. 1 Juniper Networks Access Control Solutions Delivering Comprehensive and Manageable Network Access Control Solutions.

Lect 8 Tahani al jehain. Types of attack Remote code execution: occurs when an attacker exploits a software and runs a program that the user does not.

IS3220 Information Technology Infrastructure Security

Infrastructure for the People-Ready Business. Presentation Outline POINT B: Pro-actively work with your Account manager to go thru the discovery process.

©2013 Check Point Software Technologies Ltd. Small Business. Big Security New SMB Appliances Clinton Cutajar Team Leader – Information Security Computime.

©2004 Check Point Software Technologies Ltd. Proprietary & Confidential Moving Beyond the Perimeter with Intelligent Security Alfredo Cusin Channel Mgr.

Securing Interconnect Networks By: Bryan Roberts.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Creating the Network Design Designing and Supporting Computer Networks – Chapter.

© 2001, Cisco Systems, Inc. CSPFA 2.0—16-1 Chapter 16 Cisco PIX Device Manager.

Cisco Discovery 3 Chapter 1 Networking in the Enterprise JEOPARDY.

CAMPUS LAN DESIGN GUIDE Design Considerations for the High-Performance Campus LAN.

CompTIA Security+ Study Guide (SY0-401)

Proventia Network Intrusion Prevention System

CompTIA Security+ Study Guide (SY0-401)

Topic 12: Virtual Private Networks

Presentation transcript:

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel, VMS Product Marketing, Cisco Security Technology Group

222 © 2003 Cisco Systems, Inc. All rights reserved. Network Security Complexity Central Management Local Security Operations Problem Large number of firewalls, routers, VPNs, IDS Controlling changes with multiple administrators Unreachable devices: dynamically addressed or intermittent links Remote OS updates Need Scalable management that can handle hundreds of devices Change management for multiuser environment Implement configurations to remote firewalls that are not always reachable Device inventory of network Software image management and code distribution to devices Internet

333 © 2003 Cisco Systems, Inc. All rights reserved. Solution CiscoWorks Security Information Management Solution (SIMS) High-level graphical summary of enterprise security landscape Real-time view of security event trends across the enterprise Correlate and visualize to identify and respond to threats in real time Over 250 canned reports provide extensive data- mining capabilities Support for multivendor network Global view provides “big picture” view of security trends

444 © 2003 Cisco Systems, Inc. All rights reserved. Managing Security in the Data Center Intranet Internet Keep Outsiders out Data Center Security Challenges Protect confidential data Protect business critical applications Prevent security threats from outside and inside the organization Data Center Security Solutions with VMS Manage agents to protect key servers and desktops Manage Intrusion prevention for threat analysis Manage firewall appliances, switch modules’ filtering and traffic Manage VPNs for secure communications Monitor security and performance for automated correction of emerging problems Centralized management of all network security Data Center Security Challenges Protect confidential data Protect business critical applications Prevent security threats from outside and inside the organization Data Center Security Solutions with VMS Manage agents to protect key servers and desktops Manage Intrusion prevention for threat analysis Manage firewall appliances, switch modules’ filtering and traffic Manage VPNs for secure communications Monitor security and performance for automated correction of emerging problems Centralized management of all network security Let Insiders in Private VLANs for Increased Server isolation Private VLANs for Increased Server isolation Secure systems approach within and between data centers

555 © 2003 Cisco Systems, Inc. All rights reserved. Managing Security for the Branch Office IPSec Tunnel Corporate Office PSTN Service Provider Service Provider Security Scalable with Business Needs Branch Security Challenges Protect business communications Prevent malicious traffic, threats, worms, etc. Adopt new network services/apps without performance impact Little to no remote IT staff Branch Security Challenges Protect business communications Prevent malicious traffic, threats, worms, etc. Adopt new network services/apps without performance impact Little to no remote IT staff Branch Security Solutions with VMS Manage router-embedded security services (FW, VPN, IPS) Manage router-integrated VPN, IDS modules for secure connectivity and threat prevention Distribute consistent policies to hundreds of remote locations Monitor health and performance to prevent downtime Reduce configuration errors Branch Security Solutions with VMS Manage router-embedded security services (FW, VPN, IPS) Manage router-integrated VPN, IDS modules for secure connectivity and threat prevention Distribute consistent policies to hundreds of remote locations Monitor health and performance to prevent downtime Reduce configuration errors

666 © 2003 Cisco Systems, Inc. All rights reserved. Managing Security for the Cisco NAC Solution Policy (AAA) Server Vendor Server Hosts Attempting Network Access Network Access Devices Policy Server Decision Points Credentials EAP/UDP, EAP/802.1x RADIUS Credentials HTTPS Access Rights Notification Cisco Trust Agent a Comply? Enforcement 3 Management and Monitoring System CiscoWorks VMS CiscoWorks SIMS NAC Security Management Challenges How to manage agents on lots of hosts How to get a holistic view of access control, as opposed to a view of individual components How to automate distribution of policy NAC Security Management Challenges How to manage agents on lots of hosts How to get a holistic view of access control, as opposed to a view of individual components How to automate distribution of policy NAC Security Management Manage software agents to protect desktops Monitor performance and health of the access devices Monitor end points, access devices, policy servers, and antivirus products Centrally manage policies to ensure access points are configured according to policies NAC Security Management Manage software agents to protect desktops Monitor performance and health of the access devices Monitor end points, access devices, policy servers, and antivirus products Centrally manage policies to ensure access points are configured according to policies

777 © 2003 Cisco Systems, Inc. All rights reserved. Summary: Business Justification for Security Management Review your day-to-day activities: Where do IT staff spend their time? Management Products and Importance 72% monitoring/reporting tools 54% performance, service level, and application management tools 53% platforms, frameworks, element managers – Infonetics Research, 2003 Over three years, the primary costs are not hardware or software but admin costs. Cisco management software targets these primary costs and lowers TOC. Dealing with the increased sophistication of attacks requires more than point products – it requires treating management as an integrated system. Cisco provides an integrated solution. “95% of all security breaches are attributed to misconfigurations.” – The Lippis Report, Vol 35: An Enterprise Network Security Framework

888 © 2003 Cisco Systems, Inc. All rights reserved.