000000_1 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Cisco Security Solutions Overview David Hettrick August ® PartnerSmart. ™

® _2 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Is there a reason to be Paranoid?  Yes  Often, selling security is easy after a customer has had a breach of some kind  Suggestion is to be proactive and warn of potential threats  Security will always be a trade- off between Price and Comfort Level

® _3 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Types of Threats  Denial of Service (DoS) attacks  IP Spoofing  Phishing  Spyware  Malware  Reconnaissance  Unauthorized entry and data theft  Viruses and Worms  And more…

® _4 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Cisco Firewall and VPN products  PIX- Firewall and VPN – Flagship firewall  VPN Concentrator – Dedicated VPN appliance – Optimized for Remote Access – (EOS August 2007)  Both products are replaced by the Cisco ASA Appliance – Built on PIX v7.0 Code – Feature equivalent to VPN Concentrator – Higher Performing

® _5 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Adaptive Security Appliances  ASA5500 Adaptive Security Appliances – Provide Firewall and IPSec/SSL VPN  ASA5505 ~150Mbps  ASA5510 ~300Mbps  ASA5520 ~450Mbps  ASA5540 ~650Mbps  ASA5550 ~ 1200Mbps  SSM Expansion Slot – 4 port Gigabit 10/100/1000 or SFP – AIP module for IPS/IDS  AIP-10  AIP-20 – CSC module for gateway anti-x  Provides Anti-Virus and Anti-Spyware  Additional license to add URL/Content filtering, Anti-Phishing, & Anti-Spam filtering, Anti-Phishing, & Anti-Spam

® _6 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Cisco ASA 5505 Adaptive Security Appliance Sleek, High Performance Desktop Design Diskless Architecture for High Reliability Expansion Slot for Future Capabilities Expansion Slot for Future Capabilities Three USB v2.0 Ports for Future Use (One in Front) Console Port Two Power over Ethernet (PoE) Ports for IP Phones, WiFi Access Points, Video Surveillance, etc. Secure Lock Slot and System Reset Button 8-port 10/100 Fully Configurable Switch with VLAN Support © 2004 Cisco Systems, Inc. All rights reserved. ASA 5500 Intro 666

® _7 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Content Security and Control SSM Product Details CSC SSM-10  50 User  100 User  250 User  500 User  Base Services: – File-based Anti-Virus and malware filtering; Anti-Spyware  Plus License: – Anti-Spam, Content Filtering, Anti- Phishing, URL Filtering & Blocking Cisco ASA 5500 Series Content Security and Control Module (CSC SSM) CSC SSM-20  500 User  750 User  1,000 User Platforms / Subscription Levels Feature Sets

® _8 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. ASA Advanced Intrusion Prevention Module (AIP)  Feature equivalent to Cisco’s standalone IPS product (4200 series)  Freedom to decide which traffic traversing the ASA is scanned for intrusion.  Ability to drop those packets and log them right at the ASA

® _9 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Dual ISP feature introduction – Dual ISP support via object tracking feature Main Office Primary ISP Cisco ASA Outside Backup Secondary ISP IOS sla tracking feature Active/Standby routes Uses ICMP to track the routes Works on static address, DHCP and PPPoE Fail Back feature when primary comes back

® _10 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Simple installation and monitoring for the Cisco ASA 5500 family Supports configuration of: - Firewall - Remote Access VPN - Site to Site VPN - And all other ASA services Supports monitoring of: - Syslog (real-time) - Connections - Throughput & more! Cisco Adaptive Security Device Manager v5.2

® _11 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. VPN Solutions: Easy VPN  Scaleable – Easily add remote sites with no changes to Easy VPN server  IOS Routers  PIX, ASA, CVPN Internet Easy VPN Client Dynamic IP Client Behind Firewall Easy VPN Server VPN Tunnel

® _12 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Network Based Intrusion Products  Based on Signatures – IDS-4215, IPS-4240 – AIP module in ASA – NM-CIDS in Router – IOS embedded IPS  Watch for unauthorized activity in real time  Implement in front of firewall to audit attacks against network  Implement behind firewall approving traffic by firewall packets leaving corporate network  Implement where key Servers reside

® _13 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. What does Host based IPS do?  Day zero attack protection (virus, spyware, malware, patch management)  Intercepts Operating System calls and compares them to cached security policies  Takes proactive approach to block malicious behavior on host

® _14 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Host Based Intrusion Prevention CSA: Cisco Security Agent CSA Server Protection: Host-based Intrusion Protection Network Worm Protection Web Server Protection Security for other applications CSA Desktop Protection: Distributed Firewall Day Zero Virus Protection Security for other applications Anomaly Based Create Your own Policies Windows or Solaris

® _15 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. CSA Architecture  CSA Manager (required)  CSA Servers  CSA Desktops  CSA Profiler – Automates analysis of Applications activities – Easily builds custom policies

® _16 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Network Admission Control NAC  Prevents vulnerable and non-compliant hosts from impacting enterprise resilience, and it enables customers to leverage their existing network and infrastructure  Components – Endpoint security with Cisco Trust Agent – Network Access devices – routers, switches, CSACS – Policy Server – Cisco Clean Access Server (CCA) – Management Server - Cisco Clean Access Manager (CCA)

® _17 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. NAC Appliance Overview All-in-One Policy Compliance and Remediation Solution AUTHENTICATE & AUTHORIZE  Enforces authorization policies and privileges  Supports multiple user roles SCAN & EVALUATE  Agent scan for required versions of hotfixes, AV, and other software  Network scan for virus and worm infections and port vulnerabilities QUARANTINE  Isolate non-compliant devices from rest of network  MAC and IP-based quarantine effective at a per-user level UPDATE & REMEDIATE  Network-based tools for vulnerability and threat remediation  Help-desk integration

® _18 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.

® _19 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.

® _20 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.

® _21 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Gathering information is easy. Identifying real threats is challenging

® _22 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. MARS: Mitigation and Response System  Appliance  Gathers information from all Security Devices and correlates  Allows for real time analysis of threat – Network intelligence – Context correlation – Vector analysis – Anomaly detection – Hotspot identification – Automated mitigation capabilities  Not limited to Cisco Devices – Microsoft Servers – Common Security Products from other vendors – Supports Netflow collection

® _23 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Security: The Pervasive Add-on  What this means is that with any product it becomes a consideration to add security – By up selling the product itself  Change a Cisco2811 into a Cisco2811-SEC-K9 – Or by adding on a new product to the solution  Add Cisco Security Agent to those new web servers – Also, sometimes it just needs to be discussed to position the right solution  What are your security requirements for your wireless network?

000000_24 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Question and Answer