Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 © 2003, Cisco Systems, Inc. All rights reserved. Cisco Integrated Security: Building The Self-Defending Network Bogdan Constantinescu Area Manager Romania.

Published byJason Hancock Modified over 9 years ago

Similar presentations

Presentation on theme: "1 © 2003, Cisco Systems, Inc. All rights reserved. Cisco Integrated Security: Building The Self-Defending Network Bogdan Constantinescu Area Manager Romania."— Presentation transcript:

1 1 © 2003, Cisco Systems, Inc. All rights reserved. Cisco Integrated Security: Building The Self-Defending Network Bogdan Constantinescu Area Manager Romania & Rep. Moldova Cisco Systems Romania SECURITATEA SISTEMELOR INFORMATICE ŞI DE COMUNICAŢII 21 Septembrie 2004

2 222 Agenda Changes in Security Requirements Integrated Security & Self-Defending Networks Cisco Security Solutions

3 333 The Network as a Strategic Asset Customers Partners Suppliers Employees Improved Productivity Reduced Operational Costs Financial Performance Corporate Enterprises Small/Medium Businesses Service Providers

4 444 Intelligent Information Network Capabilities Security, IPC, Wireless Application Aware Management Modular Approach Security, IPC, Wireless Application Aware Management Modular Approach INTEGRATED High Availability Multilayer Security Virtual Services Scalable High Availability Multilayer Security Virtual Services Scalable RESILIENT Self-Provisioning Self-Optimizing Self-Defending Self-Provisioning Self-Optimizing Self-Defending ADAPTABLE

5 555 Business Continuity: Impact of Not Securing Your Network Cost—directly affects bottom line 494 organizations* reported overall financial losses totaling nearly 142 million. Credibility—end-user perception Can your end-user trust your network? Productivity—ability to use your system Downtime is lost time and revenue Viability—can ultimately affect your business Where will your company be in 1 year… 5 years? Liability—are you responsible? If you don’t take actions to stop outbound attacks, are you liable for damages inflicted on others? * www.gocsi.com

6 666 The Self Defending Network 666 © 2003 Cisco Systems, Inc. All rights reserved. Presentation_ID

7 777 Security is a Systematic Process Vulnerabilities and Risk Assessment Architecture Design and Implementation Security Policy/ Procedures Deploy Security Policy Surveillance, Monitoring, Audit & Analysis Incident Response Corrective Action Forensic Analysis 777 Central Security Management Central Security Management

8 888 Evolution of Cisco Security Strategy 1990s 2000 2002 Integrated security Routers Switches Appliances Endpoints FW + VPN + IDS…. Integrated management software Evolving advanced services Integrated security Routers Switches Appliances Endpoints FW + VPN + IDS…. Integrated management software Evolving advanced services Security appliances Enhanced router security Separate management software Security appliances Enhanced router security Separate management software Basic router security Command line interface Basic router security Command line interface 2003 End-point posture enforcement Network device protection Dynamic/Secure connectivity Dynamic communication between elements Automated threat response End-point posture enforcement Network device protection Dynamic/Secure connectivity Dynamic communication between elements Automated threat response Self-Defending Networks Self-Defending Networks 2004… Integrated Security Integrated Security Defense- In-Depth Point Products Basic Security Multiple technologies Multiple locations Multiple appliances Little/no integration Multiple technologies Multiple locations Multiple appliances Little/no integration

9 999 SYSTEM LEVEL SOLUTIONS EndpointsEndpoints NetworkNetwork ServicesServices SECURITY TECHNOLOGY INNOVATION SECURITY TECHNOLOGY INNOVATION Endpoint SecurityEndpoint Security Application FirewallApplication Firewall SSL VPNSSL VPN Network AnomalyNetwork Anomaly INTEGRATED SECURITY Secure Connectivity Threat Defense Trust & Identity Secure Connectivity Threat Defense Trust & Identity An initiative to dramatically improve the network’s ability to identify, prevent, and adapt to threats Self Defending Network Strategy Cisco strategy to dramatically improve the network’s ability to identify, prevent, and adapt to threats

10 10 Cisco Self-Defending Network - In Action End-point security enforcement Network Admission Control, Identity Based Network Services Network device protection Control Plane Policing, Auto-Secure, Switch/Router/WAP protection technologies. Dynamic/Secure connectivity Dynamic Multipoint VPN, VLAN Dynamic communication between elements Netflow, NBAR, Dynamic Intrusion Protection, ‘AreYouThere?’ Automatic response Cisco Security Agent, Network Anomaly Detection

11 11 Self-Defending Network Example Identity Based Networking Services 802.1x Authentication Challenge 802.1x Authentication Info Verify Login and Check with Policy DB Credentials Verified Login granted Send Policies Set port to enable set port vlan 10 VLAN 10 Engineering VLAN Switch applies policies and enables port. Login + Certificate Login Verified CiscoSecure ACS AAA Radius Server 802.1x Authentication Server Active Directory Login and Certificate Services 6500 SeriesAccess Points 4000 Series 3550/2950 Series 802.1x Capable Access Devices 802.1x Capable Client Secure Access In Action

12 12 Cisco Security Agent (CSA): Behavioral Protection From Attacks Target  Rapidly Mutating  Continual signature updates  Inaccurate  Most damaging Change very slowly Inspiration for CSA solution

13 13 Cisco Security Solutions 13

14 14 Cisco’s Integrated Network Security Solutions Threat Defense Defend the Edge: Integrated Network FW+IDS Detects and Prevents External Attacks Protect the Interior: Catalyst Integrated Security Protects Against Internal Attacks Guard the Endpoints: Cisco Security Agent (CSA) Protects Hosts Against Infection Trust and Identity Verify the User and Device: Identity-Based Networking/NAC Control Who/What Has Access Secure the Transport: IPSec VPN SSL VPN MPLS Protects Data/Voice Confidentiality Secure Comm. Intranet Internet

15 15 Cisco Integrated Network Security VPN 3002 VPN 3005 VPN 3015 VPN 3030 VPN 3080 VPN 3060 4210 4235 4250 501 506E 515E 525 535 1700 2600 3600 7xxx 3700 CSS11500 SCA 11000 Secure Content Accelerator SCA 11000 Secure Content Accelerator Catalyst 6500 Remote Access VPN Appliances Remote Access VPN Appliances Intrusion Detection Appliances Intrusion Detection Appliances PIX Firewall VPN Appliances PIX Firewall VPN Appliances Site-to-Site VPN / Firewall Routers Site-to-Site VPN / Firewall Routers Content Switching, Filtering SSL Optimization Content Switching, Filtering SSL Optimization High Performance Switch Integrated Campus Security Solutions High Performance Switch Integrated Campus Security Solutions Content Engine Catalyst CSM & SSL Blades CSS115XX SSL Blade 800 SOHO 90 Now with AES Acceleration

16 16 First Routers in the Industry to Support IPS and DMVPN! 3800 Series 2800 Series 1800 Series FCS September 2004 FCS September 2004 FCS September 2004 Highest Density and Performance for Concurrent Services Embedded, Advanced Voice, Video, Data & Security Services Integrated Security & Data Substantial increase in price/performance! Extension into new markets! Greater service densities across the portfolio! Increased Value Extended to New Markets Cisco Integrated Services Routers Cisco 3800, 2800, and 1800 Series Performance and Services Density Enterprise Branch Office SMBSmall Branch

17 17 ManagementBuildingDistribution Core Edge ServerE-Commerce Corporate Internet VPN/Remote Access WAN ISP PSTN FR/ATM

18 18 Continually identify and mitigate risk Cisco Advanced Services for Network Security Assess and plan for a sound architecture and design Build in scalable, adaptable, easy-to- upgrade solutions Transparently integrate into the core network infrastructure  Security Posture Assessment  Network Security Design Review  Network Security Design Development  Network Security Implementation Plan Assistance  Network Security Implementation Engineering  Network Security Optimization

19 19 Trust Cisco to Provide Leadership The threats are here to stay, are changing, and we must evolveThe threats are here to stay, are changing, and we must evolve Our connected world is the target, not one piece or one companyOur connected world is the target, not one piece or one company Cisco remains committed to help protect our customersCisco remains committed to help protect our customers The threats are here to stay, are changing, and we must evolveThe threats are here to stay, are changing, and we must evolve Our connected world is the target, not one piece or one companyOur connected world is the target, not one piece or one company Cisco remains committed to help protect our customersCisco remains committed to help protect our customers Cisco Spent $300M on Security R&D (FY’03) We’re a Partner You Can Trust

20 20 More Information www.cisco.com/security www.cisco.com/go/safe www.cisco.com/go/netpro www.cisco.com/go/securitypartners www.cisco.com/go/psirt http://www.nsa.gov (Cisco router recommendation guide)

21 21

Download ppt "1 © 2003, Cisco Systems, Inc. All rights reserved. Cisco Integrated Security: Building The Self-Defending Network Bogdan Constantinescu Area Manager Romania."

Similar presentations

Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 JUNIPER NETWORKS Moving up the Partner Program.

Copyright © 2007 Juniper Networks, Inc. Proprietary and Confidentialwww.juniper.net 1 JUNIPER NETWORKS Moving up the Partner Program.
Stonesoft Roadmap WHAT FEATURES WILL COME IN 2013-2014.

Stonesoft Roadmap WHAT FEATURES WILL COME IN
1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.

1 © 2005 Cisco Systems, Inc. All rights reserved. CONFIDENTIAL AND PROPRIETARY INFORMATION Cisco Wireless Strategy Extending and Securing the Network Bill.
© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.

© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 High-performance Gigabit Ethernet ports rapidly transfer large files supporting.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco Confidential 14854_10_2008_c1 1 Holistic Approach to Information Security Greg Carter, Cisco Security.
SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.

SAFE Blueprint and the Security Ecosystem. 2 Chapter Topics  SAFE Blueprint Overview  Achieving the Balance  Defining Customer Expectations  Design.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
Enterprise Data Solutions A Better Network. A Better ROI. Martin Matthews Technical Sales Engineer.

Enterprise Data Solutions A Better Network. A Better ROI. Martin Matthews Technical Sales Engineer.
The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.

The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.
16254_08_2002 © 2002, Cisco Systems, Inc. All rights reserved. Cisco’s Security Vision Mario Mazzola Chief Development Officer August 29, 2002.

16254_08_2002 © 2002, Cisco Systems, Inc. All rights reserved. Cisco’s Security Vision Mario Mazzola Chief Development Officer August 29, 2002.
January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.

January 23-26, 2007 Ft. Lauderdale, Florida IP Communications, Secure – By Design Roger W. Farnsworth.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, 2009 05/30/2009.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
MIGRATION FROM SCREENOS TO JUNOS based firewall

MIGRATION FROM SCREENOS TO JUNOS based firewall
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Borderless Networks Enabling the Borderless Organisation Mark Jackson,

Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Borderless Networks Enabling the Borderless Organisation Mark Jackson,
SecPath Firewall Architecture. Objectives Upon completion of this course, you will be able to: Understand the architecture of SecPath series firewalls.

SecPath Firewall Architecture. Objectives Upon completion of this course, you will be able to: Understand the architecture of SecPath series firewalls.
© 2003, Cisco Systems, Inc. All rights reserved. 111 8426_07_2003_Richardson_c11 Security Strategy Update Self Defending Network Initiative Network Admission.

© 2003, Cisco Systems, Inc. All rights reserved _07_2003_Richardson_c11 Security Strategy Update Self Defending Network Initiative Network Admission.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Enterprise Network Architecture SAFE Suhento Gunawan Systems Engineer.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Enterprise Network Architecture SAFE Suhento Gunawan Systems Engineer.
All Rights Reserved © Alcatel-Lucent 2010 1 | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.

All Rights Reserved © Alcatel-Lucent | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access.

Similar presentations

Ads by Google