Presentation is loading. Please wait.

Presentation is loading. Please wait.

CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,

Published bySolomon Watson Modified over 8 years ago

Similar presentations

Presentation on theme: "CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,"— Presentation transcript:

1 CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel, VMS Product Marketing, Cisco Security Technology Group

2 222 © 2003 Cisco Systems, Inc. All rights reserved. Network Security Complexity Central Management Local Security Operations Problem Large number of firewalls, routers, VPNs, IDS Controlling changes with multiple administrators Unreachable devices: dynamically addressed or intermittent links Remote OS updates Need Scalable management that can handle hundreds of devices Change management for multiuser environment Implement configurations to remote firewalls that are not always reachable Device inventory of network Software image management and code distribution to devices Internet

3 333 © 2003 Cisco Systems, Inc. All rights reserved. Solution CiscoWorks Security Information Management Solution (SIMS) High-level graphical summary of enterprise security landscape Real-time view of security event trends across the enterprise Correlate and visualize to identify and respond to threats in real time Over 250 canned reports provide extensive data- mining capabilities Support for multivendor network Global view provides “big picture” view of security trends

4 444 © 2003 Cisco Systems, Inc. All rights reserved. Managing Security in the Data Center Intranet Internet Keep Outsiders out Data Center Security Challenges Protect confidential data Protect business critical applications Prevent security threats from outside and inside the organization Data Center Security Solutions with VMS Manage agents to protect key servers and desktops Manage Intrusion prevention for threat analysis Manage firewall appliances, switch modules’ filtering and traffic Manage VPNs for secure communications Monitor security and performance for automated correction of emerging problems Centralized management of all network security Data Center Security Challenges Protect confidential data Protect business critical applications Prevent security threats from outside and inside the organization Data Center Security Solutions with VMS Manage agents to protect key servers and desktops Manage Intrusion prevention for threat analysis Manage firewall appliances, switch modules’ filtering and traffic Manage VPNs for secure communications Monitor security and performance for automated correction of emerging problems Centralized management of all network security Let Insiders in Private VLANs for Increased Server isolation Private VLANs for Increased Server isolation Secure systems approach within and between data centers

5 555 © 2003 Cisco Systems, Inc. All rights reserved. Managing Security for the Branch Office IPSec Tunnel Corporate Office PSTN Service Provider Service Provider Security Scalable with Business Needs Branch Security Challenges Protect business communications Prevent malicious traffic, threats, worms, etc. Adopt new network services/apps without performance impact Little to no remote IT staff Branch Security Challenges Protect business communications Prevent malicious traffic, threats, worms, etc. Adopt new network services/apps without performance impact Little to no remote IT staff Branch Security Solutions with VMS Manage router-embedded security services (FW, VPN, IPS) Manage router-integrated VPN, IDS modules for secure connectivity and threat prevention Distribute consistent policies to hundreds of remote locations Monitor health and performance to prevent downtime Reduce configuration errors Branch Security Solutions with VMS Manage router-embedded security services (FW, VPN, IPS) Manage router-integrated VPN, IDS modules for secure connectivity and threat prevention Distribute consistent policies to hundreds of remote locations Monitor health and performance to prevent downtime Reduce configuration errors

6 666 © 2003 Cisco Systems, Inc. All rights reserved. Managing Security for the Cisco NAC Solution Policy (AAA) Server Vendor Server Hosts Attempting Network Access Network Access Devices Policy Server Decision Points Credentials EAP/UDP, EAP/802.1x RADIUS Credentials HTTPS Access Rights Notification Cisco Trust Agent 12 4 5 6 2a Comply? Enforcement 3 Management and Monitoring System CiscoWorks VMS CiscoWorks SIMS NAC Security Management Challenges How to manage agents on lots of hosts How to get a holistic view of access control, as opposed to a view of individual components How to automate distribution of policy NAC Security Management Challenges How to manage agents on lots of hosts How to get a holistic view of access control, as opposed to a view of individual components How to automate distribution of policy NAC Security Management Manage software agents to protect desktops Monitor performance and health of the access devices Monitor end points, access devices, policy servers, and antivirus products Centrally manage policies to ensure access points are configured according to policies NAC Security Management Manage software agents to protect desktops Monitor performance and health of the access devices Monitor end points, access devices, policy servers, and antivirus products Centrally manage policies to ensure access points are configured according to policies

7 777 © 2003 Cisco Systems, Inc. All rights reserved. Summary: Business Justification for Security Management Review your day-to-day activities: Where do IT staff spend their time? Management Products and Importance 72% monitoring/reporting tools 54% performance, service level, and application management tools 53% platforms, frameworks, element managers – Infonetics Research, 2003 Over three years, the primary costs are not hardware or software but admin costs. Cisco management software targets these primary costs and lowers TOC. Dealing with the increased sophistication of attacks requires more than point products – it requires treating management as an integrated system. Cisco provides an integrated solution. “95% of all security breaches are attributed to misconfigurations.” – The Lippis Report, Vol 35: An Enterprise Network Security Framework

8 888 © 2003 Cisco Systems, Inc. All rights reserved.

Download ppt "CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,"

Similar presentations

Applying Technical Solutions. The ables Addressable Arguable Reasonable.

Applying Technical Solutions. The ables Addressable Arguable Reasonable.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)

Setting Up a Virtual Private Network Chapter 9. Learning Objectives Understand the components and essential operations of virtual private networks (VPNs)
The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.

The Cable Guys Inc. Drew Leach Tom McLoughlin Philip Mauldin Bill Smith.
A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.

A Java Architecture for the Internet of Things Noel Poore, Architect Pete St. Pierre, Product Manager Java Platform Group, Internet of Things September.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
16254_08_2002 © 2002, Cisco Systems, Inc. All rights reserved. Cisco’s Security Vision Mario Mazzola Chief Development Officer August 29, 2002.

16254_08_2002 © 2002, Cisco Systems, Inc. All rights reserved. Cisco’s Security Vision Mario Mazzola Chief Development Officer August 29, 2002.
Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.

Unleashing the Power of Ubiquitous Connectivity with IPv6 Sandeep K. Singhal, Ph.D Director of Program Management Windows Networking.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.

Enterprise security How to bring security transparency into your organization ISSA EDUCATIONAL SESSION Nicklaus Schleicher, VP Support & Customer Service.
Chapter 12 Network Security.

Chapter 12 Network Security.
MSIT 458: Information Security & Assurance By Curtis Pethley.

MSIT 458: Information Security & Assurance By Curtis Pethley.
Unified Logs and Reporting for Hybrid Centralized Management

Unified Logs and Reporting for Hybrid Centralized Management
Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.

Trusted Internet Connections. Background Pervasive and sustained cyber attacks against the United States continue to pose a potentially devastating impact.
WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, 2009 05/30/2009.

WIRELESS SECURITY DEFENSE T-BONE & TONIC: ALY BOGHANI JOAN OLIVER MIKE PATRICK AMOL POTDAR May 30, /30/2009.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Information Security in Real Business

Information Security in Real Business
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S09761197.

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
Virtual Private Networking Karlene R. Samuels COSC513.

Virtual Private Networking Karlene R. Samuels COSC513.

Similar presentations

Ads by Google