Securing the Next Generation Network and Data Centre – Now and into the Future – Vision, Roadmap, and Execution B-EN-01-B Bret Hartman Vice President and Chief Technology Officer, Cisco Security Business Group
Aug 20, 2015
Securing the Next Generation Network and Data Centre – Now and into the Future – Vision, Roadmap, and Execution B-EN-01-B
Bret Hartman
Vice President and Chief Technology Officer, Cisco Security Business Group
Cisco and/or its affiliates. All rights reserved. Session FAQ Forum Cisco Public
House Keeping Notes – Wednesday April 16, 2014
Thank you for attending Cisco Connect Toronto 2014, here are a few housekeeping notes to ensure we all enjoy the session today.
Please ensure your cellphones are set on silent to ensure no one is disturbed during the session
Please hold all questions until the end of these session to ensure all material is covered
2
Cisco and/or its affiliates. All rights reserved. Session FAQ Forum Cisco Public
Complete Your Paper Session Evaluation – Wednesday April 16
Give us your feedback and you could win 1 of 2
fabulous prizes in a random draw.
Complete and return your paper evaluation
form to the Room Attendant at the end of the
session.
Winners will be announced today at the end of
the session. You must be present to win!
Please visit the Concierge desk to pick up your
prize redemption slip.
Visit them at BOOTH# 407
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
Recent Events Have Eroded Trust
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
"We can trust the NSA
because without a doubt it is
history's most powerful,
pervasive, sophisticated
surveillance agency ever to
be totally pwned by a 29-
year-old with a thumb drive”
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
The Industrialization of Hacking
2000 1990 1995 2005 2010 2015 2020
Viruses 1990–2000
Worms 2000–2005
Spyware and Rootkits 2005–Today
APTs Cyberware Today +
Hacking Becomes an Industry
Sophisticated Attacks, Complex Landscape
Phishing, Low Sophistication
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Any Device to Any Cloud
Public Cloud Private Cloud
Public Cloud
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
The Security Problem
Changing
Business Models
Dynamic
Threat Landscape
Complexity
and Fragmentation
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Comprehensive Security Portfolio
IPS & NGIPS
• Cisco IPS 4300 Series
• Cisco ASA 5500-X Series integrated IPS
Web Security
• Cisco Web Security Appliance (WSA)
• Cisco Virtual Web Security Appliance (vWSA)
• Cisco Cloud Web Security
Firewall & NGFW
• Cisco ASA 5500-X Series
• Cisco ASA 5500-X w/ NGFW license
• Cisco ASA 5585-X w/ NGFW blade
Advanced Malware Protection
NAC + Identity Services
• Cisco Identity Services Engine (ISE)
• Cisco Access Control Server (ACS)
Email Security
• Cisco Email Security Appliance (ESA)
• Cisco Virtual Email Security Appliance (vESA)
• Cisco Cloud Email Security
• Cisco
UTM
• Meraki MX
VPN
• Cisco AnyConnect VPN
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
The New Security Model
BEFORE Discover
Enforce
Harden
AFTER Scope
Contain
Remediate
Attack Continuum
Network Endpoint Mobile Virtual Cloud
Detect
Block
Defend
DURING
Point in Time Continuous
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Network-Integrated,
Broad Sensor Base,
Context and Automation
Continuous Advanced Threat
Protection, Cloud-Based
Security Intelligence
Agile and Open Platforms,
Built for Scale, Consistent
Control, Management
Strategic Imperatives
Network Endpoint Mobile Virtual Cloud
Visibility-Driven Threat-Focused Platform-Based
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Visibility-Driven
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Need Both Breadth and Depth
Network Endpoint Mobile Virtual Cloud
BREADTH
DEPTH
Who What Where When How
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Cisco Fabric Provides Pervasive Visibility
Network Servers
Operating Systems
Routers and Switches
Mobile Devices
Printers
VoIP Phones
Virtual Machines
Client Applications
Files
Users
Web Applications
Application Protocols
Services
Malware
Command and Control
Servers
Vulnerabilities
NetFlow
Network Behavior
Processes
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
?
Threat-Focused
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Detect, Understand, and Stop Threats
?
Collective Security Intelligence
Threat Identified
Event History
How
What
Who
Where
When
ISE + Network, Appliances (NGFW/NGIPS)
Context
AMP, CWS, Appliances
Recorded
Enforcement
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Continuous Advanced Threat Protection
ISE + Network, Appliances (NGFW/NGIPS)
How
What
Who
Where
When
Collective Security Intelligence
AMP, CWS, Appliances
Enforcement
Event History
AMP, Threat Defense
Continuous Analysis Context
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
Today’s Security Appliances
W W W
Context-
Aware
Functions
IPS
Functions Malware
Functions
VPN
Functions Traditional
Firewall
Functions
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
Management
Security
Services and
Applications
Security
Services
Platform
Infrastructure
Element
Layer
Platform-Based Security Architecture
Common Security Policy & Management
Common Security Policy and Management
Orchestration
Security Management APIs
Cisco ONE APIs
Platform APIs
Cloud Intelligence APIs
Physical Appliance Virtual Cloud
Access Control
Context Awareness
Content Inspection
Application Visibility
Threat Prevention
Device API: OnePK™, OpenFlow, CLI
Cisco Networking Operating Systems (Enterprise, Data Center, Service Provider)
Route–Switch–Compute ASIC Data Plane Software Data Plane
APIs APIs
Cisco Security Applications Third-Party Security Applications
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
The Security Perimeter in the Cloud
The Distributed Perimeter
Cloud Connected Network
Collective Security Intelligence
Telemetry Data Threat Research Advanced Analytics
Mobile Router Firewall
3M+ Cloud Web Security Users
6 GB Web Traffic Examined, Protected Every Hour
75M Unique Hits Every Hour
10M Blocks Enforced Every Hour
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
Develop Ecosystems for Cisco Security
Cisco Current
Partner Ecosystem Mobility (MDM), Threat (SIEM), Cloud
Partner to Deliver Complete Solutions
Open Platform Architecture Enables
Develop SSP Partner Ecosystem
ISE as “Context Directory Service”
Embed Security in Broader IT Solutions
Lancope, Network as a Sensor
Drive the Value of the Network
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Visibility and Context
Firewall
NGFW
NAC + Identity Services
VPN
UTM
NGIPS
Web Security
Email Security
Advanced Malware Protection
Network Behavior Analysis
Covering the Entire Attack Continuum
BEFORE Discover
Enforce
Harden
AFTER Scope
Contain
Remediate
Attack Continuum
Detect
Block
Defend
DURING
Questions?
26