SlideShare uma empresa Scribd logo

Data center webinar_v2_1

Transferir como PPTX, PDF
Lancope, Inc.
Lancope, Inc.
Tecnologia
1 de 33
Securing the Data Center Matt Robertson - Lancope Technical Marketing Engineer David Anderson – Cisco Principal Solution Architect, Data Center Security
Defending Against Humans
Evolution of Cyber Conflict War Dialing, Phone Phreaking … Manual Attacks (1980s) Viruses, Worms … Mechanized Attacks (1988) Google, RSA … Talented Human / Mechanized Attackers (2009) Cyrptocurrency Ransoms, Store-bought Credentials ... DIY Human / Mechanized Attackers (2011) Intelligence Driven Human Defenders Manual Defenses Unplug Mechanized Defenses Firewall, IDS/IPS Targeted Human/Mechanized DefendersReputation, App-aware FirewallAPT, Multi-Step Attacks… Target, Neiman Marcus …
Security Buckets Segmentation • Establish boundaries: network, compute, virtual • Enforce policy by functions, devices, organizations, compliance • Control and prevent unauthorized access to networks, resources, applications Threat Defense • Stop internal and external attacks and interruption of services • Patrol zone and edge boundaries • Control information access and usage, prevent data loss and data modification Visibility • Provide transparency to usage • Apply business context to network activity • Simplify operations and compliance reporting
Internet Partners Application Software Virtual Machines VSwitch Access Aggregation and Services Core Edge IP-NGN Backbone Storage and SAN Compute IP-NGN Application Control (SLB+) Service Control Firewall Services Virtual Device Contexts Fibre Channel Forwarding Fabric Extension Fabric-Hosted Storage Virtualization Storage Media Encryption Virtual Contexts for FW & SLB Port Profiles & VN- Link Port Profiles & VN-Link Line-Rate NetFlow Virtual Device Contexts Secure Domain Routing Service Profiles Virtual Machine Optimization Virtual Firewall Edge and VM Intrusion Detection PhysicalVirtual Security As A System Unified Policy
UCSVirtual AccessStorage Data Center Security Control Framework Multi-Layer, Distributed Model Data Center Core Layer DC Service Layer DC Access Layer Services • Initial filter for DC ingress and egress traffic. Virtual Context used to split polices for server-to-server filtering • Additional firewall services for server farm specific protection Infrastructure Security • Infrastructure Security features are enabled to protect device, traffic plane and control plane • 802.1ae and vPC provides internal/external separation Services • IPS/IDS provide traffic analysis and forensics • Network Analysis provide traffic monitoring and data analysis • Server load balancing masks servers and applicationsData security authenticate & access control Port security authentication, QoS features Virtual Firewall Real-time Monitoring Firewall Rules ACLs, Port Security, VN Tag, Netflow, ERSPAN, QoS, CoPP, DHCP snooping Security Management • Visibility • Event correlation, syslog, centralized authentication • Forensics • Anomaly detection • Compliance AD, ASDM CSM, VNMC, ACS DC Aggregation Layer
Visibility Challenges in the Data Center High value assets and data Large, high volume throughput Multiple layers and levels of communication Virtual hosts
NetFlow 8 10.2.2.2 port 1024 10.1.1.1 port 80 eth0/1 eth0/2 Start Time Interface Src IP Src Port Dest IP Dest Port Proto Pkts Sent Bytes Sent TCP Flags 10:20:12.221 eth0/1 10.2.2.2 1024 10.1.1.1 80 TCP 5 1025 SYN,ACK,PSH 10:20:12.871 eth0/2 10.1.1.1 80 10.2.2.2 1024 TCP 17 28712 SYN,ACK,FIN Start Time Interface Src IP Src Port Dest IP Dest Port Proto Pkts Sent Bytes Sent TCP Flags 10:20:12.221 eth0/1 10.2.2.2 1024 10.1.1.1 80 TCP 5 1025 SYN,ACK,PSH
Network Devices StealthWatch FlowCollector StealthWatch Management Console NetFlow Users/Devices Cisco ISE NBAR NSEL StealthWatch Solution Components StealthWatch FlowSensor StealthWatch FlowSensor VE NetFlow StealthWatch FlowReplicator Other tools/collectors
10 Behavior Based Analysis
Behavior-Based Attack Detection High Concern Index indicates a significant number of suspicious events that deviate from established baselines
StealthWatch: Alarms 12 Alarms • Indicate significant behavior changes and policy violations • Known and unknown attacks generate alarms • Activity that falls outside the baseline, acceptable behavior or established policies
13© 2013 Lancope, Inc. All rights reserved. Suspect Data Hoarding Unusually large amount of data inbound from other hosts Default Policy
14© 2013 Lancope, Inc. All rights reserved. Target Data Hoarding Unusually large amount of data outbound from a host to multiple hosts Default Policy
Custom Security Events Time range Object conditions Peer conditions Connection conditions
Custom Security Events High Level Use cases: • Check policy • Check for known bad conditions Examples: • IOC specific to environment • Audit compliance (ex. Users to PCI servers) • VM-to-VM communication • Inappropriate access or applications
17 Cisco Cyber Threat Defense Solution for the Data Center Design
About this section http://www.cisco.com/go/securedatacenter
CTD Data Center Validated Architecture Nexus 1000v Nexus 7000 StealthWatch FlowCollector StealthWatch Management Console https NetFlow Cisco NGACisco NGA Cisco ASA SPAN SPAN
Edge: ASA 20 NetFlow Security Event Logging: • Provides visualization into policy enforcement points Monitor communication between branches • Efficient event reporting mechanism: • Syslog - Verbose, text based, single event per packet: ~30% processing overhead • NetFlow - Compact, binary, multiple events per packet: ~7-10% processing overhead • Context rich: • Event driven: Flow Created, Denied, tear-down • Network Address Translations • User-ID
ASA NSEL Configuration 21 ! flow-export destination management <ip-address> 2055 ! policy-map global_policy class class-default flow-export event-type all destination <ip-address> ! flow-export template timeout-rate 2 logging flow-export syslogs disable !
ASA Flow Table 22 Inside local Outside global Server User
Core: Nexus 7000 & NGA 23 Nexus 7000 Cisco NGA SPAN NetFlow Generation Appliance: • 4x10 G monitoring interfaces • Non-performance impacting 1:1 NetFlow generation • NetFlow version 5, 9 and IPFIX • 80M Active Flow Cache • 200K NetFlow record export per sec
Nexus 7004 Configuration 24 ! interface port-channel8 description <<** NGA SPAN PORTS **>> switchport mode trunk switchport monitor ! monitor session 1 description SPAN ASA Data Traffic from Po20 source interface port-channel20 rx destination interface port-channel8 no shut
NGA Config 25
Alternative: Physical FlowSensor 26 Nexus 7000 StealthWatch FlowSensor SPAN StealthWatch FlowSensor • Multiple hardware platforms up to 20 Gbps throughout • Non-performance impacting 1:1 NetFlow generation • Recognition of over 900 Applications • URL capture • Additional statistics: • Server Response Time • Round Trip Time
Access: Nexus 1000v 27 Nexus 1000v Nexus 1000v: • NetFlow as close to access as possible: complete visibility • Visibility into VM-to-VM communication (across the 1000v) • Up to 256 NetFlow interfaces; one flow monitor per interface, per direction • Cache: 256 to 16384 entries - default is 4096.
Nexus 1000v NetFlow Config 28 feature netflow ! flow exporter nf-export-1 description <<** SEA Lancope Flow Collector **>> destination 172.26.164.240 use-vrf management transport udp 2055 source mgmt0 version 9 option exporter-stats timeout 300 option interface-table timeout 300 ! flow monitor sea-enclaves record netflow-original exporter nf-export-1 timeout active 60 timeout inactive 15 ! port-profile type vethernet enc1-3001 ip flow monitor sea-enclaves input
29 Optional: StealthWatch FlowSensor VE capture SERVICE CONSOLEVM VM lightweight packet capture and IPFIX generation Visibility & Context: • Flow records include: • VM name • VM server name • VM State • vMotion aware • Host Profiled in terms of VM name • Application, SRT, RRT (same as physical)
30 FlowSensor VE: VM Visbility
31 FlowSensor VE: VM Visbility Provide VM-to-VM Policy Monitoring within the same VMware server
Summary 32 More Information: • http://www.lancope.com/ • http://www.cisco.com/go/securedatacenter • http://www.cisco.com/go/threatdefense NetFlow and the Lancope StealthWatch System provide actionable security intelligence in data centers Visibility into Data Center traffic has historically been difficult
THANK YOU 33© 2013 Lancope, Inc. All rights reserved.

Recomendados

TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
TechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISETechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISERobb Boyd
 
TechWiseTV Workshop: Stealthwatch Learning Network License
TechWiseTV Workshop: Stealthwatch Learning Network LicenseTechWiseTV Workshop: Stealthwatch Learning Network License
TechWiseTV Workshop: Stealthwatch Learning Network LicenseRobb Boyd
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Trend Micro
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Canada
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Sean Xie
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeCisco Enterprise Networks
 
Software defined security-framework_final
Software defined security-framework_finalSoftware defined security-framework_final
Software defined security-framework_finalLan & Wan Solutions
 

Recomendados

TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
TechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISETechWiseTV Workshop: Cisco Stealthwatch and ISE
TechWiseTV Workshop: Cisco Stealthwatch and ISERobb Boyd
 
TechWiseTV Workshop: Stealthwatch Learning Network License
TechWiseTV Workshop: Stealthwatch Learning Network LicenseTechWiseTV Workshop: Stealthwatch Learning Network License
TechWiseTV Workshop: Stealthwatch Learning Network LicenseRobb Boyd
 
Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Where to Store the Cloud Encryption Keys - InterOp 2012
Where to Store the Cloud Encryption Keys - InterOp 2012Trend Micro
 
Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Study: State of Web Security
Cisco Study: State of Web Security Cisco Canada
 
Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Palo Alto Networks Portfolio & Strategy Overview 2019
Palo Alto Networks Portfolio & Strategy Overview 2019Sean Xie
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeCisco Enterprise Networks
 
Software defined security-framework_final
Software defined security-framework_finalSoftware defined security-framework_final
Software defined security-framework_finalLan & Wan Solutions
 
ISE_Pub
ISE_PubISE_Pub
ISE_PubWill Hatcher
 
Network Security Architecture
Network Security Architecture Network Security Architecture
Network Security Architecture InnoTech
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloudTrend Micro
 
What is micro segmentation?
What is micro segmentation?What is micro segmentation?
What is micro segmentation?Mir Mustafa Ali
 
Cisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Canada
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentationlaonap166
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year ProjectMOHAMMEDELALAM1
 
Requirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabRequirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabSyed Ubaid Ali Jafri
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco Canada
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint OverviewLeonardo Antichi
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introductionJimmy Saigon
 
Asa sslvpn security
Asa sslvpn securityAsa sslvpn security
Asa sslvpn securityJack Melson
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud securityDavid De Vos
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionShah Sheikh
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationCisco Security
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to CloudCisco Security
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT securityJulien Vermillard
 
TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)
TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)
TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)Robb Boyd
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 
Timing attacks have never been so practical: Advance cross site search attacks
Timing attacks have never been so practical: Advance cross site search attacksTiming attacks have never been so practical: Advance cross site search attacks
Timing attacks have never been so practical: Advance cross site search attacksPriyanka Aash
 
How to detect side channel attacks in cloud infrastructures
How to detect side channel attacks in cloud infrastructuresHow to detect side channel attacks in cloud infrastructures
How to detect side channel attacks in cloud infrastructuresPasquale Puzio
 

Mais conteúdo relacionado

Mais procurados

Network Security Architecture
Network Security Architecture Network Security Architecture
Network Security Architecture InnoTech
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloudTrend Micro
 
What is micro segmentation?
What is micro segmentation?What is micro segmentation?
What is micro segmentation?Mir Mustafa Ali
 
Cisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Canada
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentationlaonap166
 
Requirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabRequirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabSyed Ubaid Ali Jafri
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco Canada
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introductionJimmy Saigon
 
Asa sslvpn security
Asa sslvpn securityAsa sslvpn security
Asa sslvpn securityJack Melson
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud securityDavid De Vos
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionShah Sheikh
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationCisco Security
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to CloudCisco Security
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT securityJulien Vermillard
 
TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)
TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)
TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)Robb Boyd
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overviewBelsoft
 

Mais procurados (20)

ISE_Pub
ISE_PubISE_Pub
ISE_Pub
 
Network Security Architecture
Network Security Architecture Network Security Architecture
Network Security Architecture
 
Who owns security in the cloud
Who owns security in the cloudWho owns security in the cloud
Who owns security in the cloud
 
What is micro segmentation?
What is micro segmentation?What is micro segmentation?
What is micro segmentation?
 
Cisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group TaggingCisco Trustsec & Security Group Tagging
Cisco Trustsec & Security Group Tagging
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
 
Eximbank security presentation
Eximbank security presentationEximbank security presentation
Eximbank security presentation
 
My Final Year Project
My Final Year ProjectMy Final Year Project
My Final Year Project
 
Requirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing LabRequirement for creating a Penetration Testing Lab
Requirement for creating a Penetration Testing Lab
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
 
Checkpoint Overview
Checkpoint OverviewCheckpoint Overview
Checkpoint Overview
 
Watchguard short introduction
Watchguard short introductionWatchguard short introduction
Watchguard short introduction
 
Asa sslvpn security
Asa sslvpn securityAsa sslvpn security
Asa sslvpn security
 
Cloud summit demystifying cloud security
Cloud summit demystifying cloud securityCloud summit demystifying cloud security
Cloud summit demystifying cloud security
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the Application
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to Cloud
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT security
 
TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)
TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)
TechWiseTV Workshop: Cisco ISE 2.1 (Identity Services Engine)
 
Palo alto networks product overview
Palo alto networks product overviewPalo alto networks product overview
Palo alto networks product overview
 

Destaque

Timing attacks have never been so practical: Advance cross site search attacks
Timing attacks have never been so practical: Advance cross site search attacksTiming attacks have never been so practical: Advance cross site search attacks
Timing attacks have never been so practical: Advance cross site search attacksPriyanka Aash
 
How to detect side channel attacks in cloud infrastructures
How to detect side channel attacks in cloud infrastructuresHow to detect side channel attacks in cloud infrastructures
How to detect side channel attacks in cloud infrastructuresPasquale Puzio
 
Mobile Internet - Africa's Digital Backbone
Mobile Internet - Africa's Digital BackboneMobile Internet - Africa's Digital Backbone
Mobile Internet - Africa's Digital BackboneAdeyemi Fowe
 
ISP core routing project
ISP core routing projectISP core routing project
ISP core routing projectvishal sharma
 
Secure Network Design with High-Availability & VoIP
Secure Network Design with High-Availability & VoIPSecure Network Design with High-Availability & VoIP
Secure Network Design with High-Availability & VoIPArpan Patel
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALJohn Bernal
 
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...Business plan for a BPO company in Colombia (Business Process Outsourcing - ...
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...Jonathan Donado
 
A University Network Design Exercise
A University Network Design ExerciseA University Network Design Exercise
A University Network Design Exercisejoelavery
 
Business Plan Highlights Template
Business Plan Highlights TemplateBusiness Plan Highlights Template
Business Plan Highlights Templateevansridge
 
Developing A Strategic Business Plan
Developing A Strategic Business PlanDeveloping A Strategic Business Plan
Developing A Strategic Business PlanEarl Stevens
 
Business Plan Sample - Great Example For Anyone Writing a Business Plan
Business Plan Sample - Great Example For Anyone Writing a Business PlanBusiness Plan Sample - Great Example For Anyone Writing a Business Plan
Business Plan Sample - Great Example For Anyone Writing a Business PlanThe Business Plan Team
 
Sample Business Plan Presentation
Sample Business Plan PresentationSample Business Plan Presentation
Sample Business Plan PresentationEnigma
 
Business Plan Powerpoint 1
Business Plan Powerpoint 1Business Plan Powerpoint 1
Business Plan Powerpoint 1haleydawn
 

Destaque (14)

Timing attacks have never been so practical: Advance cross site search attacks
Timing attacks have never been so practical: Advance cross site search attacksTiming attacks have never been so practical: Advance cross site search attacks
Timing attacks have never been so practical: Advance cross site search attacks
 
How to detect side channel attacks in cloud infrastructures
How to detect side channel attacks in cloud infrastructuresHow to detect side channel attacks in cloud infrastructures
How to detect side channel attacks in cloud infrastructures
 
Mobile Internet - Africa's Digital Backbone
Mobile Internet - Africa's Digital BackboneMobile Internet - Africa's Digital Backbone
Mobile Internet - Africa's Digital Backbone
 
ISP
ISPISP
ISP
 
ISP core routing project
ISP core routing projectISP core routing project
ISP core routing project
 
Secure Network Design with High-Availability & VoIP
Secure Network Design with High-Availability & VoIPSecure Network Design with High-Availability & VoIP
Secure Network Design with High-Availability & VoIP
 
WWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINALWWTC_implementation_plan_Group5_FINAL
WWTC_implementation_plan_Group5_FINAL
 
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...Business plan for a BPO company in Colombia (Business Process Outsourcing - ...
Business plan for a BPO company in Colombia (Business Process Outsourcing - ...
 
A University Network Design Exercise
A University Network Design ExerciseA University Network Design Exercise
A University Network Design Exercise
 
Business Plan Highlights Template
Business Plan Highlights TemplateBusiness Plan Highlights Template
Business Plan Highlights Template
 
Developing A Strategic Business Plan
Developing A Strategic Business PlanDeveloping A Strategic Business Plan
Developing A Strategic Business Plan
 
Business Plan Sample - Great Example For Anyone Writing a Business Plan
Business Plan Sample - Great Example For Anyone Writing a Business PlanBusiness Plan Sample - Great Example For Anyone Writing a Business Plan
Business Plan Sample - Great Example For Anyone Writing a Business Plan
 
Sample Business Plan Presentation
Sample Business Plan PresentationSample Business Plan Presentation
Sample Business Plan Presentation
 
Business Plan Powerpoint 1
Business Plan Powerpoint 1Business Plan Powerpoint 1
Business Plan Powerpoint 1
 

Semelhante a Data center webinar_v2_1

Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks
 
Network Security and Visibility through NetFlow
Network Security and Visibility through NetFlowNetwork Security and Visibility through NetFlow
Network Security and Visibility through NetFlowLancope, Inc.
 
Deep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilotDeep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilotServicePilot
 
The Data Center Network Evolution
The Data Center Network EvolutionThe Data Center Network Evolution
The Data Center Network EvolutionCisco Canada
 
People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013Eurotech
 
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring StationsJava in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring StationsEurotech
 
Security at the Speed of the Network
Security at the Speed of the NetworkSecurity at the Speed of the Network
Security at the Speed of the NetworkHantzley Tauckoor
 
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...NetworkCollaborators
 
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...Brandon DeVault
 
Cisco IT Infrastructure Monitoring with SolarWinds Tools
Cisco IT Infrastructure Monitoring with SolarWinds Tools Cisco IT Infrastructure Monitoring with SolarWinds Tools
Cisco IT Infrastructure Monitoring with SolarWinds Tools Gintare Stravinskaite
 
ONF & iSDX Webinar
ONF & iSDX WebinarONF & iSDX Webinar
ONF & iSDX WebinarKatie Hyman
 
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_diveNur Shiqim Chok
 
network-management Web base.ppt
network-management Web base.pptnetwork-management Web base.ppt
network-management Web base.pptAssadLeo1
 
Kentik Detect Engine - Network Field Day 2017
Kentik Detect Engine - Network Field Day 2017Kentik Detect Engine - Network Field Day 2017
Kentik Detect Engine - Network Field Day 2017gvillain
 
Global Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network SecurityGlobal Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network SecurityScott Hoag
 
Cisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna centerCisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna centerCisco Canada
 
Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Joel W. King
 
Five Steps to Creating a Secure Hybrid Cloud Architecture
Five Steps to Creating a Secure Hybrid Cloud ArchitectureFive Steps to Creating a Secure Hybrid Cloud Architecture
Five Steps to Creating a Secure Hybrid Cloud ArchitectureAmazon Web Services
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveMadhu Venugopal
 

Semelhante a Data center webinar_v2_1 (20)

Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
 
Network Security and Visibility through NetFlow
Network Security and Visibility through NetFlowNetwork Security and Visibility through NetFlow
Network Security and Visibility through NetFlow
 
Deep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilotDeep Flow Monitoring with ServicePilot
Deep Flow Monitoring with ServicePilot
 
The Data Center Network Evolution
The Data Center Network EvolutionThe Data Center Network Evolution
The Data Center Network Evolution
 
People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013People Counting: Internet of Things in Motion at JavaOne 2013
People Counting: Internet of Things in Motion at JavaOne 2013
 
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring StationsJava in the Air: A Case Study for Java-based Environment Monitoring Stations
Java in the Air: A Case Study for Java-based Environment Monitoring Stations
 
Security at the Speed of the Network
Security at the Speed of the NetworkSecurity at the Speed of the Network
Security at the Speed of the Network
 
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
Cisco Connect 2018 Thailand - Secure data center building a secure zero trust...
 
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...
Toolkit Titans - Crafting a Cutting-Edge, Open-Source Security Operations Too...
 
Cisco IT Infrastructure Monitoring with SolarWinds Tools
Cisco IT Infrastructure Monitoring with SolarWinds Tools Cisco IT Infrastructure Monitoring with SolarWinds Tools
Cisco IT Infrastructure Monitoring with SolarWinds Tools
 
ONF & iSDX Webinar
ONF & iSDX WebinarONF & iSDX Webinar
ONF & iSDX Webinar
 
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
[Cisco Connect 2018 - Vietnam] Satit adirek hn under_the_hood_sdwan deep_dive
 
ADAM-3600 Sales kit_WATER.pptx
ADAM-3600 Sales kit_WATER.pptxADAM-3600 Sales kit_WATER.pptx
ADAM-3600 Sales kit_WATER.pptx
 
network-management Web base.ppt
network-management Web base.pptnetwork-management Web base.ppt
network-management Web base.ppt
 
Kentik Detect Engine - Network Field Day 2017
Kentik Detect Engine - Network Field Day 2017Kentik Detect Engine - Network Field Day 2017
Kentik Detect Engine - Network Field Day 2017
 
Global Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network SecurityGlobal Azure Bootcamp 2018 - Azure Network Security
Global Azure Bootcamp 2018 - Azure Network Security
 
Cisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna centerCisco connect winnipeg 2018 a look at network assurance in dna center
Cisco connect winnipeg 2018 a look at network assurance in dna center
 
Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1Security defined routing_cybergamut_v1_1
Security defined routing_cybergamut_v1_1
 
Five Steps to Creating a Secure Hybrid Cloud Architecture
Five Steps to Creating a Secure Hybrid Cloud ArchitectureFive Steps to Creating a Secure Hybrid Cloud Architecture
Five Steps to Creating a Secure Hybrid Cloud Architecture
 
DCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep diveDCUS17 : Docker networking deep dive
DCUS17 : Docker networking deep dive
 

Mais de Lancope, Inc.

Solving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective SecuritySolving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective SecurityLancope, Inc.
 
The Internet of Everything is Here
The Internet of Everything is HereThe Internet of Everything is Here
The Internet of Everything is HereLancope, Inc.
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutLancope, Inc.
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutLancope, Inc.
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider ThreatLancope, Inc.
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Lancope, Inc.
 
Detecting Threats: A Look at the Verizon DBIR and StealthWatch
Detecting Threats: A Look at the Verizon DBIR and StealthWatchDetecting Threats: A Look at the Verizon DBIR and StealthWatch
Detecting Threats: A Look at the Verizon DBIR and StealthWatchLancope, Inc.
 
So You Want a Threat Intelligence Function (But Were Afraid to Ask)
So You Want a Threat Intelligence Function (But Were Afraid to Ask)So You Want a Threat Intelligence Function (But Were Afraid to Ask)
So You Want a Threat Intelligence Function (But Were Afraid to Ask)Lancope, Inc.
 
Extending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointExtending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointLancope, Inc.
 
Save Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly BreachesSave Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly BreachesLancope, Inc.
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseLancope, Inc.
 
Save Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly BreachesSave Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly BreachesLancope, Inc.
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Lancope, Inc.
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Lancope, Inc.
 
Protecting the Crown Jewels from Devastating Data Breaches
Protecting the Crown Jewels from Devastating Data BreachesProtecting the Crown Jewels from Devastating Data Breaches
Protecting the Crown Jewels from Devastating Data BreachesLancope, Inc.
 
The Library of Sparta
The Library of SpartaThe Library of Sparta
The Library of SpartaLancope, Inc.
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefLancope, Inc.
 
Looking for the weird webinar 09.24.14
Looking for the weird webinar 09.24.14Looking for the weird webinar 09.24.14
Looking for the weird webinar 09.24.14Lancope, Inc.
 
Cisco CSIRT Case Study: Forensic Investigations with NetFlow
Cisco CSIRT Case Study: Forensic Investigations with NetFlowCisco CSIRT Case Study: Forensic Investigations with NetFlow
Cisco CSIRT Case Study: Forensic Investigations with NetFlowLancope, Inc.
 
Protecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber CrimeProtecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber CrimeLancope, Inc.
 

Mais de Lancope, Inc. (20)

Solving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective SecuritySolving the Visibility Gap for Effective Security
Solving the Visibility Gap for Effective Security
 
The Internet of Everything is Here
The Internet of Everything is HereThe Internet of Everything is Here
The Internet of Everything is Here
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
Combating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside OutCombating Insider Threats – Protecting Your Agency from the Inside Out
Combating Insider Threats – Protecting Your Agency from the Inside Out
 
5 Signs you have an Insider Threat
5 Signs you have an Insider Threat5 Signs you have an Insider Threat
5 Signs you have an Insider Threat
 
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
Intelligent Segmentation: Protecting the Enterprise with StealthWatch, Cisco ...
 
Detecting Threats: A Look at the Verizon DBIR and StealthWatch
Detecting Threats: A Look at the Verizon DBIR and StealthWatchDetecting Threats: A Look at the Verizon DBIR and StealthWatch
Detecting Threats: A Look at the Verizon DBIR and StealthWatch
 
So You Want a Threat Intelligence Function (But Were Afraid to Ask)
So You Want a Threat Intelligence Function (But Were Afraid to Ask)So You Want a Threat Intelligence Function (But Were Afraid to Ask)
So You Want a Threat Intelligence Function (But Were Afraid to Ask)
 
Extending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the EndpointExtending Network Visibility: Down to the Endpoint
Extending Network Visibility: Down to the Endpoint
 
Save Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly BreachesSave Your Network – Protecting Manufacturing Data from Deadly Breaches
Save Your Network – Protecting Manufacturing Data from Deadly Breaches
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
 
Save Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly BreachesSave Your Network – Protecting Healthcare Data from Deadly Breaches
Save Your Network – Protecting Healthcare Data from Deadly Breaches
 
Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security Using Your Network as a Sensor for Enhanced Visibility and Security
Using Your Network as a Sensor for Enhanced Visibility and Security
 
Insider threats webinar 01.28.15
Insider threats webinar 01.28.15Insider threats webinar 01.28.15
Insider threats webinar 01.28.15
 
Protecting the Crown Jewels from Devastating Data Breaches
Protecting the Crown Jewels from Devastating Data BreachesProtecting the Crown Jewels from Devastating Data Breaches
Protecting the Crown Jewels from Devastating Data Breaches
 
The Library of Sparta
The Library of SpartaThe Library of Sparta
The Library of Sparta
 
SCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber GriefSCADA Security: The Five Stages of Cyber Grief
SCADA Security: The Five Stages of Cyber Grief
 
Looking for the weird webinar 09.24.14
Looking for the weird webinar 09.24.14Looking for the weird webinar 09.24.14
Looking for the weird webinar 09.24.14
 
Cisco CSIRT Case Study: Forensic Investigations with NetFlow
Cisco CSIRT Case Study: Forensic Investigations with NetFlowCisco CSIRT Case Study: Forensic Investigations with NetFlow
Cisco CSIRT Case Study: Forensic Investigations with NetFlow
 
Protecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber CrimeProtecting Financial Networks from Cyber Crime
Protecting Financial Networks from Cyber Crime
 

Último

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 

Último (20)

Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 

Data center webinar_v2_1

  • 1. Securing the Data Center Matt Robertson - Lancope Technical Marketing Engineer David Anderson – Cisco Principal Solution Architect, Data Center Security
  • 3. Evolution of Cyber Conflict War Dialing, Phone Phreaking … Manual Attacks (1980s) Viruses, Worms … Mechanized Attacks (1988) Google, RSA … Talented Human / Mechanized Attackers (2009) Cyrptocurrency Ransoms, Store-bought Credentials ... DIY Human / Mechanized Attackers (2011) Intelligence Driven Human Defenders Manual Defenses Unplug Mechanized Defenses Firewall, IDS/IPS Targeted Human/Mechanized DefendersReputation, App-aware FirewallAPT, Multi-Step Attacks… Target, Neiman Marcus …
  • 4. Security Buckets Segmentation • Establish boundaries: network, compute, virtual • Enforce policy by functions, devices, organizations, compliance • Control and prevent unauthorized access to networks, resources, applications Threat Defense • Stop internal and external attacks and interruption of services • Patrol zone and edge boundaries • Control information access and usage, prevent data loss and data modification Visibility • Provide transparency to usage • Apply business context to network activity • Simplify operations and compliance reporting
  • 5. Internet Partners Application Software Virtual Machines VSwitch Access Aggregation and Services Core Edge IP-NGN Backbone Storage and SAN Compute IP-NGN Application Control (SLB+) Service Control Firewall Services Virtual Device Contexts Fibre Channel Forwarding Fabric Extension Fabric-Hosted Storage Virtualization Storage Media Encryption Virtual Contexts for FW & SLB Port Profiles & VN- Link Port Profiles & VN-Link Line-Rate NetFlow Virtual Device Contexts Secure Domain Routing Service Profiles Virtual Machine Optimization Virtual Firewall Edge and VM Intrusion Detection PhysicalVirtual Security As A System Unified Policy
  • 6. UCSVirtual AccessStorage Data Center Security Control Framework Multi-Layer, Distributed Model Data Center Core Layer DC Service Layer DC Access Layer Services • Initial filter for DC ingress and egress traffic. Virtual Context used to split polices for server-to-server filtering • Additional firewall services for server farm specific protection Infrastructure Security • Infrastructure Security features are enabled to protect device, traffic plane and control plane • 802.1ae and vPC provides internal/external separation Services • IPS/IDS provide traffic analysis and forensics • Network Analysis provide traffic monitoring and data analysis • Server load balancing masks servers and applicationsData security authenticate & access control Port security authentication, QoS features Virtual Firewall Real-time Monitoring Firewall Rules ACLs, Port Security, VN Tag, Netflow, ERSPAN, QoS, CoPP, DHCP snooping Security Management • Visibility • Event correlation, syslog, centralized authentication • Forensics • Anomaly detection • Compliance AD, ASDM CSM, VNMC, ACS DC Aggregation Layer
  • 7. Visibility Challenges in the Data Center High value assets and data Large, high volume throughput Multiple layers and levels of communication Virtual hosts
  • 8. NetFlow 8 10.2.2.2 port 1024 10.1.1.1 port 80 eth0/1 eth0/2 Start Time Interface Src IP Src Port Dest IP Dest Port Proto Pkts Sent Bytes Sent TCP Flags 10:20:12.221 eth0/1 10.2.2.2 1024 10.1.1.1 80 TCP 5 1025 SYN,ACK,PSH 10:20:12.871 eth0/2 10.1.1.1 80 10.2.2.2 1024 TCP 17 28712 SYN,ACK,FIN Start Time Interface Src IP Src Port Dest IP Dest Port Proto Pkts Sent Bytes Sent TCP Flags 10:20:12.221 eth0/1 10.2.2.2 1024 10.1.1.1 80 TCP 5 1025 SYN,ACK,PSH
  • 9. Network Devices StealthWatch FlowCollector StealthWatch Management Console NetFlow Users/Devices Cisco ISE NBAR NSEL StealthWatch Solution Components StealthWatch FlowSensor StealthWatch FlowSensor VE NetFlow StealthWatch FlowReplicator Other tools/collectors
  • 11. Behavior-Based Attack Detection High Concern Index indicates a significant number of suspicious events that deviate from established baselines
  • 12. StealthWatch: Alarms 12 Alarms • Indicate significant behavior changes and policy violations • Known and unknown attacks generate alarms • Activity that falls outside the baseline, acceptable behavior or established policies
  • 13. 13© 2013 Lancope, Inc. All rights reserved. Suspect Data Hoarding Unusually large amount of data inbound from other hosts Default Policy
  • 14. 14© 2013 Lancope, Inc. All rights reserved. Target Data Hoarding Unusually large amount of data outbound from a host to multiple hosts Default Policy
  • 15. Custom Security Events Time range Object conditions Peer conditions Connection conditions
  • 16. Custom Security Events High Level Use cases: • Check policy • Check for known bad conditions Examples: • IOC specific to environment • Audit compliance (ex. Users to PCI servers) • VM-to-VM communication • Inappropriate access or applications
  • 17. 17 Cisco Cyber Threat Defense Solution for the Data Center Design
  • 19. CTD Data Center Validated Architecture Nexus 1000v Nexus 7000 StealthWatch FlowCollector StealthWatch Management Console https NetFlow Cisco NGACisco NGA Cisco ASA SPAN SPAN
  • 20. Edge: ASA 20 NetFlow Security Event Logging: • Provides visualization into policy enforcement points Monitor communication between branches • Efficient event reporting mechanism: • Syslog - Verbose, text based, single event per packet: ~30% processing overhead • NetFlow - Compact, binary, multiple events per packet: ~7-10% processing overhead • Context rich: • Event driven: Flow Created, Denied, tear-down • Network Address Translations • User-ID
  • 21. ASA NSEL Configuration 21 ! flow-export destination management <ip-address> 2055 ! policy-map global_policy class class-default flow-export event-type all destination <ip-address> ! flow-export template timeout-rate 2 logging flow-export syslogs disable !
  • 22. ASA Flow Table 22 Inside local Outside global Server User
  • 23. Core: Nexus 7000 & NGA 23 Nexus 7000 Cisco NGA SPAN NetFlow Generation Appliance: • 4x10 G monitoring interfaces • Non-performance impacting 1:1 NetFlow generation • NetFlow version 5, 9 and IPFIX • 80M Active Flow Cache • 200K NetFlow record export per sec
  • 24. Nexus 7004 Configuration 24 ! interface port-channel8 description <<** NGA SPAN PORTS **>> switchport mode trunk switchport monitor ! monitor session 1 description SPAN ASA Data Traffic from Po20 source interface port-channel20 rx destination interface port-channel8 no shut
  • 26. Alternative: Physical FlowSensor 26 Nexus 7000 StealthWatch FlowSensor SPAN StealthWatch FlowSensor • Multiple hardware platforms up to 20 Gbps throughout • Non-performance impacting 1:1 NetFlow generation • Recognition of over 900 Applications • URL capture • Additional statistics: • Server Response Time • Round Trip Time
  • 27. Access: Nexus 1000v 27 Nexus 1000v Nexus 1000v: • NetFlow as close to access as possible: complete visibility • Visibility into VM-to-VM communication (across the 1000v) • Up to 256 NetFlow interfaces; one flow monitor per interface, per direction • Cache: 256 to 16384 entries - default is 4096.
  • 28. Nexus 1000v NetFlow Config 28 feature netflow ! flow exporter nf-export-1 description <<** SEA Lancope Flow Collector **>> destination 172.26.164.240 use-vrf management transport udp 2055 source mgmt0 version 9 option exporter-stats timeout 300 option interface-table timeout 300 ! flow monitor sea-enclaves record netflow-original exporter nf-export-1 timeout active 60 timeout inactive 15 ! port-profile type vethernet enc1-3001 ip flow monitor sea-enclaves input
  • 29. 29 Optional: StealthWatch FlowSensor VE capture SERVICE CONSOLEVM VM lightweight packet capture and IPFIX generation Visibility & Context: • Flow records include: • VM name • VM server name • VM State • vMotion aware • Host Profiled in terms of VM name • Application, SRT, RRT (same as physical)
  • 30. 30 FlowSensor VE: VM Visbility
  • 31. 31 FlowSensor VE: VM Visbility Provide VM-to-VM Policy Monitoring within the same VMware server
  • 32. Summary 32 More Information: • http://www.lancope.com/ • http://www.cisco.com/go/securedatacenter • http://www.cisco.com/go/threatdefense NetFlow and the Lancope StealthWatch System provide actionable security intelligence in data centers Visibility into Data Center traffic has historically been difficult
  • 33. THANK YOU 33© 2013 Lancope, Inc. All rights reserved.