SlideShare a Scribd company logo
1 of 38
Download to read offline
1
© 2002 Cisco Systems, Inc. All rights reserved.
Cisco Advanced Services

Delivering a Secure Network


                                                           2
         © 2003 Cisco Systems, Inc. All rights reserved.
The Need to Outpace and Outsmart Threats

                                                                                                       Internet Worms
Intrusions
                                                                                                              Sophistication
                                                                           Packet Forging/
   25000                                                                                                      of Hacker Tools
                                                                                 Spoofing
                                                                           Stealth
                                                                       Diagnostics
                                                                                       DDOS
                                                                    Sweepers
   20000                                                          Back
                                                                                Sniffers
                                                                 Doors
                                    Exploiting Known
                                    Vulnerabilities                   Disabling
   15000
                                                                      Audits

                 Self-replicating
   10000                               Password
                            Code
                                       Cracking


    5000                                                                                                       Technical
                                                                                                              Knowledge
                 Password
                                                                                                              Required of
                 Guessing
                                                                                                                Hacker
         0
          1988         1990         1992              1994                    1996              1998   2000
   Source: CERT, Carnegie Mellon University
                                                                                                                            3
                                              © 2003 Cisco Systems, Inc. All rights reserved.
CIO and CSO Security Challenge


                                                                           Pressure on
• Protect the business                                                 resources, security
                                                                        requirements, and
  from security threats                                                       budget

• Improve security staff

                                   Dollars
                                                        Applications
  productivity
                                                                             Cost
• Reduce total cost of
  ownership for security
  infrastructure                                                             Budget


                                                                      Time

                                                                                             4
                    © 2003 Cisco Systems, Inc. All rights reserved.
Network Security is Integral
to Business Protection



                             Customer Care
           Supply Chain                                                  Workforce
E-Commerce Management                                                   Optimization   E-Learning



     • Protect business operations against
       directed attacks
     • Prevent damage from worms and viruses
     • Deploy consistent security policy

                                                                                                    5
                          © 2003 Cisco Systems, Inc. All rights reserved.
Cisco Services Portfolio
            Accelerate Customer Success


                           Advisory
 Networked Virtual                                                      Vision to
   Organization                                                          Reality
                           Services
     Speed of
                       Advanced
     Migration                                                         Network to
                       Services
    Investment                                                         Application
    Optimization

                         Technical
    Investment                                                          Device to
                          Support
     Protection                                                         Network
                         Services

                                                                                     6
                     © 2003 Cisco Systems, Inc. All rights reserved.
Value of Cisco Advanced Services
for Network Security

                                                       • Deep security expertise
    Advisory Services
                                                       • Leading best practices
    Advanced Services
                                                       • Specialized tools and
     Network Security
                                                         methodology
 Technical Support Services
 Technical Support Services
                                                       • Large network security
                                                         architecture experience


        Cisco Trusted Advisor: Expertise in network
         security assessment, architecture, design,
             implementation, and optimization
                                                                                 7
                        © 2003 Cisco Systems, Inc. All rights reserved.
Cisco Advanced Services
Delivering Business Benefits


 • Assure service                                                       Business
   availability                                                         Protection
                                                 Advanced
 • Improve response to                           Services
   disruption                                       for
                                                  Network
 • Reduce overhead of
                                                                        Lower TCO
                                                  Security
   security operations
 • Optimize investment in
   network infrastructure                         Plan, Design,
                                                   Implement,
                                                  Operate, and
 • Simplify integration and                                             Productivity
                                                    Optimize
   standardize operations


                                                                                     8
                      © 2003 Cisco Systems, Inc. All rights reserved.
Advanced Services for Network Security
Delivery Capabilities
           People
           • CCIE® (networking) and CCSP™ (security) certified
           • Large enterprise and government or military backgrounds
           • Advanced technology expertise (IP telephony, wireless, storage)
           • Advisors to the Cisco® Product Security Incident Response Team

           Process
           • Proven, repeatable methodologies
           • Leading best practices across the security life cycle
           • Expertise in vulnerability research, identification, and resolution

           Tools
           • Specialized network security assessment tools
           • Award-winning Cisco Technical Assistance Center Website
           • Comprehensive best practices documentation

           Partners
           • Specialized services and technology
           • Integration with Cisco security technology
           • Global reach
                                                                                   9
                        © 2003 Cisco Systems, Inc. All rights reserved.
An Architectural Approach Is Required

                       • Protect the network at all points
   Access              • Reduce risk by deploying diverse security
   Manage security
                         components
   to support policy
                       • Ensure secure connectivity of diverse traffic
                         and user access
   Distribution
   Restrict access
                       Internet Data Center                                 Remote Office
   and manage
                                                                            Secure VPN connectivity
   propagation
                                                                            and data privacy

   Core
                                                               Internet
   Secure perimeter
   with firewalls
                       VPN/Access
                       Authentication
                       services
   Data Center
                                                                     PSTN    Mobile Office,
   Detect and react
                                                                             Telecommuter
   to intrusion
                                                                             Secure VPN connectivity

                                                                                                       10
                          © 2003 Cisco Systems, Inc. All rights reserved.
Service Offerings Across the
Security Life Cycle

                                                          Security Posture Assessment
       Assess and plan for
       a sound architecture
                                                          Network Security Architecture Review
       and design
                                                                                 IP Telephony Security Review


                                                          Network Security Design Review
       Build in scalable,
       adaptable, easy-to-
                                                          Network Security Design Development
       upgrade solutions

                                                            Network Security Implementation Plan
                                                            Review
       Transparently integrate
                                                            Network Security Implementation
       into the core network
                                                            Engineering
       infrastructure
                                                                                 Cisco Security Agent Implementation
                                                                                 NAC Implementation
                                                                                 Riverhead Implementation
        Continually identify
        and mitigate risk
                                                            Network Security Optimization

                                                                                                                  11
                               © 2003 Cisco Systems, Inc. All rights reserved.
Security Posture Assessment—
Establish a Baseline

• Analyze existing security
  vulnerabilities
• Validate security policy and
  procedures
• Report unauthorized data
  and system access
• Provide recommendations
  to prevent exploitation
• Perform trending analysis
  over repeated SPAs
                                                                     12
                   © 2003 Cisco Systems, Inc. All rights reserved.
Security Posture Assessment—
A Comprehensive Approach


• Baseline to identify active                                            Perimeter
  hosts, operating systems, and                                         Penetration
                                                                           Test
  services
• Targeting to identify all
  network vulnerabilities                                                 Remote
                                                                        Exploitation
• Exploitation to manually
  confirm vulnerabilities
• Data intelligence and threat
                                                                         Internal
  analysis against requirements                                         Simulated
  and best practices                                                      Attack


                                                                                       13
                      © 2003 Cisco Systems, Inc. All rights reserved.
Security Posture Assessment
                                Dialup
                              Assessment                              Internal
                                                                    Assessment
 Internet




 WAN
                                               Enterprise
                                                Network




     External                                                       Wireless
    Assessment                                                     Assessment
                                                                                14
                 © 2003 Cisco Systems, Inc. All rights reserved.
Security Posture Assessment—
Sample Results and Findings
Architectural         66 Class A networks supporting 100,000 employees on the internal
weaknesses            network (for example, one Class A network supports 16,777,214 hosts)

Access control        External remote access connections to critical hosts on the internal
vulnerabilities       network due to an unauthorized rogue modem

Network control and   Identified 16 unknown, unauthenticated high-speed Internet connections
auditing weaknesses   for a large enterprise with several global divisions

Detection and         Five weeks of intensive attacks undetected due to lack of logging,
response              monitoring, and employee awareness
weaknesses
Incomplete policy     Firewall configured with no policy rules for 13 months
configuration
Use of default        Standardized vendor passwords on network devices
passwords
                             Example: all Cisco routers configured to use “cisco” as the user ID
                             and password
Weak passwords        Joe, null, or easily guessed passwords allowing access to critical or
                      sensitive hosts
                             Example: Over 140,000 user ID and password pairs for an online
                             financial institution were captured unencrypted, stored on a
                             vulnerable host that was accessible from the Internet

                                                                                                   15
                                   © 2003 Cisco Systems, Inc. All rights reserved.
Security Posture Assessment—
Communicating Results
                                                                  The SPA Report

• Executive Summary
    Metrics for baseline studies,
    trending, and budget review

• Assessment Analysis
    Vulnerabilities discovered and
    data analysis

• Best Practices and
  Strategy
    Recommendations for
    mitigating risk


                                                                                   16
                           © 2003 Cisco Systems, Inc. All rights reserved.
SPA Case Study—
Fortune 125 Insurance Company

               • Protection of client financial portfolios
               • Compliance with GLBA requirements
Requirements
               • No disruption of production financial systems
               • Working knowledge of European privacy laws

               • External posture assessment to identify vulnerabilities
                 that allow outsiders to compromise client records
 Scope
               • Internal posture assessment to identify unauthorized
                 employee access to sensitive information

               • Identified employees with unauthorized access to
                 management information
 Results       • Identified extensive external vulnerabilities
               • Improved skills of internal staff who participated in
                 war games
                                                                            17
                          © 2003 Cisco Systems, Inc. All rights reserved.
Network Security Design Benefits

• Maintain an optimized
  security implementation
• Ensure fast recovery in
  case of disruption
• Reduce operating costs of
  security administration
• Avoid implementation
  problems
• Prepare for future
  deployment initiatives
• Identify deviations from
  best practices and policy
                                                                      18
                    © 2003 Cisco Systems, Inc. All rights reserved.
Applying Best Practices for
Business Results




                                                                   Management              Building                              E-Commerce


                                                                                                                                                      ISP

                                                                                           Distribution
                                                                                                                                 Corporate Internet




                CERT®
                                                                                                                          Edge
                                                                                           Core



                                                                   Server
                                                                                                                                 VPN/Remote Access



                                                                                                                                                      PSTN

                                                                                                                                                      FR/ATM
                                                                                                                                 WAN

                                                                                                                                                               34
                                                                            © 2002, Cisco Systems, Inc. All rights reserved.




                                                                                                                                                               19
                 © 2003 Cisco Systems, Inc. All rights reserved.
Tailoring SAFE from Cisco
to Your Environment

             Best Practice Security Blueprints for
           Implementing Integrated Network Security


                                                                                                                           Available Blueprints
                                                                                                                           Enterprise
  Management              Building                              E-Commerce


                                                                                                                           Small Business
                                                                                                         ISP

                          Distribution
                                                                                                                           IPSec VPNs
                                                                Corporate Internet
                                                         Edge
                                                                                                                           Voice
                          Core


                                                                                                                           Wireless     Update
  Server
                                                                VPN/Remote Access

                                                                                                                           E-Commerce      Update
                                                                                                         PSTN
                                                                                                                           Layer 2 Networks      New
                                                                                                         FR/ATM
                                                                WAN

                                                                                                                      34
           © 2002, Cisco Systems, Inc. All rights reserved.




                                                                                                                                                       20
                                                                         © 2003 Cisco Systems, Inc. All rights reserved.
Designing an End-to-End
Secure Network Infrastructure

   Secure the             Monitor and                                       Manage and
 Infrastructure            Respond                                           Improve
  Campus router and       Intrusion detection                               Security and network
  switch security         policy, placement and                             management policy,
                          design                                            placement and design
  Data center system
  and server security     Internet access
                          monitoring
  Firewall policy,
  placement, and design   Network attack
                          mitigation
  VPN and dialup remote
  access
  Secure WAN
  connections
  Corporate extranet
  security

                                                                                                   21
                          © 2003 Cisco Systems, Inc. All rights reserved.
Network Security Design Review

• Review network security
  architecture and design
    Perimeter security, remote access, IDS,
    firewalls, VPNs, e-commerce, etc.

• Identify architecture and design
  vulnerabilities
• Prioritize security requirements
  for network devices
• Recommend improvements to
  topology, components,
  functions, and features
• Recommend tools for managing
  network security
                                                                               22
                             © 2003 Cisco Systems, Inc. All rights reserved.
Network Security Design Development

• Identify and analyze network
  infrastructure vulnerabilities
• Define network security topology,
  components, and functions
    Perimeter security, remote access, IDS,
    firewalls, VPNs, e-commerce, etc.

• Specify hardware and
  software requirements
• Develop sample configurations
  for protocols, policy, and features
• Recommend tools for managing
  network security
                                                                                 23
                               © 2003 Cisco Systems, Inc. All rights reserved.
Network Security Design Development
Methodology

  Customer Input                                             Cisco Methodology

                                               • Understand security business
                                                 goals, objectives, and requirements
 Security Policy, Goals
                                               • Identify threats to critical assets
  and Requirements
                                               • Map security requirements to
                                                 network architecture
  Network Topology,                            • Define security topology,
  Design, Inventory                              components, and functions
                                               • Deliver impact analysis of new
                                                 requirements
    Network Device
     Configuration                             • Provide preliminary and final gap
                                                 analysis
                                               • Deliver architecture/design
 Network Services and
                                                 document with network diagrams
  Business Process

                                                                                       24
                          © 2003 Cisco Systems, Inc. All rights reserved.
Perimeter Security Architecture and Design
Small Business/Branch Office                                                                      Internet Access
                                                                                      Corp HQ
                                           Internet
                                          Internet

                               Service
                                                                       Sample Firewall Policy Checklist
                               Provider
                                                                         As restrictive and simple as possible
    Internal Firewalls
                                                            Authorization process for firewall
                                                 Regional changes
                                                  Office
                                                            Governed by separation of duties for
   Telecommuter                                        Internet
                                                            approval and workflow
                                                               Access                     Data Center & Internal Firewalls
                                                                         Combines firewall tools to balance
                                                                         policy with throughput requirements
                                                                                                    ASP
                                                                         Audit log for firewall administration
                                                                         Robust back-out and configuration
                                                                         management
     Home Access
                                                                         Test frequently with penetration tests
                         Internal Firewalls                              and policy audits Firewalls
                                                                                 Server Farm
                                                                                                                      25
                                    © 2003 Cisco Systems, Inc. All rights reserved.
User Authentication and Authorization Design
                                                                                             Allow only
                                                                                            IPSec Traffic
                               Authenticate Users
                                Terminate IPSec
                                                 Remote
           Focused Layer
                                              Access VPN
            4–7 Analysis                                                                         Broad Layer
                                                                                                 4–7 Analysis


                                                                                 Site-to-
                                                                                Site VPN



                                                                                    Traditional Dial
   Stateful Packet Filtering                                                        Access Servers
    Basic Layer 7 Filtering                                                                            PSTN
                                Authenticate
                                                                              Authenticate Users
                                 Remote Site
                                                                                  Terminate
                               Terminate IPSec
                                                                                 Analog Dial
                                                                                                                26
                                  © 2003 Cisco Systems, Inc. All rights reserved.
User Authentication and Authorization—
Sample Best Practices
                                                                                              Allow only
                                                                                             IPSec Traffic
                                Authenticate Users
                                 Terminate IPSec
                                                  Remote
            Focused Layer
                                               Access VPN
             4–7 Analysis                                                                  Corporate Layer
                                                                                               Broad Extranet
          VPN                                      Dialup
                                                                                                  4–7 Analysis
 Individual user
 authentication
                                                                   Termination of network
                                   Identification and     Site-to- links on firewalled DMZs
 Strong authentication             accreditation of all dialup
                                                         Site VPN
 using OTP or certificates         services
                                                                   Encryption of access from
 No split tunneling to limit                                       the Internet
                                   Individual accountability
 attacks
                                                                 Strong authentication for
                                   Strong authentication for
 Triple DES unless                                               access from the internet
                                   remote users           Traditional Dial
 prevented Packet Filtering
  Stateful by export laws                                                                  Limit communication
                                                                                     Access Servers
                                   User access logging
 Ingress filtering7 Filtering
   Basic Layer limited to                                                                  session to authorized hosts
                                                                                                       PSTN
                                                                                           and services
 IKE and ESP protocols
                                 Authenticate
                                                                               Authenticate Users
 Tunnels terminated in            Remote Site
                                                                                   Terminate
 front of firewall              Terminate IPSec
                                                                                  Analog Dial
                                                                                                                   27
                                   © 2003 Cisco Systems, Inc. All rights reserved.
Intrusion Detection Architecture and Design
Extranet IDS                Business                                                                   Internet IDS
                            Partner
Monitors partner                                                     Users                             Complements firewall
traffic where “trust”                                                                                  and VPN by
is implied but not                                                                                     monitoring traffic for
assured                                                                                                malicious activity


                                                                                         Sample IDS Best Practices
                                                                                         Test different intrusion profiles
                                              Corporate                                  and alert/response methods
                                               Office                                                          Internet
                                                                                         Determine location and
                                                                                         interoperability with network
                                                                                         management consoles
                                                                             Tune for the environment to
                        Data Center
                                                                             manage false alarms
Intranet/Internal                                                 Remote Access
                                      NAS
                                                                             Test a combination of HIDS
IDS                                                               IDS                               DMZ
                                                                             and NIDS positioning
                                                                                                                  Servers
Protects data                                                     Hardens perimeter
centers and critical                                              control by Test frequently with
assets from internal                                              monitoring remote
                                                                              penetration tests and policy
threats                                                           users
                                                                                         audits
                                                                                                                          28
                                       © 2003 Cisco Systems, Inc. All rights reserved.
Data Center Network Security Design
Information Theft
                           Denial of Service
                          Unauthorized Entry                                            Sample Data Center Security
                                                                                              Best Practices
       N-Tier                   Front End
     Applications                Network                                        Endpoint protection of hosts, servers
                                                                                and desktops
                                      Data Interception
                                     Unprotected Assets
                                                                                Network-based intrusion detection for
     Web Servers
                          IP Layer 2/3
                                                                                threat monitoring, analysis and
                                                                                prevention
                                                                                Firewalls for filtering traffic
    Application Servers
                                                                                VPNs for secure communications
                                                                                between data centers
                                                                                Identity servers for strong
     DB Servers
                                                                                authentication
                       IP
        Mainframe Communications Operations
                                                                                Management and monitoring of
                                                                                security devices, services and network
                                                                                activity
              Data Center
                                                                                                                        29
                                             © 2003 Cisco Systems, Inc. All rights reserved.
Architecture and Design Case Study—
U.S. Government Institution

            • Provide security architecture and design
Requirements recommendations based on national security policy
            • Augment limited in-house expertise
            • Identify vulnerabilities on a classified network


              • Firewall and IPSec VPN design and configuration
                review for conformance with SAFE from Cisco®
Scope
              • Security Design Review to identify nonconformance
                with security policy and Cisco best practices


              • Provided design recommendations prior to a major
Results
                infrastructure upgrade
              • Customer implemented firewall and VPN design in less
                time, with less costly redesign

                                                                          30
                        © 2003 Cisco Systems, Inc. All rights reserved.
Network Security
Implementation Plan Review

• Understand the objectives, scope,
  and constraints of the deployment
• Analyze requirements for solution
  deployment, integration and
  management
• Review implementation plans
  including tasks, milestones,
  resources and schedule
• Analyze network staging, test, and
  installation plans, including
  topology, configurations, test
  scripts, and acceptance criteria
• Analyze and recommend hardware
  and software changes

                                                                          31
                        © 2003 Cisco Systems, Inc. All rights reserved.
Network Security
 Implementation Engineering

• Analyze solution test, installation,
  and integration strategy
• Develop implementation plan
  including tasks, milestones, and
  schedule
• Develop network staging plan
  including topology, configurations,
  test scripts, and acceptance criteria
• Analyze and recommend hardware
  and software changes
• Provide custom installation,
  configuration, testing, tuning and
  integration
• Deliver hands-on education and
  remote deployment support

                                                                               32
                             © 2003 Cisco Systems, Inc. All rights reserved.
Cisco Security Agent
Implementation Service

      Assess and plan for                                      Develop Deployment
      a sound CSA architecture
                                                               Strategy and Plan
      and design




      Build scalable, adaptable,                                 Identify Requirements and
      easy-to-upgrade CSA
                                                                 Deliver a Design Specification
      solutions



                                                                 Deliver Limited Deployment With
       Integrate CSA into the
                                                                 Custom Policies that Meet
       network infrastructure and
       application environment                                   Solution Requirements


       Continually improve
                                                                 Provide Ongoing Support for
       intrusion prevention
                                                                 Enterprise Deployment
       solution

                                                                                                  33
                              © 2003 Cisco Systems, Inc. All rights reserved.
NAC Implementation Service
                                                              Assess network operations and
                                                              infrastructure to determine NAC
      Plan for a sound NAC
      architecture and design                                 readiness. Install and test a
                                                              limited deployment.

                                                              Deliver NAC design specification
      Build scalable, adaptable,
                                                              detailing topology, device
      easy-to-upgrade NAC
      solution                                                configurations, HW/SW
                                                              upgrades, and management.

                                                              Develop a deployment plan and
      Integrate NAC into the
                                                              provide onsite installation of a
      network infrastructure
                                                              corporate-wide implementation.

                                                              Provide ongoing/periodic
       Continually improve
                                                              consultation to optimize NAC
       network admission
                                                              for reliability, efficiency and
       control solution
                                                              scalability.
                                                                                                34
                               © 2003 Cisco Systems, Inc. All rights reserved.
Network Security Optimization

• Define criteria for network security
  optimization
• Collect and analyze data for trends
  and exceptions
• Review network security
  component placement and
  configuration
• Provide recommendations for
  network and security component
  tuning
• Deliver impact analysis of new
  software, features and
  configuration
• Analyze and notify staff of network
  security advisories

                                                                           35
                         © 2003 Cisco Systems, Inc. All rights reserved.
Cisco Services Delivering
Customer Satisfaction

    Advisory Services
         Advisory Services
        Advanced Services
         Network Security
     Technical Support Services
     Technical Support Services




   World Class Partners

                                                                            36
                          © 2003 Cisco Systems, Inc. All rights reserved.
Cisco Advanced Services
 Deliver a Secure Network
Delivered Uniquely by Cisco®                                                                         Customer Benefits
                                                                                                      Business Protection
                                                                                                        Reduce risk to
                                                                                                       business assets
             Knowledge Transfer


    People
                                  Best Practices



                                                                                                           Lower TCO
                                                         Secure
   Process
                                                                                                      Optimize investment
                                                        Corporate                                      in secure network
     Tools                                                                                               infrastructure
                                                         Network

  Partners
                                                                                                          Productivity
                                                                                                          Simplify and
                                                                                                     standardize operations

                                                                                                                        37
                                                   © 2003 Cisco Systems, Inc. All rights reserved.
Presentation_ID                                                      38
                  © 2001, Cisco Systems, Inc. All rights reserved.

More Related Content

What's hot

Take Control of End User Security
Take Control of End User SecurityTake Control of End User Security
Take Control of End User Securityanniebrowny
 
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Skybox Security
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...Amazon Web Services
 
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro Amazon Web Services
 
Symantec Web Security Solutions
Symantec Web Security SolutionsSymantec Web Security Solutions
Symantec Web Security SolutionsSymantec
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep securityTrend Micro
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntelAPAC
 
Trend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUGTrend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUGtovmug
 
Arrow ecs security_brochure_2012
Arrow ecs security_brochure_2012Arrow ecs security_brochure_2012
Arrow ecs security_brochure_2012Arrow ECS UK
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS RealityKVH Co. Ltd.
 
St. Vincents Private Hospital Physical Security
St. Vincents Private Hospital Physical SecuritySt. Vincents Private Hospital Physical Security
St. Vincents Private Hospital Physical Securitynmullen
 
Intrusion Detection System (IDS)
Intrusion Detection System (IDS)Intrusion Detection System (IDS)
Intrusion Detection System (IDS)HCL Technologies
 
Software Compliance Management Overview
Software Compliance Management OverviewSoftware Compliance Management Overview
Software Compliance Management Overviewkevino80
 
Security at the Breaking Point: Rethink Security in 2013
Security at the Breaking Point: Rethink Security in 2013Security at the Breaking Point: Rethink Security in 2013
Security at the Breaking Point: Rethink Security in 2013 Skybox Security
 
Pen test free_01_2012
Pen test free_01_2012Pen test free_01_2012
Pen test free_01_2012Amiga Utomo
 
Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise CloudIndu Kodukula
 
Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance 1CloudRoad.com
 
Clavister Csp Sit Group
Clavister Csp Sit GroupClavister Csp Sit Group
Clavister Csp Sit Grouptwproject
 

What's hot (19)

Take Control of End User Security
Take Control of End User SecurityTake Control of End User Security
Take Control of End User Security
 
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
Transitioning to Next-Generation Firewall Management - 3 Ways to Accelerate t...
 
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
AWS Partner Presentation - TrendMicro - Securing your Journey to the Cloud, A...
 
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro
 
Symantec Web Security Solutions
Symantec Web Security SolutionsSymantec Web Security Solutions
Symantec Web Security Solutions
 
Trend micro deep security
Trend micro deep securityTrend micro deep security
Trend micro deep security
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfee
 
Trend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUGTrend Micro Dec 6 Toronto VMUG
Trend Micro Dec 6 Toronto VMUG
 
Arrow ecs security_brochure_2012
Arrow ecs security_brochure_2012Arrow ecs security_brochure_2012
Arrow ecs security_brochure_2012
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS Reality
 
St. Vincents Private Hospital Physical Security
St. Vincents Private Hospital Physical SecuritySt. Vincents Private Hospital Physical Security
St. Vincents Private Hospital Physical Security
 
Intrusion Detection System (IDS)
Intrusion Detection System (IDS)Intrusion Detection System (IDS)
Intrusion Detection System (IDS)
 
Software Compliance Management Overview
Software Compliance Management OverviewSoftware Compliance Management Overview
Software Compliance Management Overview
 
Security at the Breaking Point: Rethink Security in 2013
Security at the Breaking Point: Rethink Security in 2013Security at the Breaking Point: Rethink Security in 2013
Security at the Breaking Point: Rethink Security in 2013
 
Teknoforce
TeknoforceTeknoforce
Teknoforce
 
Pen test free_01_2012
Pen test free_01_2012Pen test free_01_2012
Pen test free_01_2012
 
Secure Enterprise Cloud
Secure Enterprise CloudSecure Enterprise Cloud
Secure Enterprise Cloud
 
Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance Trend Micro - Virtualization and Security Compliance
Trend Micro - Virtualization and Security Compliance
 
Clavister Csp Sit Group
Clavister Csp Sit GroupClavister Csp Sit Group
Clavister Csp Sit Group
 

Similar to ccmigration_09186a008033a3b4

Cisco tec chris young - security intelligence operations
Cisco tec   chris young - security intelligence operationsCisco tec   chris young - security intelligence operations
Cisco tec chris young - security intelligence operationsCisco Public Relations
 
Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1CloudExpoEurope
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityInternap
 
Security model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishoreSecurity model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishoreAT Kishore
 
Sec.4 有效協助企業內部網路行為管理-奕瑞 eden
Sec.4 有效協助企業內部網路行為管理-奕瑞 edenSec.4 有效協助企業內部網路行為管理-奕瑞 eden
Sec.4 有效協助企業內部網路行為管理-奕瑞 eden道成資訊股份有限公司
 
Csirs Trabsport Security September 2011 V 3.6
Csirs Trabsport Security September 2011 V 3.6Csirs Trabsport Security September 2011 V 3.6
Csirs Trabsport Security September 2011 V 3.6David Spinks
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloudInterop
 
Projecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudProjecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudScientia Groups
 
Isc2conferancepremay15final
Isc2conferancepremay15finalIsc2conferancepremay15final
Isc2conferancepremay15finalMahmoud Moustafa
 
Cisco Cloud Briefing and Experiences for Cloud Slam 2011
Cisco Cloud Briefing and Experiences for Cloud Slam 2011Cisco Cloud Briefing and Experiences for Cloud Slam 2011
Cisco Cloud Briefing and Experiences for Cloud Slam 2011Cisco Collaboration
 
Bridging the Enterprise and the Cloud from Layer 7
Bridging the Enterprise and the Cloud from Layer 7Bridging the Enterprise and the Cloud from Layer 7
Bridging the Enterprise and the Cloud from Layer 7CA API Management
 
Virtualization And Cloud Impact Overview Auditor Spin Enterprise Gr Cv4
Virtualization And Cloud Impact Overview Auditor Spin   Enterprise Gr Cv4Virtualization And Cloud Impact Overview Auditor Spin   Enterprise Gr Cv4
Virtualization And Cloud Impact Overview Auditor Spin Enterprise Gr Cv4EnterpriseGRC Solutions, Inc.
 
A Hitchhiker's Guide to the Inter-Cloud
A Hitchhiker's Guide to the Inter-CloudA Hitchhiker's Guide to the Inter-Cloud
A Hitchhiker's Guide to the Inter-CloudGovCloud Network
 
Asa sslvpn security
Asa sslvpn securityAsa sslvpn security
Asa sslvpn securityJack Melson
 

Similar to ccmigration_09186a008033a3b4 (20)

Cisco tec chris young - security intelligence operations
Cisco tec   chris young - security intelligence operationsCisco tec   chris young - security intelligence operations
Cisco tec chris young - security intelligence operations
 
Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1Cloud security and cyber security v 3.1
Cloud security and cyber security v 3.1
 
VSD Infotech
VSD InfotechVSD Infotech
VSD Infotech
 
Cloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. RealityCloud Security: Perception Vs. Reality
Cloud Security: Perception Vs. Reality
 
CEH
CEHCEH
CEH
 
S series presentation
S series presentationS series presentation
S series presentation
 
Security model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishoreSecurity model-of-sip-d2-05 at kishore
Security model-of-sip-d2-05 at kishore
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
 
Sec.4 有效協助企業內部網路行為管理-奕瑞 eden
Sec.4 有效協助企業內部網路行為管理-奕瑞 edenSec.4 有效協助企業內部網路行為管理-奕瑞 eden
Sec.4 有效協助企業內部網路行為管理-奕瑞 eden
 
Csirs Trabsport Security September 2011 V 3.6
Csirs Trabsport Security September 2011 V 3.6Csirs Trabsport Security September 2011 V 3.6
Csirs Trabsport Security September 2011 V 3.6
 
ESET on cybersecurity.
ESET on cybersecurity.ESET on cybersecurity.
ESET on cybersecurity.
 
IBM Security Day, Cuenca - Ecuador
IBM Security Day, Cuenca - EcuadorIBM Security Day, Cuenca - Ecuador
IBM Security Day, Cuenca - Ecuador
 
Data security in cloud
Data security in cloudData security in cloud
Data security in cloud
 
Projecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudProjecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the Cloud
 
Isc2conferancepremay15final
Isc2conferancepremay15finalIsc2conferancepremay15final
Isc2conferancepremay15final
 
Cisco Cloud Briefing and Experiences for Cloud Slam 2011
Cisco Cloud Briefing and Experiences for Cloud Slam 2011Cisco Cloud Briefing and Experiences for Cloud Slam 2011
Cisco Cloud Briefing and Experiences for Cloud Slam 2011
 
Bridging the Enterprise and the Cloud from Layer 7
Bridging the Enterprise and the Cloud from Layer 7Bridging the Enterprise and the Cloud from Layer 7
Bridging the Enterprise and the Cloud from Layer 7
 
Virtualization And Cloud Impact Overview Auditor Spin Enterprise Gr Cv4
Virtualization And Cloud Impact Overview Auditor Spin   Enterprise Gr Cv4Virtualization And Cloud Impact Overview Auditor Spin   Enterprise Gr Cv4
Virtualization And Cloud Impact Overview Auditor Spin Enterprise Gr Cv4
 
A Hitchhiker's Guide to the Inter-Cloud
A Hitchhiker's Guide to the Inter-CloudA Hitchhiker's Guide to the Inter-Cloud
A Hitchhiker's Guide to the Inter-Cloud
 
Asa sslvpn security
Asa sslvpn securityAsa sslvpn security
Asa sslvpn security
 

More from guest66dc5f

Os Timed Original
Os Timed OriginalOs Timed Original
Os Timed Originalguest66dc5f
 
Control your entire house with your iPhone
Control your entire house with your iPhoneControl your entire house with your iPhone
Control your entire house with your iPhoneguest66dc5f
 
Awesome car collection
Awesome car collectionAwesome car collection
Awesome car collectionguest66dc5f
 
Freaky car number plates
Freaky car number platesFreaky car number plates
Freaky car number platesguest66dc5f
 
Sunil-Hacking_firefox
Sunil-Hacking_firefoxSunil-Hacking_firefox
Sunil-Hacking_firefoxguest66dc5f
 
Rahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_CodeRahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_Codeguest66dc5f
 
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_WindowsChetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_Windowsguest66dc5f
 
WHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_LawWHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_Lawguest66dc5f
 
Rohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_lawsRohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_lawsguest66dc5f
 
Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2guest66dc5f
 
Dror-Crazy_toaster
Dror-Crazy_toasterDror-Crazy_toaster
Dror-Crazy_toasterguest66dc5f
 
Ajit-Legiment_Techniques
Ajit-Legiment_TechniquesAjit-Legiment_Techniques
Ajit-Legiment_Techniquesguest66dc5f
 
Varun-Subtle_Security_flaws
Varun-Subtle_Security_flawsVarun-Subtle_Security_flaws
Varun-Subtle_Security_flawsguest66dc5f
 
longisland_golf_07
longisland_golf_07longisland_golf_07
longisland_golf_07guest66dc5f
 

More from guest66dc5f (20)

Os Timed Original
Os Timed OriginalOs Timed Original
Os Timed Original
 
Control your entire house with your iPhone
Control your entire house with your iPhoneControl your entire house with your iPhone
Control your entire house with your iPhone
 
Awesome car collection
Awesome car collectionAwesome car collection
Awesome car collection
 
Freaky car number plates
Freaky car number platesFreaky car number plates
Freaky car number plates
 
David-FPGA
David-FPGADavid-FPGA
David-FPGA
 
Sunil-Hacking_firefox
Sunil-Hacking_firefoxSunil-Hacking_firefox
Sunil-Hacking_firefox
 
Rahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_CodeRahul-Analysis_of_Adversarial_Code
Rahul-Analysis_of_Adversarial_Code
 
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_WindowsChetan-Mining_Digital_Evidence_in_Microsoft_Windows
Chetan-Mining_Digital_Evidence_in_Microsoft_Windows
 
WHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_LawWHITEPAPER-7_years_of_Indian_Cyber_Law
WHITEPAPER-7_years_of_Indian_Cyber_Law
 
Rohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_lawsRohas-7_years_of_indian_cyber_laws
Rohas-7_years_of_indian_cyber_laws
 
David-FPGA
David-FPGADavid-FPGA
David-FPGA
 
Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2Shreeraj-Hacking_Web_2
Shreeraj-Hacking_Web_2
 
Dror-Crazy_toaster
Dror-Crazy_toasterDror-Crazy_toaster
Dror-Crazy_toaster
 
Ajit-Legiment_Techniques
Ajit-Legiment_TechniquesAjit-Legiment_Techniques
Ajit-Legiment_Techniques
 
Varun-Subtle_Security_flaws
Varun-Subtle_Security_flawsVarun-Subtle_Security_flaws
Varun-Subtle_Security_flaws
 
CostofWarinIraq
CostofWarinIraqCostofWarinIraq
CostofWarinIraq
 
NR-golf-sept07
NR-golf-sept07NR-golf-sept07
NR-golf-sept07
 
NR-golf-sept07
NR-golf-sept07NR-golf-sept07
NR-golf-sept07
 
golf
golfgolf
golf
 
longisland_golf_07
longisland_golf_07longisland_golf_07
longisland_golf_07
 

Recently uploaded

COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceMartin Humpolec
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UbiTrack UK
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncObject Automation
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServiceRenan Moreira de Oliveira
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 

Recently uploaded (20)

COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
Things you didn't know you can use in your Salesforce
Things you didn't know you can use in your SalesforceThings you didn't know you can use in your Salesforce
Things you didn't know you can use in your Salesforce
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
UWB Technology for Enhanced Indoor and Outdoor Positioning in Physiological M...
 
GenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation IncGenAI and AI GCC State of AI_Object Automation Inc
GenAI and AI GCC State of AI_Object Automation Inc
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer ServicePicPay - GenAI Finance Assistant - ChatGPT for Customer Service
PicPay - GenAI Finance Assistant - ChatGPT for Customer Service
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 

ccmigration_09186a008033a3b4

  • 1. 1 © 2002 Cisco Systems, Inc. All rights reserved.
  • 2. Cisco Advanced Services Delivering a Secure Network 2 © 2003 Cisco Systems, Inc. All rights reserved.
  • 3. The Need to Outpace and Outsmart Threats Internet Worms Intrusions Sophistication Packet Forging/ 25000 of Hacker Tools Spoofing Stealth Diagnostics DDOS Sweepers 20000 Back Sniffers Doors Exploiting Known Vulnerabilities Disabling 15000 Audits Self-replicating 10000 Password Code Cracking 5000 Technical Knowledge Password Required of Guessing Hacker 0 1988 1990 1992 1994 1996 1998 2000 Source: CERT, Carnegie Mellon University 3 © 2003 Cisco Systems, Inc. All rights reserved.
  • 4. CIO and CSO Security Challenge Pressure on • Protect the business resources, security requirements, and from security threats budget • Improve security staff Dollars Applications productivity Cost • Reduce total cost of ownership for security infrastructure Budget Time 4 © 2003 Cisco Systems, Inc. All rights reserved.
  • 5. Network Security is Integral to Business Protection Customer Care Supply Chain Workforce E-Commerce Management Optimization E-Learning • Protect business operations against directed attacks • Prevent damage from worms and viruses • Deploy consistent security policy 5 © 2003 Cisco Systems, Inc. All rights reserved.
  • 6. Cisco Services Portfolio Accelerate Customer Success Advisory Networked Virtual Vision to Organization Reality Services Speed of Advanced Migration Network to Services Investment Application Optimization Technical Investment Device to Support Protection Network Services 6 © 2003 Cisco Systems, Inc. All rights reserved.
  • 7. Value of Cisco Advanced Services for Network Security • Deep security expertise Advisory Services • Leading best practices Advanced Services • Specialized tools and Network Security methodology Technical Support Services Technical Support Services • Large network security architecture experience Cisco Trusted Advisor: Expertise in network security assessment, architecture, design, implementation, and optimization 7 © 2003 Cisco Systems, Inc. All rights reserved.
  • 8. Cisco Advanced Services Delivering Business Benefits • Assure service Business availability Protection Advanced • Improve response to Services disruption for Network • Reduce overhead of Lower TCO Security security operations • Optimize investment in network infrastructure Plan, Design, Implement, Operate, and • Simplify integration and Productivity Optimize standardize operations 8 © 2003 Cisco Systems, Inc. All rights reserved.
  • 9. Advanced Services for Network Security Delivery Capabilities People • CCIE® (networking) and CCSP™ (security) certified • Large enterprise and government or military backgrounds • Advanced technology expertise (IP telephony, wireless, storage) • Advisors to the Cisco® Product Security Incident Response Team Process • Proven, repeatable methodologies • Leading best practices across the security life cycle • Expertise in vulnerability research, identification, and resolution Tools • Specialized network security assessment tools • Award-winning Cisco Technical Assistance Center Website • Comprehensive best practices documentation Partners • Specialized services and technology • Integration with Cisco security technology • Global reach 9 © 2003 Cisco Systems, Inc. All rights reserved.
  • 10. An Architectural Approach Is Required • Protect the network at all points Access • Reduce risk by deploying diverse security Manage security components to support policy • Ensure secure connectivity of diverse traffic and user access Distribution Restrict access Internet Data Center Remote Office and manage Secure VPN connectivity propagation and data privacy Core Internet Secure perimeter with firewalls VPN/Access Authentication services Data Center PSTN Mobile Office, Detect and react Telecommuter to intrusion Secure VPN connectivity 10 © 2003 Cisco Systems, Inc. All rights reserved.
  • 11. Service Offerings Across the Security Life Cycle Security Posture Assessment Assess and plan for a sound architecture Network Security Architecture Review and design IP Telephony Security Review Network Security Design Review Build in scalable, adaptable, easy-to- Network Security Design Development upgrade solutions Network Security Implementation Plan Review Transparently integrate Network Security Implementation into the core network Engineering infrastructure Cisco Security Agent Implementation NAC Implementation Riverhead Implementation Continually identify and mitigate risk Network Security Optimization 11 © 2003 Cisco Systems, Inc. All rights reserved.
  • 12. Security Posture Assessment— Establish a Baseline • Analyze existing security vulnerabilities • Validate security policy and procedures • Report unauthorized data and system access • Provide recommendations to prevent exploitation • Perform trending analysis over repeated SPAs 12 © 2003 Cisco Systems, Inc. All rights reserved.
  • 13. Security Posture Assessment— A Comprehensive Approach • Baseline to identify active Perimeter hosts, operating systems, and Penetration Test services • Targeting to identify all network vulnerabilities Remote Exploitation • Exploitation to manually confirm vulnerabilities • Data intelligence and threat Internal analysis against requirements Simulated and best practices Attack 13 © 2003 Cisco Systems, Inc. All rights reserved.
  • 14. Security Posture Assessment Dialup Assessment Internal Assessment Internet WAN Enterprise Network External Wireless Assessment Assessment 14 © 2003 Cisco Systems, Inc. All rights reserved.
  • 15. Security Posture Assessment— Sample Results and Findings Architectural 66 Class A networks supporting 100,000 employees on the internal weaknesses network (for example, one Class A network supports 16,777,214 hosts) Access control External remote access connections to critical hosts on the internal vulnerabilities network due to an unauthorized rogue modem Network control and Identified 16 unknown, unauthenticated high-speed Internet connections auditing weaknesses for a large enterprise with several global divisions Detection and Five weeks of intensive attacks undetected due to lack of logging, response monitoring, and employee awareness weaknesses Incomplete policy Firewall configured with no policy rules for 13 months configuration Use of default Standardized vendor passwords on network devices passwords Example: all Cisco routers configured to use “cisco” as the user ID and password Weak passwords Joe, null, or easily guessed passwords allowing access to critical or sensitive hosts Example: Over 140,000 user ID and password pairs for an online financial institution were captured unencrypted, stored on a vulnerable host that was accessible from the Internet 15 © 2003 Cisco Systems, Inc. All rights reserved.
  • 16. Security Posture Assessment— Communicating Results The SPA Report • Executive Summary Metrics for baseline studies, trending, and budget review • Assessment Analysis Vulnerabilities discovered and data analysis • Best Practices and Strategy Recommendations for mitigating risk 16 © 2003 Cisco Systems, Inc. All rights reserved.
  • 17. SPA Case Study— Fortune 125 Insurance Company • Protection of client financial portfolios • Compliance with GLBA requirements Requirements • No disruption of production financial systems • Working knowledge of European privacy laws • External posture assessment to identify vulnerabilities that allow outsiders to compromise client records Scope • Internal posture assessment to identify unauthorized employee access to sensitive information • Identified employees with unauthorized access to management information Results • Identified extensive external vulnerabilities • Improved skills of internal staff who participated in war games 17 © 2003 Cisco Systems, Inc. All rights reserved.
  • 18. Network Security Design Benefits • Maintain an optimized security implementation • Ensure fast recovery in case of disruption • Reduce operating costs of security administration • Avoid implementation problems • Prepare for future deployment initiatives • Identify deviations from best practices and policy 18 © 2003 Cisco Systems, Inc. All rights reserved.
  • 19. Applying Best Practices for Business Results Management Building E-Commerce ISP Distribution Corporate Internet CERT® Edge Core Server VPN/Remote Access PSTN FR/ATM WAN 34 © 2002, Cisco Systems, Inc. All rights reserved. 19 © 2003 Cisco Systems, Inc. All rights reserved.
  • 20. Tailoring SAFE from Cisco to Your Environment Best Practice Security Blueprints for Implementing Integrated Network Security Available Blueprints Enterprise Management Building E-Commerce Small Business ISP Distribution IPSec VPNs Corporate Internet Edge Voice Core Wireless Update Server VPN/Remote Access E-Commerce Update PSTN Layer 2 Networks New FR/ATM WAN 34 © 2002, Cisco Systems, Inc. All rights reserved. 20 © 2003 Cisco Systems, Inc. All rights reserved.
  • 21. Designing an End-to-End Secure Network Infrastructure Secure the Monitor and Manage and Infrastructure Respond Improve Campus router and Intrusion detection Security and network switch security policy, placement and management policy, design placement and design Data center system and server security Internet access monitoring Firewall policy, placement, and design Network attack mitigation VPN and dialup remote access Secure WAN connections Corporate extranet security 21 © 2003 Cisco Systems, Inc. All rights reserved.
  • 22. Network Security Design Review • Review network security architecture and design Perimeter security, remote access, IDS, firewalls, VPNs, e-commerce, etc. • Identify architecture and design vulnerabilities • Prioritize security requirements for network devices • Recommend improvements to topology, components, functions, and features • Recommend tools for managing network security 22 © 2003 Cisco Systems, Inc. All rights reserved.
  • 23. Network Security Design Development • Identify and analyze network infrastructure vulnerabilities • Define network security topology, components, and functions Perimeter security, remote access, IDS, firewalls, VPNs, e-commerce, etc. • Specify hardware and software requirements • Develop sample configurations for protocols, policy, and features • Recommend tools for managing network security 23 © 2003 Cisco Systems, Inc. All rights reserved.
  • 24. Network Security Design Development Methodology Customer Input Cisco Methodology • Understand security business goals, objectives, and requirements Security Policy, Goals • Identify threats to critical assets and Requirements • Map security requirements to network architecture Network Topology, • Define security topology, Design, Inventory components, and functions • Deliver impact analysis of new requirements Network Device Configuration • Provide preliminary and final gap analysis • Deliver architecture/design Network Services and document with network diagrams Business Process 24 © 2003 Cisco Systems, Inc. All rights reserved.
  • 25. Perimeter Security Architecture and Design Small Business/Branch Office Internet Access Corp HQ Internet Internet Service Sample Firewall Policy Checklist Provider As restrictive and simple as possible Internal Firewalls Authorization process for firewall Regional changes Office Governed by separation of duties for Telecommuter Internet approval and workflow Access Data Center & Internal Firewalls Combines firewall tools to balance policy with throughput requirements ASP Audit log for firewall administration Robust back-out and configuration management Home Access Test frequently with penetration tests Internal Firewalls and policy audits Firewalls Server Farm 25 © 2003 Cisco Systems, Inc. All rights reserved.
  • 26. User Authentication and Authorization Design Allow only IPSec Traffic Authenticate Users Terminate IPSec Remote Focused Layer Access VPN 4–7 Analysis Broad Layer 4–7 Analysis Site-to- Site VPN Traditional Dial Stateful Packet Filtering Access Servers Basic Layer 7 Filtering PSTN Authenticate Authenticate Users Remote Site Terminate Terminate IPSec Analog Dial 26 © 2003 Cisco Systems, Inc. All rights reserved.
  • 27. User Authentication and Authorization— Sample Best Practices Allow only IPSec Traffic Authenticate Users Terminate IPSec Remote Focused Layer Access VPN 4–7 Analysis Corporate Layer Broad Extranet VPN Dialup 4–7 Analysis Individual user authentication Termination of network Identification and Site-to- links on firewalled DMZs Strong authentication accreditation of all dialup Site VPN using OTP or certificates services Encryption of access from No split tunneling to limit the Internet Individual accountability attacks Strong authentication for Strong authentication for Triple DES unless access from the internet remote users Traditional Dial prevented Packet Filtering Stateful by export laws Limit communication Access Servers User access logging Ingress filtering7 Filtering Basic Layer limited to session to authorized hosts PSTN and services IKE and ESP protocols Authenticate Authenticate Users Tunnels terminated in Remote Site Terminate front of firewall Terminate IPSec Analog Dial 27 © 2003 Cisco Systems, Inc. All rights reserved.
  • 28. Intrusion Detection Architecture and Design Extranet IDS Business Internet IDS Partner Monitors partner Users Complements firewall traffic where “trust” and VPN by is implied but not monitoring traffic for assured malicious activity Sample IDS Best Practices Test different intrusion profiles Corporate and alert/response methods Office Internet Determine location and interoperability with network management consoles Tune for the environment to Data Center manage false alarms Intranet/Internal Remote Access NAS Test a combination of HIDS IDS IDS DMZ and NIDS positioning Servers Protects data Hardens perimeter centers and critical control by Test frequently with assets from internal monitoring remote penetration tests and policy threats users audits 28 © 2003 Cisco Systems, Inc. All rights reserved.
  • 29. Data Center Network Security Design Information Theft Denial of Service Unauthorized Entry Sample Data Center Security Best Practices N-Tier Front End Applications Network Endpoint protection of hosts, servers and desktops Data Interception Unprotected Assets Network-based intrusion detection for Web Servers IP Layer 2/3 threat monitoring, analysis and prevention Firewalls for filtering traffic Application Servers VPNs for secure communications between data centers Identity servers for strong DB Servers authentication IP Mainframe Communications Operations Management and monitoring of security devices, services and network activity Data Center 29 © 2003 Cisco Systems, Inc. All rights reserved.
  • 30. Architecture and Design Case Study— U.S. Government Institution • Provide security architecture and design Requirements recommendations based on national security policy • Augment limited in-house expertise • Identify vulnerabilities on a classified network • Firewall and IPSec VPN design and configuration review for conformance with SAFE from Cisco® Scope • Security Design Review to identify nonconformance with security policy and Cisco best practices • Provided design recommendations prior to a major Results infrastructure upgrade • Customer implemented firewall and VPN design in less time, with less costly redesign 30 © 2003 Cisco Systems, Inc. All rights reserved.
  • 31. Network Security Implementation Plan Review • Understand the objectives, scope, and constraints of the deployment • Analyze requirements for solution deployment, integration and management • Review implementation plans including tasks, milestones, resources and schedule • Analyze network staging, test, and installation plans, including topology, configurations, test scripts, and acceptance criteria • Analyze and recommend hardware and software changes 31 © 2003 Cisco Systems, Inc. All rights reserved.
  • 32. Network Security Implementation Engineering • Analyze solution test, installation, and integration strategy • Develop implementation plan including tasks, milestones, and schedule • Develop network staging plan including topology, configurations, test scripts, and acceptance criteria • Analyze and recommend hardware and software changes • Provide custom installation, configuration, testing, tuning and integration • Deliver hands-on education and remote deployment support 32 © 2003 Cisco Systems, Inc. All rights reserved.
  • 33. Cisco Security Agent Implementation Service Assess and plan for Develop Deployment a sound CSA architecture Strategy and Plan and design Build scalable, adaptable, Identify Requirements and easy-to-upgrade CSA Deliver a Design Specification solutions Deliver Limited Deployment With Integrate CSA into the Custom Policies that Meet network infrastructure and application environment Solution Requirements Continually improve Provide Ongoing Support for intrusion prevention Enterprise Deployment solution 33 © 2003 Cisco Systems, Inc. All rights reserved.
  • 34. NAC Implementation Service Assess network operations and infrastructure to determine NAC Plan for a sound NAC architecture and design readiness. Install and test a limited deployment. Deliver NAC design specification Build scalable, adaptable, detailing topology, device easy-to-upgrade NAC solution configurations, HW/SW upgrades, and management. Develop a deployment plan and Integrate NAC into the provide onsite installation of a network infrastructure corporate-wide implementation. Provide ongoing/periodic Continually improve consultation to optimize NAC network admission for reliability, efficiency and control solution scalability. 34 © 2003 Cisco Systems, Inc. All rights reserved.
  • 35. Network Security Optimization • Define criteria for network security optimization • Collect and analyze data for trends and exceptions • Review network security component placement and configuration • Provide recommendations for network and security component tuning • Deliver impact analysis of new software, features and configuration • Analyze and notify staff of network security advisories 35 © 2003 Cisco Systems, Inc. All rights reserved.
  • 36. Cisco Services Delivering Customer Satisfaction Advisory Services Advisory Services Advanced Services Network Security Technical Support Services Technical Support Services World Class Partners 36 © 2003 Cisco Systems, Inc. All rights reserved.
  • 37. Cisco Advanced Services Deliver a Secure Network Delivered Uniquely by Cisco® Customer Benefits Business Protection Reduce risk to business assets Knowledge Transfer People Best Practices Lower TCO Secure Process Optimize investment Corporate in secure network Tools infrastructure Network Partners Productivity Simplify and standardize operations 37 © 2003 Cisco Systems, Inc. All rights reserved.
  • 38. Presentation_ID 38 © 2001, Cisco Systems, Inc. All rights reserved.