O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Protegendo a nova geração de redes

522 visualizações

Publicada em

Apresentação realizada por especialista Cisco no Security week

Publicada em: Tecnologia
  • Seja o primeiro a comentar

Protegendo a nova geração de redes

  1. 1. 1© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Protegendo a nova geração de redes de acesso Flávio Corrêa Consulting Systems Engineer - Mobility Fernando Zamai Consulting Systems Engineer - Security
  2. 2. 2© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Evolução das redes de acesso Cisco Wi-Fi Cisco LAN Autonomous Access Point Controller Coordinated Access Points with RRM 1,2, and 3 Spatial Stream 802.11n with CleanAir Unified Policy and Network Management Stateful Switchover & Application Visibility and Control 802.11ac Wave 1 & High-Density ExperienceConnected Mobile Experiences 802.11ac Wave 2 & Multigigabit Ethernet & Hyperlocation Self-Learning - RRM Self-Protecting - CleanAir Self-Healing – SSO Self-Optimizing– HDX 1997 2012 2016 Cisco Unified Access™
  3. 3. 3© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1000! 14B! 500B! Conexões Internet! +55%! Tráfego Internet! hoje é WiFi! 50B!
  4. 4. 4© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Evolução do casos de uso de mobilidade BYOD! Company ! Purchased! Basic Communications! Transforming! Work! Mobile Transactions! Networking!
  5. 5. 5© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Autenticação! Criptografia! Rogue APs! Ataques OTA!
  6. 6. 6© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  7. 7. 7© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  8. 8. 8© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Access Point “Rogue”
  9. 9. 9© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  10. 10. 10© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  11. 11. 11© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Visibilidade! Localização! CleanAir! WIDS/WIPS! AVC / NetFlow! Interferências! Clients! Rogue Aps! Attackers! Rede como Sensor!
  12. 12. 12© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  13. 13. 13© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
  14. 14. 14© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential ISE Cisco Identity Services Engine Controle de acesso avançado com compartilhamento de contexto em tempo real. Wired Wireless VPN Dynamic Segmentation Options: VLANs, DACLs, or TrustSec Política de Acesso, Segmentação e Contexto é fundamental no combate ao Cybercrime. Quem é você? à Paulo Qual Dispositivo? à iPad Pessoal ou Corporativo (BYOD) Onde? à Torre A, 2o andar Quando? à 16:30, 16 de Setembro Como? à Wired, Wireless, ou VPN
  15. 15. 15© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Controle de Acesso Avançado Fingerprint MAC Vendor, Dhcp / CDP, Nmap Dispositivo = Access Point Ubiquiti NEGADO
  16. 16. 16© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Provisionar BYOD - Provisionamento [Nome / senha] •  Usuário é autorizado? •  Dispositivo é autorizado? Provisionar fzamai C1:5C:00:00:20:15 OU = BYOD Access ü  ü  fzamai C1:5C:00:00:20:15 OU = BYOD Access WiFi
  17. 17. 17© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Configurar Rede BYOD – Acesso Seguro e Transparente •  Certificado válido? •  Usuário válido? •  Grupo BYOD? •  Dispositivo válido? •  MAC Cert / Dispositivo? Autorizar Acesso BYOD Vlan = 10 ACL = Net_Only TAG = BYOD ü  Certificado fzamai C1:5C:00:00:20:15 OU = BYOD Access
  18. 18. 18© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Confidential
  19. 19. 19© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Confidential USABILIDADE
  20. 20. 20© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Rastreabilidade WWW 10.1.1.20 → www.cisco.com 10.1.1.20 Usuário? Fzamai IPAD BYOD
  21. 21. 21© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Network as Sensor Network as Enforcer

×