Isday 2017 - Atelier Cisco
•Transferir como PPTX, PDF•
1 gostou•336 visualizações
Solutions de sécurité Cisco
Recomendados
Recomendados
Mais conteúdo relacionado
Mais procurados
Mais procurados (20)
Semelhante a Isday 2017 - Atelier Cisco
Semelhante a Isday 2017 - Atelier Cisco (20)
Mais de Inforsud Diffusion
Mais de Inforsud Diffusion (20)
Último
Último (20)
Isday 2017 - Atelier Cisco
- 1. Solving Security with Cisco
- 2. 50B Devices Connected by 2020 $19T Opportunity Digital Disruption, Massive Scale Active Adversaries Security Industry Attack surface Threat Actors Attack Sophistication Rapidly expanding number of security companies Not interoperable Not open Changing Business Models Dynamic Threat Landscape Complexity and Fragmentation Security Challenges
- 3. Security Challenges Globally Ransomware Mobile Work Force IoT Cloud Applications Automation Cost Complexity People Shortage
- 4. How Often is Your Board Formally Updated on Cybersecurity Risks? Monthly Quarterly Semi-Annual Annually Never 4% Source: Survey of 100 Global CISO’s February 2017 9% 38% 57% 29% 21% 25% 13% 4% 0% 2015 2017
- 5. Source: Ben Walker, Marketing Executive at vouchercloud – April 5, 2015 90% of the world’s data today has been created in the last 2 years alone Today, DATA is where the money is
- 6. Firewall Last 20 years of security: Got a problem? Buy a Box
- 7. The Industry Has You Covered…
- 8. Cisco Security Closes the Gap The Security Effectiveness Gap
- 9. – Threat Intelligence Services Integrated Threat Defense Endpoint CloudNetwork The Most Complete Security Portfolio in the Industry © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
- 10. Unrivaled global threat research and intelligence 00I00 I00I0I II0I0I 0II0I I0I00I0I0 0II0I0II 0I00I0I I0 00 II0III0I 0II0II0I II00I0I0 0I00I0I00 I0I0 I0I0 I00I0I00 III00II 0II00II I0I0II0II0 I0 I0 I00 00I0 I000 0II0 00 III00II I000I0I I000I0I I000I0I II 0I00 I0I000 0II0 00 00I I0I0I0 I0I0III000 I0I00I0I 0II0I0 I00I0I0I0I 000 II0II0I0I0I I0I0I0I 0I0I0I0I 0I0I00I0 I0I0I0I 0II0I0I0I 0II00 I00I0I0 0I00I0I I00I0I0 I0I0I0I 0I0I0I 0I0I0I0 00I0I0 0I0I0I0 I0I0I00I 0I0I 0I0I 0I0I I0I0I 0I00I0I III00II 0II00II I0I000 0II0 00I0I00 I0 I000I0I 0II 0I0I0I III00II 0II00II 0I0I0I0I 0I I0 I00 000II0 I0I0 0II0 00 24 7 365 Operations 100 TB Of Data Received Daily 1.5 MILLION Daily Malware Samples 600 BILLION Daily Email Messages 16 BILLION Daily Web Requests MILLIONS Of Telemetry Agents 4 Global Data Centers Over 100 Threat Intelligence Partners 250+ Full Time Threat Intel Researchers
- 11. 38%+ TCO* Reduction Cisco Architectural Approach Helps Customers Save Money * Final Results Firewall VPN Email Security Web Security DLP SIEM Replacement Box Failover Persistent Threats IDS Firewall 2.0 VPN 2.0 Email Security 2.0 Web Security 2.0 DLP 2.0 SIEM 2.0 Replacement Box 2.0 Failover 2.0 Persistent Threats 2.0 IDS 2.0Point Products Approach Cisco Architectural Approach
- 12. Find and contain problems fast Simplify network segmentation Control who gets onto your network Protect users wherever they work Stop threats at the edge Security Enables Digitization Protect your Business During Digital Transformation
- 13. Anticipate, block, and respond to threats Cisco Firepower NGFW
- 14. OpenAppID Application Visibility & Control Provide next-generation visibility into app usage See and understand risks Enforce granular access control Prioritize traffic and limit rates Create detectors for custom apps Cisco database • 4,000+ apps • 180,000+ Micro-apps Network & users 1 2 Prioritize traffic
- 15. OpenAppID Extend AVC to proprietary and custom apps Easily customize application detectors Detect custom and proprietary apps Share detectors with other users Open-SourceSelf-Service
- 16. Web controls Block or allow access to URLs and domains Classify 280M+ URLs Filter sites using 80+ categories Manage “allow/block” lists easily Block latest malicious URLs Category-based Policy Creation Allow Block Admin Cisco URL Database DNS Sinkhole 01001010100 00100101101 Security feeds URL | IP | DNS NGFW Filtering BlockAllow Safe Search gambling
- 17. Next-Generation Intrusion Prevention System (NGIPS) Understand threat details and quickly respond Communications App & Device Data 01011101001 010 010001101 010010 10 10 Data packets Prioritize response Blended threats • Network profiling • Phishing attacks • Innocuous payloads • Infrequent callouts 3 1 2 Accept Block Automate policies ISE Scan network traffic Correlate data Detect stealthy threats Respond based on priority
- 18. c File Reputation Advanced Malware Protection (AMP) Uncover hidden threats in the environment • Known Signatures • Fuzzy Fingerprinting • Indications of compromise Block known malware Investigate files safely Detect new threats Respond to alerts File & Device Trajectory AMP for Network Log Threat Grid Sandboxing • Advanced Analytics • Dynamic analysis • Threat intelligence ? AMP for Endpoint Log Threat Disposition Enforcement across all endpoints RiskySafeUncertain Sandbox Analysis
- 19. Cisco Advanced Malware Protection (AMP) Deployment Options Get Visibility and Control across all attack vectors to defend against today’s most advanced threats. Protect your Endpoints! Get visibility into file and executable- level activity, and remediate advanced malware on devices running Windows, Mac OS, Linux, and Android. Supercharge your next-generation firewall by turning on AMP capabilities on the Cisco Firepower NGFW or the Cisco ASA with Firepower Services. Get deep visibility into threat activity and block advanced malware with AMP deployed as a network- Add AMP to a Cisco Web Security Appliance (WSA) or Cisco Cloud Web Security (CWS) and get visibility and control to defend against advanced threats launched from the web. Add AMP to a Cisco Email Security Appliance (ESA) and get visibility and control to defend against advanced threats launched via email. Combat and block network- based threats by deploying AMP capabilities on the Cisco Integrated Services Router (ISR). For high privacy environments that restrict the use of the public cloud, use an on-premises, air-gapped private cloud deployment of AMP for Networks or AMP for Endpoints. An on-premises appliance or cloud-based solution for static and dynamic malware analysis (sandboxing) and threat intelligence. based solution running on AMP-bundled security appliances (NGIPS).AMP for Endpoints AMP for Firewalls AMP for Networks AMP for Email AMP for ISR AMP for Web Threat Grid AMP for Private Cloud Virtual Appliance
- 20. Available in multiple deployment options Cisco Firepower Threat Defense on ASA 5500-X Cisco Firepower™ 4100 Series and 9300 New Appliances And on high-end performance appliances… Also available as standalone solutions Dedicated AMP NGIP S only Physical, virtual, and cloud options • AWS • Azure Cisco Firepower Threat Defense on 2100
- 21. Management
- 22. Firepower Management Center Easily manage NGFWs across multiple sites Manage across many sites Control access and set policies Investigate incidents Prioritize response Firepower Management Center Centralized management for multi-site deployments Multi-domain management Role-based access control High availability APIs and pxGrid integration NGIPS Firewall & AVC AMP Security Intelligence …Available in physical and virtual options
- 23. Premiere Portfolio in the Industry UTM Network Analytics Advanced Malware Secure Internet Gateway WebW W W Policy and Access Email NGFW/ NGIPS Cloud Access Security
- 24. MERCI POURVOTRE PRESENCE! Marc GUEROULT Security Account Manager mgueroul@cisco.com
Notas do Editor
- Talking Points: Climate today and Security Challenges Today we are witnessing Digital Disruption on a massive scale. It is driving exponential growth in the number of online devices. Imagine 50 BILLION CONNECTED DEVICES by 2020! (up from 15B devices today). No business, industry, or govt is immune from this digital disruption. Digitization is a $19 trillion opportunity. Add to that the reality that we are facing Active Adversaries Attackers with a level of sophistication and professionalism that challenges the organization’s ability to cope. They are motivated by financial gain and sometimes hacktivism, they understand their targets—down to their likes and dislikes and how they conduct business. They exploit any weakness they find ruthlessly. This all means attackers are agile, while companies can’t always say the same. And our Security Industry is Fragmented There are 100s of security companies out there. . . .you know them! And new companies are spawned daily touting new security boxes /new protection for the enterprise. And these security products are seldom open or interoperable. Do any of these conditions describe your situation? These factors pose security challenges for every business Many enterprises / companies security response has been a patchwork approach of point products to build a security posture. This undermines our need to get to more effective security.
- Talking Points: I travel fair amount. . . last 6 months been to 2 spots China, Singapore, Poland, UK, Aust, Japan, All across US Themes I hear. . . Ransomware People shortage – automation helps you solve it Mobile workforce IoT – hospitals Cloud apps Complexity Integrated architecture ala Cisco can solve all
- Talking Points: Playing To Technical Stereotype Draws Attention Away From Key Areas CISOs have been demanding greater business engagement for many years. Unfortunately, they haven't heeded that this desired change will require them to realign priorities and build new skills. Several factors have held back their progress: Security leaders still tend to be rooted in technology. More than half (54%) of security decision-makers say security and risk at their company is still mainly tech-focused, and a similar percentage report that their CISO continues to report into IT (55%). Conversely, only 3% of security decision-makers have a more rounded view with their CISO reporting into enterprise risk. It is unsurprising, then, that most CISOs approach security from a technical perspective. This also means that they often struggle with financial decisions, corporate communications, organizational design, commercial hurdles, and other challenges that are increasingly growing as the role demands more business knowledge and skillset.
- Talking Points: We are creating lots of data As a matter of fact, we are creating more data now than we’ve ever created in the history of mankind In the last 2 years alone, we’ve created 90% of the world’s data And what’s creating all this data? It’s all these megatrends you read about: IOT / cloud/ explosion of mobile devices As we create more data, the pot of gold for these cybercriminals is growing bigger and bigger At the same time, the tools available for these criminals are becoming way more sophisticated and easier to access. . .these tools, like ransomware, are offered online as a service you can buy Let’s face it. Companies are spending a lot of money on security. . . why is it that they continue to get breached?? Why is that? The way the Industry has chosen to address these problems is not working. Let me explain to you why. . . Source: Ben Walker, Marketing Executive at vouchercloud – April 5, 2015 2.5 Quintillion bytes of data created every day
- Talking Points: The cyber security business is massive Billions of dollars. . . For the last 20 years, the industry has approached this problem the SAME WAY If you have a problem, here’s a box we can sell you. . .and we might sell you some software too
- Talking Points: This is actually what the security landscape in a company looks like And this is not an exaggeration. . .but a fact The average enterprise has between 50 and 100 different security vendors in their environment Think about that for a moment Not different products. . .it’s different vendors If you look closely at all these different areas, you can see that Cisco competes in most of these quadrants And this complexity continues to accelerate.. . especially as new threats evolve regularly. This complexity is creating massive headaches for our customers. . . And let’s be honest with ourselves. . . Our customers are NOT more secure.. Companies are still getting breached! Why is that? Does the technology not work?? Are they not deploying it correctly? Have you ever stopped to ask yourself these questions??? As you continue to add more technologies on top of each other, It’s actually LESS EFFECTIVE We at Cisco believe we can approach this problem differently. . .that we can be part of the solution. . . . Listen, I am not telling you to sell less boxes. . .but I am asking you to take a DIFFERENT APPROACH to help our customers reduce what we call the Security Effectiveness Gap
- Talking Points: FIRST CLICK It’s really quite simple As our customers attempt to stay out in front of all these cyber threats, they’re investing in technologies in the form of many new boxes and software.. . . to add capabilities But what’s happening is these capabilities hit a plateau. . .they’re flat lining. . . Even when they’re spending more and more money NEXT CLICK And at the same time, the complexity goes thru the roof That’s because these boxes are not integrated. And it creates what we call this effectiveness gap. . . It’s a management nightmare. . . trying to manage all these different type of siloed technologies. . . .the technologies in many cases do not talk with each other And it’s very difficult to make sense of all the data coming at you. . . What do you respond to? What’s relevant?? NEXT CLICK What we have done at Cisco is this: We’ve turned the tables on this effectiveness gap. .. and REVERSED this challenge that our customers are dealing with And we are actually doing this TODAY We are increasing customer’s capabilities while reducing complexity We’re actually doing this by investing in automation. . .and developing technologies that work together, reducing your time to detection As we all know, when it comes to security, speed matters Let me frame this up for you: the industry standard is that it takes customers a 100 days to detect that they have been breached Our approach is working -- we have taken time to detection down to 13 hours, which leads the industry. .. . . .and we want to take this down even further, to minutes. NO ONE can close the effectiveness gap like we can – no one can do it without effective security built upon an integrated architecture. Transition: It starts with best of breed products that are integrated into a single architecture. .
- Talking Points: Here is the strategy moving forward It’s about the industry’s most effective security portfolio – starting with our best of breed portfolio that fit together into an integrated architecture working together for simpler and more effective security. We have security on the network, in the cloud and on endpoints. Then you couple that with world class intelligence. . . and what is threat intelligence? That word gets thrown around a lot… Threat intelligence is in its essence gives you a list of items which you need to block… And our brand of threat intelligence at Cisco is Talos So what Talos does is it takes incredible machine learning capabilities where they look at the security posture of the internet plus threat feeds from all of our technologies. . .and they couple that with human intelligence to proactively discover and respond to the latest threats. In Talos, we have over 250 threat intelligence researchers who are the best in the industry.. they push back out their learnings throughout our architecture and to all of Cisco’s security products. . .this information is automated and continuously updated. When you tie these all together with threat intelligence…it takes an architectural approach like this to improve security effectiveness and drive the cost and complexity out of the environment. Integrated Thread Defense You’ve heard of Integrated Threat Defense - when best of breed technologies come together into an architecture with integrated threat defense—these products work together seamlessly for a systemic response -- see a threat once and protect everywhere – automatically. This makes our networks harder to penetrate and as importantly, with automated responses, makes security simpler. This automation means we block more threats outright, we contain breaches faster and limit their scope, meaning there is far less time and money spent recovering from breaches. This is our force multiplier – manual burdens are lifted off of IT teams so are more effective and focused on projects that grow the business. And that’s how you solve the security conundrum we’ve been talking about. All of our customers are trying to PROTECT their network, endpoint and Cloud. . .Clearly these all have to work together.
- In order to reduce the threats you face, you need the best threat intelligence. Cisco Talos is the largest threat detection network in the world, monitoring 35% of global email traffic, including 600 billion email messages and 1.5 million malware samples daily. Talos is a recognized leader in threat detection as validated by NSS Labs. With over 250 highly skilled malware reverse engineers, threat analysts, and zero-day vulnerability research engineers, Talos catches threats that traditional security infrastructure and analysis systems can’t. Talos has unique insight into email-based threats due to SenderBase reputation filtering. Our diverse customer base allows us to address and identify threats with unparalleled speed and agility. Each day we inspect billions of emails; drawing on layered detection technologies we’re going to talk about today. Talos blocks 200 billion malicious emails a day, or 2.3 million blocks per second. With Talos, you’re able to see more anomalies, network intrusions and threats because Cisco delivers a 24/7 view into global traffic activity and keeps you up-to-date with the latest intelligence every 3-5 minutes. No other company can offer this comprehensive intelligence. Live map of threats today: Malware = http://beta.senderbase.org/ebc_malware/. Email Spam = http://beta.senderbase.org/ebc_spam/. A combination of Cisco’s old SIO (Security Intelligence Operations) and Sourcefire Vulnerablity Research Team (VRT), amongst others like maintaining open source SNORT and SenderBase. TALOS fits into the broader Cisco Collective Security Intelligence (CSI) ecosystem which also includes TRIAD (threat response, intelligence and development), Managed threat defence and Security Operations.
- Talking Points: A recent study shows that Cisco’s Arch Approach helps customers save money When you compare point products approach.. .with our arch approach Their overall findings show customers can see 30+% in TCO reduction and 38% in ROI over a three year period. Let’s look at the details Hardware, Software and Annual Support IT and Security Productivity Reduced Business & End User Downtime Reduced Risk of Data Breach These saving are from Forrester white paper about TCO and Cisco’s Architectural Approach to Security – based on real Cisco customer input data.
- Broken into 5 stories, the Security Business Outcomes help you sell this architecture. You can use them to walk a customer through an effective security posture step by step, but are also modular so you can jump ahead if a customer is interested in one solution over another. Each story is anchored to a specific problem, one of our hero products, and complimentary Cisco services. First is “Stop threats at the edge” and it highlights the Firepower NGFW. Second, “Protect users wherever they are” which positions the value of Cisco Umbrella. Third, “Control who gets onto your network” demonstrating the power of the Identity Services Engine. Fourth, “Simplify network segmentation” speaking to TrustSec and the network as an enforcer of policy. Finally, “Find and contain problems fast” focusing on how AMP tracks, contains and remediates breaches faster than any other product in the industry. “Segment your network” not great as an outcome - it’s more the process. Should be “stop lateral movement" no edge - digitization is about an attack surface No Security advisory services Vertical alignment - that is how the field sells Add SLN to infra what do we say about IOT? KEVIN/BRIAN: Every one of these needs to include the secondary products too; if plan A doesn’t work, plan B discussions i.e. last one, AMP; also leads to RTC AnyConnect “Protect users wherever…” also visibility, leverage install base simplifying management of network (instead of segmenting/lateral movement) accelerate digitization through automation Value around how complex the segmentation is “Simplify network segmentation”
- Hello, welcome. My name is ____________ and I’m with Cisco. Thanks for taking the time to meet with me today to talk about the Cisco Firepower NGFW, the industry’s first fully integrated threat-focused next-generation firewall for environments of all types. T: We all know that protecting the business is critical, yet it’s getting harder to keep up. <Click>
- …Controler l’accès aux applications avec Application Visibility and Control. Les Firewall traditionnels se basent sur des règles de filtrage liées à l’adresse IP, le port ou le protocole. AVC permet d’identifier les applications en s’appuyant sur une base de plus de 4000 applications et 180 000 micro application. Cela permet d’autoriser ou de bloquer l’accès à l’application en fonction du profil de l’utilisateur. Le but est de limiter les applications non professionnelles ou celles qui peuvent être source de menace (application de partage, de jeux ou de tchat) AVC permet d’autoriser certaines apllication tout en bloquant des micro application telles que le chat dans Facebook par exemple ou le transfert de fichier. La partie social media prenant une part plus important dans les entreprises, mais toutes les personnes ne l’utilisent pas à des fins professionnelles. On peut personnaliser en fonction des groupes. Par exemple un utlisateur lambda pourra aimer ou retweeter une information mais seul les membres du groupe Marketing pourront poster de nouveaux contenus tels que des images ou des videos. Interdire Remote Desktop Protocol (RDP), pour les utilisateurs qui n’ont pas besoin de l’utiliser comme des financiers par exemple. Notre version open source permet au administrateurs d’étendre le niveau de controle à des applications spécifiques au travers d’Oppen AppID
- Au dela des applications qui sont déjà référencées Openapp ID permet la creation de signatures applicatives permettant d’identifier des applications spécifiques à l’entreprise. Application medicales ou industrielles
- Visualisez les alertes et maîtrisez le trafic web suspect. Appliquez des politiques sur des centaines de millions d'URL classées en plus de 80 catégories. Customisation des URLS par rapport à des listes de restrictions DNS Sinkhole ? Balcklisté au niveau DNS domaine connu qui peuvent etre malicieux
- Le format de règle Snort développé par Cisco est un standard open-source qui est de loin le plus utilisé dans l’industrie. A la différence des formats utilisés pas ses compétiteurs, les règles Snort® peuvent être inspectées, éditées et même modifiées directement sur une sonde Cisco ou à travers le Firesight Managment Center. Le cœur de détection des NGIPS Cisco repose sur les règles de détection de vulnérabilité Snort® avec plus de 100.000 utilisateurs actifs De plus, les règles certifiées par Cisco sont développées par l’équipe de recherches en vulnérabilités Talos (Regroupement des équipes SIO de Cisco et VRT de Sourcefire). Cette équipe est constituée d’experts dont la tâche consiste à rechercher, analyser et répondre aux dernières menaces, tentatives d’intrusion et vulnérabilités réseau. Ces règles, s’appuyant sur la détection de la vulnérabilité, permettent de protéger contre les attaques de type « zéro-day » en détectant n’importe quel exploit possible d’une même vulnérabilité. Ainsi, si une variante d’attaque apparait, elle est détectée par la même règle Snort® et ne nécessite pas de nouvelle signature. Les règles Snort® protègent, entre autres, contre les types d’attaques suivants : * Worms * Trojans * Port scans * Buffer overflow attacks * Denial-of-service attacks * Spyware * Protocol anomalies * Malformed traffic * Invalid headers * VoIP attacks * IPv6 attacks * Fragmentation attacks and evasions T: Then, you can… <Click>
- L'analyse de la réputation des fichiers : les analyses avancées et la mutualisation des informations de veille permettent de déterminer si un fichier est malveillant. Les détections se révèlent ainsi plus précises. Quand cette fonction est activité, pour chaque binaire détecté, FirePOWER calcul son hash. Puis interroge la base de réputation TALOS pour avoir le score qui est associé au hash. Pour tous les scores négatifs ( qui correspondent à un binaire malveillant connu par Cisco ) une action de blocage du fichier est réalisée. Empêchant ainsi toute intrusion dans le système d’information de binaires à risques. Des notes de réputations pour tous les binaires malveillants qui ont déjà été analysés par TALOS. Les équipes de TALOS affectent des notes de réputation à plus d’1,5 million de binaires malveillants par jours. L'analyse des fichiers en sandboxing : vous permet d'exécuter, d'analyser et de tester des comportements malveillants dans un environnement extrêmement sécurisé. Vous êtes ainsi en mesure d'identifier des menaces de type « zero-day » autrefois inconnues. En option il est possible d’installer cette Sandbox en local. La détection rétrospective : des alertes se déclenchent si la disposition d’un fichier change lors d'une analyse approfondie. Vous pouvez donc identifier des programmes malveillants qui ont déjoué la première ligne de défense. Les indicateurs de compromission : permet de corriger et de hiérarchiser des événements liés aux fichiers et à la télémétrie afin de détecter des failles potentiellement actives. Les événements à haut risque sont donc classés par ordre de priorité. La trajectoire des fichiers : offre une visibilité sur la propagation des fichiers dans votre environnement et vous permet d'en assurer le suivi en permanence. Vous pouvez déterminer l'ampleur d'une attaque due à un malware beaucoup plus rapidement.
- Gamme ASA avec le code Firepower Threat Defense PME, succursales, grandes entreprises Code qui peut être activé sur la gamme ASA 5500-X FP 2100 Environnements : de la périphérie d'Internet, data centers Débit entre 1,9 Gbit/s et 8,5 Gbit/s Inspection des menaces entre 1,9 Gbit/s et 8,5 Gbit/s Pare-feu « stateful », Cisco Application Visibility and Control, système de prévention des intrusions nouvelle génération, AMP, URL FP4100 Périphérie d'Internet, environnements à haute performance Débit entre 20 Gbit/s et 60 Gbit/s FP9300 Opérateurs télécoms, data centers Débit jusqu'à 225 Gbit/s Inspection des menaces jusqu'à 90 Gbit/s Pare-feu, Cisco Application Visibility and Control, système de prévention des intrusions nouvelle génération, AMP, URL, DDoS
- T: …Obtain the visibility and control you need with multiple management options. These enable you to… <Click>
- …Get comprehensive visibility and control in one centralized location through an enhanced user interface with the Firepower Management Center . The Firepower Management Center is optimized for multi-site deployments, offering the ability to manage all Firepower appliances across distributed locations in one central place. To support Multiple Domain Management and make policy administration more efficient, The Firepower Management Center provides the ability to create a hierarchy of policies. Global Policies (e.g., access, inspection) can be established that will apply to all management environments. A policy hierarchy can then be constructed underneath the Global Policy level to represent different environments, different companies, different business units, or different parts of the organization. Each of these policy environments will inherit the policies of the hierarchy above it, allowing for more consistent and efficient policy management. It integrates seamlessly with all Firepower appliances to enable consistent policy enforcement and provide summarized deployment reports. This enables you to take full advantage of the NGFW's Firewall & AVC, NGIPS, and AMP capabilities, as well as its security intelligence feeds, further enhancing your protection. This includes management of NAT & Routing, SSL, Identity, Rate limiting, and Active/Passive Authentications, and enables you to coordinate Intrusion & Malware prevention capabilities as well as perform analytics, correlation, and remediation from one centralized platform. The Firepower Management Center leverages the NGFW's capabilities to offer unprecedented visibility and control of network activity through a centralized interface. All traffic can be viewed through comprehensive reporting, with customizable tables, graphs, and charts. Alerts and risk reports provide immediate notification of potential issues, and rule recommendations let you know how best to respond. Cisco Firepower Management Center’s comprehensive impact assessment relies on information from passive discovery, including OS, clients, and server applications. It allows analysts to focus on the smaller subset of events they are vulnerable to, and prioritizes threats targeting those vulnerabilities. This helps to focus the attention of security administrators and can eliminate up to 99 percent of the ‘noise’ associated with security monitoring and response. The Firepower Management Center is also designed to meet your network needs, available in physical and virtual options, and built for high availability. T: In addition to being able to easily manage a multi-site NGFW deployment, you’re also able to… <Click>
- Talking Points: With Cisco, your customers get the most effective portfolio AND an entire security architecture that works across the extended enterprise. . .in a way only Cisco can…because we’ve been collecting and driving intelligence across networks for years. You’ve heard of the saying “The whole is worth more than the sum of the parts”, right? Our portfolio comes together into an integrated architecture, one that provides coordinated responses, visibility and intelligence – which is key for effective security – to see a threat in one place and instantly protect against it everywhere. I won’t get into detail with all the products here…except to say we have the most advanced portfolio for advanced attacks….protection for endpoints, email and web security gateways…cloud-based and cloud access security products…protection for secure access to the enterprise network, from any device, at any time, in any location … And we tie them together with our integrated architectural approach.