Cisco Email Security - Cisco
-
Upload
phungkhanh -
Category
Documents
-
view
235 -
download
0
Transcript of Cisco Email Security - Cisco
1C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Email SecurityProtect Your Network and Your Business
2C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Agenda
Email Is Important for Business
The Threat Landscape
Cisco® Email Security Benefits
Inbound Protection
Outbound Control
Customizable Offerings
3C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Businesses Consider Email One of Their Most Important Systems
89.0101.0
114.3
128.6
143.8
0
20
40
60
80
100
120
140
160
2012 2013 2014 2015 2016
Busin
ess E
mails
per
Day
(Bill
ions)
Source: The Radicati Group, Inc., Email Statistics Report, 2012-2016
4C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
As the Way You Use Email Changes…
Mobile Coffee shop Corporate Home Airport
5C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
…The Threats Change Too
IPv6 Spam
Blended Threats
Targeted Attacks
APTsBotnets
Rootkits
Worms
Trojan Horse
6C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Tackle the Most Advanced Threats with Cisco Email Security Solutions
Best performance Lowest TCO Future focus
Threat Defense Data SecuritySolutions
Strengths
7C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Email Security Benefits
Best performance
• Very few false-positive email classifications
• Capability to quickly block new email-sent
viruses
• Best-in-class capability to stop or encrypt
sensitive outbound email
• Exceptional threat identification infrastructure
using Cisco’s global presence
• Proactive protection of email with Cisco
SensorBase™ filtering
8C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Email Security Benefits
Lowest TCO
“With Cisco, a substantial
reduction in total cost of
ownership and the new
features to battle viruses
and spam [are] a reality.”
Kenichi Tabata
Komatsu. Ltd., Japan• World’s leading email security support
• No ongoing administration
• Low impact on network performance
• Built-in compliance capabilities
• Easy installation and management
• Few appliances required
• Reduced CapEx with virtual appliances
9C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Email Security Benefits
• Demonstrated commitment to email security
investment and innovation
• Extremely flexible email security: on-premises, in
the cloud, hybrid, and virtual
• Smarter and better anticipation of threats
• Outstanding capability to scale threat analysis as
the amount global data continues to grow
Future focused
“Cisco innovation and insight
has led email security for ten
years. We have been using
their solution campus wide with
great success for a long time. It
gives us confidence for the
future.”
Dr. Damian Bucher
Zentrum für Informationsverarbeitung
Westfälische Wilhelms-Universität
Münster, Germany
10C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Control
Cisco
AnyConnect®Cisco
IPS
Cisco
ScanSafe
WWW
Cisco WSACisco ASACisco ESA
Visibility
WWW
Web
Endpoints
Devices
Networks
IPS
Cisco Security Intelligence OperationsOutstanding Cloud-based Global Threat Intelligence
1.6 millionglobal sensors
100 TBof data received per day
150 million+ deployed endpoints
35%worldwide email traffic
13 billionweb requests
24x7x365operations
40+languages
600+engineers, technicians, and researchers
80+PH.D., CCIE, CISSP, AND MSCE users
More than US$100 millionspent on dynamic research and development
3- to 5-minute updates
5,500+IPS signatures produced
8 million+rules per day
200+parameters tracked
70+publications produced
Actio
ns
Cisco® SIO
Info
rmation
11C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco SIO Is Intelligence Defense Delivered at Scale
100 TBsecurity
intelligence
93 billiondaily email
messages
13 billionweb
requests
4.5
billiondaily email
blocks
1000applications
35%enterprise
5500IPS
signatures
150
milliondeployed
endpoints
3- to 5-
minuteupdates
5 billiondaily email
connections
1.6
milliondeployed
devices
150,000micro-
applications
Cisco® Security Intelligence Operations:
Broad visibility
Global footprint
Defense in depth
12C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco SensorBase: Email Reputation Database
Complaint
Reports
IP Blacklists
and Whitelists
Domain
Blacklist and
Safelists
Compromised
Host Lists
Website
Composition
Data
Other DataGlobal Volume
Data
Message
Composition
Data
Spam Traps
+100-10
IP Reputation Score
Breadth and quality
of data make the
difference
13C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Email Security Architecture
Threat Defense
Antispam
Antivirus and Virus Outbreak Filter
Data Security
Data Loss Prevention
Encryption
Management
14C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Email Security: Threat Defense
Management
Antivirus and Virus Outbreak Filter
Threat Defense
Antispam
Data Security
Encryption
Data Loss Prevention
15C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Antispam Defense in Depth
Known good mail is delivered
Suspicious mail is rate
limited and spam filtered
• > 99% catch rate
• < 1 in 1 million
false positives
Known bad mail is blocked
before it enters the network
Incoming mail
good, bad, and
unknown email
What
Cisco
Anti-Spam
WhenWho
HowWhere
Cisco® SIO
16C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Anti-SpamDefense-in-Depth Spam Protection
What
WhenWho
HowWhere
Cisco®
Anti-Spam
• Spam botnets
• Spammer networks
Email Reputation
• SMS Spam
• Attachment-based spam
Message Content
• Malware and phishes
• Short-texted spam with URLs
Web Reputation
• Image spam
• Spam created using
automation tools
Message Construction
17C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Email Security: Threat Defense
Antivirus and Virus Outbreak Filter
Threat Defense
Antispam
Data Security
Encryption
Data Loss Prevention
Management
18C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Antivirus Defense in Depth
Virus Outbreak Filters Antivirus Engines
Zero-Hour Virus
and Malware Detection
Choice of
Antivirus Engines
19C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Data Security Virus Outbreak FiltersZero-Hour Malware Prevention
Virus Outbreak Filters in Action
Virus Outbreak Filters Advantage
• Average lead time*: Over 13 hours
• Outbreaks blocked*: 291 outbreaks
• Total incremental protection*: Over 157 days
Virus
Filter
Dynamic
QuarantineCisco® SIO
Zero-Hour Virus
and Malware Detection
Choice of
Antivirus Engines
Antivirus Engines
20C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Outbreak filters defend against blended attacksIntegrated email and web security
Website is
cleanLink is clicked
Website is
blockedCisco Security
The requested web page
has been blocked
http://www.threatlink.com
Cisco Email and Web Security protects your
organization’s network from malicious software.
Malware is designed to look like a legitimate email
or website which accesses your computer, hides
itself in your system, and damages files.
Dynamic, real-time inspection via HTTP
Cisco SIO
21C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Email Security: Data Security
Antivirus and Virus Outbreak Filter
Threat Defense
Antispam
Data Security
Encryption
Data Loss Prevention
Management
22C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DLP and ComplianceBuilt-in Comprehensive DLP Solution with RSA: Accurate, Easy, and Extensible
Data Loss Prevention
Incidents Policies
• Fast setup
• Low administrative overhead
• Comprehensive policy creation
and modification
• Exceptional accuracy
• Direct integration for
enterprisewide DLP deployments
23C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
One click activation of
pre-loaded policies
DLP Is Easy to Set Up Stop Sensitive Content in Minutes
Integrated into
policy manager
24C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Providing Comprehensive Policy Coverage100+ Predefined Policies for Comprehensive Coverage
25C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Accuracy with In-Depth Analysis…
Unique rule matches are met
Proper name detection
Rule is matched multiple
times to increase score
SSN detection
Matches are found
in close proximity
26C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Detailed message trackingDrill-down reporting
…And Easy Reporting and Monitoring
27C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Email Security: Data Security
Antivirus and Virus Outbreak Filter
Threat Defense
Antispam
Data Security
Encryption
Data Loss Prevention
Management
28C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Anyonecan read message
No guaranteedmessage recall
No controlover forwarding
TO
CC
SUBJECT
Traditional Email Has Limitations
ConfidentialEmail
ReadReceipt
GuaranteedRecall
SecureReply and forward
TO
CC
SUBJECT
Cisco Encrypted Email Is Integrated into the Network
29C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Simplified Messaging Security Through a Cloud-Based Encryption Service
Cisco® Registered Envelope Service Turnkey Email Encryption
Flexible cloud-based
encryption key server
Hosted key service
Federated identity gateway
Push technology with
intuitive policy
management
Support for SAML for
federated identity
Technology independence:
use your inbox or mail
server of choice
Integrated MTA-to-MTA TLS enforced security with advanced end-to-end encryption to meet evolving customer requirements
Email sender prepares an
encrypted message for the recipient
Recipient gets encrypted message
Encryption key is requested by
recipient to decrypt message
Decrypted message is displayed to
recipient
Encryption key is stored in the cloud
30C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Easy for the Sender
• Automated key management
• No desktop software requirements
• Send to any email address transparently
• Encryption triggered by keywords, policies, senders, recipients, etc.
Sender Controls
31C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
And Easy for the Recipient
Open attachment1 Enter password2 View message3
32C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Offering Enhanced Visibility and ControlWith Multidevice Support for Encrypted Email Anytime and Anywhere
LaptopsTabletsSmartphones
33C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Email Security: Management
Antivirus and Virus Outbreak Filter
Threat Defense
Antispam
Data Security
Encryption
Data Loss Prevention
Management
34C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Archive all mail
• Virus-outbreak filters disabled for .doc files
• Mark and deliver spam
• Delete executable files
• Allow all media files
• Quarantine executable files
Cisco Email Security ManagerSingle View of Policies for the Entire Organization
Categories by: active directory, domain, username, or LDAP
IT
Sales
Legal
A single, versatile dashboard to manage all the services on the appliance
35C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Email volumes
• Spam counters
• Policy violations
• Virus reports
• Outgoing email data
• Reputation service
• System health view
• Single view across the organization
• Real-time insight into email traffic and security threats
• Actionable drill-down reports
Consolidated and custom reports
Comprehensive InsightUnified Business Reporting
Multiple data points
36C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Visibility into Email MessagesMessage Tracking
What happened to the email I sent 2 hours
ago?
Track individual email messages
Who else received similar emails?
Forensics to help ensure compliance
37C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Customizable Service OfferingsBroad Protection and Control
Antivirus and Virus Outbreak Filter
Threat Defense
Antispam
Data Security
Encryption
Data Loss Prevention
Appliance Virtual CloudFlexible Deployment Options
Inbound Protection Outbound Control
38C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential