Cisco IronPort Email & Web Security€¦ · Security Gateway. Application-Specific Security...

Click here to load reader

  • date post

    03-Jun-2020
  • Category

    Documents

  • view

    3
  • download

    0

Embed Size (px)

Transcript of Cisco IronPort Email & Web Security€¦ · Security Gateway. Application-Specific Security...

  • Ciscc 1© 2010 Cisco and/or its affiliates. All rights reserved.

    Cisco IronPortEmail & Web Security

    Greg Griessel

    Consulting Systems Engineer - Security

    [email protected]

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2Cisco

    EMAILSecurity Gateway

    Application-Specific Security Gateways

    SECURITY MANAGEMENT

    Appliance

    Internet

    WEBSecurity Gateway

    SensorBase(The Common

    Security Database)

    APPLICATION-SPECIFICSECURITY GATEWAYS

    BLOCK Incoming Threats: Spam, Phishing/Fraud Viruses, Trojans, Worms Spyware, Adware Unauthorized Access

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3Cisco

    Email Security, 2010

    The Magic Quadrant is copyrighted 2010 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

    This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Cisco.

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4Cisco

    Secure Web Gateway, 2011

    The Magic Quadrant is copyrighted 2011 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

    This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Cisco.

  • Ciscc 5© 2010 Cisco and/or its affiliates. All rights reserved.

    Cisco IronPortEmail Security

  • Cisco Confidential 6© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Junk Mail

    Viruses Regulations

    Privacy & Control

  • Cisco Confidential 7© 2010 Cisco and/or its affiliates. All rights reserved. CiscoSource: Cisco Threat Operations Center

    More and more targeted attacks

    0

    50

    100

    150

    200

    250

    300

    2006 2007 2008 2009 2010

    Daily Spam Volume (Billion)

    Targeted Attacks

    Spam

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8Cisco

    • Statistics on more than 30% of the world’s e-mail traffic

    • New threats & alerts detection• More than 200 parameters to build

    reputation scores

    • Data Volume• Message Structure

    • Complaints• Blacklists, whitelists

    • Off-line data

    Reputation Score

    Reputation Score• URL blacklists & whitelists

    • HTML Content• Domain Info

    • Known “bad” URLs• Website history…

    E-Mail Reputation Filters

    Web Reputation Filters

  • Cisco Confidential 9© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Man

    agem

    ent

    Cisco IronPort Email Security Appliance

    VirusDefense

    CISCO IRONPORT ASYNCOSEMAIL PLATFORM

    Data Loss Prevention

    Secure Messaging

    INBOUND SECURITY

    OUTBOUND CONTROL

    MAIL TRANSFERAGENT

    SpamDefense

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10Cisco

    For Security, Reliability and Lower Maintenance

    After Cisco IronPort

    Groupware

    Firewall

    Cisco IronPort Email Security Appliance

    Internet

    Before Cisco IronPort

    Anti-Spam

    Anti-Virus

    Policy Enforcement

    Mail Routing

    Internet

    Firewall

    Groupware

    Users

    Encryption PlatformMTA

    DLP Scanner

    DLP Policy Manager

    Users

  • Cisco Confidential 11© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Man

    agem

    ent

    Cisco IronPort Email Security Appliance

    VirusDefense

    CISCO IRONPORT ASYNCOSEMAIL PLATFORM

    Data Loss Prevention

    Secure Messaging

    INBOUND SECURITY

    OUTBOUND CONTROL

    MAIL TRANSFERAGENT

    SpamDefense

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12Cisco

    Revolutionary Email Delivery Platform

    Traditional Email Gatewaysand Other Appliances

    Cisco IronPort Email Security Appliances

    200Connections

    Low Performance/Peak Delivery Issue

    Disk I/O Bottlenecks

    Unable To Leverage

    Full Capability

    Components

    CPU Limited Solely By CPU Capacity

    1K – 10KConnections

    High Performance/Sure Delivery

  • Cisco Confidential 13© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Man

    agem

    ent

    Cisco IronPort Email Security Appliance

    CISCO IRONPORT ASYNCOSEMAIL PLATFORM

    Data Loss Prevention

    Secure Messaging

    INBOUND SECURITY

    OUTBOUND CONTROL

    MAIL TRANSFERAGENT

    SpamDefense

    VirusDefense

  • Cisco Confidential 14© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Spam Blocked Before Entering Network

    > 99% Catch Rate< 1 in 1 millionFalse Positives

    IronPort Anti-SpamSensorBase Reputation Filtering

    Who? How?

    What?Where?

    Verdict

    PresenterPresentation Notes

  • Cisco Confidential 15© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    • Known good is delivered

    • Suspicious is rate limited & spam filtered

    • Known bad is blocked

    IronPort Anti-Spam

    Incoming MailGood, Bad, and Unknown Email

    ReputationFiltering

    Cisco’s Internal Email Experience:

    Message Category % Messages

    Stopped by Reputation Filtering 93.1% 700,876,217

    Stopped as Invalid recipients 0.3% 2,280,104

    Spam Detected 2.5% 18,617,700

    Virus Detected 0.3% 2,144,793

    Stopped by Content Filter 0.6% 4,878,312

    Total Threat Messages: 96.8% 728,797,126

    Clean Messages 3.2% 24,102,874

    Total Attempted Messages: 752,900,000

    Real Time Threat Prevention

  • Cisco Confidential 16© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Man

    agem

    ent

    Cisco IronPort Email Security Appliance

    VirusDefense

    CISCO IRONPORT ASYNCOSEMAIL PLATFORM

    Data Loss Prevention

    Secure Messaging

    INBOUND SECURITY

    OUTBOUND CONTROL

    MAIL TRANSFERAGENT

    SpamDefense

  • Cisco Confidential 17© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    The First Line of Defense

    Early Protection with

    IronPort Virus Outbreak Filters

    PresenterPresentation Notes

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18Cisco

    Outbreak Filtering in Action

    Cisco SIO

    Verdict: Suspect IP / URLAction: Send to Cloud

    Verdict: Malicious ContentAction: STOP

    PresenterPresentation NotesOur track record of on-premise and cloud based security is proven. Security Services – best of breedCombination of content and network based security services and tools is unique to the industryOur strengths in CSIO and Outbreak Intelligence provide customers with the highest level of accuracy across the widest range of threat vectorsThe success of our cloud based solution is evidenced by the deep relationships with Service Providers. We are the Service Provider vendor of choice when it comes to cloud security. Sprint, ATT and Orange Business Services are a few of the SPs who have grown to rely on Cisco for their own cloud based offering.Operational excellence is critical to any offering that leverages cloud based security. We have offered 100% uptime in 6 years. NO DOWN TIME. This is based off an architecture that is built from the ground up as well as monitoring and operational practices that are designed from day one to deliver a cloud based service.

  • Cisco Confidential 19© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Zero Hour Malware Prevention and AV Scanning

    Virus Outbreak Filters Anti-Virus

    T = 0

    -zip (exe) files

    T = 5 mins

    -zip (exe) files-Size 50 to 55 KB

    T = 15 mins

    -zip (exe) files

    -Size 50 to 55KB

    -“Price” in the filename

    An analysis over one year:

    Average lead time …………………………over 13 hoursOutbreaks blocked ………………………291 outbreaksTotal incremental protection ……………. over 157 days

    PresenterPresentation Notes

  • Cisco Confidential 20© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Man

    agem

    ent

    Cisco IronPort Email Security Appliance

    CISCO IRONPORT ASYNCOSEMAIL PLATFORM

    Data Loss Prevention

    Secure Messaging

    INBOUND SECURITY

    OUTBOUND CONTROL

    MAIL TRANSFERAGENT

    SpamDefense

    VirusDefense

  • Cisco Confidential 21© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Top Risk: Employees Biggest Impact: Customer Data

    12%

    10%

    5% 4%7%

    Personal client information

    44%

    21%

    4% 8%4%

    Intellectual Property

    Personnel Information

    Information marked Confidential

    Top Data Loss Types

  • Cisco Confidential 22© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Comprehensive, Accurate, Easy

    Comprehensive 100+ Pre-defined templates

    Regulatory compliance

    Multiple parameters

    Key words, proximity, etc.

    Accurate

    One-click activation

    Policy enable/disable

    Easy

    PresenterPresentation Notes

  • Cisco Confidential 23© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Comprehensive, Accurate, Easy

    Comprehensive 100+ Pre-defined templates

    Regulatory compliance

    Multiple parameters

    Key words, proximity, etc.

    Accurate

    One-click activation

    Policy enable/disable

    Easy

    PresenterPresentation Notes

  • Cisco Confidential 24© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    “RSA has strong described content capabilities enabled by aformal knowledge-engineering process” - Gartner

    Ranked as “Leader” in Gartner Magic Quadrant

    Focus on accuracy:large research team staffed specifically to write and refine content polices

  • Cisco Confidential 25© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Reports by severity and policyReal time and

    scheduled reports available

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26Cisco

    Instant Deployment, Zero Management Cost

    Automated key management

    No desktop software requirements

    No new hardware required

    Gateway encrypts message

    Message pushed to recipient

    Cisco Registered Envelope Service

    User opens secured message in browser

    User authenticates and receives message key

    Key is stored

    Decryptedmessage is displayed

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27Cisco

    No ForwardingAllowed without Permission

    Confidential Contents GuaranteedRecall

    Guaranteed ReadReceipts

    Message Expiry

  • Cisco Confidential 28© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Protect CompanyFrom IdentityData Leaks

    Protect EmployeesFrom Identity StealingMalware and Phishing

    Inbound Security Outbound ControlCisco IronPort Email Security Solution

    Anti-Spam• SensorBase Reputation Filtering• IronPort Anti-Spam

    RSA Email DLP • 100+ predefined DLP policies• Accurate• Easy to Implement

    Anti-Virus• Virus Outbreak Filters (VOF)• McAfee Anti-Virus • Sophos Anti-Virus

    Encryption• Secure Message Delivery• Transport Layer Security

  • Cisco Confidential 29© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Man

    agem

    ent

    Cisco IronPort Email Security Appliance

    CISCO IRONPORT ASYNCOSEMAIL PLATFORM

    Data Loss Prevention

    Secure Messaging

    INBOUND SECURITY

    OUTBOUND CONTROL

    MAIL TRANSFERAGENT

    SpamDefense

    VirusDefense

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30Cisco

    Single view of policies for the entire organization

    • Mark and Deliver Spam• Delete Executables

    • Archive all mail• Virus Outbreak Filters

    disabled for .doc files

    • Allow all media files• Quarantine executables

    IT

    SALES

    LEGAL

    with Delegated Administration

    Global Administrator

    Read-OnlyOperator Helpdesk PCI Auditor PCI Supervisor……..

  • Cisco Confidential 31© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    Email Volumes

    Spam Counters

    Policy Violations

    Virus Reports

    Outgoing Email Data

    Reputation Service

    System Health View

    Single view across the organization

    Real Time insight into email traffic and security threats

    Actionable drill down reports

    Mul

    tiple

    dat

    a po

    ints

    Consolidated Reports

    Unified Business Reporting

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32Cisco

    Fully Managedon Premises

    Managed

    Award-Winning Technology

    Appliances

    Backed by Service Level Agreements

    Dedicated SaaS

    Infrastructure

    Hosted

    Best of Both Worlds

    Hybrid Hosted

  • Ciscc 33© 2010 Cisco and/or its affiliates. All rights reserved.

    Cisco IronPortWeb Security

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34Cisco

    Acceptable Use Control

    MalwareProtection

    Data LossPrevention

    Policy

    SaaS Access Control

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35Cisco

    Industry Leading Secure Web Gateway

    Control

    Security

    Acceptable Use Controls

    Malware Protection

    Data Security

    SaaS Access Controls

    Centralized Management and Reporting

    InternetSecure Mobility

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36Cisco

    80% of the web is uncategorized, highly dynamic or unreachable by web crawlers

    Botnets Dynamic content Password protected sites User generated content Short life sites

    The Known Web20% covered by URL lists

    Acceptable Use Controls

    Malware Protection

    Data Security

    SaaS Access Controls

    Danger

    Danger

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37Cisco

    URL Keyword Analysis

    www.casinoonthe.net/Gambling

    Industry-leading URL database efficacy

    • 65 categories• Updated every 5 minutes

    Dynamic categorization identifies more than 90% of Dark Web content in commonly blocked categories

    Uncategorized

    Dynamic Content Analysis Engine

    GamblingAnalyze Site Content

    Real-time Dynamic Content Analysis

    URL Lookup in Database

    www.sportsbook.com/ GamblingURL Database

    Uncategorized

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38Cisco

    Control

    Acceptable Use Controls

    Data Security

    SaaS Access Controls

    Centralized Management and Reporting

    InternetSecure Mobility

    Security

    Malware Protection

    Industry Leading Secure Web Gateway

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39Cisco

    • 237% volume increase in ‘09• Over 70% of compromised web sites are

    legitimate• Vulnerabilities in Adobe PDF emerged as

    the main target, followed by Flash

    54% of malware encounters due to iframes and exploits

    Cross-Site Scripting and SQL Injection are top attack methods

    83% of websites have at least 1 serious vulnerability

  • Cisco Confidential 40© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    BoingBoing.net: A Popular Blog

    • URLs in browser: 1

    • HTTP Gets: 162• Images: 66

    from 18 domains including 5 separate 1x1 pixel invisibletracking images

    • Scripts: 87 from 7 domains

    • Cookies: 118 from 15 domains

    • 8 Flash objects from 4 domains

  • Cisco Confidential 41© 2010 Cisco and/or its affiliates. All rights reserved. Cisco

    BoingBoing.net: A Popular Blog

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42Cisco

    Cisco Network and Content Security Deployments

    Predictive, Zero-day Protection

    Cisco SensorBase

    Threat Operations Center

    AdvancedAlgorithms

    Web Reputation Scores-10 to +10

    Cisco Security Intelligence Operations

    Threat Telemetry

    Threat Telemetry

    Outbreak IntelligenceExternal Feeds

    Identifying Malware Lurking in the Dark Web

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43Cisco

    New York Times: Victim of an Advertiser Attack!

    • Seemingly legitimate ad turned malicious causing 3 redirects

    • Ultimate destination: protection-check07.com

    Drive By Scareware

    Full-screen pop-up simulates real AV software, asks user to buy full version to clean machine.

    Cisco Web Rep Score: -9.3 Default Action: BLOCK

    NYT site allowed but malicious redirect blocked

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44Cisco

    Dynamic Vectoring and Streaming

    Signature and Heuristic Analysis

    Wide coverage with multiple signature scanning engines

    Identify encrypted malicious traffic by decrypting and scanning SSL traffic

    Seamless user experience with parallel scanning

    Latest coverage with automated updates

    Heuristics DetectionIdentify unusual behaviors

    DVS Engine

    Parallel Scans, Stream Scanning

    Signature InspectionIdentify known behaviors

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45Cisco

    Internet

    Users

    Cisco IronPort S-Series

    Network Layer Analysis

    PowerfulAnti-Malware Data

    Preventing“Phone-Home” Traffic

    Scans all traffic, all ports, all protocols

    Detects malware bypassing Port 80

    Prevents Botnet traffic

    Automatically updated rules

    Real-time rule generation using, “Dynamic Discovery”

    Layer 4 Traffic Monitor

    Packet and Header

    Inspection

    Also available on the ASA as Botnet Traffic Filter

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46Cisco

    Acceptable Use Controls

    SaaS Access Controls

    Centralized Management and Reporting

    InternetSecure Mobility

    Security

    Malware Defense

    Control

    Data Security

    Industry Leading Secure Web Gateway

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47Cisco

    Documents

    Allow, block, log based on file metadata, URL category, user and web reputation

    Multi-protocol: HTTP(s), FTP, HTTP tunneled

    Documents

    On-Box Common Sense Security

    DLP Vendor Box

    Internet

    Partner site

    Webmail

    Internet

    Deep content inspection: Structured and unstructured data matching Performance optimized: Works in tandem with accelerated on-box policies

    Log

    AllowBlock

    Log

    AllowBlock

    Off-Box Advanced Data Security

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48Cisco

    Control

    Data Security

    Centralized Management and Reporting

    InternetSecure Mobility

    Security

    Malware Defense

    Acceptable Use Controls

    SaaS Access Controls

    Industry Leading Secure Web Gateway

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49Cisco

    Identity

    Job Sites

    Instant Message

    P2P

    Streaming Media

    Human Resource

    No FileTransfer

    All

    100 kbps/User

    Facebook Lunch hour Time

    Object

    Application

    Location

    Priority

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50Cisco

    Granular control over HTTP, HTTP(s), FTP applications

    Dynamic signature updates maintained by Cisco SIO

    Granular Control over Application Usage

    Employee in Finance

    Access Control Policy Access Control Violation

    Instant MessagingFacebook: Limited Apps

    Video: 512 kbps max

    File Transfer over IMFacebook Chat, Email

    P2P

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51Cisco

    Block Malware like ‘Farm Town’ app ad that redirects users to fake antivirus software

    Allow/Block thousands of Facebook Apps

    Allow/Block features like Chat, Messaging, Video & audio bandwidth

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52Cisco

    Control

    Acceptable Use Controls

    Data Security

    Centralized Management and Reporting

    InternetSecure Mobility

    Security

    Malware Defense

    SaaS Access Controls

    Industry Leading Secure Web Gateway

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53Cisco

    Visibility | Centralized Enforcement | Single Source Revocation

    Regaining Visibility and Control Through Identity

    Branch Office

    Corporate Office

    Home Office

    SaaS Single Sign On

    AnyConnect Secure Mobility Client

    SaaS Single Sign OnRedirect @ Login

    User Directory

    No Direct Access

    X

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54Cisco

    Control

    Security

    Acceptable Use Controls

    Malware Defense

    Data Security

    SaaS Access Controls

    Centralized Management and Reporting

    InternetSecure Mobility

    Industry Leading Secure Web Gateway

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55Cisco

    On-Box Centralized Reporting and TrackingCentralized Management

    Centralized Policy Management

    Delegated Administration

    InsightAcross Threats,

    Data and Applications

    ControlConsistent Policy Across Offices

    and for Remote Users

    VisibilityVisibility Across Different Devices,

    Services, and Network Layers

    In-Depth Threat Visibility

    Extensive Forensic Capabilities

    Security Management Appliance

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56Cisco

    Multi-CoreOptimization

    Integrated Identity and Authentication

    NTLM/Active Directory

    LDAP

    Secure LDAP

    Addresses latency issues associated with anti-virus scanning

    Enables multi-scan features for improved security efficacy

    Optimized for rich web content

    Identity Based Policies

    Transparent, single sign-on (SSO) authentication against Active Directory

    Guest Policies, Re-Auth

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57Cisco

    Customers

    Awards

    Partners

    Pioneer in SaaS Web Security

    Over 34% market share in SaaS Web Security (IDC)

    Multi-award winning product portfolio

    Millions of users

    Billions of Web requests scanned every day

    100% Availability

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58Cisco

    AnyConnect Secure Mobility

    Internet Traffic

    VPN – Internal Traffic(optional)

    With AnyConnect 3.0

  • © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59Cisco

    Internet

    Corporate Office

    Blocked URLs

    Blocked Files

    Blocked Content

    ApprovedContent

    Branch/Retail or Home Office

    ISR G2 with ScanSafe Connector SW

    RADIUS/LDAP

  • Thank you.

    Cisco IronPort �Email & Web SecurityThe Cisco IronPort Story�Application-Specific Security GatewaysThe latest Gartner Magic Quadrant�Email Security, 2010The latest Gartner Magic Quadrant�Secure Web Gateway, 2011Cisco IronPort �Email SecurityEmail Challenges�Email Security Threats�More and more targeted attacksCisco IronPort SensorBase�Email Security Architecture�Cisco IronPort Email Security ApplianceCisco IronPort Consolidates the Network Perimeter �For Security, Reliability and Lower MaintenanceEmail Security Architecture�Cisco IronPort Email Security ApplianceCisco IronPort AsyncOS �Revolutionary Email Delivery PlatformEmail Security Architecture�Cisco IronPort Email Security ApplianceAnti-Spam Defense in DepthSensorBase Reputation Filtering�Real Time Threat PreventionEmail Security Architecture�Cisco IronPort Email Security ApplianceCisco IronPort Virus Outbreak Fliters�The First Line of DefenseRedirection of Suspicious URIs�Outbreak Filtering in ActionMulti-Layer Virus Defense �Zero Hour Malware Prevention and AV ScanningEmail Security Architecture�Cisco IronPort Email Security ApplianceRisks for the OrganizationData Loss Prevention�Comprehensive, Accurate, Easy�Data Loss Prevention�Comprehensive, Accurate, Easy�In Depth Analysis Enables AccuracyEasy to MonitorRemediation example: Email Encryption�Instant Deployment, Zero Management CostThe result: Business Class Email360 Degrees of Privacy Protection�Email Security Architecture�Cisco IronPort Email Security ApplianceCisco IronPort Email Security Manager�Single view of policies for the entire organizationComprehensive Insight�Unified Business ReportingAppliance or Cloud ?�Cisco IronPort �Web SecurityWeb Business ChallengesCisco IronPort Web Security Appliance�Industry Leading Secure Web GatewayThe challenge of the Dark WebThe answer: Dynamic CategorizationCisco IronPort Web Security Appliance�Industry Leading Secure Web GatewayMalware Threats Continue to RiseWhy web exploits can be difficult to detect:�BoingBoing.net: A Popular BlogWhy web exploits can be difficult to detect:�BoingBoing.net: A Popular BlogReputation and Behavioral Analysis�Predictive, Zero-day ProtectionReputation in Action�New York Times: Victim of an Advertiser Attack!Cisco IronPort DVS Engine�Dynamic Vectoring and StreamingInfected Endpoint Detection�Layer 4 Traffic MonitorCisco IronPort Web Security Appliance�Industry Leading Secure Web GatewayComplete Data SecurityCisco IronPort Web Security Appliance�Industry Leading Secure Web GatewayFull Context AwarenessWeb Application ControlsSocial Networking ControlsCisco IronPort Web Security Appliance�Industry Leading Secure Web GatewaySaaS Access Control�Regaining Visibility and Control Through IdentityCisco IronPort Web Security Appliance�Industry Leading Secure Web GatewayWeb Security Management�Security Management Appliance High-Performance Proxy Platform, Integrated AuthenticationAppliance or Cloud ?�ScanSafe Secure Mobility�ScanSafe integration with ISR G2Slide Number 60