Next Generation Firewall and IPS
-
Upload
data3-limited -
Category
Technology
-
view
403 -
download
0
Transcript of Next Generation Firewall and IPS
Data#3 Security Practice – Cisco Security
Outstanding Performance in FY15 – ANZ Security Partner2015 Cisco ANZ Software Solution Partner of the Year
Advanced Security Architecture• Advanced Malware Protection• Next Generation Firewall
Identity Services Engine (ISE)• Bring Your Own Device (BYOD)• Mobile Device Management
Cisco Journey
NAC addition
Messaging and Web Security Appliance
Cloud Security
UTM
Security Analytics
NGIPS / Anti-Malware
Sandbox
20042007 2009
2012
20132014
2015
Breaches Happen in Hours….
Initial Compromise to Data Exfiltration
Initial Attack to Initial Compromise
Initial Compromise to Discovery
Discovery to Containment/
Restoration
Seconds Minutes Hours Days Weeks Months Years
10%
8%
0%
0%
75%
38%
0%
1%
12%
14%
2%
9%
2%
25%
13%
32%
0%
8%
29%
38%
1%
8%
54%
17%
1%
0%
2%
4%
Timespan of events by percent of breaches – Source : Cisco Managed Threat Defense
+
In 60% of breaches, data is stolen in hours.
85% of breaches are not discovered for weeks.
6
But Can Go Undetected For Weeks/Months
Point in Time Continuous
Network Endpoint Mobile Virtual Cloud
Detect Block
Defend
DURINGBEFOREDiscoverEnforce Harden
AFTERScope
ContainRemediate
ASA + Sourcefire = Adaptive, Threat-focused Next Generation Firewall
CISCO ASA
Identity-Policy Control & VPN
URL Filtering(subscription)
FireSIGHTAnalytics & Automation
Advanced Malware Protection(subscription)
Intrusion Prevention (subscription)
Application Visibility & Control
Network FirewallRouting | Switching
Clustering & High Availability
WWW
Cisco Collective Security Intelligence Enabled
Built-in Network Profiling
Context is Everything
Event: Attempted Privilege GainTarget: 96.16.242.135
Event: Attempted Privilege GainTarget: 96.16.242.135 (vulnerable)Host OS: BlackberryApps: Mail, Browser, TwitterLocation: Whitehouse, US
Event: Attempted Privilege GainTarget: 96.16.242.135 (vulnerable)Host OS: BlackberryApps: Mail, Browser, TwitterLocation: Whitehouse, USUser ID: bobamaFull Name: Barack ObamaDepartment: Executive Office
The New Security Model
16
AfterDetermine Scope
Contain & remediate
BeforeReduce attack surfaceDetect reconnaissance
DuringDetect and
prevent
C O N T E X T U A L A W A R E N E S S
EVEN
T H
OR
IZO
N
Retrospective security
What is the outcome of the engagement
1. Three Customised Reports• Advanced Malware Risk Report• Attack Risk Report• Network Risk Report
2. Risk Visibility3. Summary Presentation
Calls to Action
• Review Gateway Security Strategy• Look for opportunities to reduce security complexity• Engage Data#3 for a Proof of Value