Cybersecurity Strategies to Protect Information Systems in ...
Intelligent Cybersecurity to Protect Against Advanced Threats › c › dam › assets › global...
2
III0I 00I00I 00I0I I0I0II 00 I0II0II 00 I0II 0I00II III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II I III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II II 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II I III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II II000 I0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II I III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II II0 III0II 00I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I000I00I 000III00 0I0II 0I0II 0000I I00I00I 000I00I0II0I I0I0 00 I0I I00I0II III0I00I 000I00I0II0I I0I0 00 I0I I00I0II I0I 0I00I 000I0 I0I 0I00I 000I0 I00 I00I0II 0I00 I0I0I 0I00 I0I0I I00I I00I0II Intelligent Cybersecurity to Protect Against Advanced Threats Web & Email Data Center People & Devices Admin III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I00I III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II III0I 00I0II I0 0I0II I III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II 00I0II II0000I0I III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I000I00I 000I00I0II00I 0 I0I0 00 I0I I00I0II 00I00II 00II 0I 00I00I 000I00I0II0I I0I0 00 I0II0II 000III I0I0000I III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0I0I00III0I I0I0 00 I0I I00I0II 00I0 0I I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0II0 I0I I00I0II 00I0II0 00IIII00 0IIO III0I 00I000 II0II0I0 I00000I00I 0II00III 0I0I0 00 I0I I I0I I0 ROAMING USER ENDPOINT USER URL FILTER NETWORK PERIMETER Identity Services Dynamic Malware Analysis Flow Analysis Any Port & Protocol Recursive DNS Web & Email Security 1 3 2 PRODUCT NAMES OpenDNS Umbrella NGIPS Cisco ASA with FirePOWER Services NGIPS and AMP — Networks NGIPSv and ASAv ASA with FirePOWER Services/Meraki MX CTA StealthWatch AMP — Web and Email AMP Threat Grid AMP — Endpoints ISE Cisco Trustsec Cisco AnyConnect Secure Mobility Client Cloud Web Security Web Security Appliance Cloud Email Security Email Security Appliance 12 15 16 17 18 9 11 10 7 14 8 0I00 I0I0I 0I00 I0I0I NGIPS/AMP NGIPSv NGFW 5 6 4 4 0I0I0I0I I0I00I0I 1 2 3 4 11 6 7 8 9 10 5 12 13 15 16 17 18 14 NGFW/UTM Behavioral Analysis CLOUD OPTION NETWORK TRAFFIC BLOCK ALLOW WARN © 2016 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. 13 Talos DURING AFTER BEFORE
Transcript of Intelligent Cybersecurity to Protect Against Advanced Threats › c › dam › assets › global...
III0I 00I00I 00I0I I0I0II 00 I0II0II 00 I0II 0I00II
III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II I III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II II00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II I III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II II000I0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II I III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II II0III0II 00I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I000I00I 000III00 0I0II 0I0II 0000I
I00I00I 000I00I0II0I I0I0 00 I0I I00I0II
III0I00I 000I00I0II0I I0I0 00 I0I I00I0II
I0I 0I00I 000I0
I0I 0I00I 000I0
I00 I00I0II
0I00 I0I0I 0I00 I0I0I
I00I I00I0II
Intelligent Cybersecurity to Protect Against Advanced Threats
Web & Email
Data Center
People & Devices
Admin
III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I0000I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I00I
III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II0I 00I0II III0I 00I0II I0 0I0II I III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0I 00I0I00I0 00II0I0I 00II0II 00I0II II0000I0I
III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I000I00I 000I00I0II00I 0 I0I0 00 I0I I00I0II 00I00II 00II 0I 00I00I 000I00I0II0I I0I0 00 I0II0II 000III I0I0000I
III0I 00I00I 000I00I0II0I I0I0 00 I0I I00I0I0I00III0I I0I0 00 I0I I00I0II 00I0 0I I 00I00I 000I00I0II0I I0I0 00 I0I I00I0II 00I00I0II0 I0I I00I0II 00I0II0
00III
I00
0IIO
III0I 00I000 II0II0I0 I00000I00I 0II00III 0I0I0 00 I0I I I0I I0
ROAMING USER
ENDPOINT USER
URL
FILTER
NETWORK PERIMETER
Identity Services
Dynamic Malware Analysis
Flow Analysis
Any Port & Protocol
Recursive DNSWeb & Email Security 1
32
PRODUCT NAMES
OpenDNS Umbrella
NGIPS
Cisco ASA with FirePOWER Services
NGIPS and AMP — Networks
NGIPSv and ASAv
ASA with FirePOWER Services/Meraki MX
CTA
StealthWatch
AMP — Web and Email
AMP Threat Grid
AMP — Endpoints
ISE
Cisco Trustsec
Cisco AnyConnect Secure Mobility Client
Cloud Web Security
Web Security Appliance
Cloud Email Security
Email Security Appliance
12
15 16 17 18
9
11
10
7
14
8
0I00 I0I0I 0I00 I0I0I
NGIPS/AMP
NGIPSv
NGFW
5
6
4
4
0I0I0I0I I0I00I0I
1
2
3
4
11
6
7
8
9
10
5
12
13
15
16
17
18
14
NGFW/UTM
Behavioral Analysis
CLOUD OPTION
NETWORK TRAFFIC
BLOCK
ALLOW
WARN
© 2016 Cisco and/or its a�liates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its a�liates in the U.S. and other countries.
13
Talos
DURING AFTERBEFORE
Intelligent Cybersecurity to Protect Against Advanced Threats
1
2
3
4
11
6B
7
9
10
5
6A
12
13
16
17
18
15
14
OpenDNS UmbrellaOpenDNS protects users at the DNS gateway. It inspects where you are going and blocks malicious destinations. It protects any port and protocol, dramatically reducing the attack surface.
NGIPS Cisco’s next-generation intrusion prevention system (NGIPS) inspects network tra�c to identify known attacks and blocks them. Cisco FirePOWER™ NGIPS has been independently shown by NSS Labs to lead the industry in threat detection e�cacy.
Cisco ASA with FirePOWER Services Our next-generation �rewall appliances combine our proven network �rewall with the industry’s most e�ective next-gen IPS and advanced malware protection.
NGIPS and AMP — NetworksCisco® Advanced Malware Protection for Networks is inte-grated into Cisco FirePOWER network security appliances.
NGIPSv and ASAvRefer to #2 and 3.
ASA with FirePOWER ServicesA �rewall is at the perimeter determining what comes in and out of the network. It lessens the attack surface and sets the initial security and network controls in place. This is your basic control before an attack.
Meraki MXBuilt on Cisco Meraki’s award-winning cloud-managed architecture, the MX is the industry’s only 100 percent cloud-managed uni�ed threat management (UTM) appliance.
CTAWhere AMP looks at �les, Cognitive Threat Analytics analyzes log tra�c (HTTP and HTTPS requests) to identify zero-day breaches, or threats that have made their way into your network despite all the other controls in place.
StealthWatchStealthWatch collects and watches network tra�c information. It can do forensics and investigate the tra�c �ows in order to scope a security event and remediate it.
AMP — Web and EmailCisco Advanced Malware Protection is sold as an integrated solution with Cisco web and email solutions.
AMP — Threat GridCisco AMP Threat Grid feeds dynamic malware analysis and threat intelligence information to be used by the Cisco AMP solution, providing incident response teams with even more information to help them scope and remediate.
AMP — EndpointsWith Cisco Advanced Malware Protection for Endpoints you can go back in time and see when a certain �le has become malicious.
ISEThe Cisco Identity Services Engine spans the network perimeter and outside it, identifying the who, what, when, and where of the people and devices connected to the corporate network.
Cisco TrustsecCisco TrustSec® technology uses software-de�ned segmentation with Cisco ISE and the network infrastructure to protect before an attack. Trustsec is embedded in Cisco switches, routers, wireless, and security devices to consistently enforce policy anywhere in the network.
Cisco AnyConnect Secure Mobility ClientThe Cisco AnyConnect® client provides a highly secure connectivity experience across a broad set of PC and mobile devices.
Cloud Web Security
Web Security Appliance
Cloud Email Security
Email Security Appliance Cisco web and email security solutions block users from accessing malicious and inappropriate content online and prevent them from clicking on compromised links. The solutions can be deployed through the cloud or with an appliance.
PRODUCT DESCRIPTIONS
8
© 2016 Cisco and/or its a�liates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its a�liates in the U.S. and other countries.
Visit cisco.com/go/security for more information
