Next Generation Firewall and IPS“gain the upper hand”

Data#3 Security Practice – Cisco Security

Outstanding Performance in FY15 – ANZ Security Partner2015 Cisco ANZ Software Solution Partner of the Year

Advanced Security Architecture• Advanced Malware Protection• Next Generation Firewall

Identity Services Engine (ISE)• Bring Your Own Device (BYOD)• Mobile Device Management

Cisco Journey

NAC addition

Messaging and Web Security Appliance

Cloud Security

UTM

Security Analytics

NGIPS / Anti-Malware

Sandbox

20042007 2009

2012

20132014

2015

The Security Problem

Changing Business Models

Dynamic Threat Landscape

Complexity and Fragmentation

The Event Horizon

FirewallIDS/IPS

AMDAntivirus

Device/Endpoint

‘Event Horizon’

XXXX

Breaches Happen in Hours….

Initial Compromise to Data Exfiltration

Initial Attack to Initial Compromise

Initial Compromise to Discovery

Discovery to Containment/

Restoration

Seconds Minutes Hours Days Weeks Months Years

10%

8%

0%

0%

75%

38%

0%

1%

12%

14%

2%

9%

2%

25%

13%

32%

0%

8%

29%

38%

1%

8%

54%

17%

1%

0%

2%

4%

Timespan of events by percent of breaches – Source : Cisco Managed Threat Defense

+

In 60% of breaches, data is stolen in hours.

85% of breaches are not discovered for weeks.

6

But Can Go Undetected For Weeks/Months

Full Visibility

Full Control

HR ZoneIT ZoneSales Zone

Network Zone DC Zone

Internet Zone Mobile Zone

Threat Centric Security

Point in Time Continuous

Network Endpoint Mobile Virtual Cloud

Detect Block

Defend

DURINGBEFOREDiscoverEnforce Harden

AFTERScope

ContainRemediate

ASA + Sourcefire = Adaptive, Threat-focused Next Generation Firewall

CISCO ASA

Identity-Policy Control & VPN

URL Filtering(subscription)

FireSIGHTAnalytics & Automation

Advanced Malware Protection(subscription)

Intrusion Prevention (subscription)

Application Visibility & Control

Network FirewallRouting | Switching

Clustering & High Availability

WWW

Cisco Collective Security Intelligence Enabled

Built-in Network Profiling

Strategic Imperatives

Context is Everything

Event: Attempted Privilege GainTarget: 96.16.242.135

Event: Attempted Privilege GainTarget: 96.16.242.135 (vulnerable)Host OS: BlackberryApps: Mail, Browser, TwitterLocation: Whitehouse, US

Event: Attempted Privilege GainTarget: 96.16.242.135 (vulnerable)Host OS: BlackberryApps: Mail, Browser, TwitterLocation: Whitehouse, USUser ID: bobamaFull Name: Barack ObamaDepartment: Executive Office

Cisco FirePOWER

The New Security Model

16

AfterDetermine Scope

Contain & remediate

BeforeReduce attack surfaceDetect reconnaissance

DuringDetect and

prevent

C O N T E X T U A L A W A R E N E S S

EVEN

T H

OR

IZO

N

Retrospective security

The Data#3 Proof of Value

Introducing the Proof Of Value (POV)?

How does it work?

Existing FW does not see malicious traffic

How does it work?

Sourcefire identifies and reports malicious traffic

This is not intrusive

What is the outcome of the engagement

1. Three Customised Reports• Advanced Malware Risk Report• Attack Risk Report• Network Risk Report

2. Risk Visibility3. Summary Presentation

Calls to Action

• Review Gateway Security Strategy• Look for opportunities to reduce security complexity• Engage Data#3 for a Proof of Value