SlideShare ist ein Scribd-Unternehmen logo

Cisco + AWS Stronger Security & Greater AWS Adoption

Amazon Web Services
Amazon Web Services

In this session, we review how the combined use of Amazon Web Services native tools, advanced modeling, and machine learning techniques can simplify many of the hardest security problems that are within the customer’s responsibility. Join us as we explore how services like Amazon Virtual Private Cloud flow logs, AWS CloudTrail, and Amazon Inspector combine to enable highly automated, scalable, and comprehensive security for your AWS applications. Learn how to effectively harness the data provided by AWS for security, and understand how Cisco Stealthwatch Cloud and AWS create an integrated, effective security solution.

1 von 21
Downloaden Sie, um offline zu lesen
TK Keanini, Distinguished Engineer, Advanced Threat Solutions Cisco Security Business Group July 2018 Introducing Cisco Security for AWS Stealthwatch Cloud
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Hello My Name is TK KeaniniKeanini (Pronounced Kay-Ah-Nee-Nee) TK: The past 53 years in a nutshell
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Cloud Portfolio — Products Mix Cloud Consume Cloud Protect Cloud Connect Cloud Advisory Multicloud Portfolio Advisory Services • Cloud Migration • Cloud Connect • Cloud Protect • Cloud Consume (Delivered by AS/Cisco Partners) • AppDynamics • CloudCenter • Container Platform Cloud Consume Cloud Advisory • CSR 1000v • vEdge with Umbrella* • Umbrella • AMP for Endpoints • Meraki Systems Manager • Cloudlock • Tetration Cloud • Stealthwatch Cloud Cloud Connect Cloud Protect * Umbrella license is not included
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • Your infrastructure and workloads can be dramatically more secure in AWS than anywhere on-premises • VPC Flow Logs and CloudTrail provide essential telemetry for security • Cisco Stealthwatch Cloud provides automatic, helpful security from this telemetry If nothing else, please remember this
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • Elastic & Scalable • Grows and shrinks with demand, more always available • Nimble • Continuous Integration and Continuous Deployment enable daily releases • Automated • Small DevOps teams supporting massive workloads Cloud-Native Virtues: Unblocking Security
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public What if you could capture every change made in your IT environment? User authenticated! New server provisioned! Firewall rule changed! New DNS hosted domain! User disabled MFA! Access policy changed for storage bucket/blob changed!
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public AWS CloudTrail as a telemetry source “How is my AWS configuration and management changing?”
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public What if you could log every network utterance in your IT environment? SSH log in to Terminal Server! RDP Session on Domain Controller! Client access to database server! Internal network scan! Attempted log in to load balancer! Data transfer between web front end and database Data transfer between internal host and unknown external server!
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public VPC Flow Logs “Are any of my AWS resources misbehaving or compromised?
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • When any of your AWS VPC resources have a network interaction, a log entry is made • Source & destination IP addresses, ports, protocol, byte count, packet count • Just like netflow logs produced by switches and routers, all network interactions can be audited • Did someone discover a backdoor? • Did sw/appliance dial home? • Is an authorized user abusing privileges? • Has a configuration mistake been made, enabling remotes? • Just like NetFlow: it is an avalanche of data! • Here’s where Cisco Stealthwatch Cloud can help VPC Flow logs are your friend
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Making VPC Flow Logs easy Stealthwatch Cloud View AWS Console View
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Aside: We share code on using VPC Flow Logs https://observable.net/blog/our-open-source-vpc-flow-logs-tool-version-1-0/ https://github.com/obsrvbl/flowlogs-reader
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • AWS solves the telemetry problem for you • But, but, but it is an avalanche of data! • Cisco has a cloud-native approach that helps your security be elastic, nimble, and automated You still have all the security work to do!
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • What: maintain a model—a kind of simulation—of each device & entity on your network • Why: to automatically detect and track each entity’s role, alert a human or trigger an action when a role change is significant • How: passive monitoring of network meta-data, both within the network and to/from the Internet • In AWS, modeling is driven by • VPC Flow Logs • AWS CloudTrail • And more: Amazon Inspector, CloudWatch, AWS Config, Route 53, … Stealthwatch Cloud’s Entity Modeling
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Entity Modeling yields automatic security
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Entity Modeling works well • The focus is on providing helpful security • This can be quantified! 2017 Alerts Marked Helpful (%) January 93.91% February 94.98% March 92.00% Q1 (Jan-Mar) 93.86% April 94.54% May 97.56% June 97.69% Q2 (Apr-Jun) 96.49% July 93.83% August 95.69% September 96.66% Q3 (Jul-Sep) 95.31% October 94.27% November 92.97% December 95.66% Q4 (Oct-Dec) 94.18% 2017 Total 94.90%
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • Serverless computing & AWS Lambda • Strip away the servers and containers from your workloads • What remains: application logic, i.e. a Lambda function, that responds to events, performs a job, and queues up work for other Lambdas in the app • Big win: No more servers or containers to manage and pay for • Q: This is still software, so there can be bugs and malicious activity. Where do we install our security agent? • A: Not applicable. Try entity modeling! Example: Serverless with AWS Lambda What about RDS, Elasticache, DynamoDB, Redshift, etc? Same answer!
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Entity Modeling works with Lambda • For Stealthwatch Cloud & Entity Modeling, Lambda functions are just another entity to model! • Stealthwatch Cloud uniquely (as far as we know) brings together VPC Flow Logs and AWS CloudTrail to provide visibility and security to AWS Lambda
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • Use AWS CloudTrail to get a comprehensive view of your environment’s configuration and management • This week: Spin up a free tier AWS account, and get your hands dirty with Cloud Trail. • Use VPC Flow logs to see your internal/external traffic, and make sure nothing is happening behind your back • This week: Turn on VPC Flow Logs in a VPC, even a small one, and explore! • Use Entity Modeling to achieve automatic, continuous security from these telemetry services! • Next week: Launch a 60 day free trial, and simplify your exploration of flow logs & Inspector, and see how you can do this at scale! Put this in action! 19
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Next week: launch a free 60-day trial AWS Marketplace or http://cisco.com/go/stealthwatch-cloud
TK Keanini Eml: tkeanini1@cisco.com Twt: @tkeanini Let’s continue the conversation

Empfohlen

AWS IoT_Connected Home Solutions
AWS IoT_Connected Home Solutions AWS IoT_Connected Home Solutions
AWS IoT_Connected Home Solutions Amazon Web Services
 
DEM05 Reducing Costs and Strengthening Your Security Posture with a Transit VPC
DEM05 Reducing Costs and Strengthening Your Security Posture with a Transit VPCDEM05 Reducing Costs and Strengthening Your Security Posture with a Transit VPC
DEM05 Reducing Costs and Strengthening Your Security Posture with a Transit VPCAmazon Web Services
 
Using Containers and Serverless to Deploy Microservices
Using Containers and Serverless to Deploy MicroservicesUsing Containers and Serverless to Deploy Microservices
Using Containers and Serverless to Deploy MicroservicesAmazon Web Services
 
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre... ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...Amazon Web Services
 
AWS 微服務中的 Container 選項比較 (Level 400)
AWS 微服務中的 Container 選項比較 (Level 400)AWS 微服務中的 Container 選項比較 (Level 400)
AWS 微服務中的 Container 選項比較 (Level 400)Amazon Web Services
 
DEM09 [Repeat] Fearless: From Monolith to Serverless with Dynatrace
DEM09 [Repeat] Fearless: From Monolith to Serverless with DynatraceDEM09 [Repeat] Fearless: From Monolith to Serverless with Dynatrace
DEM09 [Repeat] Fearless: From Monolith to Serverless with DynatraceAmazon Web Services
 
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018Amazon Web Services
 
DEM14 Extending the Cisco SD-WAN Fabric to the AWS Cloud
DEM14 Extending the Cisco SD-WAN Fabric to the AWS CloudDEM14 Extending the Cisco SD-WAN Fabric to the AWS Cloud
DEM14 Extending the Cisco SD-WAN Fabric to the AWS CloudAmazon Web Services
 

Empfohlen

AWS IoT_Connected Home Solutions
AWS IoT_Connected Home Solutions AWS IoT_Connected Home Solutions
AWS IoT_Connected Home Solutions Amazon Web Services
 
DEM05 Reducing Costs and Strengthening Your Security Posture with a Transit VPC
DEM05 Reducing Costs and Strengthening Your Security Posture with a Transit VPCDEM05 Reducing Costs and Strengthening Your Security Posture with a Transit VPC
DEM05 Reducing Costs and Strengthening Your Security Posture with a Transit VPCAmazon Web Services
 
Using Containers and Serverless to Deploy Microservices
Using Containers and Serverless to Deploy MicroservicesUsing Containers and Serverless to Deploy Microservices
Using Containers and Serverless to Deploy MicroservicesAmazon Web Services
 
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre... ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...Amazon Web Services
 
AWS 微服務中的 Container 選項比較 (Level 400)
AWS 微服務中的 Container 選項比較 (Level 400)AWS 微服務中的 Container 選項比較 (Level 400)
AWS 微服務中的 Container 選項比較 (Level 400)Amazon Web Services
 
DEM09 [Repeat] Fearless: From Monolith to Serverless with Dynatrace
DEM09 [Repeat] Fearless: From Monolith to Serverless with DynatraceDEM09 [Repeat] Fearless: From Monolith to Serverless with Dynatrace
DEM09 [Repeat] Fearless: From Monolith to Serverless with DynatraceAmazon Web Services
 
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018
Networking for VMware Cloud on AWS (NET307-R1) - AWS re:Invent 2018Amazon Web Services
 
DEM14 Extending the Cisco SD-WAN Fabric to the AWS Cloud
DEM14 Extending the Cisco SD-WAN Fabric to the AWS CloudDEM14 Extending the Cisco SD-WAN Fabric to the AWS Cloud
DEM14 Extending the Cisco SD-WAN Fabric to the AWS CloudAmazon Web Services
 
DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%Amazon Web Services
 
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise Amazon Web Services
 
ENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSAmazon Web Services
 
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...Amazon Web Services
 
DEM16 Cisco ACI Anywhere – AWS Extensions
DEM16 Cisco ACI Anywhere – AWS ExtensionsDEM16 Cisco ACI Anywhere – AWS Extensions
DEM16 Cisco ACI Anywhere – AWS ExtensionsAmazon Web Services
 
AWS Storage and Edge Processing
AWS Storage and Edge ProcessingAWS Storage and Edge Processing
AWS Storage and Edge ProcessingAmazon Web Services
 
DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...
DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...
DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...Amazon Web Services
 
Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...
Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...
Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...Amazon Web Services
 
DEM20 Protecting Your Data in Amazon S3
DEM20 Protecting Your Data in Amazon S3DEM20 Protecting Your Data in Amazon S3
DEM20 Protecting Your Data in Amazon S3Amazon Web Services
 
VMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdfVMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdfAmazon Web Services
 
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage BehindAmazon Web Services
 
Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...
Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...
Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...Amazon Web Services
 
AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...
AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...
AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...Amazon Web Services
 
Public Cloud Security Blueprint
Public Cloud Security BlueprintPublic Cloud Security Blueprint
Public Cloud Security BlueprintAmazon Web Services
 
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)Amazon Web Services
 
Protect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech TalksProtect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech TalksAmazon Web Services
 
Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...
Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...
Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...Amazon Web Services
 
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018Amazon Web Services
 
Aws vs. Azure: 5 Things You Need To Know
Aws vs. Azure: 5 Things You Need To KnowAws vs. Azure: 5 Things You Need To Know
Aws vs. Azure: 5 Things You Need To KnowScalr
 
AWS re:Invent recap
AWS re:Invent recapAWS re:Invent recap
AWS re:Invent recapAmazon Web Services LATAM
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Akash Mahajan
 

Weitere ähnliche Inhalte

Was ist angesagt?

DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%Amazon Web Services
 
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise Amazon Web Services
 
ENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSAmazon Web Services
 
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...Amazon Web Services
 
DEM16 Cisco ACI Anywhere – AWS Extensions
DEM16 Cisco ACI Anywhere – AWS ExtensionsDEM16 Cisco ACI Anywhere – AWS Extensions
DEM16 Cisco ACI Anywhere – AWS ExtensionsAmazon Web Services
 
DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...
DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...
DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...Amazon Web Services
 
Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...
Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...
Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...Amazon Web Services
 
DEM20 Protecting Your Data in Amazon S3
DEM20 Protecting Your Data in Amazon S3DEM20 Protecting Your Data in Amazon S3
DEM20 Protecting Your Data in Amazon S3Amazon Web Services
 
VMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdfVMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdfAmazon Web Services
 
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage BehindAmazon Web Services
 
Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...
Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...
Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...Amazon Web Services
 
AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...
AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...
AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...Amazon Web Services
 
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)Amazon Web Services
 
Protect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech TalksProtect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech TalksAmazon Web Services
 
Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...
Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...
Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...Amazon Web Services
 
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018Amazon Web Services
 
Aws vs. Azure: 5 Things You Need To Know
Aws vs. Azure: 5 Things You Need To KnowAws vs. Azure: 5 Things You Need To Know
Aws vs. Azure: 5 Things You Need To KnowScalr
 

Was ist angesagt? (20)

DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%
 
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
Adoption of VMware Cloud on AWS is Accelerating in the Enterprise
 
ENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWSENT208 Transform your Business with VMware Cloud on AWS
ENT208 Transform your Business with VMware Cloud on AWS
 
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...
 
DEM16 Cisco ACI Anywhere – AWS Extensions
DEM16 Cisco ACI Anywhere – AWS ExtensionsDEM16 Cisco ACI Anywhere – AWS Extensions
DEM16 Cisco ACI Anywhere – AWS Extensions
 
AWS Storage and Edge Processing
AWS Storage and Edge ProcessingAWS Storage and Edge Processing
AWS Storage and Edge Processing
 
DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...
DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...
DEM08 Use Cisco Cloud Connect to Securely Extend Private Network to AWS and M...
 
Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...
Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...
Analyze Slide Images and Process Phenotypic Assays at Scale on AWS (CMP358) -...
 
DEM20 Protecting Your Data in Amazon S3
DEM20 Protecting Your Data in Amazon S3DEM20 Protecting Your Data in Amazon S3
DEM20 Protecting Your Data in Amazon S3
 
VMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdfVMware Cloud on AWS – Technical Deep Dive.pdf
VMware Cloud on AWS – Technical Deep Dive.pdf
 
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
Hybrid Cloud Storage: Why HUSCO International Left Traditional Storage Behind
 
Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...
Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...
Solving for Identity and Authentication with .NET Apps on AWS (GPSWS408) - AW...
 
AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...
AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...
AWS Snowball Edge and AWS Greengrass for Fun and Profit (STG388) - AWS re:Inv...
 
Public Cloud Security Blueprint
Public Cloud Security BlueprintPublic Cloud Security Blueprint
Public Cloud Security Blueprint
 
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
雲端原生 (Cloud-Native) 的 DDoS Attack 防禦方案 (Level: 200)
 
Protect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech TalksProtect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
Protect Your Game Servers from DDoS Attacks - AWS Online Tech Talks
 
Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...
Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...
Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...
 
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
 
Aws vs. Azure: 5 Things You Need To Know
Aws vs. Azure: 5 Things You Need To KnowAws vs. Azure: 5 Things You Need To Know
Aws vs. Azure: 5 Things You Need To Know
 
AWS re:Invent recap
AWS re:Invent recapAWS re:Invent recap
AWS re:Invent recap
 

Ähnlich wie Cisco + AWS Stronger Security & Greater AWS Adoption

(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Akash Mahajan
 
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationJustin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationTriNimbus
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation OverviewAmazon Web Services
 
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...Amazon Web Services
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPFaiza Mehar
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS SecurityAmazon Web Services
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB
 
Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Amazon Web Services
 
AWS November meetup Slides
AWS November meetup SlidesAWS November meetup Slides
AWS November meetup SlidesJacksonMorgan9
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the CloudAmazon Web Services
 
How to Easily and Securely Connect Devices to AWS IoT - AWS Online Tech Talks
How to Easily and Securely Connect Devices to AWS IoT - AWS Online Tech TalksHow to Easily and Securely Connect Devices to AWS IoT - AWS Online Tech Talks
How to Easily and Securely Connect Devices to AWS IoT - AWS Online Tech TalksAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
How Redlock Automates Security on AWS
How Redlock Automates Security on AWSHow Redlock Automates Security on AWS
How Redlock Automates Security on AWSAmazon Web Services
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security OperationsEvident.io
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineAmazon Web Services
 

Ähnlich wie Cisco + AWS Stronger Security & Greater AWS Adoption (20)

(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014
 
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationJustin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation Overview
 
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...
 
Multi cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCPMulti cloud governance best practices - AWS, Azure, GCP
Multi cloud governance best practices - AWS, Azure, GCP
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS Security
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
 
Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017
 
AWS November meetup Slides
AWS November meetup SlidesAWS November meetup Slides
AWS November meetup Slides
 
AWS User Group November
AWS User Group NovemberAWS User Group November
AWS User Group November
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the Cloud
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the Cloud
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud
 
How to Easily and Securely Connect Devices to AWS IoT - AWS Online Tech Talks
How to Easily and Securely Connect Devices to AWS IoT - AWS Online Tech TalksHow to Easily and Securely Connect Devices to AWS IoT - AWS Online Tech Talks
How to Easily and Securely Connect Devices to AWS IoT - AWS Online Tech Talks
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
How Redlock Automates Security on AWS
How Redlock Automates Security on AWSHow Redlock Automates Security on AWS
How Redlock Automates Security on AWS
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
 
Infrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security BaselineInfrastructure Security: Your Minimum Security Baseline
Infrastructure Security: Your Minimum Security Baseline
 

Mehr von Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Mehr von Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Cisco + AWS Stronger Security & Greater AWS Adoption

  • 1. TK Keanini, Distinguished Engineer, Advanced Threat Solutions Cisco Security Business Group July 2018 Introducing Cisco Security for AWS Stealthwatch Cloud
  • 2. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Hello My Name is TK KeaniniKeanini (Pronounced Kay-Ah-Nee-Nee) TK: The past 53 years in a nutshell
  • 3. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Cisco Cloud Portfolio — Products Mix Cloud Consume Cloud Protect Cloud Connect Cloud Advisory Multicloud Portfolio Advisory Services • Cloud Migration • Cloud Connect • Cloud Protect • Cloud Consume (Delivered by AS/Cisco Partners) • AppDynamics • CloudCenter • Container Platform Cloud Consume Cloud Advisory • CSR 1000v • vEdge with Umbrella* • Umbrella • AMP for Endpoints • Meraki Systems Manager • Cloudlock • Tetration Cloud • Stealthwatch Cloud Cloud Connect Cloud Protect * Umbrella license is not included
  • 4. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • Your infrastructure and workloads can be dramatically more secure in AWS than anywhere on-premises • VPC Flow Logs and CloudTrail provide essential telemetry for security • Cisco Stealthwatch Cloud provides automatic, helpful security from this telemetry If nothing else, please remember this
  • 5. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • Elastic & Scalable • Grows and shrinks with demand, more always available • Nimble • Continuous Integration and Continuous Deployment enable daily releases • Automated • Small DevOps teams supporting massive workloads Cloud-Native Virtues: Unblocking Security
  • 6. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public What if you could capture every change made in your IT environment? User authenticated! New server provisioned! Firewall rule changed! New DNS hosted domain! User disabled MFA! Access policy changed for storage bucket/blob changed!
  • 7. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public AWS CloudTrail as a telemetry source “How is my AWS configuration and management changing?”
  • 8. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public What if you could log every network utterance in your IT environment? SSH log in to Terminal Server! RDP Session on Domain Controller! Client access to database server! Internal network scan! Attempted log in to load balancer! Data transfer between web front end and database Data transfer between internal host and unknown external server!
  • 9. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public VPC Flow Logs “Are any of my AWS resources misbehaving or compromised?
  • 10. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • When any of your AWS VPC resources have a network interaction, a log entry is made • Source & destination IP addresses, ports, protocol, byte count, packet count • Just like netflow logs produced by switches and routers, all network interactions can be audited • Did someone discover a backdoor? • Did sw/appliance dial home? • Is an authorized user abusing privileges? • Has a configuration mistake been made, enabling remotes? • Just like NetFlow: it is an avalanche of data! • Here’s where Cisco Stealthwatch Cloud can help VPC Flow logs are your friend
  • 11. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Making VPC Flow Logs easy Stealthwatch Cloud View AWS Console View
  • 12. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Aside: We share code on using VPC Flow Logs https://observable.net/blog/our-open-source-vpc-flow-logs-tool-version-1-0/ https://github.com/obsrvbl/flowlogs-reader
  • 13. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • AWS solves the telemetry problem for you • But, but, but it is an avalanche of data! • Cisco has a cloud-native approach that helps your security be elastic, nimble, and automated You still have all the security work to do!
  • 14. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • What: maintain a model—a kind of simulation—of each device & entity on your network • Why: to automatically detect and track each entity’s role, alert a human or trigger an action when a role change is significant • How: passive monitoring of network meta-data, both within the network and to/from the Internet • In AWS, modeling is driven by • VPC Flow Logs • AWS CloudTrail • And more: Amazon Inspector, CloudWatch, AWS Config, Route 53, … Stealthwatch Cloud’s Entity Modeling
  • 15. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Entity Modeling yields automatic security
  • 16. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Entity Modeling works well • The focus is on providing helpful security • This can be quantified! 2017 Alerts Marked Helpful (%) January 93.91% February 94.98% March 92.00% Q1 (Jan-Mar) 93.86% April 94.54% May 97.56% June 97.69% Q2 (Apr-Jun) 96.49% July 93.83% August 95.69% September 96.66% Q3 (Jul-Sep) 95.31% October 94.27% November 92.97% December 95.66% Q4 (Oct-Dec) 94.18% 2017 Total 94.90%
  • 17. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • Serverless computing & AWS Lambda • Strip away the servers and containers from your workloads • What remains: application logic, i.e. a Lambda function, that responds to events, performs a job, and queues up work for other Lambdas in the app • Big win: No more servers or containers to manage and pay for • Q: This is still software, so there can be bugs and malicious activity. Where do we install our security agent? • A: Not applicable. Try entity modeling! Example: Serverless with AWS Lambda What about RDS, Elasticache, DynamoDB, Redshift, etc? Same answer!
  • 18. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Entity Modeling works with Lambda • For Stealthwatch Cloud & Entity Modeling, Lambda functions are just another entity to model! • Stealthwatch Cloud uniquely (as far as we know) brings together VPC Flow Logs and AWS CloudTrail to provide visibility and security to AWS Lambda
  • 19. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public • Use AWS CloudTrail to get a comprehensive view of your environment’s configuration and management • This week: Spin up a free tier AWS account, and get your hands dirty with Cloud Trail. • Use VPC Flow logs to see your internal/external traffic, and make sure nothing is happening behind your back • This week: Turn on VPC Flow Logs in a VPC, even a small one, and explore! • Use Entity Modeling to achieve automatic, continuous security from these telemetry services! • Next week: Launch a 60 day free trial, and simplify your exploration of flow logs & Inspector, and see how you can do this at scale! Put this in action! 19
  • 20. © 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public Next week: launch a free 60-day trial AWS Marketplace or http://cisco.com/go/stealthwatch-cloud
  • 21. TK Keanini Eml: tkeanini1@cisco.com Twt: @tkeanini Let’s continue the conversation