SlideShare ist ein Scribd-Unternehmen logo

Miben nyújt többet a Cisco ASA + FirePOWER Services?

S&T Consulting Hungary
S&T Consulting Hungary

A támadások száma és módozatuk sokfélesége miatt már nem az a kérdés, hogy adatainkhoz hozzáférhetnek-e illetéktelenek, hanem az, hogy értesülünk-e erről, illetve milyen lépéseket tudunk tenni a kár enyhítése érdekében. Webinárunkban bemutatjuk a Cisco ASA FirePower Services működését, és demónkban képet nyújtunk a kiemelkedően felhasználóbarát FireSIGHT Management Center felületének használatáról. Milyen üzleti problémára adnak választ a Cisco biztonsági megoldásai? További információ: http://snt.hu/megoldasok/informaciobiztonsag/cisco

Technologie
1 von 18
Fóti Péter – Presales konzulens Kis-Szabó András – IT biztonsági szakértő Miben nyújt többet a Cisco ASA + FirePOWER Services?
Evolution 2 Worms Spyware / Rootkits APTs / Cyberware Increased Attack Surface (Mobility & Cloud) INTELLIGENCE & ANALYTICS Today GLOBAL REPUTATION & SANDBOXING 2010 HOST-BASED (ANTI-VIRUS) 2000 NETWORK PERIMETER (IDS/IPS) 2005
Threat Landscape Demands more than Application Control 100% of companies connect to domains that host malicious files or services 54% of breaches remain undiscovered for months 60% of data is stolen in hours avoids detection and attacks swiftly It is a Community that hides in plain sight
Superior Integrated & Multilayered Protection ► World’s most widely deployed, enterprise-class ASA stateful firewall ► Granular Cisco® Application Visibility and Control (AVC) ► Industry-leading FirePOWER next- generation IPS (NGIPS) ► Reputation- and category-based URL filtering ► Advanced malware protectionCisco ASA Identity-Policy Control & VPN URL Filtering (Subscription) FireSIGHT Analytics & Automation Advanced Malware Protection (Subscription) Application Visibility & ControlNetwork Firewall Routing | Switching Clustering & High Availability WWW Cisco Collective Security Intelligence Enabled Built-in Network Profiling Intrusion Prevention (Subscription)
Minimize your exposure to web-based threats Restrict categories of URLs Filter out over 280 million URLs based on any of the 80+ categories into which they are grouped; new URLs are added daily Block specific URLs Restrict access to specific sites and subsites bad_url.com office365.com Social Media Gambling Health Drug Use Gaming Change policies easily Use the refined user interface to make additions or changes with just a few clicks Allowed Restricted Services AMP Stateful Firewalling VPN Capabilities AVC URL Filtering NGIPS
Protect the network more effectively Reduce IT management burden Gain unmatched visibility and threat detection NGIPS automatically correlates information from intrusion events with network assets to prioritize threat investigation Priority 1 Priority 2 Priority 3 Blended threats and attacks coming through multiple vectors are quickly identified www… Policies can be updated automatically based on vulnerabilities and previous intrusion events Admins can make adjustments to policies and system settings across locations from a single location, even offsite Services URL Filtering NGIPS AMP Stateful Firewalling AVC VPN Capabilities
Protect against the most advanced forms of malware and remediate after a breach Identify malware that other solutions miss by analyzing files based on reputation or suspicious behavior. AMP is continuously updated to ensure that it can stop the latest and most advanced forms of malware. Point-in-time Protection Defend against attacks even after a file passes the perimeter. AMP tracks files as they move around network; if they turn out to be malicious, you can quickly determine areas of impact and remediate quickly. Continuous Protection Trajectory Behavioral Indications of Compromise Breach Hunting Retrospection Attack Chain Weaving Services URL Filtering NGIPS AMP Stateful Firewalling AVC VPN Capabilities Fuzzy Finger-printing Machine Learning Dynamic Analysis Indications of Compromise Device Flow Correlation Advanced Analytics One-to-One Signature
Reduce attack surfaces by controlling application access Control port- and protocol-hopping apps that evade traditional firewalls Limit the exposure created by social media applications Services URL Filtering NGIPS AMP Stateful Firewalling AVC VPN Capabilities Enforce acceptable use policies with granular control over applications and micro- applications Use custom application detectors / Open App ID
Leverage the proven ASA Firewall capabilities Standard Functions New ASA Features • Clientless tagging, WebVPN support for OWA2013 and XenDesktop7.5 • TLS 1.2 • ECMP Support, IPV6 BGP • Std. based IKEv2 support. Citrix HTML5 browser support • VPN Clients Win7, 8.1, 8.1 phone client, iOS8, Knox and Strong Swan • Full VX LAN support • Policy-based Routing • REST API and SNMP enhancement IP Fragmentation IP Option Inspection TCP Intercept TCP Normalization ACL NAT Routing Services URL Filtering NGIPS AMP Stateful Firewalling AVC VPN Capabilities
Extend protection to off-site users Threat Protection  Data-loss Prevention  Acceptable Use  Access Control  Diverse Endpoint Support Broad VPN Deployment Split Tunneling Capabilities Mobile and non-mobile devices Cisco and non-Cisco devices AnyConnect 4.0 and 3rd -party VPNs Single- and Multi-site deployments Corporate and sensitive information Personal and generic information Services URL Filtering NGIPS AMP Stateful Firewalling AVC VPN Capabilities
Stay protected against the latest threats with regular updates pushed automatically Identify advanced threats quickly with industry-leading threat research Get industry-specific threat intelligence tailored to your business Catch advanced threats endpoints miss with Cisco’s reverse engineers and threat analysts The largest security intelligence and research group - TALOS 00I00 I00I0I II0I0I 0II0I I0I00I0I0 0II0I0II 0I00I0I I0 00 II0III0I 0II0II0I II00I0I0 0I00I0I00 I0I0 I0I0 I00I0I00 III00II 0II00II I0I0II0II0 I0 I0 I00 00I0 I000 0II0 00 III00II I000I0I I000I0I I000I0I II 0I00 I0I000 0II0 00 00I I0I0I0 I0I0III000 I0I00I0I 0II0I0 I00I0I0I0I 000 II0II0I0I0I I0I0I0I 0I0I0I0I 0I0I00I0 I0I0I0I 0II0I0I0I 0II00 I00I0I0 0I00I0I I00I0I0 I0I0I0I 0I0I0I 0I0I0I0 00I0I0 0I0I0I0 I0I0I00I 0I0I 0I0I 0I0I I0I0I 0I00I0I III00II 0II00II I0I000 0II0 00I0I00 I0 I000I0I 0II 0I0I0I III00II 0II00II 0I0I0I0I 0I I0 I00 000II0 I0I0 0II0 00 Email Endpoints Web Networks NGIPS Devices WWW 24  7  365 Operations600+ Researchers Research Response Threat Intelligence • Monitors 35% of the world’s email traffic • Receives 1.1 million incoming malware samples daily • Performs 4.9 billion AV and web filtering blocks per month • Processes 100 terabytes of security intelligence daily Talos
FirePOWER Services available on all ASA platforms SMB 250 Mbps AVC 125 Mbps AVC+IPS 20K/50K* Connections 5,000 CPS ASA 5506W-X Integrated Wireless AP Branch Locations ASA 5506H-X Ruggedized 450 Mbps AVC 250 Mbps AVC+IPS 100K Connections 10,000 CPS ASA 5508-X 850 Mbps AVC 450 Mbps AVC+IPS 250k Connections 20,000 CPS ASA 5516-X ASA 5506-X 250 Mbps AVC 125 Mbps AVC+IPS 20K/50K* Connections 5,000 CPS 250 Mbps AVC 125 Mbps AVC+IPS 20K/50K* Connections 5,000 CPS *Requires Security Plus licenses
FirePOWER Services available on all ASA platforms Branch Locations 300 Mbps AVC 150 Mbps AVC+IPS 100K Connections 10,000 CPS ASA 5512-X 500 Mbps AVC 250 Mbps AVC+IPS 250K Connections 15,000 CPS ASA 5515-X Small/Medium Internet Edge 1.1 Gbps AVC 650 Mbps AVC+IPS 500K Connections 20,000 CPS ASA 5525-X 1.5 Gbps AVC 1 Gbps AVC+IPS 750K Connections 30,000 CPS ASA 5545-X 1.750 Gbps AVC 1.250 Gbps AVC+IPS 1M Connections 50,000 CPS ASA 5555-X
FirePOWER Services available on all ASA platforms ASA 5585-SSP10 ASA 5585-SSP20 Campus / Data Center 4.5 Gbps AVC 2 Gbps AVC+ IPS 500K Connections 40,000 CPS 7 Gbps AVC 3.5 Gbps AVC+ IPS 1M Connections 75,000 CPS Enterprise Internet Edge ASA 5585-SSP40 ASA 5585-SSP60 10 Gbps AVC 6 Gbps AVC+ IPS 1.8M Connections 120,000 CPS 15 Gbps AVC 10 Gbps AVC+ IPS 4M Connections 160,000 CPS
Five (5) feature license packages are available AVC is part of the default offering One (1) , three (3) and five (5) year terms are available URL IPS URL IPS AMP IPS AMP URL IPS URL TAC TAMC TA TAM Licensing Packages for ASA with FirePOWER Services
Cisco offers multiple management solutions Adaptive Security Device Manager (ASDM) on-box manager FireSIGHT Management Center
FireSIGHT Management Center DEMÓ
Fóti Péter – Presales konzulens peter.csaba.foti@snt.hu Kis-Szabó András – IT biztonsági szakértő andras.kis-szabo@snt.hu Köszönjük a figyelmet! http://www.snt.hu/ciscosecurity

Empfohlen

Presentation cisco iron port web usage controls
Presentation cisco iron port web usage controlsPresentation cisco iron port web usage controls
Presentation cisco iron port web usage controlsxKinAnx
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...BGA Cyber Security
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersCisco Security
 
Presentation cisco iron port email & web security
Presentation cisco iron port email & web securityPresentation cisco iron port email & web security
Presentation cisco iron port email & web securityxKinAnx
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Cisco Security
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation SecurityBGA Cyber Security
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 

Empfohlen

Presentation cisco iron port web usage controls
Presentation cisco iron port web usage controlsPresentation cisco iron port web usage controls
Presentation cisco iron port web usage controlsxKinAnx
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...BGA Cyber Security
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersCisco Security
 
Presentation cisco iron port email & web security
Presentation cisco iron port email & web securityPresentation cisco iron port email & web security
Presentation cisco iron port email & web securityxKinAnx
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Cisco Security
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation SecurityBGA Cyber Security
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldCisco Canada
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Critical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksCritical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksBGA Cyber Security
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for merakiCisco Canada
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation FirewallCisco Security
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 
Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems Zoe Gilbert
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinarZscaler
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chZscaler
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Application Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksApplication Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksHarry Gunns
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco Canada
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA Cyber Security
 
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...ProductNation/iSPIRT
 
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS OverviewGuardEra Access Solutions, Inc.
 
IPS Best Practices
IPS Best PracticesIPS Best Practices
IPS Best PracticesHeather Axworthy
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
Key Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsKey Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsAlgoSec
 
Isday 2017 - Atelier Cisco
Isday 2017 - Atelier CiscoIsday 2017 - Atelier Cisco
Isday 2017 - Atelier CiscoInforsud Diffusion
 
Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Russia
 

Weitere ähnliche Inhalte

Was ist angesagt?

Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSmmiznoni
 
Critical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksCritical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksBGA Cyber Security
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for merakiCisco Canada
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation FirewallCisco Security
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Cisco do Brasil
 
Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems Zoe Gilbert
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinarZscaler
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chZscaler
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation SecurityCisco Canada
 
Application Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksApplication Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksHarry Gunns
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco Canada
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA Cyber Security
 
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...ProductNation/iSPIRT
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseCisco Canada
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecRobb Boyd
 
Key Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsKey Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsAlgoSec
 

Was ist angesagt? (20)

Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
 
Critical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist AttacksCritical Infrastructure Protection from Terrorist Attacks
Critical Infrastructure Protection from Terrorist Attacks
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for meraki
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall
 
Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)Estratégia de segurança da Cisco (um diferencial para seus negócios)
Estratégia de segurança da Cisco (um diferencial para seus negócios)
 
Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems Top 7 Security Measures for IoT Systems
Top 7 Security Measures for IoT Systems
 
Top 5 predictions webinar
Top 5 predictions webinarTop 5 predictions webinar
Top 5 predictions webinar
 
Three ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-chThree ways-zero-trust-security-redefines-partner-access-ch
Three ways-zero-trust-security-redefines-partner-access-ch
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Application Framework - Palo Alto Networks
Application Framework - Palo Alto NetworksApplication Framework - Palo Alto Networks
Application Framework - Palo Alto Networks
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
 
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
i7 Networks - Presentation at Zensar #TechShowcase - An iSPIRT ProductNation ...
 
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS Overview
 
IPS Best Practices
IPS Best PracticesIPS Best Practices
IPS Best Practices
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the Noise
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
TechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSecTechWiseTV Workshop: Cisco TrustSec
TechWiseTV Workshop: Cisco TrustSec
 
Key Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation FirewallsKey Policy Considerations When Implementing Next-Generation Firewalls
Key Policy Considerations When Implementing Next-Generation Firewalls
 

Ähnlich wie Miben nyújt többet a Cisco ASA + FirePOWER Services?

Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Russia
 
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsNetworkCollaborators
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Emea Corporate Presentation 0709 Lin
Emea Corporate Presentation 0709 LinEmea Corporate Presentation 0709 Lin
Emea Corporate Presentation 0709 LinJoe Sarno
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Benelux
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesOscar Romano
 
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation FirewallCisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation FirewallCisco Canada
 
Discover Synchronized Security - Sophos Day Netherlands
Discover Synchronized Security - Sophos Day Netherlands Discover Synchronized Security - Sophos Day Netherlands
Discover Synchronized Security - Sophos Day Netherlands Sophos Benelux
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overviewCisco Canada
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionCisco Canada
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation SecurityCybera Inc.
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionBlue Coat
 
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...Amazon Web Services Korea
 
Cisco amp everywhere
Cisco amp everywhereCisco amp everywhere
Cisco amp everywhereCisco Canada
 
Light sec for service providers brochure
Light sec for service providers brochureLight sec for service providers brochure
Light sec for service providers brochureGeorge Wainblat
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XPrime Infoserv
 

Ähnlich wie Miben nyújt többet a Cisco ASA + FirePOWER Services? (20)

Isday 2017 - Atelier Cisco
Isday 2017 - Atelier CiscoIsday 2017 - Atelier Cisco
Isday 2017 - Atelier Cisco
 
Cisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPsCisco Endpoint Security for MSSPs
Cisco Endpoint Security for MSSPs
 
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutionsCisco Connect 2018 Malaysia - Secure data center and mobility solutions
Cisco Connect 2018 Malaysia - Secure data center and mobility solutions
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended Network
 
Emea Corporate Presentation 0709 Lin
Emea Corporate Presentation 0709 LinEmea Corporate Presentation 0709 Lin
Emea Corporate Presentation 0709 Lin
 
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
Sophos Day Belgium - What's cooking in Sophos' Network Security Group?
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
 
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation FirewallCisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
Cisco Connect Toronto 2017 - Putting Firepower into the Next Generation Firewall
 
Discover Synchronized Security - Sophos Day Netherlands
Discover Synchronized Security - Sophos Day Netherlands Discover Synchronized Security - Sophos Day Netherlands
Discover Synchronized Security - Sophos Day Netherlands
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
 
Two for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content ProtectionTwo for Attack: Web and Email Content Protection
Two for Attack: Web and Email Content Protection
 
Ngfw overview
Ngfw overviewNgfw overview
Ngfw overview
 
The Next Generation Security
The Next Generation SecurityThe Next Generation Security
The Next Generation Security
 
Revolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat ProtectionRevolutionizing Advanced Threat Protection
Revolutionizing Advanced Threat Protection
 
MID_SIEM_Boubker_EN
MID_SIEM_Boubker_ENMID_SIEM_Boubker_EN
MID_SIEM_Boubker_EN
 
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
 
Cisco amp everywhere
Cisco amp everywhereCisco amp everywhere
Cisco amp everywhere
 
Light sec for service providers brochure
Light sec for service providers brochureLight sec for service providers brochure
Light sec for service providers brochure
 
Crush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield XCrush Cloud Complexity, Simplify Security - Shield X
Crush Cloud Complexity, Simplify Security - Shield X
 

Kürzlich hochgeladen

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 

Kürzlich hochgeladen (20)

Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 

Miben nyújt többet a Cisco ASA + FirePOWER Services?

  • 1. Fóti Péter – Presales konzulens Kis-Szabó András – IT biztonsági szakértő Miben nyújt többet a Cisco ASA + FirePOWER Services?
  • 2. Evolution 2 Worms Spyware / Rootkits APTs / Cyberware Increased Attack Surface (Mobility & Cloud) INTELLIGENCE & ANALYTICS Today GLOBAL REPUTATION & SANDBOXING 2010 HOST-BASED (ANTI-VIRUS) 2000 NETWORK PERIMETER (IDS/IPS) 2005
  • 3. Threat Landscape Demands more than Application Control 100% of companies connect to domains that host malicious files or services 54% of breaches remain undiscovered for months 60% of data is stolen in hours avoids detection and attacks swiftly It is a Community that hides in plain sight
  • 4. Superior Integrated & Multilayered Protection ► World’s most widely deployed, enterprise-class ASA stateful firewall ► Granular Cisco® Application Visibility and Control (AVC) ► Industry-leading FirePOWER next- generation IPS (NGIPS) ► Reputation- and category-based URL filtering ► Advanced malware protectionCisco ASA Identity-Policy Control & VPN URL Filtering (Subscription) FireSIGHT Analytics & Automation Advanced Malware Protection (Subscription) Application Visibility & ControlNetwork Firewall Routing | Switching Clustering & High Availability WWW Cisco Collective Security Intelligence Enabled Built-in Network Profiling Intrusion Prevention (Subscription)
  • 5. Minimize your exposure to web-based threats Restrict categories of URLs Filter out over 280 million URLs based on any of the 80+ categories into which they are grouped; new URLs are added daily Block specific URLs Restrict access to specific sites and subsites bad_url.com office365.com Social Media Gambling Health Drug Use Gaming Change policies easily Use the refined user interface to make additions or changes with just a few clicks Allowed Restricted Services AMP Stateful Firewalling VPN Capabilities AVC URL Filtering NGIPS
  • 6. Protect the network more effectively Reduce IT management burden Gain unmatched visibility and threat detection NGIPS automatically correlates information from intrusion events with network assets to prioritize threat investigation Priority 1 Priority 2 Priority 3 Blended threats and attacks coming through multiple vectors are quickly identified www… Policies can be updated automatically based on vulnerabilities and previous intrusion events Admins can make adjustments to policies and system settings across locations from a single location, even offsite Services URL Filtering NGIPS AMP Stateful Firewalling AVC VPN Capabilities
  • 7. Protect against the most advanced forms of malware and remediate after a breach Identify malware that other solutions miss by analyzing files based on reputation or suspicious behavior. AMP is continuously updated to ensure that it can stop the latest and most advanced forms of malware. Point-in-time Protection Defend against attacks even after a file passes the perimeter. AMP tracks files as they move around network; if they turn out to be malicious, you can quickly determine areas of impact and remediate quickly. Continuous Protection Trajectory Behavioral Indications of Compromise Breach Hunting Retrospection Attack Chain Weaving Services URL Filtering NGIPS AMP Stateful Firewalling AVC VPN Capabilities Fuzzy Finger-printing Machine Learning Dynamic Analysis Indications of Compromise Device Flow Correlation Advanced Analytics One-to-One Signature
  • 8. Reduce attack surfaces by controlling application access Control port- and protocol-hopping apps that evade traditional firewalls Limit the exposure created by social media applications Services URL Filtering NGIPS AMP Stateful Firewalling AVC VPN Capabilities Enforce acceptable use policies with granular control over applications and micro- applications Use custom application detectors / Open App ID
  • 9. Leverage the proven ASA Firewall capabilities Standard Functions New ASA Features • Clientless tagging, WebVPN support for OWA2013 and XenDesktop7.5 • TLS 1.2 • ECMP Support, IPV6 BGP • Std. based IKEv2 support. Citrix HTML5 browser support • VPN Clients Win7, 8.1, 8.1 phone client, iOS8, Knox and Strong Swan • Full VX LAN support • Policy-based Routing • REST API and SNMP enhancement IP Fragmentation IP Option Inspection TCP Intercept TCP Normalization ACL NAT Routing Services URL Filtering NGIPS AMP Stateful Firewalling AVC VPN Capabilities
  • 10. Extend protection to off-site users Threat Protection  Data-loss Prevention  Acceptable Use  Access Control  Diverse Endpoint Support Broad VPN Deployment Split Tunneling Capabilities Mobile and non-mobile devices Cisco and non-Cisco devices AnyConnect 4.0 and 3rd -party VPNs Single- and Multi-site deployments Corporate and sensitive information Personal and generic information Services URL Filtering NGIPS AMP Stateful Firewalling AVC VPN Capabilities
  • 11. Stay protected against the latest threats with regular updates pushed automatically Identify advanced threats quickly with industry-leading threat research Get industry-specific threat intelligence tailored to your business Catch advanced threats endpoints miss with Cisco’s reverse engineers and threat analysts The largest security intelligence and research group - TALOS 00I00 I00I0I II0I0I 0II0I I0I00I0I0 0II0I0II 0I00I0I I0 00 II0III0I 0II0II0I II00I0I0 0I00I0I00 I0I0 I0I0 I00I0I00 III00II 0II00II I0I0II0II0 I0 I0 I00 00I0 I000 0II0 00 III00II I000I0I I000I0I I000I0I II 0I00 I0I000 0II0 00 00I I0I0I0 I0I0III000 I0I00I0I 0II0I0 I00I0I0I0I 000 II0II0I0I0I I0I0I0I 0I0I0I0I 0I0I00I0 I0I0I0I 0II0I0I0I 0II00 I00I0I0 0I00I0I I00I0I0 I0I0I0I 0I0I0I 0I0I0I0 00I0I0 0I0I0I0 I0I0I00I 0I0I 0I0I 0I0I I0I0I 0I00I0I III00II 0II00II I0I000 0II0 00I0I00 I0 I000I0I 0II 0I0I0I III00II 0II00II 0I0I0I0I 0I I0 I00 000II0 I0I0 0II0 00 Email Endpoints Web Networks NGIPS Devices WWW 24  7  365 Operations600+ Researchers Research Response Threat Intelligence • Monitors 35% of the world’s email traffic • Receives 1.1 million incoming malware samples daily • Performs 4.9 billion AV and web filtering blocks per month • Processes 100 terabytes of security intelligence daily Talos
  • 12. FirePOWER Services available on all ASA platforms SMB 250 Mbps AVC 125 Mbps AVC+IPS 20K/50K* Connections 5,000 CPS ASA 5506W-X Integrated Wireless AP Branch Locations ASA 5506H-X Ruggedized 450 Mbps AVC 250 Mbps AVC+IPS 100K Connections 10,000 CPS ASA 5508-X 850 Mbps AVC 450 Mbps AVC+IPS 250k Connections 20,000 CPS ASA 5516-X ASA 5506-X 250 Mbps AVC 125 Mbps AVC+IPS 20K/50K* Connections 5,000 CPS 250 Mbps AVC 125 Mbps AVC+IPS 20K/50K* Connections 5,000 CPS *Requires Security Plus licenses
  • 13. FirePOWER Services available on all ASA platforms Branch Locations 300 Mbps AVC 150 Mbps AVC+IPS 100K Connections 10,000 CPS ASA 5512-X 500 Mbps AVC 250 Mbps AVC+IPS 250K Connections 15,000 CPS ASA 5515-X Small/Medium Internet Edge 1.1 Gbps AVC 650 Mbps AVC+IPS 500K Connections 20,000 CPS ASA 5525-X 1.5 Gbps AVC 1 Gbps AVC+IPS 750K Connections 30,000 CPS ASA 5545-X 1.750 Gbps AVC 1.250 Gbps AVC+IPS 1M Connections 50,000 CPS ASA 5555-X
  • 14. FirePOWER Services available on all ASA platforms ASA 5585-SSP10 ASA 5585-SSP20 Campus / Data Center 4.5 Gbps AVC 2 Gbps AVC+ IPS 500K Connections 40,000 CPS 7 Gbps AVC 3.5 Gbps AVC+ IPS 1M Connections 75,000 CPS Enterprise Internet Edge ASA 5585-SSP40 ASA 5585-SSP60 10 Gbps AVC 6 Gbps AVC+ IPS 1.8M Connections 120,000 CPS 15 Gbps AVC 10 Gbps AVC+ IPS 4M Connections 160,000 CPS
  • 15. Five (5) feature license packages are available AVC is part of the default offering One (1) , three (3) and five (5) year terms are available URL IPS URL IPS AMP IPS AMP URL IPS URL TAC TAMC TA TAM Licensing Packages for ASA with FirePOWER Services
  • 16. Cisco offers multiple management solutions Adaptive Security Device Manager (ASDM) on-box manager FireSIGHT Management Center
  • 18. Fóti Péter – Presales konzulens peter.csaba.foti@snt.hu Kis-Szabó András – IT biztonsági szakértő andras.kis-szabo@snt.hu Köszönjük a figyelmet! http://www.snt.hu/ciscosecurity

Hinweis der Redaktion

  1. A Cisco ASA tűzfal család hosszú évek óta széles körben használt, népszerű platform, ami a tavalyi év során számos olyan új generációs tűzfal funkcióval gazdagodott, mely ismét az élmezőnybe repítette a termékcsaládot. A Cisco 2013 őszén akvirálta a kiváló IPS megoldásairól ismert SourceFire céget és a tavalyi évben kijöttek az első ASA FirePOWER bundle-ök, ahol az ASA funkciókon felül egy hardveren a FirePOWER szolgáltatások is futtathatóak. Kezdjük azonban egy gyors történeti áttekintéssel… (>>)
  2. (>>) …arról, hogy hogyan is változott az elmúlt két évtizedben az IT biztonság világa. A 2000-es években leginkább végponti védelemről beszéltünk, ami gyakorlatilag a PC-nken futó antivírus szoftvert takart, mely viszonylag hatékony védelmet biztosított a vírusok, férgek ellen. Ezután ahogyan a támadások egyre szervezettebbek lettek és megjelentek az operáció rendszert mélyebb rétegekben kompromittáló rootkitek, illetve a különböző malware-ek és spyware-ek később, úgy az első védvonal is „kijjebb” került, megjelentek a behatolás megelőző illetve detektáló rendszerek, innentől beszélünk határvédelemről. A 2010-es évekre aztán a közösségi site-ok és a webkettes tartalmak burjánzásnak indultak, csakúgy mint a kártékony kódok is és az IT biztonság is lépésszámot váltott, jöttek a globális adatgyűjtésen alapuló on-line reputáció alapú megoldások és a sandboxing (amikor ismeretlen kódokat egy „védett” környezetben tesztelünk, mielőtt azt beengednénk hálózatunkba). Ma a megnövekedett támadási felület, így a számos végponti platform (elég csak a különféle-fajta mobileszközre gondolni) és a rengeteg felhőalapú erőforrás biztonsági kihívásai vannak fókuszban. Most az intelligensen korreláló analitika az, ami a biztonsági megoldásszállítók legújabb válasza a jelenkor fenyegetettségeire. (>>)
  3. (>>) ….merthogy ma már szervezett csoportok nyereségvágyból, vagy éppen államérdekből fenyegetik rendszereinket és adatainkat és mélyebben belegondolva sajnos könnyen beláthatjuk, hogy nincs ma olyan rendszer, ami on-line és ne lehetne feltörni. Legtöbbször az elkövetők profik tehát, fedezékből támadnak és sokszor esélyünk sincs, hogy megelőzzük támadásukat. Ahogy John Chambers a Cisco nemrégiben leköszönt elnök-vezérigazgatója említette, kétféle vállalatot tudunk megkülönböztetni, ahova már betörtek és ahová hamarosan be fognak. A kérdés tehát ma inkább az, vajon értesülünk-e valaha is arról, hogy megtámadtak minket? És ha értesülünk akkor mikor és tudjuk-e pontosan mely rendszereinket kompromittálták és milyen adatainkhoz fértek hozzá? Mint a dián is látszik, a szenzitív adatainkat órák alatt megszerzik sokszor az elkövetők, illetve a támadások több mint felének ténye még hónapokkal az eset után sem kerül napvilágra. Az alkalmazás szintű hozzáférés szabályozásnál tehát jóval többre… (>>)
  4. (>>) ….valójában egy sokrétű, holisztikus biztonsági megközelítésre van szükségünk ahhoz, hogy jó esélyünk legyen a betörések és lopások megelőzésére. Azokra az esetekre pedig ha már megtörtént a baj, kellenének olyan technológiák, amivel a behatolások felderíthetőek és amik lehetőség szerint a kármentést és helyreállítást is támogatják. A Cisco ASA családja pontosan ezekkel a funkciókkal lett gazdagabb, nevesül a SourceFire piacvezető következő generációs IPS rendszerével, valamint szintén a FirePOWER services csomagnak részét képező Advanced Malware Protection funkciókkal, melyeket – a többi funkció mellett – a következő pár percben bemutatunk. Látható, hogy az Email szűrést leszámítva gyakorlatilag egy teljes spektrumú védelmet alakíthatunk ki az ASA megoldáscsomaggal, mely bármely vezető UTM megoldással felveszi a versenyt és költséghatékony védelmet biztosít vállalati infrastruktúránk részére. (>>)
  5. (>>) Nézzük meg közelebbről az új ASA csomagok funkciókészletét, az első 4 feature (URL filtering, IPS, AMP és alkalmazás kontroll) a FirePOWER szoftvercsomag részei. Az URL szűrésnél az új könnyen kezelhető menedzsment felületen korlátozhatjuk konkrét URL-ek elérését, vagy szűrhetünk kategóriákra is – a folyamatosan frissített adatbázisban 280 milliónál is több hivatkozás van, több mint 80 kategóriába rendezve. (>>)
  6. (>>) És jöjjön a már beharangozott SourceFire IPS technológia A mai multivektorú támadások esetén alapvető fontosságú, hogy tudjunk korrelálni az események között, ezt a következő generációs FirePOWER IPS rendszer elvégzi számunkra. A rendszer priorizálja is az eseményeket és képes a szabályrendszert automatikusan változtatni az aktuális sérülékenységek, illetve az eddig történt behatolási kísérletek alapján. A SourceFire a sokak álat ismert SNORT open source IPS rendszerét fejlesztette egyébként tovább. Az IPS után most nézzük meg az egyik legunikálisabb funkciószettet az AMP-ot. (>>)
  7. (>>) Az Advanced Malware protection gyakorlatilag két fontos megközelítést ötvöz. Egyrészt az ún. pont-in-time védelem keretein belül vagy reputáció és/vagy viselkedés alapon (akár sandboxing technológia segítségével) akadályozzuk meg, hogy a tűzfalunkon át kártékony fájlok, alkalmazások jussanak a hálózatunkba azáltal, hogy a belépési ponton ellenőrizzük a forgalmat és döntéseket hozunk. Ez egyébként az eddig elterjedt hagyományos megközelítés. De mi a helyzet akkor, ha már beengedtük és akkor kezd el kártékonyan viselkedni az adott tartalom? Az AMP többi funkciója pontosan erre nyújt megoldást; a már beengedett fájlok útját ugyanis követi a rendszer és jelzi, amint egy kódról kiderül, hogy kártékony. Ekkor visszamenőlegesen van lehetőségünk felderítést végezni, azaz, hogy mikor, hol lépett be az adott malware rendszerünkbe és infrastruktúránk mely részei fertőzöttek. Amint ezt tudjuk van lehetőségünk a beavatkozásra és a kármentésre, ezt András kollégám hamarosan be fogja mutatni a demóban Az Advanced Malware Protection tehát retrospektív képességei okán egy elég ütőképes funkciókészlet, ami nagy szolgálatot tud tenni az Önök hálózatában is. (>>)
  8. (>>) Az AVC, azaz az alkalmazás szintű láthatóság és kontroll egy, ma már joggal elvárt funkció minden következő generációs eszközben. Mivel a mai alkalmazásokat már a használt portjaik segítségével igen nehéz lenne korlátozni, így Layer 7 szinten kell az alkalmazásokat kezelni. A funkcióval pl. megtehetjük, hogy korlátozzuk a facebook elérését, akár úgy, hogy tiltjuk az alkalmazást, akár csak a videókat, megosztásokat tiltjuk vagy éppen a chatelést… Természetesen a tűzfal minden fontosabb alkalmazást ismer, de beállíthatunk saját alkalmazás detektorokat is, így ez a funkció is testre szabható. (>>)
  9. (>>) A hagyományos tűzfal funkciókra most idő szűkében bővebben nem térnék ki, csupán néhány újdonságot vagy extra jellemzőt említenék: Az ASA tűzfalak támogatják a Cisco Anyconnect clientless, böngésző alapú Cisco VPN megoldását, illetve több más gyártó kliens VPN megoldását is, valamint mobil VPN klienseket is. Az eszközök már teljesen támogatják a VX LAN-okat és a policy-based routingot… (>>)
  10. (>>) VPN képességekről röviden: Ahogy már említettem androidos és iOS-es mobilkliensek, Cisco és nem Cisco VPN kliensek is támogatottak. Az eszköz támogatja a split-tunneling jellemzőket is, azaz lehetőségünk van arra, hogy csupán a szenzitív vállalati kommunikáció halad a védett csatornán, a privát és általános adatforgalom pedig megy a hagyományos útvonalon. (>>)
  11. (>>) A Cisco biztonsági felhőjét TALOS-nak hívják. Ma ez az egyik legnagyobb kutatócsoport a világon. Itt több, mint 600 mérnök dolgozik 24x7 órában az év 365 napján azért, hogy a reputáció alapú, valamint a szignatúra alapú szolgáltatások által használt adatbázisokat frissítse, illetve az on-line sandboxing is itt történik. A TALOS információit használja sok esetben az ASA eszközökön elérhető több funkció is, ahogyan természetesen a TALOS összesíti és elemzi ki a sok ezernyi különféle Cisco biztonsági eszköz által begyűjtött információkat... Ennyit tehát a TALOS-ról, ami virtuálisan „ott áll” minden ASA megoldás mögött is. (>>)
  12. (>>) Tekintsük át most az ASA hardverplatformokat A diákon látható néhány fontos teljesítményparaméter méretezéshez is. A FirePOWER funkciókészlet, tehát az IPS és applikáció szintű láthatóság és kontroll , az URL szűrés és az AMP elérhető valamennyi ASA X platformon, így a legkisebb 5506-X-en is, aminek van megerősített és access pointtal egybeépített változata is. Érdekességképpen, ez az access point egyébként bevonható kontroller alá, ha esetleg valaki már rendelkezik Wifi kontrollerrel. Telephelyi igényeket ezen túl még az 5508X és 5516X szolgál ki 450 Mbps teljesítményig. (>>)
  13. (>>) A kicsit korábban kijött 5512X és 5515X is még kapható, az új funkciókkal még nem rendelkező régebben vásárolt X-es platformok egy SSD tár és a szükséges licencek megvásárlásával a FirePOWER funkciók futtatására alkalmassá tehetők, tehát régebbi X-es ASA eszközzel rendelkező érdeklődők is tudnak upgradelni a most ismertetett FirePOWER funkciókra. Az ASA5545X-el már 1 Gbps AVC + IPS kombinált teljesítmény érhető el, a legnagyobb Enterprise tűzfala a Cisco-nak pedig az 5555X. (>>)
  14. (>>) Az 5585X család különböző szervízprocesszorokkal vásárolható meg, ez a Cisco adatközponti és nagyvállalati termékcsaládja egyébként. Látható, hogy SSP60 kártyával akár 10Gbps kombinált IPS és AVC teljesítmény érhető el. (>>)
  15. (>>) És akkor a licencelésről. Az FirePOWER funckiókat a következő bontásban lehet megvásárolni 1, 3 vagy 5 éves előfizetés keretein belül. Van lehetőség csak IPS vagy URL filtering vásárlására, de ha AMP funkciókat is szeretnénk, ahhoz az IPS-re mindenképpen elő kell fizetni. Az alkalmazás szintű láthatóság és kontroll minden esetben része az alapcsomagnak, ez külön előfizetés nélkül is elérhető… (>>)
  16. (>>) A következő néhány percben Kis-Szabó András kollégám egy demó keretein belül élőben mutatja meg a FirePOWER funkciókat, de előtte egy pár szót az eszköz menedzseléséről. A FirePOWER funkciókat menedzselő alkalmazás off-box telepítendő, de célhardver (appliance) formájában is elérhető. Ez a FireSIGHT Management Center, aminek segítségével menedzselhetjük az IPS-t, az AMP-ot, URL szűrést és alkalmazás kontrollt, míg a hagyományos tűzfal funkciók a már ismert, az eszközön magán futó ASDM szoftver segítségével állíthatóak. A jövőben az összes funkció migrálásra kerül a FireSIGHT Management Centerbe és készül az Unified ASA image is, amiben valamennyi funkció összegyúrásra kerül… És most kérlek András nézzük meg, hogy az ismertetett FirePOWER szolgáltatások hogyan kezelhetőek a FireSIGHT Management Center alkalmazásból! (>>)
  17. (>>) DEMÓ -> Cisco dcloud (>>)
  18. (>>) Reméljük sikerült felkelteni az érdeklődésüket az ASA tűzfalak és a FirePOWER szolgáltatások iránt, melyet szívesen bemutatunk akár az Önök vállalati környezetében is. További kérdés vagy érdeklődés esetén szívesen állunk rendelkezésre a dián látható email címeinken. Zárszó helyett ugyanakkor fontos megjegyezni, hogy a tűzfal technológiák és az IPS rendszerek az IT biztonságnak csak egy szeletét képezik, a teljes körű biztonságot egy eszközzel nyújtani sosem lesz képes egyetlen gyártó sem. A biztonság leginkább a felhasználóknál kezdődik, valamint az IT biztonsági szabályok megalkotásával és betartatásával. Hogy kit engedünk és milyen adatok közelébe és mindezt milyen feltételekkel engedjük meg. Hogy mit kezdünk azokkal, akik ennek nem felelnek meg és hogyan ellenőrizzük mindezt? Erre ad választ a Cisco következő generációs biztonsági megoldásai közül a Cisco Identity Services Engine vagy ISE, mely megoldás implementálásában egyedülállóan sok tapasztalattal rendelkezik az S&T. Köszönjük még egyszer a megtisztelő figyelmet, tartsanak velünk a következő webinárunkon is, de addig is látogassák meg Cisco Security oldalát az snt.hu/ciscosecurity link alatt.