Professional Documents
Culture Documents
Theft DoS
Viruses/Worms
4.
Insider Abuse
Privacy of Information
Internal Theft of Information Social Engineering: Physhing, Ad-ware, Trojans
2004 Cisco Systems, Inc. All rights reserved.
An initiative to dramatically dramatically improve the improve the networks ability networks ability to to identify, prevent, and adapt identify, threats and to prevent,
Cisco strategy to
INTEGRATED SECURITY
Secure Connectivity Threat Defense Trust & Identity
Si
Si
Si
RM
RM
1. New RF is detected by WLAN endpoints 2. RM frames sent to Policy Server 3. Policy Server locates rogue AP and disables network switch port
Rogue AP
RM
PROTECTION
THREAT DEFENSE SYSTEM
Collaboration of Security and Network Intelligence Services to Minimize Impact of Both Known and Unknown Threats
CONTROL
TRUST & IDENTITY MANAGEMENT SYSTEM
Contextual Identity Required for Entitlement and Trust
Wireless
Maintain security with new access technologies that enhance productivity
Teleworker
Provide multi-service access to SOHO users over secure broadband connections
Campus
Enhance security by ensuring privacy of critical information across the data center and the entire campus
Management
Centralized control of all secure connections with one platform to configure, monitor and troubleshoot
9
Voice
To a Single Agent
Aggregates multiple security functionality in one agent Behavioral day-zero protection, firewalling and OS lockdown
To Scheduled Maintenance
Wait for roll-ups and Service Packs, which come better qualified from vendor Testing and implementation of updates can be scheduled without undue change control interruption
10
BGP announcement
Cat6k
2. Activate: Auto/Manual
11
Cat6k
6. Non-targeted
traffic, flows freely
Non-targeted servers
2004 Cisco Systems, Inc. All rights reserved.
12
ACS
Security management
Protecting Desktops, Servers and Networks Security Appliances VPN / SSL Security Software Behavior
Switches
Routers
Firewall
IDS
Identity
Device Authentication, Port Level Security, Secure and Trusted Devices, Secure Access, Transport Security
15
16
ANYONE CAN BUILD A STOP SIGN OR EVEN A TRAFFIC LIGHT BUT IT TAKES A DIFFERENT MINDSET ENTIRELY TO CONCEIVE OF A CITY-WIDE TRAFFIC CONTROL SYSTEM.
Bruce Schneier, Beyond Fear
July 2004, Cisco announced the formation of a separate July 2004, Cisco announced the formation of a separate Technology Group to be headed by SVP Jayshree Ullal. This Technology Group to be headed by SVP Jayshree Ullal. This results in more focus at developing and delivering the SDN. results in more focus at developing and delivering the SDN.
Presentation_ID
2004 Cisco Systems, Inc. All rights reserved. 2003 Cisco Systems, Inc. All rights reserved.
17
18