SlideShare a Scribd company logo

8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security

BGA Cyber Security, profile picture
BGA Cyber Security

This document discusses Cisco's next generation security strategy and solutions. It outlines Cisco's approach of integrating products to provide unified visibility, advanced threat protection, and consistent control across networks, endpoints, cloud, and mobile environments. It highlights key Cisco security technologies like FirePOWER, Advanced Malware Protection (AMP), and Identity Services Engine (ISE) and how they work together to provide defense, detection, and remediation against evolving threats.

Technology
1 of 28
Downloaded 116 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
Next Generation Security Fuat KILIÇ Consulting Systems Engineer - Security Ali Fuat TÜRKAY Product Sales Specialist - Security
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
Cisco and/or its affiliates. All rights reserved. Cisco Public All were smart. All had security. All were seriously compromised. Today’s Real World: Threats are evolving and evading traditional defense
Cisco and/or its affiliates. All rights reserved. Cisco Public What would you do if you knew you would be compromised?! BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Network Endpoint Mobile Virtual Email & Web ContinuousPoint-in-time Attack Continuum Cloud
Cisco and/or its affiliates. All rights reserved. Cisco Public The Silver Bullet Does Not Exist… “Captive Portal” “It matches the pattern” “No false positives, no false negatives.” Application Control FW/VPN IDS / IPS UTM NAC AV PKI “Block or Allow” “Fix the Firewall” “No key, no access” Sandboxing “Detect the Unknown”
Cisco and/or its affiliates. All rights reserved. Cisco Public Customer Value Proposition Cisco Security Solutions Unmatched Visibility Advanced Threat Protection Consistent Control Flexibility & Choice
Cisco’s Strategy Integrated Platform for Defense, Discovery and Remediation Firewall Content Gateways Integrated Platform Virtual Cloud Device Data Center Network Access Control Firewall Content Aware Applications Context Aware Identity, Data, Location Threat Aware Malware, APT
Cisco and/or its affiliates. All rights reserved. Cisco Public Gartner Defines Next-Generation IPS 8 NGIPS Definition •  Standard First-Gen IPS •  Context Awareness •  Application Awareness and full-stack visibility •  Content Awareness •  Adaptive Engine Download at Sourcefire.com *Source: “Defining Next-Generation Network Intrusion Prevention” Gartner, October 7, 2011
Cisco and/or its affiliates. All rights reserved.Presentation_ID Cisco Public FirePOWER Platform http:// http://WWW WWW WWW WWW FireSIGHT Management Center FireSIGHT Management Center •  Context Awareness •  Operating System Identification •  Fingerprint Applications (Web, Protocol & Client Versions) •  Service Enumeration (HTTP, SMPT, RDP…etc) •  Users Awareness •  24x7 Monitoring (Passive & Inline) •  Identify Assets Potential Vulnerabilities (Weakness) •  Leveraging Visibility/vulnerabilities to “Adapt” •  Access Control Rules Enforcement •  Alerting, Correlation & Packets Capture FirePOWER Platform/Services •  Inspect, Detect, Drop, Allow…etc •  IPS, Application Control, Malware Inspection & URL Rating •  Inline, Passive & Hybrid Context Awareness in Intrusion Events
Cisco and/or its affiliates. All rights reserved. Cisco Public FireSIGHT – Unique Visibility Typical NGFW Cisco FireSIGHT System Typical IPS
Cisco and/or its affiliates. All rights reserved. Cisco Public Building Host Profile OS & version Identified Server applications and version Client Applications Who is at the host Client Version Application What other systems / IPs did user have, when? §  Converting Data into Information
Cisco and/or its affiliates. All rights reserved. Cisco Public FireSIGHT Impact Assessment Correlates all intrusion events to an impact of the attack against the target Impact Flag Administrator Action Why 1 Act immediately, vulnerable Event corresponds to vulnerability mapped to host 2 Investigate, potentially vulnerable Relevant port open or protocol in use, but no vuln mapped 3 Good to know, currently not vulnerable Relevant port not open or protocol not in use 4 Good to know, unknown target Monitored network, but unknown host 0 Good to know, unknown network Unmonitored network
Cisco and/or its affiliates. All rights reserved. Cisco Public Indications of Compromise (IoCs) IPS Events Malware Backdoors Exploit Kits Web App Attacks CnC Connections Admin Privilege Escalations SI Events Connections to Known CnC IPs Malware Events Malware Detections Office/PDF/Java Compromises Malware Executions Dropper Infections
Cisco and/or its affiliates. All rights reserved. Cisco Public Gartner Leadership Sourcefire has been a leader in the Gartner Magic Quadrant for IPS since 2006. As of December 2013 Source: Gartner (December 2013) Radware StoneSoft (McAfee) IBM Cisco HP McAfee Sourcefire (Cisco) HuaweiEnterasys Networks (Extreme Networks) NSFOCUS Information Technology challengers abilityto execute leaders visionariesniche players vision
Cisco and/or its affiliates. All rights reserved. Cisco Public 2012 NSS Labs SVM for IPS
Cisco and/or its affiliates. All rights reserved. Cisco Public 2013 NSS Labs SVM for IPS
Cisco and/or its affiliates. All rights reserved. Cisco Public ASA with FirePOWER Services Available Now!! Industry’s First Threat-Focused NGFW #1 Cisco Security announcement of the year! •  Integrating defense layers helps organizations get the best visibility •  Enable dynamic controls to automatically adapt •  Protect against advanced threats across the entire attack continuum Proven Cisco ASA firewalling Industry leading NGIPS and AMP Cisco ASA with FirePOWER Services
Cisco Confidential 18© 2013-2014 Cisco and/or its affiliates. All rights reserved. NSS Labs – Next-Generation Firewall Security Value Map Source: NSS Labs 2014 The NGFW Security Value Map shows the placement of Cisco ASA with FirePOWER Services and the FirePOWER 8350 as compared to other vendors. All three products achieved 99.2 percent in security effectiveness and now all can be confident that they will receive the best protections possible regardless of deployment.
Cisco and/or its affiliates. All rights reserved. Cisco Public SecurityEffectiveness TCO per Protected-Mbps The Results CiscoAMP is a Leader in Security Effectiveness and TCO and offers Best Protection Value Cisco Advanced Malware Protection Best Protection Value 99.0% Breach Detection Rating Lowest TCO per Protected-Mbps NSS Labs Security Value Map (SVM) for Breach Detection Systems
Fire and ISE
Cisco Confidential 21© 2013-2014 Cisco and/or its affiliates. All rights reserved. EPS REST API Threat Detection •  IDS Sig •  Malware •  Traffic •  Application •  And Many More.. Automagical, Dynamic, Squirrely Threat/Malware/Attack Response/Defense Quarantine Action •  VLAN Assignment •  dACLs •  SGT •  QoS TAG ISE
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22 Network as a Sensor © 2014 Lancope, Inc. All rights reserved.
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23 © 2014 Lancope, Inc. All rights reserved. Flow – The Network Phone Bill Flow CacheDestination IP Origin IP Destination Port Origin Port L3 Protocol DSCP Flow Info Packet Bytes/Packet Origin IP , Port, Proto... 11000 1528 … … … … … … Monthly Statement Bill At-A-Glance Flow Record Telephone Bill
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24 Internet   Atlant a   San  Jose   New  York   Remote  Sites   WAN   Firewall   &  IPS   Datacenter   DMZ   User  Network   3G Internet
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25 Internet   Atlant a   San  Jose   New  York   NetFlo w   Remote  Sites   NetFlo w   NetFlow   WAN   NetFlow   Firewall   Datacenter   NetFlow   NetFlow   NetFlow   DMZ   NetFlo w   NetFlo w   User   Network   3G Internet NetFlo w   NetFlo w   NetFlo w   NetFlow  
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26 © 2014 Lancope, Inc. All rights reserved. How CTD Analyzes Devices 31
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27 •  Cisco Bulut ve mobilite gibi günlük hayatımızı oldukça değiştiren trendlern ışığında, gereken güvenlik uzmanlığı ve eğitimi alanında aşağıdaki yenilikleri, uzmanların, mühendislerin ve operasyon ekiplerinin eğitimi için yayınlamıştır: • Yenilenen CCNP Güvenlik sertifikasyon programı • Yeni Cisco Sibergüvenlik Uzmanlığı • Daha önceki Cisco Güvenlik Uzmanlığı sertifikasyonunun sonlanması • Yeni ve güncellenmiş ürün eğitimleri •  Yeniden dizayn edilen CCNP Security sertifikasyonu, bugün çok daha geniş bir bkış açısıyla, uçtan uça mimari kurmaları gereken güvenlik uzmanlarını hedeflemektedir: •  300-206 Implementing Cisco Edge Network Security Solutions (SENSS) •  300-207 Implementing Cisco Threat Control Solutions (SITCS) •  300-208 Implementing Cisco Secure Access Solutions (SISAS) •  300-209 Implementing Cisco Secure Mobility Solutions (SIMOS)
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security

More Related Content

PPTX
Developing A Cyber Security Incident Response Program
BGA Cyber Security
 
PDF
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
BGA Cyber Security
 
PDF
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA Cyber Security
 
PDF
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
PDF
Microsoft Avanced Threat Analytics
Adeo Security
 
PDF
Next Generation Security
Cisco Canada
 
PPTX
Sourcefire Webinar - NEW GENERATION IPS
mmiznoni
 
PPTX
Как автоматизировать, то что находит аналитик SOC
Denis Batrankov, CISSP
 
Developing A Cyber Security Incident Response Program
BGA Cyber Security
 
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
BGA Cyber Security
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA Cyber Security
 
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
Microsoft Avanced Threat Analytics
Adeo Security
 
Next Generation Security
Cisco Canada
 
Sourcefire Webinar - NEW GENERATION IPS
mmiznoni
 
Как автоматизировать, то что находит аналитик SOC
Denis Batrankov, CISSP
 

What's hot (20)

PPTX
Talos Insight: Threat Innovation Emerging from the Noise
Cisco Canada
 
PDF
Cisco Security Architecture
Cisco Canada
 
PDF
Bir macOS APT Senaryosu
BGA Cyber Security
 
PDF
SourceFire IPS Overview
GuardEra Access Solutions, Inc.
 
PDF
Mobile Application Penetration Testing
BGA Cyber Security
 
PDF
Cisco ASA con fire power services
Felipe Lamus
 
PPTX
Building Up Network Security: Intrusion Prevention and Sourcefire
Global Knowledge Training
 
PPTX
IPS Best Practices
Heather Axworthy
 
PDF
Presentation cisco cloud security strategy
xKinAnx
 
PDF
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
BGA Cyber Security
 
PDF
Presentación - Cisco ASA with FirePOWER Services
Oscar Romano
 
PDF
Scalar Security Roadshow - Toronto Presentation
Scalar Decisions
 
PDF
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco Canada
 
PDF
Check point response to Cisco NGFW competitive
Moti Sagey מוטי שגיא
 
PDF
Cisco Security Presentation
Simplex
 
PDF
Хакеро-машинный интерфейс
Positive Hack Days
 
PDF
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Sylvain Martinez
 
PDF
Cisco amp for meraki
Cisco Canada
 
PPTX
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Skybox Security
 
PDF
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...
Skybox Security
 
Talos Insight: Threat Innovation Emerging from the Noise
Cisco Canada
 
Cisco Security Architecture
Cisco Canada
 
Bir macOS APT Senaryosu
BGA Cyber Security
 
SourceFire IPS Overview
GuardEra Access Solutions, Inc.
 
Mobile Application Penetration Testing
BGA Cyber Security
 
Cisco ASA con fire power services
Felipe Lamus
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Global Knowledge Training
 
IPS Best Practices
Heather Axworthy
 
Presentation cisco cloud security strategy
xKinAnx
 
8 Ocak 2015 SOME Etkinligi - BGA Cyber Security Incident Response Team
BGA Cyber Security
 
Presentación - Cisco ASA with FirePOWER Services
Oscar Romano
 
Scalar Security Roadshow - Toronto Presentation
Scalar Decisions
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco Canada
 
Check point response to Cisco NGFW competitive
Moti Sagey מוטי שגיא
 
Cisco Security Presentation
Simplex
 
Хакеро-машинный интерфейс
Positive Hack Days
 
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Sylvain Martinez
 
Cisco amp for meraki
Cisco Canada
 
Anticipate and Prevent Cyber Attack Scenarios, Before They Occur
Skybox Security
 
Think Like a Hacker: Using Network Analytics and Attack Simulation to Find an...
Skybox Security
 
Ad

Viewers also liked (20)

PDF
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
BGA Cyber Security
 
PDF
IstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
BGA Cyber Security
 
PDF
İstSec 2015 - Norm shield why
BGA Cyber Security
 
PDF
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
BGA Cyber Security
 
PDF
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
BGA Cyber Security
 
PDF
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
BGA Cyber Security
 
PDF
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
BGA Cyber Security
 
PDF
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
BGA Cyber Security
 
PDF
Bilgi Güvenliğinde Sızma Testleri
BGA Cyber Security
 
PDF
IstSec'14 - Huzeyfe ÖNAL - Siber Tehditler Karşısında Kurumsal SOME Kurulumu ...
BGA Cyber Security
 
PDF
Malwarebytes - Global Impact of Ransomware on Business
Infographic Box IDS
 
PPT
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya
 
PDF
AGILE SECURITY™ Security for the Real World
Cisco Russia
 
PDF
Malwarebytes Logo Redesign Process
Rob Bajohr
 
PDF
Calidad de vida saludable (y responsable).
José María
 
PDF
NOTA DE PRENSA: EL 70% DEL FRAUDE AL SEGURO DEL MÓVIL CORRESPONDE A DENUNCIAS...
CPP España
 
PDF
(1) Curso sobre el software estadístico R. Introducción al entorno R
Instituto Canario de Estadística (ISTAC)
 
PDF
The Science of Games at IST
Rui Prada
 
PDF
Tecnica n°084 desecha el apego al cuerpo
Renato Clemente Lino Palomino
 
PDF
Monitoring photovoltaique GANTNER INSTRUMENTS FRANCE
EUROPAGES
 
8 Ocak 2015 SOME Etkinligi - BGA Bankalar İçin Some Kurulumu
BGA Cyber Security
 
IstSec'14 - İbrahim BALİÇ - Automated Malware Analysis
BGA Cyber Security
 
İstSec 2015 - Norm shield why
BGA Cyber Security
 
IstSec'14 - Çağrı ERSEN - Açık Kaynak Sistemlerle Siber Saldırı Gözetleme Sis...
BGA Cyber Security
 
8 Ocak 2015 SOME Etkinligi - BGA Bank Vulnerable Web Application
BGA Cyber Security
 
BGA SOME/SOC Etkinliği - APT Tehditlerine Karşı 7/24 Güvenlik İzlemesi (SOC)
BGA Cyber Security
 
Hosting Ortamlarında Açık Kaynak Yazılımlar Kullanılarak Saldırı Tespiti ve A...
BGA Cyber Security
 
İstSec'14 - Hamza Şamlıoğlu - Sosyal Medya ve Siber Riskler
BGA Cyber Security
 
Bilgi Güvenliğinde Sızma Testleri
BGA Cyber Security
 
IstSec'14 - Huzeyfe ÖNAL - Siber Tehditler Karşısında Kurumsal SOME Kurulumu ...
BGA Cyber Security
 
Malwarebytes - Global Impact of Ransomware on Business
Infographic Box IDS
 
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya
 
AGILE SECURITY™ Security for the Real World
Cisco Russia
 
Malwarebytes Logo Redesign Process
Rob Bajohr
 
Calidad de vida saludable (y responsable).
José María
 
NOTA DE PRENSA: EL 70% DEL FRAUDE AL SEGURO DEL MÓVIL CORRESPONDE A DENUNCIAS...
CPP España
 
(1) Curso sobre el software estadístico R. Introducción al entorno R
Instituto Canario de Estadística (ISTAC)
 
The Science of Games at IST
Rui Prada
 
Tecnica n°084 desecha el apego al cuerpo
Renato Clemente Lino Palomino
 
Monitoring photovoltaique GANTNER INSTRUMENTS FRANCE
EUROPAGES
 
Ad

Similar to 8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security (20)

PPTX
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
Chrysostomos Christofi
 
PDF
Putting firepower into the next generation firewall
Cisco Canada
 
PPTX
Scalar Security Roadshow - Calgary Presentation
Scalar Decisions
 
PPTX
Scalar Security Roadshow - Vancouver Presentation
Scalar Decisions
 
PDF
Cisco, Sourcefire and Lancope - Better Together
Lancope, Inc.
 
PDF
Building a Security Architecture
Cisco Canada
 
PDF
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Cisco do Brasil
 
PDF
Midsize Business Solutions: Cybersecurity
Cisco Security
 
PDF
CiscoACI-BRKACI-3004presentationUploaded.pdf
LeeHiu1
 
PDF
During the Next Generation Network and Data Centre – Now and into the Future ...
Cisco Canada
 
PDF
Scalar Security Roadshow - Ottawa Presentation
Scalar Decisions
 
PDF
Cisco Live Cancun PR Session
Felipe Lamus
 
PDF
ASA Firepower NGFW Update and Deployment Scenarios
Cisco Canada
 
PDF
Putting Firepower Into The Next Generation Firewall
Cisco Canada
 
PPTX
Isday 2017 - Atelier Cisco
Inforsud Diffusion
 
PDF
Cisco Next Generation Firewall with Firepower
humayun1343
 
PDF
Cisco connect winnipeg 2018 putting firepower into the next generation fire...
Cisco Canada
 
PDF
Putting Firepower into the Next Generation Firewall
Cisco Canada
 
PDF
Cisco Connect Vancouver 2017 - Putting firepower into the next generation fir...
Cisco Canada
 
PDF
Protegendo sua rede
Cisco do Brasil
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
Chrysostomos Christofi
 
Putting firepower into the next generation firewall
Cisco Canada
 
Scalar Security Roadshow - Calgary Presentation
Scalar Decisions
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Decisions
 
Cisco, Sourcefire and Lancope - Better Together
Lancope, Inc.
 
Building a Security Architecture
Cisco Canada
 
Proteja seus clientes - Gerenciamento dos Serviços de Segurança
Cisco do Brasil
 
Midsize Business Solutions: Cybersecurity
Cisco Security
 
CiscoACI-BRKACI-3004presentationUploaded.pdf
LeeHiu1
 
During the Next Generation Network and Data Centre – Now and into the Future ...
Cisco Canada
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Decisions
 
Cisco Live Cancun PR Session
Felipe Lamus
 
ASA Firepower NGFW Update and Deployment Scenarios
Cisco Canada
 
Putting Firepower Into The Next Generation Firewall
Cisco Canada
 
Isday 2017 - Atelier Cisco
Inforsud Diffusion
 
Cisco Next Generation Firewall with Firepower
humayun1343
 
Cisco connect winnipeg 2018 putting firepower into the next generation fire...
Cisco Canada
 
Putting Firepower into the Next Generation Firewall
Cisco Canada
 
Cisco Connect Vancouver 2017 - Putting firepower into the next generation fir...
Cisco Canada
 
Protegendo sua rede
Cisco do Brasil
 

More from BGA Cyber Security (20)

PDF
WEBSOCKET Protokolünün Derinlemesine İncelenmesi
BGA Cyber Security
 
PDF
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
BGA Cyber Security
 
PDF
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
BGA Cyber Security
 
PDF
3. parti firma risklerinden nasıl korunulur?
BGA Cyber Security
 
PDF
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
BGA Cyber Security
 
PDF
Webinar: Popüler black marketler
BGA Cyber Security
 
PDF
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
BGA Cyber Security
 
PDF
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
BGA Cyber Security
 
PDF
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
BGA Cyber Security
 
PDF
Webinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
BGA Cyber Security
 
PDF
Open Source Soc Araçları Eğitimi 2020-II
BGA Cyber Security
 
PDF
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
BGA Cyber Security
 
PDF
Hacklenmiş Windows Sistem Analizi
BGA Cyber Security
 
PDF
Open Source SOC Kurulumu
BGA Cyber Security
 
PDF
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
BGA Cyber Security
 
PDF
Siber Fidye 2020 Raporu
BGA Cyber Security
 
PDF
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Cyber Security
 
PDF
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
BGA Cyber Security
 
PDF
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
BGA Cyber Security
 
PDF
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
BGA Cyber Security
 
WEBSOCKET Protokolünün Derinlemesine İncelenmesi
BGA Cyber Security
 
Tatil Öncesi Güvenlik Kontrol Listesi.pdf
BGA Cyber Security
 
Ücretsiz Bilgi Güvenliği Farkındalık Eğitimi
BGA Cyber Security
 
3. parti firma risklerinden nasıl korunulur?
BGA Cyber Security
 
Bir Ransomware Saldırısının Anatomisi. A'dan Z'ye Ransomware Saldırıları
BGA Cyber Security
 
Webinar: Popüler black marketler
BGA Cyber Security
 
Webinar: SOC Ekipleri için MITRE ATT&CK Kullanım Senaryoları
BGA Cyber Security
 
Açık Kaynak Kodlu Çözümler Kullanarak SOC Yönetimi SOAR & IRM Webinar - 2020
BGA Cyber Security
 
DNS Protokolüne Yönelik Güncel Saldırı Teknikleri & Çözüm Önerileri
BGA Cyber Security
 
Webinar: Siber Güvenlikte Olgunluk Seviyesini Arttırmak
BGA Cyber Security
 
Open Source Soc Araçları Eğitimi 2020-II
BGA Cyber Security
 
Webinar Sunumu: Saldırı, Savunma ve Loglama Açısından Konteyner Güvenliği
BGA Cyber Security
 
Hacklenmiş Windows Sistem Analizi
BGA Cyber Security
 
Open Source SOC Kurulumu
BGA Cyber Security
 
RAKAMLARIN DİLİ İLE 2020 YILI SIZMA TESTLERİ
BGA Cyber Security
 
Siber Fidye 2020 Raporu
BGA Cyber Security
 
BGA Türkiye Bankacılık Sektörü 1. Çeyrek Phishing Raporu
BGA Cyber Security
 
SOC Kurulumu ve Yönetimi İçin Açık Kaynak Kodlu Çözümler
BGA Cyber Security
 
Veri Sızıntıları İçinden Bilgi Toplama: Distributed Denial of Secrets
BGA Cyber Security
 
Aktif Dizin (Active Directory) Güvenlik Testleri - I: Bilgi Toplama
BGA Cyber Security
 

Recently uploaded (20)

PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Network Security Unit 5.pdf for BCA BBA.
Serpent6
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
Teaching material agriculture food technology
LiaRayya
 
Cloud computing and distributed systems.
kkkkkhan
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Encapsulation theory and applications.pdf
gurumoop
 
MYSQL Presentation for SQL database connectivity
Swati270511
 

8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security

  • 1. Next Generation Security Fuat KILIÇ Consulting Systems Engineer - Security Ali Fuat TÜRKAY Product Sales Specialist - Security
  • 2. © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
  • 3. Cisco and/or its affiliates. All rights reserved. Cisco Public All were smart. All had security. All were seriously compromised. Today’s Real World: Threats are evolving and evading traditional defense
  • 4. Cisco and/or its affiliates. All rights reserved. Cisco Public What would you do if you knew you would be compromised?! BEFORE Discover Enforce Harden DURING Detect Block Defend AFTER Scope Contain Remediate Network Endpoint Mobile Virtual Email & Web ContinuousPoint-in-time Attack Continuum Cloud
  • 5. Cisco and/or its affiliates. All rights reserved. Cisco Public The Silver Bullet Does Not Exist… “Captive Portal” “It matches the pattern” “No false positives, no false negatives.” Application Control FW/VPN IDS / IPS UTM NAC AV PKI “Block or Allow” “Fix the Firewall” “No key, no access” Sandboxing “Detect the Unknown”
  • 6. Cisco and/or its affiliates. All rights reserved. Cisco Public Customer Value Proposition Cisco Security Solutions Unmatched Visibility Advanced Threat Protection Consistent Control Flexibility & Choice
  • 7. Cisco’s Strategy Integrated Platform for Defense, Discovery and Remediation Firewall Content Gateways Integrated Platform Virtual Cloud Device Data Center Network Access Control Firewall Content Aware Applications Context Aware Identity, Data, Location Threat Aware Malware, APT
  • 8. Cisco and/or its affiliates. All rights reserved. Cisco Public Gartner Defines Next-Generation IPS 8 NGIPS Definition •  Standard First-Gen IPS •  Context Awareness •  Application Awareness and full-stack visibility •  Content Awareness •  Adaptive Engine Download at Sourcefire.com *Source: “Defining Next-Generation Network Intrusion Prevention” Gartner, October 7, 2011
  • 9. Cisco and/or its affiliates. All rights reserved.Presentation_ID Cisco Public FirePOWER Platform http:// http://WWW WWW WWW WWW FireSIGHT Management Center FireSIGHT Management Center •  Context Awareness •  Operating System Identification •  Fingerprint Applications (Web, Protocol & Client Versions) •  Service Enumeration (HTTP, SMPT, RDP…etc) •  Users Awareness •  24x7 Monitoring (Passive & Inline) •  Identify Assets Potential Vulnerabilities (Weakness) •  Leveraging Visibility/vulnerabilities to “Adapt” •  Access Control Rules Enforcement •  Alerting, Correlation & Packets Capture FirePOWER Platform/Services •  Inspect, Detect, Drop, Allow…etc •  IPS, Application Control, Malware Inspection & URL Rating •  Inline, Passive & Hybrid Context Awareness in Intrusion Events
  • 10. Cisco and/or its affiliates. All rights reserved. Cisco Public FireSIGHT – Unique Visibility Typical NGFW Cisco FireSIGHT System Typical IPS
  • 11. Cisco and/or its affiliates. All rights reserved. Cisco Public Building Host Profile OS & version Identified Server applications and version Client Applications Who is at the host Client Version Application What other systems / IPs did user have, when? §  Converting Data into Information
  • 12. Cisco and/or its affiliates. All rights reserved. Cisco Public FireSIGHT Impact Assessment Correlates all intrusion events to an impact of the attack against the target Impact Flag Administrator Action Why 1 Act immediately, vulnerable Event corresponds to vulnerability mapped to host 2 Investigate, potentially vulnerable Relevant port open or protocol in use, but no vuln mapped 3 Good to know, currently not vulnerable Relevant port not open or protocol not in use 4 Good to know, unknown target Monitored network, but unknown host 0 Good to know, unknown network Unmonitored network
  • 13. Cisco and/or its affiliates. All rights reserved. Cisco Public Indications of Compromise (IoCs) IPS Events Malware Backdoors Exploit Kits Web App Attacks CnC Connections Admin Privilege Escalations SI Events Connections to Known CnC IPs Malware Events Malware Detections Office/PDF/Java Compromises Malware Executions Dropper Infections
  • 14. Cisco and/or its affiliates. All rights reserved. Cisco Public Gartner Leadership Sourcefire has been a leader in the Gartner Magic Quadrant for IPS since 2006. As of December 2013 Source: Gartner (December 2013) Radware StoneSoft (McAfee) IBM Cisco HP McAfee Sourcefire (Cisco) HuaweiEnterasys Networks (Extreme Networks) NSFOCUS Information Technology challengers abilityto execute leaders visionariesniche players vision
  • 15. Cisco and/or its affiliates. All rights reserved. Cisco Public 2012 NSS Labs SVM for IPS
  • 16. Cisco and/or its affiliates. All rights reserved. Cisco Public 2013 NSS Labs SVM for IPS
  • 17. Cisco and/or its affiliates. All rights reserved. Cisco Public ASA with FirePOWER Services Available Now!! Industry’s First Threat-Focused NGFW #1 Cisco Security announcement of the year! •  Integrating defense layers helps organizations get the best visibility •  Enable dynamic controls to automatically adapt •  Protect against advanced threats across the entire attack continuum Proven Cisco ASA firewalling Industry leading NGIPS and AMP Cisco ASA with FirePOWER Services
  • 18. Cisco Confidential 18© 2013-2014 Cisco and/or its affiliates. All rights reserved. NSS Labs – Next-Generation Firewall Security Value Map Source: NSS Labs 2014 The NGFW Security Value Map shows the placement of Cisco ASA with FirePOWER Services and the FirePOWER 8350 as compared to other vendors. All three products achieved 99.2 percent in security effectiveness and now all can be confident that they will receive the best protections possible regardless of deployment.
  • 19. Cisco and/or its affiliates. All rights reserved. Cisco Public SecurityEffectiveness TCO per Protected-Mbps The Results CiscoAMP is a Leader in Security Effectiveness and TCO and offers Best Protection Value Cisco Advanced Malware Protection Best Protection Value 99.0% Breach Detection Rating Lowest TCO per Protected-Mbps NSS Labs Security Value Map (SVM) for Breach Detection Systems
  • 21. Cisco Confidential 21© 2013-2014 Cisco and/or its affiliates. All rights reserved. EPS REST API Threat Detection •  IDS Sig •  Malware •  Traffic •  Application •  And Many More.. Automagical, Dynamic, Squirrely Threat/Malware/Attack Response/Defense Quarantine Action •  VLAN Assignment •  dACLs •  SGT •  QoS TAG ISE
  • 22. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22 Network as a Sensor © 2014 Lancope, Inc. All rights reserved.
  • 23. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23 © 2014 Lancope, Inc. All rights reserved. Flow – The Network Phone Bill Flow CacheDestination IP Origin IP Destination Port Origin Port L3 Protocol DSCP Flow Info Packet Bytes/Packet Origin IP , Port, Proto... 11000 1528 … … … … … … Monthly Statement Bill At-A-Glance Flow Record Telephone Bill
  • 24. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24 Internet   Atlant a   San  Jose   New  York   Remote  Sites   WAN   Firewall   &  IPS   Datacenter   DMZ   User  Network   3G Internet
  • 25. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25 Internet   Atlant a   San  Jose   New  York   NetFlo w   Remote  Sites   NetFlo w   NetFlow   WAN   NetFlow   Firewall   Datacenter   NetFlow   NetFlow   NetFlow   DMZ   NetFlo w   NetFlo w   User   Network   3G Internet NetFlo w   NetFlo w   NetFlo w   NetFlow  
  • 26. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26 © 2014 Lancope, Inc. All rights reserved. How CTD Analyzes Devices 31
  • 27. © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27 •  Cisco Bulut ve mobilite gibi günlük hayatımızı oldukça değiştiren trendlern ışığında, gereken güvenlik uzmanlığı ve eğitimi alanında aşağıdaki yenilikleri, uzmanların, mühendislerin ve operasyon ekiplerinin eğitimi için yayınlamıştır: • Yenilenen CCNP Güvenlik sertifikasyon programı • Yeni Cisco Sibergüvenlik Uzmanlığı • Daha önceki Cisco Güvenlik Uzmanlığı sertifikasyonunun sonlanması • Yeni ve güncellenmiş ürün eğitimleri •  Yeniden dizayn edilen CCNP Security sertifikasyonu, bugün çok daha geniş bir bkış açısıyla, uçtan uça mimari kurmaları gereken güvenlik uzmanlarını hedeflemektedir: •  300-206 Implementing Cisco Edge Network Security Solutions (SENSS) •  300-207 Implementing Cisco Threat Control Solutions (SITCS) •  300-208 Implementing Cisco Secure Access Solutions (SISAS) •  300-209 Implementing Cisco Secure Mobility Solutions (SIMOS)