Embed Size (px)
Citation preview
Why Security?
Security Investment: A Top PriorityFigure 1 How Enterprises View IT Security
56%
73% 51%
of organizations state that IT security is critical in meeting their top business objectives
of organizations state that IT security is one of the top five priorities for IT investment for the next fiscal year
of organizations say that security is more important than other IT initiatives
Source: Cisco Annual Security Report 2014
Security Everywhere
As much as the Digital Economy and the IoE create opportunities for companies and consumers, expected to generate $19-trillion in value to organizations over the next decade, they also create opportunities for hackers and cybercriminals. With an expanded attack surface represented by the IoE, cybercriminals look to cash in on the estimated value of $450 billion to over $1 trillion of the Hacker Economy.
The most effective way to confront this dynamic threat landscape is to make security as pervasive as the Internet of Everything itself – extending to wherever employees are and wherever data is – to include Security Everywhere.
Cisco Cybersecurity Pocket Guide 2015
Why Security• Security investment:
A top priority
• Security: A critical boardroom topic
Why Cisco• The industry’s leading
security company
• Market recognition
• Security intelligence and research
Cisco Security Strategy• Challenges
• Threat-centric security model
What to Sell- Cisco Security Product Portfolio• Network and data center
security
• Advanced Malware Protection
• Cloud security
• Web and email security
• Security Channel Partner Program
Security Architecture Specializations• Incentives & Promotions
• Demand Generation & Demo
At-a-Glance
2
By embedding security everywhere across the extended network, security becomes an enabler for business to take full and secure advantage of opportunities presented by new digital business models and the Internet of Things (IoT) with protection across the entire attack continuum – before, during, and after an attack.
Security: A Critical Boardroom Topic
There is mounting concern at the senior executive and board level regarding information security and the risk of lost intellectual property, compromised customer information and confidence, and valuation impact.
• Chief information security officers (CISOs) are challenged to push boardroom discussions into additional security investment.
• These are critical considerations as organizations become more agile and try to grow their business models in the face of the evolving trends of mobility, cloud computing, and advanced targeted attacks.
Why Cisco?
Cisco: The Leading Security Company
Cisco is widely recognized throughout the industry as offering best-in-class solutions (Figure 2).
Figure 2 Market Recognition of Cisco Security Solutions
At-a-Glance
3
Cisco is Leader in Gartner Magic Quadrants for:
• Network Access Control (December 2014)
• Intrusion Prevention Systems (December 2014)
• Secure Email Gateways (July 2015)
The Cisco security portfolio was rated “positive” in Gartner’s 2014 Vendor Rating.
For more information and security reports, visit www.cisco.com/go/security.
NSS Labs 2014 Next-Generation Firewall Report: Cisco ASA with FirePOWER Services
NSS Labs has conducted the most rigorous next-generation firewall testing to date. Cisco ASA with FirePOWER™ Services, the industry’s first threat-focused NGFW, is now also the first in security effectiveness, according to NSS Labs reports (Figure 3).
Figure 3 Where Cisco NGFW Places in the NSS Security Value Map
Source: NSS Labs 2014 Security Value Map
Download the reports:http://cisco.com/go/nssngfw2014
At-a-Glance
4
Cisco Talos Security Intelligence and Research Group: More than a Traditional Response Team
The Cisco Talos Security Intelligence and Research Group is composed of elite cybersecurity experts whose threat intelligence detects, analyzes, and protects against both known and emerging threats by aggregating and analyzing Cisco’s unrivaled telemetry data of:
• 1.1 million incoming malware samples per day
• 4.2 billion web-filtering blocks per day
• 1 billion SenderBase reputation queries per day
• 100 TB of data received per day
Talos also maintains the official rule sets of Snort, ClamAV, SenderBase, and SpamCop.
The Cisco Security StrategySecurity Challenges
A combination of three major realities has made the task of defending a network more difficult than ever, while helping attackers find new ways to evade defenses (Figure 4).
Figure 4 Security Challenges
Cisco Security Research: www.cisco.com/go/talos Cisco 2015 Annual Security Report: www.cisco.com/go/securityreports
Changing Business Models
Complexity and Fragmentation
Dynamic Threat Landscape
60% data in breaches is stolen in hours
54% of breaches remain undiscovered for months
92%of top 500 Android
apps carry secarry
security and/or privacy risks
5-10xmore cloud services are
being used than known by IT
average number of security vectors in a
customer’s IT environment• hard to manage• do not interoperate• visibility gaps
At-a-Glance
5
Changing business models: The Internet of Everything is accelerating change, creating new attack vectors and making it even more difficult to defend the organization. At the same time, however, the IoE opens up huge opportunities for business as long as it is secured.
Dynamic threat landscape: Attackers have become much more sophisticated and well financed, and their attacks have moved from static to dynamic, from visible to hidden. Without near real-time discovery capabilities, an organization will be at a significant disadvantage.
Complexity and fragmentation: Most organizations have dozens of security technologies that often do not interoperate, and this situation is exacerbated by a significant lack of available security specialists in the market.
The Attack Continuum
There are three stages to an attack: before, during, and after (Figure 5).
Figure 5 The Attack Continuum
Before an attack: Organizations need to know what they are defending. They need to know what is on their network (devices, operating systems, applications, users, and so on) to be able to defend it.
During an attack: When attackers get through, customers need to be able to detect them. Once they detect an attack, they will be able to block it and defend the environment.
After the attack: Invariably, some attacks will be successful, and customers need to be able to determine the scope of the damage, remediate, and bring operations back to normal.
At-a-Glance
6
Cisco’s Threat-Centric Security Model: An Integrated, Open, Pervasive, and Continuous Approach
By taking a threat-centric and operational approach to security, organizations can reduce complexity and fragmentation while providing superior visibility, continuous control, and advanced threat protection across the extended network and the entire attack continuum (Figure 6).
Figure 6 A Comprehensive Security Model
Visibility driven: Get global intelligence and context for deeper insights and better decisions.
Threat focused: Detect, understand, and stop threats across the entire attack continuum
Platform based: Reduce fragmentation by using a platform-based approach to protect the network, devices, and the cloud.
Only Cisco delivers platform-based solutions that integrate into an overall security system.
Network-Integrated, Broad Sensor Base,
Context and Automation
Network MobileEndpoint Virtual Cloud
Agile and Open Platforms, Built for Scale, Consistent
Control, Management
Continuous Advances Threat Protection,
Cloud-Based Security Intelligence
At-a-Glance
7
Figure 7 Security Products Used Along the Attack Continuum
Context-aware security: Take advantage of physical and virtual hosts, operating systems, applications, services, protocols, users, and analyses of content and network behavior.
Continuous security: Aggregate and correlate data from across the extended network, discriminating between active attacks and reconnaissance versus background noise.
Retrospective security: Detect malware that is sophisticated enough to alter its behavior to avoid detection, and evaluate full packet capture in order to successfully remediate.
At-a-Glance
8
The Cisco Security Product PortfolioNext-Generation Network and Data Center Security
Protect high-value data and data center resources with threat defence, highly secure virtualization, segmentation, and policy control.
Cisco ASA 5500-X with FirePOWER Services (NGFW)
• Offers the industry’s first threat-focused NGFW
• Combines ASA firewall with Cisco next-generation IPS (NGIPS) and Advanced Malware Protection (AMP)
• Platform series with wide range of sizes and form factos
Cisco ASA 5585-X with FirePOWER Services (NGFW)
• Offers purpose-built security appliance for data centers
• Delivers highest performance, resiliency, and scalability through leading-edge clustering
• Combines ASA firewall with Cisco NGIPS and AMP
Cisco FirePOWER Next-Generation IPS (NGIPS)
• Offers the most advanced threat protection in the industry
• Delivers industry-leading throughput, threat detection efficacy, and low TCO
• Platform series with wide range of sizes and form factors
Cisco FireSIGHT™ Management Center
• Centrally manages operational functions for ASA with FirePOWER Services and FirePOWER NGIPS
• Automatically aggregates and correlates information
• Reduces cost by streamlining operations and automating recurring analysis and management tasks
At-a-Glance
9
Reduce complexity while gaining superior visibility, consistent control, and advanced threat protection across the entire attack continuum.
Cisco Adaptive Security Virtual Appliance (ASAv)
• Incorporates a fully integrated Cisco Application Centric Infrastructure (ACI)
• Provides consistent transparent security across physical, virtual, ACI, software-defined networking, and cloud environments
• Provides vSwitch support for Cisco, hybrid, and non-Cisco data centers
Cisco Virtual Next-Generation IPS for VMware
• Offers a virtualized Cisco FirePOWER NGIPS solution
• Reclaims the visibility lost when virtualizing
• Extends Payment Card Industry (PCI) compliance to virtual environments
Cisco Virtual Security Gateway
• Integrates with the Cisco Nexus® 1000V virtual switch
• Delivers security policy enforcement and visibility at a virtual-machine level
• Logically isolates applications in virtual data centers and multitenant environments
• Enforces separation of duties between security and server administrators
Check out www.cisco.com/go/promotions for the latest security incentives and promotions.
At-a-Glance
10
Advanced Malware Protection
Cisco Advanced Malware Protection (AMP) provides continuous analysis and advanced analytics that support Cisco retrospective security capabilities. Unlike the many point-in-time solutions on the market, Cisco AMP offers protection across the full attack continuum (Figure 8).
Figure 8 Point in Time Detection vs. Continuous Detection
“AMP Everywhere”: We offer the industry’s broadest portfolio of integrated Advanced Malware Protection solutions
• Cisco AMP for Networks
• Cisco AMP for Endpoints
• Cisco AMP for Web Security
• Cisco AMP for Cloud Web Security
• Cisco AMP for Email Security
• Cisco AMP integrated in Cisco ASA with FirePOWER Services
• Cisco AMP for AnyConnect
At-a-Glance
11
Security as a Service (SaaS) FROM the Cloud
Cisco cloud solutions protect users with policy enforcement, offer flexible deployment and lower TCO, and use the power of big data and machine learning. Services available from the cloud include:
• Enterprise-grade user protection as a service
• Web and email security solutions
• Advanced threat detection and mitigation
• SaaS visibility and control that can uncover any shadow IT
Security FOR the Cloud
Cisco cloud solutions protect workloads, provide pervasive visibility, secure connections, and protect the integrity of information. Our security solutions include:
• Physical and virtual security assets (networks and content)
• Integration with fabrics and orchestration
• Protection for applications beyond the enterprise data center
• Integrated threat defense architecture
At-a-Glance
12
Web and Email Security
Cisco’s Content Security portfolio protects organizations from evolving email and web threats. Email and Web security are critical components of a holistic security strategy.
Cisco Email Security Appliance (ESA) and Cloud Email Security (CES)
• Fight spam, viruses, and blended threats for organizations of all sizes
• Enforce compliance and protect reputation and brand assets
• Available as cloud-based and hybrid (onsite appliance plus cloud) solutions
Web Security Appliance (WSA) and Cloud Web Security (CWS)
• Provide proactive security, application visibility, and control for users on and off the network
• Protect against advanced threats with Advanced Malware Protection (AMP) and Cognitive Threat Analytics (CTA)
• Flexible deployment, including on-premises and cloud delivered, leverages existing infrastructure and scales to fit
• Customized reporting offers actionable intelligence
Check out www.cisco.com/go/promotions for the latest security incentives and promotions
At-a-Glance
13
Secure Access and MobilityEnhance network visibility and control with identity-aware highly secure access solutions.
Cisco Identity Services Engine (ISE)
• Provides a policy-management platform that enforces secure access to network resources (wired, wireless, and VPN)
• Accurately identifies every user and device that connects to the network
Cisco Network Admission Control (NAC)
• Enforces network security policies by allowing access only to trusted devices
• Blocks access by noncompliant devices and limits damage from emerging threats and risks
• Cisco TrustSec® Technology
• Provides secure network access based on rich contextual data (who, what, where, when, how)
• Automates firewall rules and access control list administration, uses plain-language policies
• Embedded in the operating systems of Cisco ISE, Cisco Catalyst® and Cisco Nexus switches, Cisco Integrated Services Routers, and Cisco ASA firewalls
Cisco TrustSec® Technology
• Provides secure network access based on rich contextual data (who, what, where, when, how)
• Automates firewall rules and access control list administration, uses plain-language policies
• Embedded in the operating systems of Cisco ISE, Cisco Catalyst® and Cisco Nexus switches, Cisco Integrated Services Routers, and Cisco ASA firewalls
Cisco AnyConnect® Secure Mobility Solution
• Provides highly secure, simple, and reliable off-premises connectivity
• Helps ensure endpoint integrity with multiple authentication options and comprehensive posture checks.
• Delivers automatics secure connectivity with end-to-end encryptions, integrated web security, per app VPN and advanced malware protection activation.
At-a-Glance
14
Security Architecture Specializations
Cisco has re-designed the Security Specialization program, aligning it to the new product portfolio.
Express Security Specialization – A new entry point into security specializations, allowing a partner to focus on one or several specific products (Email, Web, Next-Generation Firewall, IPS).
Advanced Security Architecture Specialization – This specialization covers the breadth of Cisco’s Security Portfolio, and offers more advanced enablement for threat defence, secure access, Cloud and management solutions.
Master Security Architecture Specialization – This specialisation builds upon expertise attained in the Advanced Security Architecture Specialization and enables partners to deliver value-added security solutions to their customers.
Market Segment
At-a-Glance
15
© 2015 Cisco and/or its affiliates. All rights reserved. Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R) C45-123456-00 01/15
For More Information Cisco Security cisco.com/go/security
Security Community communities.cisco.com/community/technology/security
Cisco Security Blog blogs.cisco.com/security
Partner Support www.cisco.com/web/partners/support
Training & Certification www.cisco.com/web/learning
Certification Tracking cisco.pearsoncred.com
Competitive Information www.cisco.com/web/partners/sell/competitive
Cisco Security Intelligence Operations tools.cisco.com/security/center/home.x
Cisco Partner Marketing Central http://www.ciscopartnermarketing.com/
Security Promotions & Incentives
Incentive Programmes & Promotions are Cisco’s commitment to Partner Profitability. Increase your revenue potential with upfront discount and backend payment programmes, and special promotions that have been designed to help you sell Cisco security products and solutions.
Marketing & Demand Generation
The free, ready-to-use marketing campaigns are designed to showcase your partnership with us, and help you effectively market Cisco security products and solutions to your customers.
Demoing Cisco Security Solutions
Cisco dCloud, the Cisco Demo Cloud, provides powerful self-service capabilities for Cisco Partners. From scripted, repeatable demonstrations to fully customized labs with complete administrative access, Cisco dCloud can
www.cisco.com/go/promotions -> Filter Category “Security”
http://www.cisco.com/web/partners/sell/partner_marketing.htmldcloud.cisco.com
