Download pdf - Seguridad integral con Cisco Meraki · 2020. 1. 30. · Cisco Meraki Cloud Managment Seguridad con Meraki Demo Portafolio & Licenciamiento Q&A. Malware Volume Has Grown 10X ... MX84

Seguridad integral con Cisco Meraki

Noviembre 2019

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Agenda

Tendencias de Seguridad

Cisco Meraki Cloud Managment

Seguridad con Meraki

Demo

Portafolio & Licenciamiento

Q&A

Malware Volume Has Grown 10X

53% of attacks $500k+ in damages

Source: Cisco 2018 Security Capabilities Benchmark Study

Cloud-Managed Security for Distributed Networks

Security IT professionals have little time

•44% of alerts are not investigated

• Lack of headcount

• Lack of trained personnel

• Budget constraints


Source: Cisco 2018 Security Capabilities Benchmark Study

Malware

PhishingIntrusion

Insider Threats

SW Vulnerabilities

Ransomware

APT & DDoS

Man in the Middle

Endpoint vulnerabilities

?

M E R A K I M I S S I O N :

Simplifying powerful

technology to free passionate

people

to focus on their mission


Simplifying IT with Cloud Management

A complete cloud managed IT solution

Wireless, switching, security, SD-WAN, unified endpoint management (UEM), and security cameras

Integrated hardware, software, and cloud services

Leader in cloud managed IT

Among Cisco’s fastest growing portfolios

350k+Unique customers

4.5M+Meraki devices

online

5.5M+Active Meraki

dashboard users


Benefits of a cloud-managed solution

WAN / Internet

Management DataUser Traffic

Security & SD-WANAppliances

Switches

Access Points Systems Manager

Security Cameras

RELIABILITY

SECURITY

SCALABILITY

FUTURE-PROOFING

Insight


The Cloud Increases IT Efficiency

M A N A G E A B I L I T Y

S C A L A B I L I T Y

C O S T S A V I N G S

Turnkey installation and management

Integrated, always up to date features

Scales from small branches to large networks

Reduces operational costs


Zero Touch Provisioning

One-time remote, web-

based configuration

Configuration templates

simplify large multi-site

deployments

No pre-staging

No onsite configuration

Unbox and plug in

devices at required

locations


Increasingly Valuable IT Investment

Over-the-web feature delivery with quarterly updates

Granular control over firmware versions


Ironclad Cisco security, Meraki simplicity

Meraki


Security is hard, Meraki is easy


Simplified Enterprise Security

Enterprise-class security

features for security-

conscious environments

Air Marshal WIDS/WIPS Detect wireless attacks; contain rogue APs; cloud-based alerting and diagnostics

User and device aware security

UTM and content security

User, device, and group-based firewall rules (layer 3 / 7) with Active Directory integration

Application firewall; content filtering matching 1B+ URLs; antivirus/anti-malware filtering; Google safe-search; intrusion prevention;


Flexible Authentication and Access Control

Flexible built-in authentication mechanism

Flexible authentication

Dynamic access control

Secure 802.1X, ISE/NAC, and Active Directory authentication; Facebook Authentication

for branding and targeted social marketing; SMS self-service authentication; and hosted

sign-on splash pages

Assign clients layer 3 / 7 firewall rules, VLANs, and application-aware quality of service by identity, group, location, or device type


Endpoint Management

Rapid provisioning, application management, security, and capacity for BYOD-ready deployments right out of the box

Device-aware security

Integrated endpoint management

Simplified onboarding

Device-aware firewall and access control; antivirus scan; LAN isolation; Bonjour Gateway; content and security filtering

Enforce encryption, passcodes, and device restrictions; deploy enterprise applications; remotely lock or wipe devices

Flexible authentication with Active Directory integration, SMS authentication, hosted splash pages, and automatic EMM enrollment


Automated Site-to-Site VPN (Auto VPN)

SimpleThe ability to configure site-to-site, Layer 3 IPsec VPN tunnels in just two clicks in the Cisco Meraki dashboard over any WAN link

AutomaticVPN configuration generated and deployed automatically from the cloud – create a mesh or

hub-and-spoke topology with only a few clicks

ResilientAutomatically adjusts to changes in order to maintain secure connectivity during an ISP or datacenter outage, hardware failure, or IP address update


1.5 million malware samples / day

600 billion email messages / day

16 billion web requests / day

Honeypots

Open source communities

Internalvulnerability discovery

Telemetry

eInternet-wid scanning

Backed by Cisco Talos threat intelligence

Over 250 full time threat researchers

Millions of telemetry agents

4 global data centers

Over 100 threat intelligence partners

Over 1100 threat traps


Anti-fragile architecture delivered by the cloud

?


Meraki Wireless Scanning Radio AirMarshall Access Policies

Meraki Firewall Identity based Firewall IDS/IPS

Cisco AMP Auto VPNContent Filtering

Meraki Switching 802.1X Authentication Access Policies

VLAN Port Isolation Rogue DHCP Detection L7 Visibility

Meraki EMMCisco Security Connector

Access Policies

Cisco AMP

RADIUSSyslog

Umbrella DNS

Umbrella DNS

An End to End Approach to Security

Meraki dashboard Centralized visibility of entire network

Meraki CameraPhysical Security


Demo


What’s Needed

Simple, All-Inclusive Licensing

1:1 ratio of licensing and hardware

3, 5, 7, and 10 year durations available

Centralized management with network-wide visibility and remote troubleshooting tools

Over-the-web firmware and security updates

24/7 enterprise support and warranty

All features included as standard, no per-feature licensing


Next Generation Firewall

Site-to-site and client VPN

Intelligent path control

Link bonding and failover

Bandwidth shaping and QoS

Branch routing

Web caching

Active/Passive high availability

Enterprise License Advanced Security License

*additional Threat Grid subscription required

All enterprise features, plus

Content filtering (with Google SafeSearch enforcement)

Cisco Advanced Malware Protection

Snort IDS/IPS

Threat Grid integration*

Geo-based firewall rules

Licensing that fits the business’ needs


A Model for Every Location

MEDIUM BRANCH LA RGE BRANCH, CAMPU S OR CON CEN TR ATOR VIRTUAL

MX64/65

~50 users

802.11ac Wireless* & PoE

FW throughput: 250 Mbps

MX67/68

~50 users

802.11ac Wave 2* & PoE


MX67C/68CW

~50 users

802.11ac Wave 2* & PoE


CAT 6 LTE

MX84

~200 users


MX100

~500 users


MX250

~2,000 users

FW throughput: 4 Gbps

MX450

~10,000 users

FW throughput: 6 Gbps

vMX100 for AWS & Azure


VPN & SD-WAN

TELEWORKER

Z3 Z3C

~5 users

802.11ac Wave 2 Wireless & PoE


CAT 3 LTE (Z3C)

SMALL BRANCH


Industry Leading SD-WAN Meets Industry Leading Security

Delivered by a powerful all-in-one appliance


A complete cloud-managed IT portfolio Single-pane-of-glass management

An Integrated Meraki Network for More Benefits

Wireless Access PointsOptimized for high-density with

802.11ac and Bluetooth

Enterprise Mobility ManagementUnified managed and control of thousands

of devices

Security CamerasStreamline deployment and

monitoring of video security cameras

Security & SD-WAN AppliancesFeature rich security and unified threat

management platform

SwitchesLayer 2 and layer 3 switches for

mission-critical networks

MIOptimize User Experience,

Accelerate IT


©h20t17tCpiscosan:d//or i/ts amffiliatees. Arll raighkts reise.rcvedi. sCisccooCon.fidcenotial m/firstyearonus/es

Meraki First Year On Us

© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

• Security Made Simple with Cisco Meraki: https://meraki.cisco.com/security-made-simple

• Cloud Managed Security & SD-WAN: https://meraki.cisco.com/products/appliances

• Technical references: https://documentation.meraki.com/MX

References

Thank you