1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

Slides:



Advertisements
Similar presentations
CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.
Advertisements

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
(n)Code Solutions Presentation on the importance of a Secure Technology Infrastructure.
Preventing Good People From Doing Bad Things Best Practices for Cloud Security Brian Anderson Chief Marketing Officer & Author of “Preventing Good People.
1 © 2003 Cisco Systems, Inc. All rights reserved. Session Number Presentation_ID THE NETWORK SECURITY CHALLENGE Jack Suess CIO University of Maryland Baltimore.
16254_08_2002 © 2002, Cisco Systems, Inc. All rights reserved. Cisco’s Security Vision Mario Mazzola Chief Development Officer August 29, 2002.
1 Telstra in Confidence Managing Security for our Mobile Technology.
Blended Threats and Layered Defenses Security Protection in Today’s Environment Marshall Taylor
1 © 2002, Cisco Systems, Inc. All rights reserved. CIBR Security technical solution customer Cisco Security Solutions for Small and Medium Businesses Make.
IS Network and Telecommunications Risks
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Know the Client Own the Problem Share the Solution The 2005 Case for Information Technology Security October 14, 2004.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Stephen S. Yau CSE , Fall Security Strategies.
By Edith Butler Fall Our Security Ways we protect our valuables: Locks Security Alarm Video Surveillance, etc.
© 2003, Cisco Systems, Inc. All rights reserved _07_2003_Richardson_c11 Security Strategy Update Self Defending Network Initiative Network Admission.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Morris Bennett Altman Director of Network Services Internet Security Officer Queens College, CUNY Are You Exposed? Network Security.
CISCO CONFIDENTIAL – DO NOT DUPLICATE OR COPY Protecting the Business Network and Resources with CiscoWorks VMS Security Management Software Girish Patel,
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
1 Deployment of Computer Security in an Organization CE-408 Sir Syed University of Engineering & Technology 99-CE-282, 257 & 260.
Enterprise Computing Community June , 2010February 27, Information Security Industry View Linda Betz IBM Director IT Policy and Information.
© Paradigm Publishing Inc. 8-1 Chapter 8 Security Issues and Strategies.
Dell Connected Security Solutions Simplify & unify.
1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.
PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
P RESENTED B Y - Subhomita Gupta Roll no: 10 T OPICS TO BE DISCUSS ARE : Introduction to Firewalls  History Working of Firewalls Needs Advantages and.
Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.
VoIP Security in Service Provider Environment Bogdan Materna Chief Technology Officer Yariba Systems.
OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.
Intrusion Detection Prepared by: Mohammed Hussein Supervised by: Dr. Lo’ai Tawalbeh NYIT- winter 2007.
JEnterprise Suite For Network Monitoring and Security Dr. Sureswaran Ramadass, Dr. Rahmat Budiarto, Mr. Ahmad Manasrah, Mr. M. F. Pasha.
1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.
Network and Perimeter Security Paula Kiernan Senior Consultant Ward Solutions.
1 © 2001, Cisco Systems, Inc. All rights reserved. Cisco Info Center for Security Monitoring.
IS Network and Telecommunications Risks Chapter Six.
Integrated Factory Acceptance Test (IFAT) as Security Best Practice 10/27/2015FoxGuard Solutions1 Larry Alls, Security Engineering Manager FoxGuard Solutions.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
The Real Deal With SIM/SEM The Promise of Security Information / Event Management Scott Sidel Sr. Security Manager Computer Sciences Corp.
Small Business Security Keith Slagle April 24, 2007.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
Module 11: Designing Security for Network Perimeters.
HP World September 2002 Scott S. Blake, CISSP Vice President, Information Security BindView Corporation Vulnerability Assessment and Action.
© 2006 Cisco Systems, Inc. All rights reserved. Implementing Secure Converged Wide Area Networks (ISCW) Module 6: Cisco IOS Threat Defense Features.
Scott Charney Cybercrime and Risk Management PwC.
111 © 2005 EMC Corporation. All rights reserved. Achieving Business Resilience 2005 Business Continuity and Corporate Security Show & Conference Stephen.
Chapter 1: Explore the Network
Matt Broman Kodiac Gamble Devin Nichol SECTION 4.2 INFORMATION SECURITY.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
IS3220 Information Technology Infrastructure Security
A presentation by John Rowley for IUP COSC 356 Dr. William Oblitey Faculty member in attendance.
Securing Interconnect Networks By: Bryan Roberts.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Securing Information Systems
Chapter 1: Exploring the Network
Instructor Materials Chapter 7 Network Security
Security in the Workplace: Information Assurance
Securing Information Systems
Introduction to Internet Worm
AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.
Presentation transcript:

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

222 © 2003, Cisco Systems, Inc. All rights reserved. End – to – End Security This presentation highlights how every device on a Cisco Powered Network can be locked down to perform Defense in Depth. This multilayered approach presents an extremely difficult target to: HackersUnauthorized Access WormsRogue Devices VirusesSpoofing Attacks DoS / DDoS attacks This presentation highlights how every device on a Cisco Powered Network can be locked down to perform Defense in Depth. This multilayered approach presents an extremely difficult target to: HackersUnauthorized Access WormsRogue Devices VirusesSpoofing Attacks DoS / DDoS attacks

333 © 2003, Cisco Systems, Inc. All rights reserved. Threats Can be From Internal Sources Internal Most expensive attacks come from inside (Up to 10x more costly) Accidental: Misconfiguration Internal Most expensive attacks come from inside (Up to 10x more costly) Accidental: Misconfiguration Source: CSI / FBI Security Study 2003

444 © 2003, Cisco Systems, Inc. All rights reserved. Threats Also Come from External Sources External 78% of Attacks Come from Internet Connection (up from 57% in 1999) External 78% of Attacks Come from Internet Connection (up from 57% in 1999) Source: CSI / FBI Security Study 2003

555 © 2003, Cisco Systems, Inc. All rights reserved. Threats Can Already Be Known to You… KNOWN Known Good Security Practices Allow You to Protect Yourself Against “Known” Threats

666 © 2003, Cisco Systems, Inc. All rights reserved. Or Unknown … Unknown How Can You Protect Yourself Against Something You Don’t Know About

777 © 2003, Cisco Systems, Inc. All rights reserved. Threat from Hackers 2,524 new vulnerabilities discovered in 2002 Many recently discovered vulnerabilities remain highly viable targets for future threats “Blended threats” present the greatest risk Companies experience 30+ attacks per week 2000% increase (’99-’02) in financial losses from hacker-caused denial of service $65.6M in reported cost (2002) 2,524 new vulnerabilities discovered in 2002 Many recently discovered vulnerabilities remain highly viable targets for future threats “Blended threats” present the greatest risk Companies experience 30+ attacks per week 2000% increase (’99-’02) in financial losses from hacker-caused denial of service $65.6M in reported cost (2002)

888 © 2003, Cisco Systems, Inc. All rights reserved. Threat from Theft Theft of proprietary information causes greatest financial loss: $2.7M per incident (2003) 90% of respondents detected computer security breaches within last 12 months Source: CSI / FBI Security Study 2003 Theft of proprietary information causes greatest financial loss: $2.7M per incident (2003) 90% of respondents detected computer security breaches within last 12 months Source: CSI / FBI Security Study 2003 “The average amount of money, as a % of revenue, that companies spend on IT security is.0025 % or slightly less than they spend on coffee.” Richard Clarke Former Special Advisor to the President for Cyberspace Security

999 © 2003, Cisco Systems, Inc. All rights reserved. Threat Evolution Global Infrastructure Impact Regional Networks Multiple Networks Individual Networks Individual Computer Global Infrastructure Impact Regional Networks Multiple Networks Individual Networks Individual Computer Target and Scope of Damage 1st Gen Boot viruses 1st Gen Boot viruses Weeks 2nd Gen Macro viruses DoS Limited hacking 2nd Gen Macro viruses DoS Limited hacking Days 3rd Gen Network DoS Blended threat (worm + virus+ trojan) Turbo worms Widespread system hacking 3rd Gen Network DoS Blended threat (worm + virus+ trojan) Turbo worms Widespread system hacking Minutes Next Gen Infrastructure hacking Flash threats Massive worm driven DDoS Damaging payload worms Next Gen Infrastructure hacking Flash threats Massive worm driven DDoS Damaging payload worms Seconds 1980s 1990s Today Future

10 © 2003, Cisco Systems, Inc. All rights reserved. The Sapphire Worm or “Slammer” Infections doubled every 8.5 seconds Infected 75,000 hosts in first 11 minutes Caused network outages, cancelled airline flights and ATM failures Infections doubled every 8.5 seconds Infected 75,000 hosts in first 11 minutes Caused network outages, cancelled airline flights and ATM failures Cisco Responded in 10 At Peak, Scanned 55 Million Hosts per Second Minutes after Release

11 © 2003, Cisco Systems, Inc. All rights reserved. How Cisco Stopped “Slammer” RESULT: No infections found within Cisco 00:03 00:10 00:30 00:00 00:06 Slammer launched “Unusual” traffic verified and triggered alarm Anomaly detection technology identified “unusual” traffic Locked down the appropriate ports (inside and outside Cisco) Corporate networks, internal nets, LANs etc Vulnerability Scan of Cisco’s network (200+ systems identified as vulnerable internally) Cisco Security Agent Stops Threat on Protected Hosts 00:00

12 © 2003, Cisco Systems, Inc. All rights reserved. Security Paradigm is Changing Security is no longer a “product level” proposition. Security is tied directly to the business proposition Server and desktop management Increasing number of vulnerabilities Must scale to thousands in large Enterprises Legacy endpoint security TCO challenge Reactive products force deployment of multiple agents and management paradigms to update Day Zero Damage Rapidly propagating attacks (Slammer and Blaster) happen too fast for reactive products to handle - an automated security system is needed Security is no longer a “product level” proposition. Security is tied directly to the business proposition Server and desktop management Increasing number of vulnerabilities Must scale to thousands in large Enterprises Legacy endpoint security TCO challenge Reactive products force deployment of multiple agents and management paradigms to update Day Zero Damage Rapidly propagating attacks (Slammer and Blaster) happen too fast for reactive products to handle - an automated security system is needed

13 © 2003, Cisco Systems, Inc. All rights reserved. Deploy Security as an Integrated System Secure Transport Card Readers Security Room CCTV Secured Doors and Vaults Surveillance and Alarms Patrolling Security Guard Firewalls and Router ACLs Network and Host-based Intrusion Detection Scanner Centralized Security and Policy Management Identity, AAA, Access Control Servers and Certificate Authorities Encryption and Virtual Private Networks (VPN’s)

14 © 2003, Cisco Systems, Inc. All rights reserved. Security is a Systematic Process Vulnerabilities and Risk Assessment Architecture Design and Implementation Security Policy/ Procedures Deploy Security Policy Surveillance, Monitoring, Audit & Analysis Incident Response Corrective Action Forensic Analysis © 2002, Cisco Systems, Inc. All rights reserved. 14 Central Security Management Central Security Management

15 © 2003, Cisco Systems, Inc. All rights reserved. Cisco Security Strategy Evolution Basic router security Command line interface Basic router security Command line interface Severity of Security Threats 1990s 2000 Today Future Integrated security Routers Switches Appliances Endpoints FW + VPN + IDS Anomoly detection Integrated management software Evolving advanced services Integrated security Routers Switches Appliances Endpoints FW + VPN + IDS Anomoly detection Integrated management software Evolving advanced services Security appliances Enhanced router security Separate management software Security appliances Enhanced router security Separate management software End to End Protection Application oriented (per port basis) Security aware elements Self-protecting Self-managing End to End Protection Application oriented (per port basis) Security aware elements Self-protecting Self-managing Basic router security Command line interface Basic router security Command line interface End to End Protection Application oriented (per port basis) Security aware elements Self-protecting Full suite of advanced services End to End Protection Application oriented (per port basis) Security aware elements Self-protecting Full suite of advanced services Intelligent Information Networks Fully Integrated Security

16 © 2003, Cisco Systems, Inc. All rights reserved. Cisco Systems is the only vendor that can provide you security on every point of your network VPN End-to-End Security

17 © 2003, Cisco Systems, Inc. All rights reserved.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.