Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cisco Defense Orchestrator

Published byBrandon Newman Modified over 6 years ago

Similar presentations

Presentation on theme: "Cisco Defense Orchestrator"— Presentation transcript:

1 Cisco Defense Orchestrator
A cloud-based policy management solution for Cisco security products Thank you for taking the next 20min to learn more about Cisco Defense Orchestrator My name is Derek Young and I work for with an internal start-up development group at Cisco called Project Lockhart. We are an innovative group that was chartered to develop a solution from ground up that will address a core fundamental issue for our clients. That issue is to create a simple and consistent way to manage security policy across Cisco’s security platforms. The solution is Cisco Defense Orchestrator. We didn’t start development blindly, but we based it on feedback from our clients…..your clients! Here is what they had to say!

2 Agenda What Problems Are We Addressing? What is CDO?
Multi-Tenant Architecture Security Architecture Demo Time!

3 The Problem? Manage constant changes in security policy and rules
Keep up with business needs Stay ahead of the latest security threats Do more with fewer resources Maintaining end-to-end security posture is becoming increasingly complex. “Plugging holes" in the proverbial security dam with point products doesn't work. Being reactive to security challenges is no longer an option to driving end to end security posture. Here are just a few examples of these challenges. First, managing constant changes in security policy and rules is a challenge. Today’s goal is to simply keep up with the vulnerabilities or changes in the business. This is forcing clients to focus on adding more rules rather than managing them of which leads to all sorts of issues, but most importantly, could leave them vulnerable to a new attack! Keeping up with business needs is also challenging. As your client’s business expands, they constantly have to evaluate and introduce more security solutions, policy requests and technologies to manage. Complex….not simple! It’s critical that your team stay ahead of the latest security threats. Evaluating the latest technology is critical to your clients, but it also presents new challenges to their day/day operations. Embracing technology like NGFW to protect the business is important, but it needs to be efficient and simple! And lastly, you’re required to do more with fewer resources. On top of the increased workload, you are often expected to meet growing demands with a team that just isn’t getting any bigger. Overall, these challenges indicate that your clients would be well served by an truly integrated solution, but it has to be consistent and simple to manage.

4 Defense Orchestrator Strengthen Your Security Posture End to End
Simple Streamline security policy management and next-gen defense Efficient Extend the reach of your resources Effective Achieve better security without adding complexity Introducing Defense Orchestrator: Leveraging Defense Orchestrator, your clients are able to simply and consistently manage security policy across multiple Cisco security devices from the cloud. (3) design principles we kept in mind as we built this solution was to keep it simple….make it efficient and to be effective. Simple: You can streamline security policy management and next-gen defense, Efficient: Extend the reach of your current resources Effective: Most security tools add management complexity. This is one of the only tools that will actually reduce the complexity and improve your security at the same time.

5

6 Position CDO to Manage Both ASA and Firepower Policy!
Who is our Audience? Security Focused Buyer NetOps Buyer Staffed and funded for security analytics, does it today, needs more in intelligence from the network Manages primarily connectivity, needs to care about security but does not responsibility to investigate it Position FMC to Managed Firepower and CDO to Managed ASA Policy! Position CDO to Manage Both ASA and Firepower Policy! Target Audience There are (2) personas that we will talk to when discussing CDO; Security Buyer: This company has made a significant investment into security analysts, security NOC or security engineering. They have the resources and skills to work with technologies like FMC/Defense Center. IF this is the case, then we should be talking to them all day long. Few scenarios might be: IF the client has ASA with Firepower, maybe they use FMC to manage firepower policy and use CDO to manage ASA policy IF the client is going the the route of FTD, then maybe they use solely FMC Network Buyer: This is the “jack of all trades”. This person is the systems, storage, network and now…security admin. They don’t have the luxury of time and most likely skill to learn a solution like FMC. What they need is to ensure that they have the protection of Firepower. These are the folks that need CDO to help keep it simple and consistent.

7 Multi-Tenancy Environment
AUTHORIZATION SERVER APPLICATION SERVER Connections in the connection pool are unauthenticated. Requires key to access DB INJECTED PRINCIPAL MT INFRASTRUCTURE Customer A SPRING FRAMEWORK Worker Threads Connection Pool Authenticate Get OAuth Token Customer B BROWSER REST Call Send OAuth Token Customer C Use OAuth token to retrieve a key to authenticate to the database and encrypt traffic KEY MANAGER Multi-tenancy helps you keep your data isolated. The multi-tenant environment allows us to isolate tenant data and encrypt it between the database and the application server. What you are seeing here is that the data is on a per-customer, per-tenant level, right from the browser to their database in the database server. Your data is encrypted at rest and in motion with Oauth tokens. Every customer is authorized with their own token. This means that in case of a security incident, the threat would need to go trough several layers of security encryption to get to data, all which are refreshed every 60 seconds. T: You can be confident that your security posture is strong through Defense Orchestrator. [CLICK]

8

9 https://cisco.jiveon.com/groups/cisco-defense-orchestrator
Need Further Help? Contact Us At:

Download ppt "Cisco Defense Orchestrator"

Similar presentations

Current impacts of cloud migration on broadband network operations and businesses David Sterling Partner, i 3 m 3 Solutions.

Current impacts of cloud migration on broadband network operations and businesses David Sterling Partner, i 3 m 3 Solutions.
© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.

© 2014 Level 3 Communications, LLC. All Rights Reserved. Proprietary and Confidential. Polycom event Security Briefing 12/03/14 Level 3 Managed Security.
Java Stack 4 Providing Robust Back-end Web Services For Your Solution.

Java Stack 4 Providing Robust Back-end Web Services For Your Solution.
Agenda Who needs an Architect? Cloud and Security Key Security Differences in Private Cloud Cloud Security Challenges Secondary to Essential Characteristics.

Agenda Who needs an Architect? Cloud and Security Key Security Differences in Private Cloud Cloud Security Challenges Secondary to Essential Characteristics.
WMU GNL Automation How to make my IT life easier CHRISTOPHER KEYAERT CONSULTANT AT INOVATIV CLOUD AND DATACENTER MANAGEMENT MVP.

WMU GNL Automation How to make my IT life easier CHRISTOPHER KEYAERT CONSULTANT AT INOVATIV CLOUD AND DATACENTER MANAGEMENT MVP.
Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.

Health IT RESTful Application Programming Interface (API) Security Considerations Transport & Security Standards Workgroup March 18, 2015.
2015 Security Conference Dave Gill Intel Security.

2015 Security Conference Dave Gill Intel Security.
Conduct A Strong Evaluation Soar to New Heights! 2013 National Equipment Finance Summit, Albuquerque, NM.

Conduct A Strong Evaluation Soar to New Heights! 2013 National Equipment Finance Summit, Albuquerque, NM.
Robert Mahowald August 26, 2015 VP, Cloud Software, IDC

Robert Mahowald August 26, 2015 VP, Cloud Software, IDC
Cisco Defense Orchestrator Technical Decision Maker Presentation

Cisco Defense Orchestrator Technical Decision Maker Presentation
1 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Defense Orchestrator Effective security policy management made simple.

1 © 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Cisco Defense Orchestrator Effective security policy management made simple.
Azure SQL Database Updates

Azure SQL Database Updates
Avenues International Inc.

Avenues International Inc.
Enterprise Mobility Suite Technical and Business Briefing

Enterprise Mobility Suite Technical and Business Briefing
Manuel Brugnoli, Elisa Heymann UAB

Manuel Brugnoli, Elisa Heymann UAB
What is it ? …all via a single, proven Platform-as-a-Service.

What is it ? …all via a single, proven Platform-as-a-Service.
92% of the world’s data was created in the past 2 years

92% of the world’s data was created in the past 2 years
op5 Monitor - Scalable Monitoring

op5 Monitor - Scalable Monitoring
Hybrid Management and Security

Hybrid Management and Security
New Heights by Guiding Them into the Cloud

New Heights by Guiding Them into the Cloud

Similar presentations

Ads by Google