Presentation is loading. Please wait.

Presentation is loading. Please wait.

1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

Similar presentations


Presentation on theme: "1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now."— Presentation transcript:

1 1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now.

2 222 © 2003, Cisco Systems, Inc. All rights reserved. End – to – End Security This presentation highlights how every device on a Cisco Powered Network can be locked down to perform Defense in Depth. This multilayered approach presents an extremely difficult target to: HackersUnauthorized Access WormsRogue Devices VirusesSpoofing Attacks DoS / DDoS attacks This presentation highlights how every device on a Cisco Powered Network can be locked down to perform Defense in Depth. This multilayered approach presents an extremely difficult target to: HackersUnauthorized Access WormsRogue Devices VirusesSpoofing Attacks DoS / DDoS attacks

3 333 © 2003, Cisco Systems, Inc. All rights reserved. Threats Can be From Internal Sources Internal Most expensive attacks come from inside (Up to 10x more costly) Accidental: Misconfiguration Internal Most expensive attacks come from inside (Up to 10x more costly) Accidental: Misconfiguration Source: CSI / FBI Security Study 2003

4 444 © 2003, Cisco Systems, Inc. All rights reserved. Threats Also Come from External Sources External 78% of Attacks Come from Internet Connection (up from 57% in 1999) External 78% of Attacks Come from Internet Connection (up from 57% in 1999) Source: CSI / FBI Security Study 2003

5 555 © 2003, Cisco Systems, Inc. All rights reserved. Threats Can Already Be Known to You… KNOWN Known Good Security Practices Allow You to Protect Yourself Against “Known” Threats

6 666 © 2003, Cisco Systems, Inc. All rights reserved. Or Unknown … Unknown How Can You Protect Yourself Against Something You Don’t Know About

7 777 © 2003, Cisco Systems, Inc. All rights reserved. Threat from Hackers 2,524 new vulnerabilities discovered in 2002 Many recently discovered vulnerabilities remain highly viable targets for future threats “Blended threats” present the greatest risk Companies experience 30+ attacks per week 2000% increase (’99-’02) in financial losses from hacker-caused denial of service $65.6M in reported cost (2002) 2,524 new vulnerabilities discovered in 2002 Many recently discovered vulnerabilities remain highly viable targets for future threats “Blended threats” present the greatest risk Companies experience 30+ attacks per week 2000% increase (’99-’02) in financial losses from hacker-caused denial of service $65.6M in reported cost (2002)

8 888 © 2003, Cisco Systems, Inc. All rights reserved. Threat from Theft Theft of proprietary information causes greatest financial loss: $2.7M per incident (2003) 90% of respondents detected computer security breaches within last 12 months Source: CSI / FBI Security Study 2003 Theft of proprietary information causes greatest financial loss: $2.7M per incident (2003) 90% of respondents detected computer security breaches within last 12 months Source: CSI / FBI Security Study 2003 “The average amount of money, as a % of revenue, that companies spend on IT security is.0025 % or slightly less than they spend on coffee.” Richard Clarke Former Special Advisor to the President for Cyberspace Security

9 999 © 2003, Cisco Systems, Inc. All rights reserved. Threat Evolution Global Infrastructure Impact Regional Networks Multiple Networks Individual Networks Individual Computer Global Infrastructure Impact Regional Networks Multiple Networks Individual Networks Individual Computer Target and Scope of Damage 1st Gen Boot viruses 1st Gen Boot viruses Weeks 2nd Gen Macro viruses Email DoS Limited hacking 2nd Gen Macro viruses Email DoS Limited hacking Days 3rd Gen Network DoS Blended threat (worm + virus+ trojan) Turbo worms Widespread system hacking 3rd Gen Network DoS Blended threat (worm + virus+ trojan) Turbo worms Widespread system hacking Minutes Next Gen Infrastructure hacking Flash threats Massive worm driven DDoS Damaging payload worms Next Gen Infrastructure hacking Flash threats Massive worm driven DDoS Damaging payload worms Seconds 1980s 1990s Today Future

10 10 © 2003, Cisco Systems, Inc. All rights reserved. The Sapphire Worm or “Slammer” 2 6 8 11 0 Infections doubled every 8.5 seconds Infected 75,000 hosts in first 11 minutes Caused network outages, cancelled airline flights and ATM failures Infections doubled every 8.5 seconds Infected 75,000 hosts in first 11 minutes Caused network outages, cancelled airline flights and ATM failures Cisco Responded in 10 At Peak, Scanned 55 Million Hosts per Second Minutes after Release

11 11 © 2003, Cisco Systems, Inc. All rights reserved. How Cisco Stopped “Slammer” RESULT: No infections found within Cisco 00:03 00:10 00:30 00:00 00:06 Slammer launched “Unusual” traffic verified and triggered alarm Anomaly detection technology identified “unusual” traffic Locked down the appropriate ports (inside and outside Cisco) Corporate networks, internal nets, LANs etc Vulnerability Scan of Cisco’s network (200+ systems identified as vulnerable internally) Cisco Security Agent Stops Threat on Protected Hosts 00:00

12 12 © 2003, Cisco Systems, Inc. All rights reserved. Security Paradigm is Changing Security is no longer a “product level” proposition. Security is tied directly to the business proposition Server and desktop management Increasing number of vulnerabilities Must scale to thousands in large Enterprises Legacy endpoint security TCO challenge Reactive products force deployment of multiple agents and management paradigms to update Day Zero Damage Rapidly propagating attacks (Slammer and Blaster) happen too fast for reactive products to handle - an automated security system is needed Security is no longer a “product level” proposition. Security is tied directly to the business proposition Server and desktop management Increasing number of vulnerabilities Must scale to thousands in large Enterprises Legacy endpoint security TCO challenge Reactive products force deployment of multiple agents and management paradigms to update Day Zero Damage Rapidly propagating attacks (Slammer and Blaster) happen too fast for reactive products to handle - an automated security system is needed

13 13 © 2003, Cisco Systems, Inc. All rights reserved. Deploy Security as an Integrated System Secure Transport Card Readers Security Room CCTV Secured Doors and Vaults Surveillance and Alarms Patrolling Security Guard Firewalls and Router ACLs Network and Host-based Intrusion Detection Scanner Centralized Security and Policy Management Identity, AAA, Access Control Servers and Certificate Authorities Encryption and Virtual Private Networks (VPN’s)

14 14 © 2003, Cisco Systems, Inc. All rights reserved. Security is a Systematic Process Vulnerabilities and Risk Assessment Architecture Design and Implementation Security Policy/ Procedures Deploy Security Policy Surveillance, Monitoring, Audit & Analysis Incident Response Corrective Action Forensic Analysis © 2002, Cisco Systems, Inc. All rights reserved. 14 Central Security Management Central Security Management

15 15 © 2003, Cisco Systems, Inc. All rights reserved. Cisco Security Strategy Evolution Basic router security Command line interface Basic router security Command line interface Severity of Security Threats 1990s 2000 Today Future Integrated security Routers Switches Appliances Endpoints FW + VPN + IDS Anomoly detection Integrated management software Evolving advanced services Integrated security Routers Switches Appliances Endpoints FW + VPN + IDS Anomoly detection Integrated management software Evolving advanced services Security appliances Enhanced router security Separate management software Security appliances Enhanced router security Separate management software End to End Protection Application oriented (per port basis) Security aware elements Self-protecting Self-managing End to End Protection Application oriented (per port basis) Security aware elements Self-protecting Self-managing Basic router security Command line interface Basic router security Command line interface End to End Protection Application oriented (per port basis) Security aware elements Self-protecting Full suite of advanced services End to End Protection Application oriented (per port basis) Security aware elements Self-protecting Full suite of advanced services Intelligent Information Networks Fully Integrated Security

16 16 © 2003, Cisco Systems, Inc. All rights reserved. Cisco Systems is the only vendor that can provide you security on every point of your network VPN End-to-End Security

17 17 © 2003, Cisco Systems, Inc. All rights reserved.


Download ppt "1Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. THIS IS THE POWER OF CISCO SECURITY. now."

Similar presentations


Ads by Google