Presentation is loading. Please wait.

Presentation is loading. Please wait.

000000_1 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.

Similar presentations


Presentation on theme: "000000_1 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission."— Presentation transcript:

1 000000_1 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Cisco Security Solutions Overview David Hettrick August 16 2007 ® PartnerSmart. ™

2 ® 000000_2 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Is there a reason to be Paranoid?  Yes  Often, selling security is easy after a customer has had a breach of some kind  Suggestion is to be proactive and warn of potential threats  Security will always be a trade- off between Price and Comfort Level

3 ® 000000_3 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Types of Threats  Denial of Service (DoS) attacks  IP Spoofing  Phishing  Spyware  Malware  Reconnaissance  Unauthorized entry and data theft  Viruses and Worms  And more…

4 ® 000000_4 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Cisco Firewall and VPN products  PIX- Firewall and VPN – Flagship firewall  VPN Concentrator – Dedicated VPN appliance – Optimized for Remote Access – (EOS August 2007)  Both products are replaced by the Cisco ASA Appliance – Built on PIX v7.0 Code – Feature equivalent to VPN Concentrator – Higher Performing

5 ® 000000_5 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Adaptive Security Appliances  ASA5500 Adaptive Security Appliances – Provide Firewall and IPSec/SSL VPN  ASA5505 ~150Mbps  ASA5510 ~300Mbps  ASA5520 ~450Mbps  ASA5540 ~650Mbps  ASA5550 ~ 1200Mbps  SSM Expansion Slot – 4 port Gigabit 10/100/1000 or SFP – AIP module for IPS/IDS  AIP-10  AIP-20 – CSC module for gateway anti-x  Provides Anti-Virus and Anti-Spyware  Additional license to add URL/Content filtering, Anti-Phishing, & Anti-Spam filtering, Anti-Phishing, & Anti-Spam

6 ® 000000_6 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Cisco ASA 5505 Adaptive Security Appliance Sleek, High Performance Desktop Design Diskless Architecture for High Reliability Expansion Slot for Future Capabilities Expansion Slot for Future Capabilities Three USB v2.0 Ports for Future Use (One in Front) Console Port Two Power over Ethernet (PoE) Ports for IP Phones, WiFi Access Points, Video Surveillance, etc. Secure Lock Slot and System Reset Button 8-port 10/100 Fully Configurable Switch with VLAN Support © 2004 Cisco Systems, Inc. All rights reserved. ASA 5500 Intro 666

7 ® 000000_7 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Content Security and Control SSM Product Details CSC SSM-10  50 User  100 User  250 User  500 User  Base Services: – File-based Anti-Virus and malware filtering; Anti-Spyware  Plus License: – Anti-Spam, Content Filtering, Anti- Phishing, URL Filtering & Blocking Cisco ASA 5500 Series Content Security and Control Module (CSC SSM) CSC SSM-20  500 User  750 User  1,000 User Platforms / Subscription Levels Feature Sets

8 ® 000000_8 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. ASA Advanced Intrusion Prevention Module (AIP)  Feature equivalent to Cisco’s standalone IPS product (4200 series)  Freedom to decide which traffic traversing the ASA is scanned for intrusion.  Ability to drop those packets and log them right at the ASA

9 ® 000000_9 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Dual ISP feature introduction – Dual ISP support via object tracking feature Main Office Primary ISP 1.1.1.1 Cisco ASA Outside 1.1.1.2 Backup 2.2.2.2 Secondary ISP 2.2.2.1 IOS sla tracking feature Active/Standby routes Uses ICMP to track the routes Works on static address, DHCP and PPPoE Fail Back feature when primary comes back

10 ® 000000_10 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Simple installation and monitoring for the Cisco ASA 5500 family Supports configuration of: - Firewall - Remote Access VPN - Site to Site VPN - And all other ASA services Supports monitoring of: - Syslog (real-time) - Connections - Throughput & more! Cisco Adaptive Security Device Manager v5.2

11 ® 000000_11 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. VPN Solutions: Easy VPN  Scaleable – Easily add remote sites with no changes to Easy VPN server  IOS Routers  PIX, ASA, CVPN Internet Easy VPN Client Dynamic IP Client Behind Firewall Easy VPN Server VPN Tunnel

12 ® 000000_12 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Network Based Intrusion Products  Based on Signatures – IDS-4215, IPS-4240 – AIP module in ASA – NM-CIDS in Router – IOS embedded IPS  Watch for unauthorized activity in real time  Implement in front of firewall to audit attacks against network  Implement behind firewall approving traffic by firewall packets leaving corporate network  Implement where key Servers reside

13 ® 000000_13 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. What does Host based IPS do?  Day zero attack protection (virus, spyware, malware, patch management)  Intercepts Operating System calls and compares them to cached security policies  Takes proactive approach to block malicious behavior on host

14 ® 000000_14 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Host Based Intrusion Prevention CSA: Cisco Security Agent CSA Server Protection: Host-based Intrusion Protection Network Worm Protection Web Server Protection Security for other applications CSA Desktop Protection: Distributed Firewall Day Zero Virus Protection Security for other applications Anomaly Based Create Your own Policies Windows or Solaris

15 ® 000000_15 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. CSA Architecture  CSA Manager (required)  CSA Servers  CSA Desktops  CSA Profiler – Automates analysis of Applications activities – Easily builds custom policies

16 ® 000000_16 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Network Admission Control NAC  Prevents vulnerable and non-compliant hosts from impacting enterprise resilience, and it enables customers to leverage their existing network and infrastructure  Components – Endpoint security with Cisco Trust Agent – Network Access devices – routers, switches, CSACS – Policy Server – Cisco Clean Access Server (CCA) – Management Server - Cisco Clean Access Manager (CCA)

17 ® 000000_17 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. NAC Appliance Overview All-in-One Policy Compliance and Remediation Solution AUTHENTICATE & AUTHORIZE  Enforces authorization policies and privileges  Supports multiple user roles SCAN & EVALUATE  Agent scan for required versions of hotfixes, AV, and other software  Network scan for virus and worm infections and port vulnerabilities QUARANTINE  Isolate non-compliant devices from rest of network  MAC and IP-based quarantine effective at a per-user level UPDATE & REMEDIATE  Network-based tools for vulnerability and threat remediation  Help-desk integration

18 ® 000000_18 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.

19 ® 000000_19 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.

20 ® 000000_20 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.

21 ® 000000_21 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Gathering information is easy. Identifying real threats is challenging

22 ® 000000_22 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. MARS: Mitigation and Response System  Appliance  Gathers information from all Security Devices and correlates  Allows for real time analysis of threat – Network intelligence – Context correlation – Vector analysis – Anomaly detection – Hotspot identification – Automated mitigation capabilities  Not limited to Cisco Devices – Microsoft Servers – Common Security Products from other vendors – Supports Netflow collection

23 ® 000000_23 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Security: The Pervasive Add-on  What this means is that with any product it becomes a consideration to add security – By up selling the product itself  Change a Cisco2811 into a Cisco2811-SEC-K9 – Or by adding on a new product to the solution  Add Cisco Security Agent to those new web servers – Also, sometimes it just needs to be discussed to position the right solution  What are your security requirements for your wireless network?

24 000000_24 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission. Question and Answer


Download ppt "000000_1 Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission."

Similar presentations


Ads by Google