Intelligent Cybersecurity
for the Real World
Ali Fuat TÜRKAY
[email protected]
0 532 677 4080
Ali Fuat Türkay: Security Sales
Fuat Kılıç: Consulting System Engineer
Hakan Tağmaç: Emerging Markets SE Manager
Özgür Danışman: Security Services & Partner Enablement
Mahmoud Rabi: Consulting System Engineer – Sourcefire & AMP
Özgür Civek: Security Channel Manager
Hakan Nohre: Consulting System Engineer – ISE / Secure Access
Marcus Josefsson: Lancope Regional Director
Mobility
Cloud
Threat
Customer centric market dynamics
require an end to end security
architecture
5
The Industrialization of Hacking
Enterprise
Response
Intelligence and
Analytics
Anti-virus
IDS/IPS
Anti-malware
(Host)
(Network)
(Host+Network)
Viruses
Worms
Spyware &
Rootkits
APTs
Cyberware
2000
2005
2010
Today +
(Host+Network+Cloud)
IT Megatrends are creating the “Any to Any” problem
Infrastructur
e
public
Apps /
Services
hybrid
tenants
Workloads
private
Endpoint Proliferation
Blending of Personal
& Business Use
Access Assets through
Multiple Medians
Services Reside
In Many Clouds
7
Today’s Security
Multiple products, policies, unmanaged devices and cloud access
SaaS
Comm. / SMB / Branch
Cellular
Internet
Web
Security
Gateway
WWW
CSR
ASR
Branch
Campus
ANY
Connect
WWW
Edge
Multiple
Management
Paradigms
UCS
Global
Orchestr
ation
Enterprise DC
Multiple
Identity
Stores
SP Core/
Edge
WWW
SP-2
SP Cloud
Edge
Isolated
Threat
Intelligence
SP-1
CSR
Inconsistent
Enforcement
ANY
8
The Silver Bullet Does Not Exist…
Sandboxing
Application
Control
NAC
IDS / IPS
UTM
AV
“Fix the Firewall”
“Captive Portal”
“No false positives,
no false negatives.”
PKI
FW/VPN
“Detect the
Unknown”
“No key, no access”
“It matches the pattern”
“Block or Allow”
9
Mapping Technologies to the Model
A
T
T
A
C
Control
Enforce
Harden
K
C
O
N
T
I
N
U
Detect
Block
Defend
U
M
Scope
Contain
Remediate
Firewall
Patch Mgmt
IPS
IDS
AMD
App Control
Vuln Mgmt
AV
FPC
Log Mgmt
VPN
IAM
Anti-Malware
Forensics
SIEM
V I S I B I L I T Y
&
C O N T E X T
1
0
The New Security Model
Customer Value Proposition
Unmatched
Visibility
Advanced
Threat Protection
Cisco
Security
Solutions
Consistent
Control
Flexibility
& Choice
Cisco’s Strategy
Integrated Platform for Defense, Discovery and Remediation
Device
Threat Aware
Malware, APT
Context Aware
Identity, Data,
Location
Data
Center
Content Aware
Applications
Network
Access Control
Firewall
Firewall
Content Gateways
Integrated Platform
Virtual
Cloud
The New Security Model
A
T
T
A
C
K
Control
Enforce
Harden
Network
C
O
N
T
I
N
U
Detect
Block
Defend
Endpoint
Point-in-Time
Mobile
U
M
Scope
Contain
Remediate
Virtual
Continuous
Cloud
Cisco Security Products Mapped to New Security Model
A
T
T
A
C
K
C
O
N
T
I
N
U
U
M
Control
Enforce
Harden
Detect
Block
Defend
Scope
Contain
Remediate
Firewall
NGIPS
Advanced Malware Protection
NGFW
Web Security
Network Behavior Analysis
NAC + Identity Services
Email Security
VPN
UTM
•  Cisco
•  Sourcefire
Comprehensive Security Portfolio
Firewall & NGFW
IPS & NGIPS
Advanced Malware
Protection +
Sandboxing
Web Security
•  Cisco ASA 5500-X Series
•  Cisco IPS 4300 Series
•  Cisco ASA 5500-X w/
NGFW license
•  Cisco ASA 5500-X Series
integrated IPS
•  Cisco ASA 5585-X w/
NGFW blade
•  FirePOWER NGIPS
•  FireAMP Mobile
•  Cisco Virtual Web Security
Appliance (vWSA)
•  FirePOWER NGIPS w/
Application Control
•  FireAMP Virtual
•  Cisco Cloud Web Security
•  FirePOWER NGFW
•  FirePOWER Virtual
NGIPS
Email Security
•  Cisco Email Security
Appliance (ESA)
•  Cisco Virtual Email
Security Appliance (vESA)
•  Cisco Cloud Email
Security
NAC +
Anomaly Detection
•  Cisco Identity Services
Engine (ISE)
•  Cisco Access Control
Server (ACS)
•  Lancope
•  FireAMP
•  Cisco Web Security
Appliance (WSA)
•  Threatgrid
•  Dedicated AMP
FirePOWER appliance
VPN
•  Cisco AnyConnect VPN
UTM
•  Meraki MX
Yeni Güvenlik Sertifikasyonu - CCNP
•  Cisco Bulut ve mobilite gibi günlük hayatımızı oldukça değiştiren trendlern ışığında, gereken güvenlik
uzmanlığı ve eğitimi alanında aşağıdaki yenilikleri, uzmanların, mühendislerin ve operasyon ekiplerinin
eğitimi için yayınlamıştır:
•  Yenilenen CCNP Güvenlik sertifikasyon programı
•  Yeni Cisco Sibergüvenlik Uzmanlığı
•  Daha önceki Cisco Güvenlik Uzmanlığı sertifikasyonunun sonlanması
•  Yeni ve güncellenmiş ürün eğitimleri
•  Yeniden dizayn edilen CCNP Security sertifikasyonu, bugün çok daha geniş bir bkış açısıyla, uçtan uça
mimari kurmaları gereken güvenlik uzmanlarını hedeflemektedir:
• 
• 
• 
• 
300-206 Implementing Cisco Edge Network Security Solutions (SENSS)
300-207 Implementing Cisco Threat Control Solutions (SITCS)
300-208 Implementing Cisco Secure Access Solutions (SISAS)
300-209 Implementing Cisco Secure Mobility Solutions (SIMOS)
Yeni Güvenlik Eğitimi – Siber Güvenlik Uzmanlığı
•  20 Saatlik Online Eğitim
•  Ücretsiz
•  Tek Yapmanız gereken:
“Siber Güvenlik Uzmanlığı Eğitimi” başlığıyla
[email protected]
adresine kontaklarınızla beraber ulaşmanız!!
Strategic Imperatives
Visibility Driven
Threat Focused
Platform Based
Network Integrated,
Broad Sensor Base,
Context & Automation
Continuous Advanced Threat
Protection, Cloud-Based
Security Intelligence
Agile & Open Platforms,
Built for Scale, Consistent
Control, Management
Network
© 2013 Cisco and/or its affiliates. All rights reserved.
Endpoint
Mobile
Virtual
Cloud
Cisco Confidential
19
Ecosystem and Integration
Custom Detection
Vulnerability Management
Full Packet Capture
Incident Response
NAC
BEFORE
DURING
AFTER
Policy and
Control
Detection
and Blocking
Analysis and
Remediation
Network Access Taps
Infrastructure & Mobility
Visualization
SIEM
Combined API Framework
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
20
Security Services
Advisory
Integration
Managed
Assessments
Deployment
Managed Security
Architecture and
Design
Migration
Hosted Security
Program Strategy
Optimization
Product Support
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
21
“Based on our (Breach Detection Systems)
reports, Advanced Malware Protection from
Cisco should be on everyone’s short list.”
“Cisco is disrupting the advanced
threat defense industry.”
“The AMP products will
provide deeper
capability to Cisco's role
in providing secure
services for the Internet
of Everything (IoE).”
© 2013 Cisco and/or its affiliates. All rights reserved.
“So do any network security vendors understand
data center and what’s needed to accommodate
network security? Cisco certainly does.”
2014 Vendor Rating
for Security: Positive
“… AMP will be one of the
most beneficial aspects of the
[Sourcefire] acquisition.”
Market Recognition
Cisco Confidential
22
© 2013 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
23
Ali Fuat TÜRKAY
[email protected]
Download

Intelligent Cybersecurity for the Real World