+ All Categories
Home > Documents > Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14...

Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14...

Date post: 16-Mar-2020
Category:

Documents
Upload: others
View: 1 times
Download: 0 times
Download Report this document
Share this document with a friend
22
Proprietary information of Ingram Micro Inc. Do not distribute or duplicate without Ingram Micro's express written permission. © Ingram Micro Inc. 1 Cisco Stealthwatch u Službi Cyber Security Servisa Dragan Ilić Cyber Security Consultant SEE CCIE, CISSP
Transcript
Page 1: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.© Ingram Micro Inc.1

Cisco Stealthwatch u Službi Cyber

Security Servisa

Dragan Ilić

Cyber Security Consultant SEE

CCIE, CISSP

Page 2: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.2

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.

Agenda

2

▪ Cyber Security Trendovi

▪ Uloga Stealthwatch-a

▪ Komponente Stealthwatch rešenja

▪ Cyber Security Servisi

Page 3: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.3

The Security Market

Security Services Market Trend is Healthy

Most of the Security Solutions Issues Can Be Addressed With Services

The Service Part Of Security Projects Is Higher

Page 4: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.4

Stealthwatch Enhances Visibility Across your Entire

Business

Page 5: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.5

Visibility Through NetFlow

Page 6: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.6

The General Ledger

Page 7: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.7

Host Groups: Situational Awareness

Page 8: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.8

Segmentation Monitoring with Stealthwatch

Page 9: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.9

Behavioral and Anomaly Detection Model

Page 10: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.10

Investigating a Host

Page 11: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.11

Rapid Threat Containment

Page 12: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.12

Stealthwatch – Security and Network Monitoring

Page 13: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.13

Required Core Components

Page 14: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.14

Cisco ISE and pxGrid Integration

Page 15: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.15

Flow Sensor

Page 16: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.16

UDP Director

Page 17: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.17

Proxy License

Page 18: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.18

Stealthwatch Endpoint Concentrator

Page 19: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.19

Actionable Threat Intelligence

Page 20: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.20

Security Online Visibility Assessment (SOVA)

Page 21: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

1405002 rev 6.27.14

Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.21

Coming & Ingram Micro Partnership

Basic Technical Services

Public Discovery

Web App Assessment

Vulnerability Assessment

Penetration Testing

Web Malware detection

PCI DSS ASV Scan

Source code review

Data Leakage Prevention

Configuration review

Consultancy Services

Governance & Strategy

Policies & Procedures

Compliance Assessment

Risk Assessment

Multi-Vendor Security Architecture

Access Control Assessment

Managed Security Services

Regular Assessment

SOCaaS

Security Monitoring

Incident Response

Digital Forensics

Threat Intelligence

Page 22: Cisco Stealthwatch u Službi Cyber - konferencija.coming.rs · CCIE, CISSP. 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without

22Confidential and proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate without Ingram Micro's express written permission.22


Recommended
Security Challenges in Emerging Technologies IoT& Wearablessecurity.ingrammicro.com/security/media/Security-Media-Library/... · 1405002 rev 6.27.14 Proprietary information of Ingram

Security Challenges in Emerging Technologies IoT& Wearablessecurity.ingrammicro.com/security/media/Security-Media-Library/... · 1405002 rev 6.27.14 Proprietary information of Ingram

Documents

10 - Gaurav Gupta - Ingramconceptsandsolutions.co.in/.../Gaurav_Gupta_Ingram.pdfAdobe Solutions Gaurav Gupta 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do

10 - Gaurav Gupta - Ingramconceptsandsolutions.co.in/.../Gaurav_Gupta_Ingram.pdfAdobe Solutions Gaurav Gupta 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do

Documents

Artistic Venture Fund 6.27.14

Artistic Venture Fund 6.27.14

Documents

Ingram Micro Cyber Security Portfoliosecurity.ingrammicro.com/security/media/Security-Media... · 2017-07-15 · 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do

Ingram Micro Cyber Security Portfoliosecurity.ingrammicro.com/security/media/Security-Media... · 2017-07-15 · 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do

Documents

Red Hat Ansible Not Just For Networking...Red Hat Ansible Not Just For Networking Steve Welgoss June 21, 2019 1405002 Confidential and proprietary information of Ingram Micro Inc.

Red Hat Ansible Not Just For Networking...Red Hat Ansible Not Just For Networking Steve Welgoss June 21, 2019 1405002 Confidential and proprietary information of Ingram Micro Inc.

Documents

Bezbednost nema alternativu - konferencija.coming.rs · Cloud Data Warehouse Data Lake NoSQL Document DB Cloud SQL Database SQL Server SQL Server Apache Hadoop ON-PREM CLOUD Nova

Bezbednost nema alternativu - konferencija.coming.rs · Cloud Data Warehouse Data Lake NoSQL Document DB Cloud SQL Database SQL Server SQL Server Apache Hadoop ON-PREM CLOUD Nova

Documents

What is GDPR and Should You Care? - Ingram Microsecurity.ingrammicro.com/.../What-is-GDPR-and-Should-you-Care.pdf · What is GDPR and Should You Care? 1405002 rev 6.27.14 Proprietary

What is GDPR and Should You Care? - Ingram Microsecurity.ingrammicro.com/.../What-is-GDPR-and-Should-you-Care.pdf · What is GDPR and Should You Care? 1405002 rev 6.27.14 Proprietary

Documents

NSX scenariji - konferencija.coming.rs · NSX komponente Control Plane NSX Controller Run-time state Decouples virtual networks form physical topology Not in Data Path Highly Available

NSX scenariji - konferencija.coming.rs · NSX komponente Control Plane NSX Controller Run-time state Decouples virtual networks form physical topology Not in Data Path Highly Available

Documents

M A J 2019 Deloitte Digital IoT - konferencija.coming.rs · senzorima se dobijaju podaci za informacioni sistem koji su od značaja za dalje automatske akcije i/ili poslovno odlucivanje.

M A J 2019 Deloitte Digital IoT - konferencija.coming.rs · senzorima se dobijaju podaci za informacioni sistem koji su od značaja za dalje automatske akcije i/ili poslovno odlucivanje.

Documents

Simplify Your Day With PRTG - konferencija.coming.rs · PRTG Sensor Types. COMING IT CONFERENCE Methods for bandwidth monitoring • SNMP • PerfCount/ WMI • Flow (Netflow, sFlow,

Simplify Your Day With PRTG - konferencija.coming.rs · PRTG Sensor Types. COMING IT CONFERENCE Methods for bandwidth monitoring • SNMP • PerfCount/ WMI • Flow (Netflow, sFlow,

Documents

Realize the Promise of Technologycomunicacionalcanal.com/mailblast/PDF/Proceso_de_compra... 1405002 rev 7.18.14 Confidential and proprietary information of Ingram Micro Inc. — Do

Realize the Promise of Technologycomunicacionalcanal.com/mailblast/PDF/Proceso_de_compra... 1405002 rev 7.18.14 Confidential and proprietary information of Ingram Micro Inc. — Do

Documents

Intelligent Security Operations - konferencija.coming.rs · Incident response With local IT Local ... “we can detect an attack within 60 seconds and complete the analysis to contain

Intelligent Security Operations - konferencija.coming.rs · Incident response With local IT Local ... “we can detect an attack within 60 seconds and complete the analysis to contain

Documents

Ingram Micro Cloud Referral Program · 2017-06-01 · −Pay after 30 days and every 30 days for the life of subscription ... Keys to Success. 1405002 Confidential and proprietary

Ingram Micro Cloud Referral Program · 2017-06-01 · −Pay after 30 days and every 30 days for the life of subscription ... Keys to Success. 1405002 Confidential and proprietary

Documents

Introducing Cloud Marketplace NextCP - Amazon S3...Watch Video: Deploy Template >> 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate

Introducing Cloud Marketplace NextCP - Amazon S3...Watch Video: Deploy Template >> 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. — Do not distribute or duplicate

Documents

Migrating workloads to Azure - Amazon S3 · 2017-11-16 · 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's

Migrating workloads to Azure - Amazon S3 · 2017-11-16 · 1405002 rev 6.27.14 Proprietary information of Ingram Micro Inc. —Do not distribute or duplicate without Ingram Micro's

Documents

6.27.14 Game Notes vs. TNS

6.27.14 Game Notes vs. TNS

Documents