Home >Documents >CYBERSECURITY for ENTERPRISE INFRASTRUCTURE: Protecting ... · PDF file CYBERSECURITY for...

CYBERSECURITY for ENTERPRISE INFRASTRUCTURE: Protecting ... · PDF file CYBERSECURITY for...

Date post:25-Aug-2020
Category:
View:6 times
Download:1 times
Share this document with a friend
Transcript:
  • © 2014 Cisco and/or its affiliates. All rights reserved. 1© 2014 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

    CYBERSECURITY for ENTERPRISE

    INFRASTRUCTURE: Protecting your DataCenter

    Marco Mazzoleni Consulting Systems Engineer, Cisco GSSO

  • © 2014 Cisco and/or its affiliates. All rights reserved. 2

    Data Center Security Challenges

    Without integrated security, our customer’s data centers are at risk

    60% of data is stolen in

    HOURS

    54% of data center breaches remain undiscovered for

    MONTHS

    YEARSMONTHSWEEKSHOURSSTART

    85% of data center intrusions

    aren’t discovered for WEEKS

    51% increase in companies reporting a $10M loss

    or more in the last YEAR

    Source: Verizon 2014 Data Breach Investigations Report (DBIR)

  • © 2014 Cisco and/or its affiliates. All rights reserved. 3

    Data Center Administrators Need New Security

    �IT professionals don’t know what they’re protecting

    �They can’t see or recognize what’s in their environment

    �They can’t deal with unknown attacks

    �Even if technologies are purchased, in many cases, IT

    profesionals cannot use them properly

    �Complexity and fragmentation

    �Operational challenges

  • ImpactChallenges Why Cisco? SolutionCustomer Stats

    Fitness Company Builds Secure Data Center

    • Industry: Health, Wellness and Fitness

    • Location: Santa Monica, California

    • Employees: 600

    • Reduce data center footprint by 50 percent

    • Provides holistic view of threat environment for all

    customer

    • Simplifies security management and operations,

    and provides economic

    sustainability for IT

    infrastructure

    • Provide advanced IT services, Visibility across

    the network

    • Help ensure security in multitenant environment

    • Simplify network and security operations

    • Has long relied on Cisco for nearly all IT needs, from

    metro fiber network to data

    center infrastructure

    • Considered other vendors, but while their devices may

    be capable, Cisco provides a

    fully integrated solution

    • Most capable solution for meeting multitenancy, other

    project-related demands

    • Cisco ASA 5585-X Adaptive Security Appliance with Next-

    Generation Firewall Services

    with IPS and Global Threat

    Correlation

    • Cisco Identity Service Engine

    • Cisco Trutsec

    “With the converged Cisco

    solution, we can now centralize

    monitoring and management for

    all our resources and provide

    better support and services to

    users without increasing IT staff.”

    — Brian C. Young, Infrastructure

    Manager, Adena Health System

    Beachbody quote: on ASA 5585-X: “We can cluster without losing performance. It’s the perfect firewall platform to insert into the compute environment of our UCS.”

    Beachbody quote: on ASA 5585-X: “We can cluster without losing performance. It’s the perfect firewall platform to insert into the compute environment of our UCS.”

  • ASA + FirePOWER provides:

    • Data Center Integration • Physical and virtual solutions

    • Support for asymmetric traffic

    • Policy-based provisioning

    • Full integration with ACI APIC

    • Data Center Performance • High availability and failover

    • Advanced multi-site clustering

    • Before/During/After protection at data center speeds

    • Data Center Protection • Protection against advanced threats

    • Inspection of custom applications

    • Retrospective analysis and remediation

    Cisco Security: Secure the Data Center

    ASA w/FirePOWER Services

    ASA and ASAv FirePOWER NGIPS and vNGIPS

    Cisco has been identified as the clear Data Center security leader by data center administrators for the second year in a row Number 1 in All 10 Infonetics Leadership Criteria

  • How

    What

    Who

    Where

    When

    Cisco Identity Services Engine (ISE) Delivering the Visibility and Control for Secure Network Access

    Network

    Partner Context Data

    Consistent Secure Access Policy

    Cisco ISE

  • 7© 2013-2014 Cisco and/or its affiliates. All rights reserved.

    The New Security Model

    BEFORE Discover Enforce Harden

    AFTER Scope

    Contain Remediate

    Attack Continuum

    Detect Block

    Defend

    DURING

    Network Endpoint Mobile Virtual Cloud

    Point in Time Continuous

  • Thank You

Click here to load reader

Reader Image
Embed Size (px)
Recommended