WORLD WIDE TECHNOLOGYBrief Overview
Justin Deckard
314.276.0045
NGB Account Rep – Midwest Region
SECURE NETWORK INFRASTRUCTURE
DATA CENTER Virtualization Servers and Blades Storage and Backup Facilities Infrastructure Data Center Networking
COLLABORATION Unified Communications Video Conferencing IP Telephony Unified Messaging
SUPPLY CHAIN Staging / Integration Logistics & Warehousing JIT Delivery Material Planning Supplier Management
CORE SOLUTIONS
DATA CENTER COLLABORATION SUPPLY CHAIN
PROFESSIONAL SERVICESPLAN. DESIGN. IMPLEMENT. SUPPORT.
ASSESSMENTS & WORKSHOPS
100+ WWT Data Center Resources20+ Virtualization Architects
WORKSHOP & ASSESSMENT OFFERINGARCHITECTURAL, INDEPENDENT, MULTI-VENDOR APPROACH
Desktop Virtualization
Server Virtualization
Server Consolidation
Application Virtualization
Storage Optimization
Back-up, Recovery & Archive
Network Optimization
Facilities Efficiencies
IT Service Management
IT Resource Optimization
Operational Readiness
Feasibility Assessment
Disaster Recovery / COOP
P2V Acceleration
A workshop is a 2-4 hour technical whiteboard session focused on a particular topic. This professional services offering was created by WWT to help clients better understand different technologies and their architectural components. They discuss the proven best practices to plan, design, pilot and ultimately scale a solution into production.
WORKSHOPSP
LAN
• D
ESIG
N •
IM
PLE
MEN
T •
SU
PP
OR
T
Pssst…It‟s FREE
AWARD WINNING CISCO PARTNERSHIP
CORPORATE•Cisco’s Largest US Partner ($1.7B FY10)
•2008 & 2006 Partner of the Year Award US & Canada
•Cisco sales exceeding $1 Billion each of the past 3 years
•Member of the Cisco Partner Executive Exchange
•Cisco Learning Solutions Partner
•Charter Member of Cisco’s International Alliance Program
•Over 500 Certifications with 13 Specializations
•46 CCIEs and growing
•Over $5 Million in Cisco Demo Equipment
•Cisco Red Badge Subcontractor to Advanced Services
COLLABORATION PRACTICE•Cisco’s #4 Collaboration Partner (FY10)
•Masters Unified Communications Partner
•Tandberg Platinum Partner
•9 Voice CCIEs on staff
•First Partner to Deliver TelePresence Solution
DATA CENTER PRACTICE•Cisco’s Largest Data Center Partner (FY10)
•Cisco’s Largest UCS Partner (FY10)
•First Partner to Deliver Nexus Solution
20102001
REV
ENU
E
$1 BILLION
$800M
$600M
$400M
$200M
$1.6B
$1.4B
$1.2B
$1.8B
• Hands on Access to over $5M in State-of-the-Art Equipment
• Perform Proof of Concepts
• See Multiple Vendor Technologies Working Together First Hand
• Server, Storage & Network Virtualization
• MDS Fabric Switch and Fabric Manager
• Cisco UCS Mgt. & Provisioning of Blades
• HP Blades & Management
• Nexus 5010, Nexus 2000 Switch
• Nexus 1000 Virtual Switch, OS, and Mgt.
• EMC Avamar, CLARiiON, Centerra, Storage
• NetApp FAS3100 Storage
• ACE Load-Balancing, WAAS
ALSO AVAILABLE
Hands-on Access to over $10M in EquipmentSee First Hand Vblock Technologies integrated
DEMONSTRATION EQUIPMENTDEMONSTRATION & BRIEFING CENTER
TRAINING & DEMONSTRATION
• Multiple UCS Systems
• Vblock 2 & Vblock 0 Systems
• FlexPod Architectures
• NetApp Validated Designs & SMT
• HP BladeSystem Matrix
• Nexus, FCoE & Unified Fabrics
• VMware vCenter Infrastructure
• Virtual Desktop Technologies
• Citrix Infrastructure Technologies
• Orchestration Layer Technologies
• Unified Provisioning & Storage
• IAAS (“Infrastructure as a Service”)
• Private & Public Cloud Technologies
• Disaster Recovery & Backup
• Cisco, EMC, NetApp, HP, Dell, VMware, Citrix, Sun/Oracle, WYSE
PROOF OF CONCEPTS - REMOTE DEMONSTRATIONS - HD CAMERAS
VBLOCK 0 & VBLOCK 2 DEMO SYSTEMS
• Remote Demonstrations
• Educational Webcasts & Seminars
ADVANCED TECHNOLOGY CENTER
Web Defense And Assessments
Joseph Muniz
Technical Solutions Architect – Cyber SecurityCCNP CCVP CCSP CCDP CISSP
Agenda
• Today’s Workforce
• Securing The Workforce
• Web Defense Breakdown: Ironport / Anyconnect / DLP
• “The first step to being secured is undergoing an
independent security audit”, Jeff Moss
• How World Wide Technology Can Help You
• Questions
Federal Telework Trends
The legislation would requireevery agency to develop a Telework Program that allowsemployees to Teleworkat least 20% of their hours
Corporate Border
Branch Office
Applications and Data
Corporate Office
Policy
Traditional Corporate Border (Pre Facebook, Cloud, Etc)
Attackers CustomersPartners
Web: Enabling the Borderless Experience
Branch Office
Applications and Data
Corporate Office
AttackersCoffee Shop
Customers
Airport
Mobile User Partners
Home Office
wWwWorld Wide Web
HTTP Is the New TCP
Malware Threats Continue to Rise
• 237% volume increase in „09
• Over 70% of compromised web sites are legitimate
• Vulnerabilities in Adobe PDF emerged as the main target, followed by Flash
54% of malware encounters due to iframes and exploits
Cross-Site Scripting and SQL Injection are top attack methods
83% of websites have at least 1 serious vulnerability
80% of the web is uncategorized, highly dynamic or unreachable by web crawlers
Botnets
Dynamic content
Password protected sites
User generated content
Short life sites
The Known Web20% covered by URL lists
Acceptable Use Controls
Malware Protection
Data Security
SaaS Access Controls
Danger
Danger
The Dark Web
Web pages include many objects
• Email messages may have multiple objects
• Web pages usually consist of MANY objects
• Each object in a web page is retrieved with an independent HTTP transaction
Discrete objects
that each require a
transaction
Web Business Challenges
Acceptable Use Control
MalwareProtection
Data LossPrevention
Policy
SaaS Access Control
Cisco IronPort Web Security ApplianceIndustry Leading Secure Web Gateway
Control
Security
Acceptable Use Controls
Malware Protection
Data Security
SaaS Access Controls
Centralized Management and Reporting
InternetSecure Mobility
Comprehensive Malware DefenseDefense-in-Depth
Infected Clients
Layer 4Traffic Monitor
Web Clients
ReputationAnalysis
SignatureAnalysis
BehavioralAnalysis
Cisco Network and Content Security Deployments
Reputation and Behavioral AnalysisPredictive, Zero-day Protection
Cisco SensorBase
Threat Operations Center
AdvancedAlgorithms
Web Reputation Scores-10 to +10
Cisco Security Intelligence Operations
Threat Telemetry
Threat Telemetry
Outbreak Intelligence
External Feeds
Identifying Malware Lurking in the Dark Web
Cisco IronPort DVS EngineDynamic Vectoring and Streaming
Signature and Heuristic Analysis
Wide coverage with multiple signature scanning engines
Identify encrypted malicious traffic by decrypting and scanning SSL traffic
Seamless user experience with parallel scanning
Latest coverage with automated updates
Heuristics DetectionIdentify unusual behaviors
DVS Engine
Parallel Scans, Stream Scanning
Signature InspectionIdentify known behaviors
Internet
Users
Cisco IronPort S-Series
Network Layer Analysis
Powerful
Anti-Malware Data
Preventing
“Phone-Home” Traffic
Scans all traffic, all ports, all protocols
Detects malware bypassing Port 80
Prevents Botnet traffic
Automatically updated rules
Real-time rule generation using, “Dynamic Discovery”
Infected Endpoint DetectionLayer 4 Traffic Monitor
Packet and Header
Inspection
Also available on the ASA as Botnet Traffic Filter
Documents
Allow, block, log based on file metadata, URL category, user and web reputation
Multi-protocol: HTTP(s), FTP, HTTP tunneled
Documents
On-Box Common Sense Security
RSA DLP Network
Internet
Partner site
Webmail
Internet
Deep content inspection: Structured and unstructured data matching
Performance optimized: Works in tandem with accelerated on-box policies
Log
Allow
Block
Log
Allow
Block
Off-Box Advanced Data Security
Complete Data Security
If You Have Cisco IronPort S-Series Deployed
• Enable DLP for web traffic
□ Monitor webmail, wikis, blogs, FTP, http/s
□ Enforce controls such as block, audit, etc. based on policy
□ Through RSA DLP Network and interoperability with IronPort S-
Series
• Apply all RSA DLP Network policies for web
□ Described content policies for PII, PCI, HIPAA, etc.
□ Fingerprinting policies for intellectual property
25
RSA DLP Network ICAP Server
Cisco IronPort S-Series
Monitor Web Traffic & Enforce Controls
Full Context Awareness
Identity
Job Sites
Instant Message
P2P
Streaming Media
Human Resource
No FileTransfer
All
100 kbps/User
Facebook Lunch hour Time
Object
Application
Location
Priority
Web Application Controls
Granular control over HTTP, HTTP(s), FTP applications
Dynamic signature updates maintained by Cisco SIO
Granular Control over Application Usage
Employee in Finance
Access Control Policy Access Control Violation
Instant Messaging
Facebook: Limited Apps
Video: 512 kbps max
File Transfer over IM
Facebook Chat, Email
P2P
Predominantly PC-based Client Support
URL-filtering client unable to address key use cases
Not integrated, requiresseparate VPN client
Limited Clients
Limited Security
No Access
Acceptable Use
Access Control
Data Loss Prevention
Threat Prevention
Traditional Mobile Web Security
–
–
No AccessAccess
Intranet
Corporate File Sharing
Diverse EndpointSupport for Greater
Flexibility
Rich, Granular SecurityIntegrated
into the network
Always-on IntelligentConnection for Seamless
Experience andPerformance
Choice
Security
Experience
Acceptable Use
Access Control
Data Loss Prevention
Threat Prevention
Intranet
Corporate File Sharing
Access Granted
Cisco AnyConnect Secure Mobility Web Security with Next Generation Remote Access
WSA ASA
AnyConnect Client
Why An Assessment?
• Do you know what’s on your network down to the serial number
(EOS/EOL, Support Contracts, etc)?
• Network ready for VoIP / Wireless / ETC?
• Verify compliance against industry best practice (NSA), check
running IOS for vulnerabilities, etc.
• Are you IPV6 Capable? 802.1x enabled?
• Do you feel your network is future proof? Could your design use
improvements? How reliable is your redundancy?
• Vulnerable to attack? Interested in how the bad guys could get in?
• Have a Audit creeping up you need to pass?
• Base Assessment
- Free (some restrictions apply)
- Uses automated tools to gather information
EOS / EOL report Hardware / Software InventoryNSA best practices check Limited design recommendations
• Advance Network + Penetration Assessments
- Paid (Pricing based on requirements)
- Uses a combination of tools and WWT servicesDetailed deliverable Identify gaps in network designSecurity Vulnerabilities Assessment for specified auditsPenetration Testing Network evaluation for AT
How WWT Can Help
Top Reasons You May Think No Way
1)You can’t have our network information.
A:We can give you a Vmware image of the tool(s) with a 60 day
demo key. You can delete it after the assessment. We only need
the reports which do not contain configurations.
2)We can’t give you our network passwords
A: Our tools mimic a real user. We will never see your passwords.
You create a account and the system will log into devices.
3)We have assessed our network in the past.
A:Our program utilizes a combination of security and network
based tools. We have custom scripts designed to identify
specific business objectives such as 802.1x or IPV6
capabilities.
This Can’t Happen On My Network???