Cisco Security Pocket Guide

Intelligent Cybersecurity for the Real World

Cisco Cybersecurity Pocket Guide ®

EME MEA A 20 201 15

Content What an Opportunity! • Security Investment is a Top Priority Why Cisco? • Cisco is the Leading Security Company • Market Recognition • Security Intelligence & Resear Research ch The Cisco Security Strategy • The Security Challenge • The Threat Threat-Centric -Centric Security Model What to Sell - Focus Products • Network Security • Advanced Malware Protection • Web- & Email-Security • Secure Access & Secure Mobility • Attach Security to Your Data Center Deals Security Channel Partner Program • Security Architectur Architecture e Specialisations • Incentives & Promotions • Demand Generation & Demo

2

© 2014 Cisco and/or its aliates. All rights reserved.

What an Opportunity! Security Investment is a Top Priority

56%

73%

51%

of organisations state

of organisations state

of organisations say

IT security is critical in meeting their top business objectives

that IT security is one of the top 5 priority areas for IT investment for the next scal year

IT security is more important than other IT initiatives

Source: Cisco Annual Security Report 2014

Security: The Critical Boardroom Topic • There is mounting concern at the senior executive and board level regarding information security. • Chief Information Security Ocers (CISOs) are challenged to push boardroom discussions into additional security investment. • Security breaches mean lost intellectual property, compromised customer information and condence, and valuation impact. • These are critical considerations as organizations become more agile and try to grow their business models in the face of the evolving trends of mobility, cloud computing, and advanced targeted attacks.

Partner Condential

3

Why Cisco? Cisco is The Leading Security Company “Based on our (Breach Detection Systems) reports, Advanced Malware Protection from Cisco should be on everyone’s short list.” “Cisco is disrupting the advanced threat defense industry.”

“So do any network security vendors understand data center and what’s needed to accommodate network security? Cisco certainly does.” 2014 Vendor Rating for Security: Positive

“… AMP will be one of the most beneficial aspects of the [Sourcefire] acquisition.”

“The AMP products will provide deeper capability to Cisco's role in providing secure services for the Internet of Everything (IoE).”

Market Recognition © 2013-2014 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

1

Cisco is Leader in four Gartner Magic Quadrants: • Magic Quadrant for Network Access Control, Dec 2013 • Magic Quadrant for Intrusion Prevention Systems, Dec 2013 • Magic Quadrant for Secure Web Gateways, June 2014 • Magic Quadrant for Secure Email Gateways, July 2014 Cisco’s Security portfolio has been rated “Positive” in Gartner’s Vendor Rating 2014.

We licensed online versions of the Gartner reports for distribution. Ask us for the access links!

4


Why Cisco? NSS Labs Next-Generation Firewall Reports 2014 Cisco ASA with FirePOWER Services Excels! NSS Labs conducted the most rigorous next-generation rewall testing to date. Cisco ASA with FirePOWER Services excelled when compared to other tested products. The industry’s rst, threat-focused NGFW is now also the rst in security eectiveness, according to NSS Labs reports. Next Generation Firewall (NGFW) Security Value MapTM Cisco (2)

Cisco (3)

100%

Cisco (1)

Dell SonicWALL Check Point

WatchGuard Fortinet (1) McAfee

95%

Fortinet (2)

Average Barracuda

90%

Cyberoam

85%

80%

75%

Product Legend Barracuda F800b Check Point 13500

70%

Cisco (1) FirePOWER 8350 Cisco (2) ASA 5525-X Cisco (3) ASA 5585-X SSP60 Cyberoam CR2500iNG-XP Dell SonicWALL SuperMassive E10800 Fortinet (1) FortiGate-3600C

65%

Fortinet (2) FortiGate-1500D McAfee NGF-1402 Palo Alto Networks PA-3020 WatchGuard XTM1525

Palo Alto Networks

60% e g a r e v A

$70

$60

$50

$40

$30

$20

September 2014

$10

55% $0

TCO per Protected-Mbps

Source: NSS Labs 2014 Security Value Map™

Download your copies of the reports, and share the link with your customers!

http://cisco.com/go/nssngfw2014 Partner Condential

5

Why Cisco? Cisco Talos Security Intelligence & Research Group More Than Just a Traditional Response Team The Cisco Talos Security Intelligence and Research Group is comprised of elite cybersecurity experts whose threat intelligence detects, analyses, and protects against both known and emerging threats by aggregating and analyzing Cisco’s unrivaled telemetry data of • 1.1 million incoming malware samples per day • 4.2 billion web ltering blocks per day • 1 billion sender base reputation queries per day • 100 TB of data received per day More than just a traditional response

Available 7 x 24 x 365

organization, Talos works around the clock to proactively discover, assess, and respond to the latest trends in hacking activities, intrusion attempts, malware and vulnerabilities with

new rules, signatures, le analysis and security tools to better protect Cisco customers. Talos also maintains the ocial rule sets of Snort.org, ClamAV, SenderBase.org and SpamCop.

Cisco Security Research: www.cisco.com/security/center/home.x Cisco 2014 Midyear Security Report: www.cisco.com/go/msr2014

6


Why Cisco? Cisco is Serious about Security. We are Transforming to Harness the Opportunity.

Cisco is Transforming Our objective is to be our customers’ #1 Trusted Security Advisor • New Focus on Security: Investment and momentum in Security to create the industry’s broadest solution portfolio • New Go-To-Market Approach: Empowered, dedicated Security organisation – the Global Security Sales Organisation • New Security Partner Program: Incentives, promotions and new security specialisations for higher partner proftability


7

The Cisco Security Strategy Security Challenges A combination of three major realities that exist today has made the task of defending a network more dicult than ever, while helping attackers to nd new ways to evade the defences.

Changing Business Models - The Internet of Everything will accelerate the degree of change in the years to come, making it even more dicult to defend the organisation.

Dynamic Threat Landscape - The attackers have become much more sophisticated and the attacks have moved from static to dynamic. Without near real-time discovery capabilities an organisation will be at a signicant disadvantage. Complexity and Fragmentation - Most organisations have dozens of security technologies that do not interoperate, and this is exacerbated by a signicant lack of security specialists available in the market.

8


The Cisco Security Strategy The Attack Continuum The best way to communicate the totality of the challenge is to look at the attack continuum. There are three stages to an attack: Before, During, and After.

Attack Continuum

Network

Endpoint

Point in Time

Mobile

Virtual

Cloud

Continuous

Before an attack - Organisations need to know what they are defending. They need to know what is on their network to be able to defend it (devices, operating systems, applications, users …) During an attack – When attackers get through, the customers need to be able to detect them. Once they detect the attack, they will be able to block them and defend the environment. After the attack – Invariably, some attacks will be successful, and customers need to be able to determine the scope of the damage, remediate, and bring operations back to normal.


9

The Cisco Security Strategy The Threat-Centric Security Model: An Integrated, Open, Pervasive, and Continuous Approach By taking a threat-centric and operational approach to security, organisations can reduce complexity and fragmentation, while providing superior visibility, continuous control, and advanced threat protection across the extended network and the entire attack continuum.

Consistent Control

Unmatched Visibility

Global Intelligence With the Right Context

Consistent Policies Across the Network and Data Center

Threat Protection

Detects and Stops Advanced Threats

Reduced Complexity

Fits and Adapts to Changing Business Models

Visibility-Driven - Get global intelligence and context for deeper insights and better decisions.

Threat-Focused - Detect, understand, and stop threats across the entire attack continuum Platform-Based - Reduce fragmentation by using a platform-based approach to protect the network, devices and the Cloud.

10


The Cisco Security Strategy Only Cisco Delivers: Platform-based solutions that integrate into an overall security system.

Attack Continuum

Firewall

VPN

NGIPS

Advanced Malware Protection

NGFW

UTM

Web Security

Network Behavior Analysis

NAC + Identity Services

Email Security

Malware Sandboxing

Security Services

Context-aware Security - Including physical and virtual hosts, operating systems, applications, services, protocols, users, content and network behaviour. Continuous Security - Aggregate and correlate data from across the extended network, discriminating between active attacks and reconnaissance versus simply background noise. Retrospective Security - Detect malware that is sophisticated enough to alter its behaviour to avoid detection, and evaluate full packet capture in order to successfully remediate.


11

What to Sell – Focus Products Next-Generation Network & Data Center Security Protect high-value data and data center resources with threat defence, secure virtualisation, segmentation, and policy control.

Cisco ASA 5500-X with FirePOWER Services (NGFW) • Industry’s rst threat-focused NGFW • Combines ASA rewall with Cisco Next-Generation IPS (NGIPS) and Advanced Malware Protection (AMP) • Platform series with wide range of sizes and form factors

Cisco ASA 5585-X with FirePOWER Services (NGFW) • Purpose-build security appliance for data centers • Highest performance, resiliency, and scalability through leading-edge clustering • Combines ASA rewall with Cisco Next-Generation IPS (NGIPS) and Advanced Malware Protection (AMP)

Cisco FirePOWER™ Next-Generation IPS (NGIPS) • The most advanced threat protection in the industry • Industry-leading throughput, threat detection ecacy, and low TCO • Platform series with wide range of sizes and form factors

Cisco FireSight Management Center • Centrally manages operational functions for ASA with FirePOWER Services and FirePOWER NGIPS • Automatically aggregates and correlates information • Reduces cost by streamlining operations and automating recurring analysis and management tasks

12


What to Sell – Focus Products Next-Generation Network & Data Center Security Reduce complexity while gaining superior visibility, consistent control, and advanced threat protection across the entire attack continuum.

Cisco ASA Virtual Appliance (ASAv) • Fully integrated Application Centric Infrastructure (ACI) security • Consistent transparent security across physical, virtual, ACI, SDN, and Cloud • vSwitch support for Cisco, hybrid, and non-Cisco data centers

Cisco Virtual Next-Generation IPS for VMware • Virtualised oering of Cisco FirePOWER NGIPS solution • Reclaim visibility lost when virtualizing • Extend Payment Card Industry (PCI) compliance to virtual environments

Cisco Virtual Security Gateway • Integrates with Cisco Nexus 1000V virtual switch • Delivers security policy enforcement and visibility at a virtual machine level • Logically isolates applications in virtual data centers and multi-tenant environments • Enforces separation of duties between security and server administrators

Cisco ASA 1000V Cloud Firewall • Integrates with the Cisco Nexus 1000V virtual switch • Employs proven ASA technology • Spans and helps to secure multiple VMware ESX hosts • Enables consistency across physical, virtual, and cloud infrastructures


13

What to Sell – Focus Products The Cisco ASA Refresh Opportunity in Detail Migrate from ASA 5500 End-of-Life Products Migrate to: • ASA 5500-X with FirePOWER Services products • Include Technical Support Services Key Selling Points: • Migrate to the new threat-focused NGFW that delivers multi-layered protection, improved visibility, and reduced security cost and complexity • Obtain integrated threat defence across the entire attack continuum by combining proven ASA NGFW capabilities with industry-leading Cisco NGIPS and AMP Up-Sell: • Cisco Security Migration Services • Cisco Network Device Security Assessment Services • If appropriate: Cisco ISE and ISE Assessment Services

Upgrade from ASA 5500-X without FirePOWER Services Upgrade to: • FirePOWER Services for Cisco ASA • Include Cisco FirePOWER Services Subscription for AMP and URL Filtering Key Selling Points: • Same as Migration Key Selling Points Up-Sell: • Same as Migration Up-Sell opportunities

14


What to Sell – Focus Products The Cisco ASA Refresh Opportunity in Detail Migrate from Cisco IPS 4200 End-of-Sale Products, or from Cisco IPS 4300 and 4500 Series Migrate to: • Industry-leading Cisco FirePOWER 7000 and 8000 Series Next-Generation IPS (NGIPS) • Include Cisco FirePOWER Services Subscription for AMP and URL Filtering Key Selling Points: • Dedicated NGIPS / AMP appliance • Very high throughput (>6 Gbps transactional IPS) Up-Sell: • Cisco Security Migration Services • Cisco Network Device Security Assessment Services • If appropriate: Cisco ISE and ISE Assessment Services

Offer to Network-Centric Buyers: Convergence Cisco ASA with FirePOWER Services allows convergence of the ASA platform and Sourcere IPS, AMP, URL Filtering

Offer for Security-Centric Buyers: “Better Together” Cisco ASA 5500-X Series plus FirePOWER 7000 or 8000 Series as best-in-class solutions


15

What to Sell – Focus Products Advanced Malware Protection Cisco Advanced Malware Protection provides the continuous analysis and advanced analytics that support Cisco’s Retrospective Security capabilities.

Unlike the many point-in-time solutions on the market, Cisco Advanced Malware Protection oers protection across the full attack continuum.

Point-in-time Detection: Antivirus /Sandboxing

Analysis Stops Sleep Techniques Unknown Protocols Encryption Polymorphism

Initial Disposition = Clean

Retrospective Detection: AMP

Actual Disposition = Bad Analysis Continues

Initial Disposition = Clean

Actual Disposition = Bad 1

“AMP Everywhere” - We oer the industry’s broadest portfolio of integrated Advanced Malware Protection solutions • AMP for Cisco Web Security • AMP for Cisco Cloud Web Security • AMP for Cisco Email Security • AMP for Networks • AMP for Endpoints • Integrated in ASA with FirePOWER Services

16


What to Sell – Focus Products Web- & Email Security Cisco’s Content Security portfolio protects organisations from evolving email and web threats. Email and Web security are critical components of a holistic security strategy and represent a multibillion dollar market in Europe.

Cisco Email Security (Appliances & Cloud-based) • Fights spam, viruses, and blended threats for organisations of all sizes • Enforces compliance and protects reputation and brand assets

• Also available as Cloud-based and Hybrid solution (onsite appliance + Cloud)

Cisco Web Security (Appliances & Cloud-based) • Proactive security, application visibility, and control for all users

• Extend real-time protection and policy enforcement to remote employees • Also available as Cloud-based solution and Cloud-based integrated with Cisco rewalls

Opportunity! • Leverage AMP integration as a key competitive dierentiator (“AMP Everywhere”) • Check out www.cisco.com/go/promotions for latest Security Incentives and Promos


17

What to Sell – Focus Products Secure Access & Mobility Enhance network visibility and control with identity-aware secure access solutions.

Cisco Identity Services Engine (ISE) • Security policy management platform that enforces secure access to network resources (wired, wireless, and VPN) • Accurately identies every user and device that connects to the network

Cisco Network Admission Control (NAC) • Enforces network security policies by allowing access only to trusted devices • Blocks access by noncompliant devices and limits damage from emerging threats and risks

Cisco TrustSec® • Secure network access based on rich contextual data (“who, what, where, when, how”) • Automates rewall rules and access control list administration, uses plain-language policies • Embedded in the operating systems of Cisco ISE, Catalyst and Nexus switches, Integrated Services Routers, and ASA rewalls

Cisco AnyConnect® Secure Mobility Services • Highly secure, simple, and reliable o-premise connectivity • Endpoint intelligence and context across any access method (wired, wireless, VPN ), from any device • Remote secure access to authorised applications for tablets and smartphones

18


What to Sell – Focus Products The Avenue for Driving Incremental Pipeline: Attach Security to Data Center Opportunities Did you know that including Cisco security architectures as a component of all data center opportunities can drive an average of 41% incremental revenue on each deal? Since there are no data center designs without a security component, you will be addressing one of your data center customers’ top concerns.

Make Cisco’s tightly integrated solution portfolio one of your key competitive advantages: Dierentiate your oerings by selling an end-to-end data center solution, which reduces the complexity of working with multiple vendors and point products.

• Check out the Cisco Secure Datacenter Solutions and the Cisco Validated Designs • Check out www.cisco.com/go/promotions for latest Security Incentives and Promos

www.cisco.com/go/securedatacenter


19

Partner Program Security Architecture Specialisations Cisco has re-designed the Security Specialisation program, aligning it to the new product portfolio.

Master Security Specialisation Complete Security Portfolio y t i x e l p m o C

Advanced Security Architecture Specialisation Complete Security Portfolio

Express Security Specialisations Web | Email | NG Firewall | NG IPS

SMB

Midmarket

Enterprise

Market Segment

Express Security Specialisation – A new entry point into security specialisations, allowing a partner to focus on one or several specic products (Email, Web, Next-Generation Firewall, IPS). Advanced Security Architecture Specialisation – This specialisation covers the breadth of Cisco’s Security Portfolio, and oers more advanced enablement for threat defence, secure access, Cloud and management solutions. Master Security Architecture Specialisation – This specialisation builds upon expertise attained in the Advanced Security Architecture Specialisation and enables partners to deliver value-added security solutions to their customers. www.cisco.com/go/specializations -> Security Architecture Specializations

20


Partner Program Security Promotions & Incentives Incentive Programs & Promotions are Cisco’s commitment to Partner Protability. Increase your revenue potential with upfront discount and backend payment programs, and special promotions that have been designed to help you sell Cisco security products and solutions.

Marketing & Demand Generation The free, ready-to-use marketing campaigns are designed to showcase your partnership with us, and help you eectively market Cisco security products and solutions to your customers.

Demoing Cisco Security Solutions Cisco dCloud, the Cisco Demo Cloud, provides powerful self-service capabilities for Cisco Partners. From scripted, repeatable demonstrations to fully customized labs with complete administrative access, Cisco dCloud can work for any use case. www.cisco.com/go/promotions -> Filter Category “Security” www.cisco.com/web/partners/sell/marketing-campaigns.html dcloud.cisco.com


21

Partner Program Useful Links Cisco Security Intelligence Operations tools.cisco.com/security/center/home.x

Security Community communities.cisco.com/community/technology/security

Cisco Security Blog blogs.cisco.com/security

Partner Support www.cisco.com/web/partners/support

Training & Certification www.cisco.com/web/learning

Certification Tracking cisco.pearsoncred.com

Marketing Assets Library bx.cisco.com/cbx-portal

Competitive Information www.cisco.com/web/partners/sell/competitive

22


What Next? Build and Practice your Security Pitch • Focus on Business Challenges • Focus on The Attack Continuum • Become comfortable talking about security

Have a Security Conversation with Your Customer • Identify the Security decision makers • Open the door for a deeper dive • Engage With Your Cisco Security Team!

• Security can be a major contributor to your company’s bottom line • Security is no stand-alone technology, it is a differentiator for your portfolio • The Security market is very fragmented; Cisco provides you and your customers a One-Stop-Shop


23

Cisco Security Pocket Guide

Recommend Documents