(CISCO) Self-Defending Networks - PowerPoint PPT Presentation

About This Presentation
Title:

(CISCO) Self-Defending Networks

Description:

(CISCO) Self-Defending Networks Ben Sangster Agenda (CISCO) Self-Defending Network Concept Why do we need SDN s? Foundation of the CSDN? Endpoint Protection ... – PowerPoint PPT presentation

Number of Views:1409
Avg rating:3.0/5.0
Slides: 18
Provided by: csClemson
Category:

less

Transcript and Presenter's Notes

Title: (CISCO) Self-Defending Networks


1
(CISCO) Self-Defending Networks
  • Ben Sangster

2
Agenda
  • (CISCO) Self-Defending Network Concept
  • Why do we need SDNs?
  • Foundation of the CSDN?
  • Endpoint Protection
  • Admission Control
  • Infection Containment
  • Intelligent Correlation and Incident Response
  • Inline IDS and Anomaly Detection
  • Application Security and Anti-X Defense
  • Summary
  • Questions

3
Cisco Self-Defending Network (CSDN) Concept
  • A systems-based solution that allows entities to
    use their existing infrastructure in new ways to
  • Reduce windows of vulnerability
  • Minimize the impact of attacks
  • Improve overall infrastructure availability and
    reliability

4
CSDN Concept (cont.)
  • CSDN also helps create autonomous systems that
    can quickly react to an outbreak with little to
    no human intervention

5
Why do we need CSDNs?
  • Evolution of network?Evolution of attacks on
    networks
  • Traditional approach?Defense-in-depth
  • Proactive defense mechanisms
  • CSDN approach
  • Adaptive defense mechanisms

6
Why do we need CSDNs? (cont.)
  • Proactive defense mechanismsnot obsolete, simply
    inefficient in responding to breeches in network
    security
  • Proactive solutions frontload defense mechanisms

7
Proactive Defense Example
DMZ
Internet
Outer Firewall
Inner Firewall
8
Why do we need CSDNs? (cont.)
  • Adaptive Solutionsfocus isnt solely on
    preventing network attacks
  • Attempt to effectively
  • Detect
  • Respond
  • Recover
  • Little to no adverse effect on the network and
    its users

9
Why do we need CSDNs? (cont.)
  • Key elements of an adaptive solution
  • Remain active at all times
  • Perform unobtrusively
  • Minimize propagation of attacks
  • Quickly respond to as-yet unknown attacks

10
Foundation of a CSDN
  1. Endpoint Protection
  2. Admission Control
  3. Infection Containment
  4. Intelligent Correlation and Incident Response
  5. Inline IDS and Anomaly Detection
  6. Application Security and Anti-X Defense

11
Endpoint Protection
  • You are only as strong as your weakest link
  • One non-sanitized end-user system connected
    behind a robust, efficient defense can spell
    D-O-O-M for a network
  • Cisco Security Agent
  • Point of presence on end user systems that
    enables efficient exchange of valuable network
    threat information as it occurs
  • Endpoint system virus, worm detection/protection

12
Admission Control
  • Not only core component of a CSDN, but
    incorporated into other technologies by over 30
    industry-leading vendors
  • Network Admission Control (NAC) assists in
    determining the level of access to grant an
    end-user system in accordance with the security
    policy when it initially joins the network
  • NAC also assists in managing end-user systems
    compliance with security patches and updates

13
Infection Containment
  • The ability to identify non-compliant systems or
    network attacks as they occur and react
    appropriately, minimizing the effect of the
    breech
  • Potentially the 1 core component of a secure
    system belonging to a CSDN

14
Intelligent Correlation and Incident Response
  • Services that provide the ability to exchange
  • Event information
  • Implications of an event occurring
  • Necessary actions to take
  • The appropriate nodes or systems to enforce
    actions in real-time
  • These services aide in adapting to changes and
    countering attacks that are occurring in the
    network as they occur rather than after they occur

15
Application Security and Anti-X Defense
  • A menagerie of application layer security
    products that address the ever-evolving classes
    of threats which are not effectively addressed by
    traditional firewall and network IDS products
  • Threat examples
  • E-mail based SPAM and phishing
  • Spyware
  • Unauthorized peer-to-peer activity

16
Summary
  • New phraseology NOT a new technology
  • Encompassing security solution that is proactive
    AND adaptive in nature that envelopes every level
    of network security rather than just specific
    layers
  • Key difference in CSDN and traditional security
    solutionsability of CSDNs to communicate and
    share information among different security
    products employed within the CSDN

17
Questions
Write a Comment
User Comments (0)
About PowerShow.com