IT-GRC Security Solutions - PowerPoint PPT Presentation

About This Presentation
Title:

IT-GRC Security Solutions

Description:

... Benjamin Craig, Vice President of Information Systems for River City Bank Cisco ASA Cisco ASA Disparate Devices List (CapEx) Adaptive Security Appliance List ... – PowerPoint PPT presentation

Number of Views:110
Avg rating:3.0/5.0
Slides: 7
Provided by: Cisco9
Category:

less

Transcript and Presenter's Notes

Title: IT-GRC Security Solutions


1
IT-GRC Security Solutions
Security is complex so we need a holistic
approach to prioritize activities and investment
How do I best protect IT Confidentiality,
Integrity, and Availability?
We need to meet the many overlapping standards
such as SoX, PCI, ISO-27001 to name a few
How do I make the best use of both security
policy and technology to insure security and
compliance
We need to be able to determine the likelihood
and impact of business threats and prioritize our
response
How do I reduce cost and improve the
effectiveness of my security and compliance
initiatives?
We need to deploy SSL VPN
Customer Challenges
How do customer operate and implement a IT GRC
Program
  • Businesses today face the challenge of both
    protecting themselves from a myriad of security
    threats and meeting many overlapping compliance
    obligations, all with limited resources
  • Security threats continue to increase in number
    and sophistication
  • Inability to meet compliance requirements can
    lead to lawsuits, fines, and other penalties.
  • Fragmented teams that operated in individual
    silos lead to inefficiency, redundancy, gaps, and
    high cost
  • Threats to availability of business processes
  • Loss of customer trust and loyalty in the business

Solution and Customer Benefits
Top Questions To Ask To Initiate The Sale
Cisco Solution Offers
  • IT GRC addresses IT Security and Compliance
    challenges through ONE comprehensive program.
    These programs offer the following benefits
  • Reduce cost of compliance
  • One set of controls and one compliance program to
    implement and manage
  • Maximize reduction in IT security risk with
    available resources
  • Risk-based, business focused decisions and
    resource prioritization
  • IT GRC Delivers Dramatic Business Value
  • Higher Revenue
  • Increase in Profits
  • Decrease in Audit Costs
  • IT GRC Security Assessment Service
  • Helps customers get started with IT GRC by
    comprehensively addressing the Define and Assess
    phases
  • Provides customers with a unique common control
    framework that meets their needs
  • Assesses security policy and architecture against
    control requirements
  • Identifies gaps and provides a prioritized
    roadmap of recommendations for remediating gaps
  • Drives follow-on product and service
    opportunities
  • Remediate and Maintain offers
  • Cisco and partners offer a range of security
    products, deployment services, and ongoing
    subscriptions to remediate gaps and maintain
    security and compliance
  1. Are you concerned with compliance with
    regulations (e.g. SOX, FISMA, HIPAA) and industry
    mandates (e.g. PCI)?
  2. Do you have good visibility into the
    effectiveness of your security and compliance
    programs?
  3. Do you have concerns about overlaps, gaps, and
    inefficiencies between the efforts of multiple
    compliance initiatives?
  4. Are you confident that investments in security
    technology, policy, and process initiatives are
    driven and prioritized by a good understanding of
    business risk
  5. Are you confident that you are maximizing the
    return on investments in security technology,
    policy, and process initiatives

2
ASA BATTLE CARD
IT-GRC Security Solutions
What does an IT GRC Program look like ?
Your Competition
There are two main forms of competition Business
as usual Customers continue to try to address
security and compliance in-house with marginal
success Large security consulting firms Some of
the largest consulting firms have opened new IT
GRC consulting practices in the last two years.
The offers are still immature and few are
comprehensive. Ciscos differentiator is that we
not only have a comprehensive set of consulting
services, but we have the deep technical
credibility when it comes to assessing,
remediating, and maintaining security
infrastructure.
Additional Resources
IT GRC Web Site http//www.cisco.com/en/US/produ
cts/ps10372/serv_home.html
3
Global Correlation (GC) for IPS
We need an IPS system that identifies and
prevents attacks and attackers, and provides
global threat awareness
We need to be able to update our threat
management to deal with emerging threats
We need to be able to target and characterize
the attacker not just respond to the attack
We are looking for the most effective method of
identifying and preventing attacks and attackers
I need to stop all attacks against my assets
We need to be able to protect our networks
against
We need to deploy SSL VPN
What It Is
Customer Benefits
Top Questions To Ask To Initiate The Sale
  • Reduces network down time and prevents DoS
    attacks. GC IPS is able to identify and prevent
    attacks and attackers, and provide (and receive)
    global awareness.
  • Reduces operational costs associated with having
    to manage, update, and propagate updated
    signatures
  • Increase worker (IT-Security) efficiency by
    focusing key business functions and actionable
    events.

IPS with Global Correlation is a security
capability deployed with Cisco IPS Sensor
Software Release 7.0. Global Correlation
harnesses the power of Cisco Security
Intelligence Operations, the worlds largest
threat monitoring network, to achieve
unprecedented threat management efficacy. Global
threat information is turned into actionable
intelligence, such as reputation scores, and
pushed out to all enabled technologies.
  1. How are you currently identifying and preventing
    attacks and attackers ?
  2. How confident are you in knowing that your IPS
    is blocking and permitting traffic based on real
    attacks?
  3. Does your current signature based IPS solution
    only detect attacks that are already under way,
    and only have local threat awareness?
  4. Are you aware that 50 of attacks are from
    repeat offenders? (every attack a bad guy
    attempts counts against him in GC IPS risk
    rating system)

Value Proposition Key Points
Where It Fits
  • Global Correlation makes Cisco IPS 7.0 twice as
    effective as signature-only IPS technologies.
  • Global Correlation provides Cisco IPS with
    updates on new threats 100 times faster than
    signature updates.
  • Global Correlation decreases false positives with
    reputation analysis
  • Global Correlation leverages the global threat
    visibility of Cisco SIO

PROTECT IPS 7.0 protects your network with
updates every five minutes providing your
reputation filter with information based on
global data analysis. CORRELATE SensorBase
updates the IPS with data correlated from over
500 3rd party feeds and over 700,000 sensors
across multiple technology types. RESPOND The GC
IPS can respond to threats before they occur
using a reputation filters to remove the worst
offenders.
4
Global Correlation (GC) for IPS
Top Customer Objections
  • Broad Network Coverage
  • Edge Distribution Core Internal
  • Teleworker Branch Campus Data Center
  • Diverse Platform Options
  • Enabling broad deployment flexibility, easily
    integrated into network management and deployment
    models
  • Unified Management and Operations
  • Single update package
  • Consistent management
  • Enterprise-class solutions
  • Sub-200 micro-second latency for ensuring quality
    of low-latency applications
  • Highly reliable via hardware and software failover

Objection Im concerned Global Correlation will
block my incoming traffic. Answer Global
correlation can be implemented in Audit mode
allowing you to view what traffic global
Correlation would have stopped. Once you are
comfortable with what the Reputation Filter and
Global Inspection would have caught you can begin
to use Global Correlation. Objection Will my
network remain safe if I share it with
Cisco?Answer Yes, all data sent to SenserBase
is anynomous and there are actually three methods
of participation in Global Correlation that can
be applied to your IPS. The first is
non-participation Your IPS will be receiving
updates from SensorBase but will not send any
information back. Partial Participation allows
you to send information regarding the attack and
attacker. Full participation takes this a step
further where you would anonymously supply the
victim port and IP.
We need to upgrade our firewall
Objection How do I know this wont compromise my
current IPS security? Answer Again, there are
multiple ways of integrating Global Correlation
into your Risk Rating. The first is passive, your
IPS will be receiving updates from SensorBase but
doesnt act on them. It will only log the threats
it would have stopped. As you become more
comfortable with it you can begin to add
Reputation Filtering and Global Inspection to
your Risk Rating mixture
Cisco Clean Access (CCA)
Router Module
Appliances
Switch Module
http//www.cisco.com/en/US/products/sw/secursw/ps2
113/index.html
5
ASA BATTLE CARD
Support for multiple vendor solution creates
problems and is expensive
My administrators are having a hard time
managing all our security devices
The useful life of our investment in security
technologies continues to shrink
We need to be able to protect our unified
communication services.
We need to be able to protect against threats,
known and unknown (i.e. like filtering botnet
traffic)
We need to deploy SSL VPN
We need to deploy SSL VPN
What It Is
Customer Benefits
Top Questions To Ask To Initiate The Sale
  • Prevent network outages with Improve Threat
    Mitigation. Leverage Ciscos Security
    Intelligence Operations ability to centralizing
    information and threat signatures issued from all
    security technologies of the Cisco portfolio
  • Lower TCO and seamless integrate all types of VPN
    devices with a Comprehensive Connectivity
    solution. Cisco Secure remote access solution is
    recognized as the worlds widest-deployed
    solution, offering the richest range of
    connectivity in a single, versatile appliance
  • Deployment Flexibility reduce OPEX and
    troubleshooting man-hours. Secure Remote Access
    solution allows for all elements of the companys
    InfoSec policy to be deployed and manage in a
    centralized place.
  • Adhere to PCI compliancy at branch location
  1. Do you have the means to react and update your
    email filters, web filters and reputation, IPS/
    filtering as well as share statistics globally
    amongst other Cisco devices.
  2. Are you able to scale and protect your network
    against threats to your unified communications
    applications.
  3. Are you able to detect, isolate, and manage
    Botnet attacks?
  4. Are you able to automatically update your
    anti-malware database?
  5. Are you able to detect end-users accessing rogue
    IP addresses or domains that could effect your
    internal network?
  6. Are you interesting in consolidating security
    services into a single platform?
  7. Are you currently looking to deploy SSLVPN,
    IPsecEC VPN or both in your organization?
  8. Do you need to reduce your total cost of
    ownership at your branch locations while still
    providing secure access, firewall, and content
    filtering (and adhere to PCI)?
  9. Does your solution securely and cost effectively1
    allow for burst of traffic during pandemic
    situations?
  10. Do you have applications which need to be
    remotely accessed by mobile users?
  11. Are you looking for ways to reduce cost and
    complexity with your network security?
  12. Have you experienced business disruption due to a
    worm or virus?
  13. Are you looking to upgrade your existing security
    system or add additional security services to
    your network such as firewall and/or intrusion
    prevention?
  • ASA is a multi-purpose appliance that allows
    customers to deploy security services as needed
    to meeting business requirements. Services
    delivered through the ASA platform include
  • Firewall
  • IPS
  • Content Security
  • SSL/ IPsecec VPN
  • Unified Communications Security

Value Proposition Key Points
Where It Fits
  • Provides Botnet Traffic Filter, with the
    integration of the Cisco Security Intelligence
    Operations to protect the internal network from
    Malware threats and prevents other malicious
    activity due to infect client machines.
  • ASA 5505 with IPS Security Service Card (SSC)
    Module for SMB market to meet PCI compliancy.
  • Cisco 5580 can scale to support 10k Unified
    Communications Proxy (phone, mobility, presence
    federation, and TLS support) sessions
  • Broadest range of security options for secure
    remote access
  • Affordable, flexible solution for short-term
    bursts of VPN users
  • Firewall and enforce policies for internal and
    external NATed multicast traffic

PROTECT The ASA 5500 helps protect corporate
assets by preventing malicious software downloads
and unauthorized access. DETECT The ASA helps
detect vulnerabilities by scanning email
messaging for virus.
6
ASA BATTLE CARD
ASA BATTLE CARD
Top Customer Objections
Total Cost of Ownership
Your Competition
Objection We currently have an ASA deployed but
would like to test the Botnet Traffic
Filter. Answer Customers with existing ASAs can
order the licenses. All Cisco ASAs will ship with
1-year free trial. Objection We already have a
firewall. Answer The ASA is a security platform
and can be used as a firewall as well as an IPS,
VPN Concentrator or network Anti-X
solution. Objection I dont want to pay for all
of those capabilities if Im not using
them. Answer ASA is modular all those
capabilities are there in a single device, but
you only pay for those functions you
need. Objection I dont feel comfortable
allowing one company to provide this much of my
security solution. Answer Cisco has dedicated
teams of experts developing each security
solution (IPS, Firewall, VPN, etc). Objection
During pandemic situations we need to be able to
support large burst of traffic with our existing
ASAs. Answer The Cisco VPN Flex licenses are
designed to allow for an increase (traffic burst)
in the total number of SSL VPN concurrent users
on an ASA for a short period of time.
Checkpoint Attack
Your Response
We need to upgrade our firewall
Firewall Technology
IPS Technology
VPN Technology
Cisco PIX
Cisco IPS
Cisco VPN 3000
Integrated Management. Cisco management solutions are complex and not integrated into a single solution Cisco offers centralized security management across routers, appliances and endpoints. For logging and data analysis, we offer our MARS product. The last 3 products that CheckPoint introduced InterSpect, Connectra, Integrity have only limited support within SmartCenter such as logging and updates.
Cisco is a router company, not a security company. CP only thinks about security and nothing else. Being a router/switch plus security vendor is advantageous. You can offer end to end security solution for the whole enterprise. NAC on switches/routers, CSA on desktop, built-in FW/IDS with IOS, dynamic ARP inspection and IP source guard for voice security, end to end voice encryption.
NEW!! Includes Botnet Traffic Filter Free
30-Day Introductory License
Success Story Proof Points
Juniper Sales Tactics Positions SSL VPN to
the Sec Ops Decision Makers to gain strategic
entry points, especially in Financial
industry. Attacks IOS is unstable, Ciscos
service module strategy adds complexity
cost Response Lead with our Security position
in the market (1), educate customer on IOS
strength in the SDN story, highlight TCO and
investment protection for customer related to the
service module approach.
The Cisco ASA 5500 Series IPS Edition allows us
to not only fulfill a regulatory requirement, but
also, more importantly, to do the right thing and
make sure we are being as proactive as possible
with our network security. -- Benjamin Craig,
Vice President of Information Systems for River
City Bank
What Is The Closest Link?
ASA Security Service Modules
Additional Resources
Service Modules plug in to allow customer to turn
on security services as needed.
ASA Web Site http//www.cisco.com/go/asa
Write a Comment
User Comments (0)
About PowerShow.com