Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Jim Lord
Advanced Technologies - Security
October, 2004
• Global markets
• Networked Virtual Organization
• Internet
• Security
• ROI
• Fastest routes to Market
5491_06_2002_c1
Presentation_ID ©
© 2001,
2003 Cisco
Cisco Systems,
Systems, Inc.
Inc. All
All rights
rights reserved.
reserved. 9
Self Defending Network Strategy
Cisco strategy to
An initiative to dramatically
dramatically improve the
improve the network’s ability
network’s ability to
to
identify, prevent, and adapt
identify, prevent, and
to threats
adapt to threats
SECURITY
INTEGRATED TECHNOLOGY SYSTEM LEVEL
SECURITY INNOVATION SOLUTIONS
• Secure Connectivity • Endpoint Security • Endpoints
• Threat Defense • Application Firewall • Network
• SSL VPN
• Trust & Identity • • Services
Network Anomaly
• IPSec VPN
• SSL VPN
• MPLS
Protects Data/Voice Confidentiality
5491_06_2002_c1
Presentation_ID ©
© 2001,
2003 Cisco
Cisco Systems,
Systems, Inc.
Inc. All
All rights
rights reserved.
reserved. 14
Cisco Network Admission Control
(NAC)
5491_06_2002_c1
Presentation_ID ©
© 2001,
2003 Cisco
Cisco Systems,
Systems, Inc.
Inc. All
All rights
rights reserved.
reserved. 18
Cisco Threat Defense System
Products and Technologies
PIX® security appliance, Cisco IOS® FW,
Firewall Catalyst® 6500 Firewall Services Module
IDS Sensors, Catalyst IDS Services Module,
Network IDS/IPS access router IDS module, Cisco IOS IDS s/w
IPS
Firewall
VPN
• System Hardening
Syn-flood protection • Application-related
Malformed packet protection Application run control
Restart of failed services Executable file version control
• Resource Protection Protection against code injection
File access control Protection of process memory
Network access control Protection against buffer
overflows
Registry access control
Protection against keystroke
COM component access control logging
• Control of executable content • Detection
Protection against email worms Packet sniffers & unauthorized
Protection against automatic protocols
execution of downloaded files or Network scans
ActiveX controls
Monitoring of OS event logs
Deletes files