WIXLIB

Toronto, CanadaMay 30, 2013Advanced Web SecurityDeploymentOn-Premise, Cloud, Next GenFirewall?Steve GindiProduct Security SpecialistCisco Systems 20122011 Cisco and/or its affiliates. All rights reserved.Cisco Connect1

Agenda Cisco State of the NationIndustry TrendsGartner Overview Cisco Securing the NationSecond level bullets are18 pts in size Cisco Deployment Optionssizing words, do not italicize Live Demo

Cisco State of theNation 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect3

Where You Visit Online 22%Online video36%search engines20%13%Social networksAdvertisementsHits to Top Web PropertiesSocial NetworkAdsOnline VideoSearch Engine0% 2012 Cisco and/or its affiliates. All rights reserved.5%10%15%20%25%30%35%Cisco Connect40%4

Is Where The Threats AreSearch Engines vs. Counterfeit Software27x more likely to deliver malicious contentOnline Advertisements vs. Pornography182x more likely to deliver malicious contentOnline Shopping vs. Counterfeit Software21x more likely to deliver malicious content 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect5

A More Targeted Attack90%DrugsPrescriptionPerscriptionDrugsLuxury WatchesLuxury Watches80%Credit CardCredit CardBusiness ReviewsBusiness ReviewsProfessional NetworkProfessional NetworkElectronic Money TransferElectronic Money TransferAccounting SoftwareAccounting SoftwareSocial NetworkSocial NetworkProfessional AssociationsProfessional AssociationsAirlineAirlineMailMailWeight LossWeight LossGovernment onWindowsSoftwareWindows SoftwareCellular Company10%Cellular CompanyOnline ClassifiedsTaxes0%JanFeb 2012 Cisco and/or its affiliates. All rights reserved.MarAprMayJunJulAugSepOctNovDecCisco Connect6

A More Targeted AttackAPRIL15January-March:February-April:Windows Software spam, whichcoincided with the release of theMicrosoft Windows 8 consumer previewTax software spam during U.S. taxseason. 2012 Cisco and/or its affiliates. All rights reserved.January-March and SeptemberDecember: Spam based onProfessional networks like LinkedIn,correlated with desire for a change incareer during the beginning and end ofthe year.Cisco Connect7

Social eInfections 2012 Cisco and/or its affiliates. All rights reserved.Acceptable UseViolationsData LossCisco Connect8

DeviceLocationApplicationMore People, Working from More Places, Using More Devices,Accessing More Diverse Applications, and Passing Sensitive Data 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect9

Mobile Malware (mis)InformationAndroid Mobile Device TrendingAndroid Malware grows2577%over 2012.5%Mobile make up less than .5%of total web malwareencounters 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect10

Gartner Magic QuadrantSecure Web Gateway, 2012The Magic Quadrant is copyrighted 2009 by Gartner, Inc. andis reused with permission. The Magic Quadrant is a graphicalrepresentation of a marketplace at and for a specific timeperiod. It depicts Gartner’s analysis of how certain vendorsmeasure against criteria for that marketplace, as defined byGartner. Gartner does not endorse any vendor product orservice depicted in the Magic Quadrant, and does not advisetechnology users to select only those vendors placed in the"Leaders” quadrant. The Magic Quadrant is intended solelyas a research tool, and is not meant to be a specific guide toaction. Gartner disclaims all warranties, express or implied,with respect to this research, including any warranties ofmerchantability or fitness for a particular purpose.This Magic Quadrant graphic was published by Gartner, Inc.as part of a larger research note and should be evaluated inthe context of the entire report. The Gartner report is availableupon request from Cisco. 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect11

Cisco Securing theNation 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect12

Web Security PortfolioWEB SECURITY ESSENTIALSADVANCED WEB SECURITYApplication Visibility and ControlURL Filtering, ReputationAnti-Malware Scanningand Prevention, DLPCENTRALIZED MANAGEMENT AND REPORTINGSingle console for WSA or CWS solutionsApplianceCoffee ShopVirtualCloudRouterHome OfficeFirewallMobile UserANYCONNECT SECURE MOBILITY CLIENT 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect13

Current DatacentersBrazilCanada (E), (W)BangaloreChicagoCopenhagenDallasFrankfurtHong KongLondonMiamiNew York MetroParisSan JoseSingaporeSydneyTokyoZurich 2012 Cisco and/or its affiliates. All rights reserved.In Progress DatacentersDubaiMexicoSouth AfricaCisco Connect14

Unmatched Cloud-Based Global Threat Intelligence24x7x365 100M 600 OPERATIONSSPENT IN DYNAMIC RESEARCH AND DEVELOPMENTENGINEERS, TECHNICIANS AND RESEARCHERS40 80 LANGUAGESPH.D.S, CCIE, CISSP, MSCE0010 010 10010111001 10 100111 010 000100101 110011 01100111010000110000111000111010011101 11000011100011100010 010 10010111001 10 100111 010 000100101 110011 01100111010000110000111000111010011101 1100001110001110Cisco SIO1001 1101 1110011 0110011 101000 0110 00 0111000 1110100111001 1101 1110011 0110011 101000 0110 00 0111000 111010011101 1100001 11000 111101 1100001 11000 trol1.6M35%3 to 5200 GLOBAL SENSORSWORLDWIDE EMAIL TRAFFICMINUTE UPDATESPARAMETERS TRACKED75TB13B5,500 70 DATA RECEIVED PER DAYWEB REQUESTSIPS SIGNATURES PRODUCEDPUBLICATIONS PRODUCED150M 8M DEPLOYED ENDPOINTSRULES PER DAY 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect15

Every Click, Every ObjectLayer 4Traffic MonitorReputation andHeuristical AnalysisAcross All Ports &All ProtocolsMalicious Traffic fromInfected Clients 2012 Cisco and/or its affiliates. All rights reserved.Signature basedAnti-VirusMalicious ServerIn-line / Real-timeProtectionAdaptive ScanningCisco Connect16

Enforce Acceptable Use Policies Reduce productivity loss Reduce risk of legal liabilities Control Web 2.0 traffic and web applicationsURL FilteringApplication Visibility and Control URL database coveringover 50M sites worldwide Real-time dynamiccategorization forunknown URLs 2012 Cisco and/or its affiliates. All rights reserved. Deep application control,e.g., IM, Facebook, WebEx Dynamic updates Site content ratingsCisco Connect17

On-PremiseCloudWSAASARedirect toPremise or CloudMobile UserAnyConnect Client 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect18

On-box DataSecurity PoliciesWSAHotmailDLP Vendor BoxOff-box Integrationfor Enterprise DLP 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect19

Centralized ManagementCentralized PolicyManagement 2012 Cisco and/or its affiliates. All rights reserved.Centralized ReportingDelegatedAdministrationIn-Depth Threat VisibilityExtensive Forensic CapabilitiesInsightControlVisibilityAcross Threats,Data and ApplicationsConsistent Policy Across Officesand for Remote UsersVisibility Across Different Devices,Services, and Network LayersCisco Connect20

Web Security PortfolioWEB SECURITY ESSENTIALSADVANCED WEB SECURITYApplication Visibility and ControlURL Filtering, ReputationAnti-Malware Scanningand Prevention, DLPCENTRALIZED MANAGEMENT AND REPORTINGSingle console for WSA or CWS solutionsApplianceCoffee ShopVirtualCloudRouterHome OfficeFirewallMobile UserANYCONNECT SECURE MOBILITY CLIENT 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect21

Cisco DeploymentOptions 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect22

Web Security PortfolioWEB SECURITY ESSENTIALSADVANCED WEB SECURITYApplication Visibility and ControlURL Filtering, ReputationAnti-Malware Scanningand Prevention, DLPCENTRALIZED MANAGEMENT AND REPORTINGSingle console for WSA or CWS solutionsApplianceCoffee ShopVirtualCloudRouterHome OfficeFirewallMobile UserANYCONNECT SECURE MOBILITY CLIENT 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect23

Cisco Web Security EssentialsWSAURL FilteringCWSASA-XGranular categories and dynamic classification updated by SIOPolicy ManagementFlexible control of use, applications, social media, etc.AVC1000 applications, 75,000 microapplicationsSIO Updates75TB of threat telemetry dailyReportingValuable insight on-box, or viaSplunk for large implementationsValuable insight hosted in the cloudValuable insight on boxWeb ReputationOnly vendor to examine IP,domain, URL and senderreputationsOnly vendor to examine IP, domain,URL and sender reputationsOnly vendor to examine IP, domain,URL and sender reputations 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect24

Cisco Advanced Web SecurityWSACWSASA-XWeb Security Essentials, plusReal-time MalwareScanningSophos & Webroot, McAfeeoptionalMultiple malware enginesCisco SIODLPIntegrates with existing DLPvendors (RSA, Symantec, etc.)Via content filtering rulesN/ASIEM IntegrationNative integration with ArcSight,LogLogic, netForensics, RSA,SplunkVia WSA ConnectorN/AWeb ProxyCaching, logging, audio/videothrottling, ADintegration/authenticationN/AN/AL4 Traffic MonitoringPrevents Trojans, blocks “phonehome” infectionsN/AN/A 2012 Cisco and/or its affiliates. All rights reserved.Cisco Connect25

Flexible Deployment OptionsApplianceVirtualCloudRouterFirewallCISCO WEB SECURITYAPPLIANCEVIRTUAL WEBCISCO CLOUD WEBSECURITY APPLIANCE* SECURITYCISCO ISR-G2 WITHCWS CONNECTORCISCO ASA-X ANDCWS CONNECTORHigh-performance unifiedapplianceVirtual WSA for simplifiedmulti-location deploymentCloud-based unified websecurityCWS connector forbranch deploymentsNext-Generation firewallSingle box design forsimplified controlUnified web securityConnector software forHW deploymentsEssentials license:AVC, URL filtering,reputationAdvanced license:Anti-malware, DLPIntegrationUnified reporting andmanagement toolEssentials license:AVC, URL filtering,reputationAdvanced license:Anti-malware, DLPIntegrationUnified reporting andmanagement tool*Coming Q4 FY13Essentials license:AVC, URL filtering,reputationAdvanced license:Anti-malware, DLP viapoliciesCloud-based reportingand managementEssentials license:AVC, URL filtering,reputationAdvanced license:Anti-malware, DLP viapoliciesCloud-based reportingand managementIntegrated web securityessentials:AVC, URL filtering,reputationAdvanced web securitythrough CWSconnector:Anti-malware, DLP viapoliciesUnified reporting andmanagement through CX

“Which Approach is right for mybusiness?” 20122011 Cisco and/or its affiliates. All rights reserved.CiscoCiscoConfidentialConnect27

Which Deployment Method Do I Choose?DRIVERSLocation:WSACWSASA-XLarge, centralized HQMany branches, remote usersSmaller HQXXSIOXX (w/WSA Connector)Security:Real time malware dwidth ControlXXOperations:XExisting ASA/ISRCloud, Virtual InitiativesXXXXCost Considerations* Hybrid deployment via WSA Connector

Cisco Web Security – On PremiseInternetCisco WebSecurity VirtualApplianceFirewallSame functionality as WSAAppliance, plus Deployment Options Explicit Deployments – Browseris aware there is a proxy serverSelf-Service ProvisioningUCS Instant ProvisioningIncluded with SoftwareBundleUnlimited LicenseMix & Match deploymentUsers 2012 Cisco and/or its affiliates. All rights reserved. Transparent Deployments –Layer 3/4 redirection via WCCPor Traffic Management DeviceUsersCisco Connect29

Cisco Cloud Web SecurityReuses appliancesEliminates desktop agentReduces vendorsEliminates backhaulSimplified and scalable deploymentsURL FilteringApplication Visibility & ControlMultiple Malware EnginesSIEM/DLP/SOCKS/FTPSIO UpdatesCloud Web SecurityPolicy ManagementReportingMultiple Connector OptionsAnyConnectDirect to CloudWSA 2012 Cisco and/or its affiliates. All rights reserved.ISR-G2ASACisco Connect30