Intelligent Cybersecurity for the Real World – Before, During and After an Attack
As the IT industry changes, the network grows more important and businesses security models evolve with market trends. Cisco security solutions help you embrace these transitions while protecting assets, empowering employees, and accelerating business innovation. The integrated and network-based security infrastructure from Cisco is designed to improve visibility and control. New developments include:
- Cloud-Based Intelligence: Proactive and consistent protection months ahead of the threat
- Context-Based Policy and Management: Intelligence-based policy focused on the user, device, and application
- Network-Enforced Security: Stronger enforcement from user to application
Visit the Security booth to engage with security experts and Cisco executives about important trends that will increase your productivity and improve your governance, compliance, risk, and security.
Cisco Security Demonstrations
Visit the Security booth in the Cisco campus for demonstrations of the latest Cisco security solutions. Demonstrations include:
Email and Web Security
- Unified Threat Management (ISR-G2 with CWS Connector): Learn how the ubiquitous Cisco ISR G2 router can securely provide a rich Direct Internet Access experience from your site via a Cloud Web Security (CWS) solution, eliminating backhaul traffic and letting you reserve your expensive links for truly business critical application traffic.
- Cloud Web Security: The Cisco Cloud Web Security solution extends protection before, during, and after an attack with easier deployment and much lower costs than on-premises products. See the new capabilities now available on Cisco CWS, including Advanced Malware Protection from Sourcefire, and Cognitive Threat Analytics for faster discovery of threats inside your network.
- Email Security: Cisco Email Security stops blended threats and targeted email attacks with an industry-leading approach to blocking unwanted messages, catching advanced malware, and disarming malicious links. See a walkthrough of our latest threat visibility and drill-down reporting capabilities.
- Web Security: The Cisco Web Security Appliance (WSA) now includes Advanced Malware Protection (AMP) from Sourcefire through a simple license add-on. We’ll give you a preview of AMP on Cisco WSA, including file reputation scoring and blocking, file behavioral analysis, and retrospective alerting.
Secure Data Center Solutions
- Cisco ASA Open Platform Architecture: In this demo, attendees will be able to preview the new Cisco Adaptive Security Virtual Appliance (ASAv) for traditional and SDN Data Center environments. See how easily the ASAv and Sourcefire virtual IPS can be dynamically integrated into a service chain within the new ACI intelligent fabric Data Center infrastructure, plus a demonstration of the ASAv’s dynamic SSL VPN capabilities.
- 16X Multi-Site Clustering and RA Solution: The ASA 5585-X is Cisco’s most powerful firewall solution for today’s data center environments. With its new advanced clustering capabilities, the ASA-5585-X can support up to 16 Node clustering solutions within a single or multi-site Data Center. See a live demo of its advanced clustering capability.
- Secure Your Data Center: The Cisco Secure Data Center for Enterprise Solution helps enterprises deploy a virtualized data center with a comprehensive set of security capabilities. You’ll see Cisco next-generation firewalls operating as a cluster with Cisco TrustSec and IPS services to protect a virtualized UCS server farm using Cisco Nexus switches while managing server deployment and policy with Cisco UCS Director and Cisco ISE. Our demo shows access to financial information restricted to authorized users while permitting deployment of new servers by operations personnel.
Threat Intelligence and Design Solutions
- Advanced Malware Protection: Cisco’s Advanced Malware Protection solution goes beyond point-in-time detection to offer continuous analysis, retrospective security, and multi-source Indicators of Compromise. The solution increases security effectiveness and operational efficiency while decreasing incident response times.
- Managed Threat Defense Service: Cisco Managed Threat Defense Service provides advanced persistent threat defense from unknown “zero-day” attacks along with protection from a broad range of known intelligence threats through the use of sophisticated real-time, predictive analytics, provided in a cost-effective, business-outcomes based offer.
- Trustworthy Systems: Trustworthy Systems is Cisco’s initiative to provide secure foundations in all Cisco products. Learn about our Secure Development Lifecycle in which Cisco’s processes, technologies, and policies are used to protect Cisco product offerings, and watch how trust anchor technologies with Plug-n-Play and next-generation encryption, including IETF RFC 7030 Enrollment over Secure Transport (EST), make it easier to establish and maintain a secure infrastructure.
- Solution Design Center: Cisco’s security architects will be on hand to help address your security and network design questions, including planning, design, implementation, and optimization.
Next-Generation Network Security
- Next-Generation Firewall: The Cisco ASA 5500-X Series Next-Generation Firewall gives administrators greater visibility and control of applications, users, and threats. We’ll show you how AVC, WSE and new integrated NGFW IPS together with the power of SIO delivered through reputation analysis combats known and unknown threats.
- Edge-to-Core Network Security (FirePOWER 8300): The new Sourcefire FirePOWER 8300 Series appliances from Cisco improve on the 8200 Series by half to address the network security needs of the highest capacity data centers and enterprise deployments. They’re stackable to over 120 Gbps of throughput and bring unmatched visibility to your organization.
- OpenAppID and Snort: OpenAppID is a powerful new app-focused detection language for automatic detection of client apps, web apps, web app behaviors, and server apps that allow you to create, share, and implement custom application detection. You’ll see alerts and application statistics generated in real time by sample application traffic plus the streaming of application statistics and alerts to data visualization products such as Splunk.
- Cloud-Managed Networking (Meraki): Join us for a live demo of Meraki’s cloud managed networking products, including wireless access points, security appliances, and switches. You will learn how cloud networking offers greater reliability, easier management, and a lower TCO, and we will show you a live demo of the exciting features in the Meraki dashboard.
Security Policy, Enforcement, and Visibility
- Network-Wide Visibility: Cisco’s Cyber Threat Defense Solution uses NetFlow behavior analytics to identify modern threats inside the network without relying on signatures or traditional network control points. The demo includes integration with ISE, ASA, and the latest software release of Lancope StealthWatch.
- Cisco TrustSec: Network Segmentation: Cisco TrustSec® accelerates security operations by automating and reducing firewall rules. It simplifies access management by allowing secure, “Any Device” Access to resources based on user roles, locations, device types, and posture. Cisco TrustSec® is often used to segment campus and branch network traffic for malware prevention for ease of deployment.
- Secure Access and Enterprise BYOD: Cisco Identity Services Engine and TrustSec solutions provide policy-based secure access, traffic enforcement, and segmentation. See how you can use Cisco ISE to easily profile devices, check posture, and deploy MDM software to a new mobile device on the network. Also see how TrustSec enables automatic security provisioning of new servers or VMS that allows new workloads to be accessible through firewalls.
- Innovation-as-a-Service: Mitigate threats at cloud size and scale using NfV workflows orchestrated on top of a dynamic topology using a full system approach with Open API at each layer providing programmable services to deliver “the connected application.” The demonstration applies security as a service, delivering elastic security workflows to protect the network and application infrastructure and also as a managed service.
Technology Trend Keynote: A New Security Model for an IoE World
Christopher Young, Senior Vice President, Cisco Security Group, and
Bryan Palma, Senior Vice President, Security Services
Date: Wednesday, May 21
Time: 1:30 p.m.
Technology changes driven by cloud, mobility, and the Internet of Everything are creating significant opportunities. At the same time, attackers are more sophisticated and innovative. As the number and variety of threats proliferate, the solutions for responding become increasingly crucial. It can be a confusing, fragmented market in which no one product can solve every security problem. Cisco believes it’s time for a new, threat-centric security model that gives your organization better visibility across the entire attack continuum—before, during and after—and can better stop attacks and minimize damage. Join members of Cisco’s engineering, services, and IT security leadership team to learn how you can move beyond partial solutions to an anytime, all-the-time approach across technologies that work together continuously.
This session will be Live Streamed. Visit the Security Virtual Experience.
Security Speaking Sessions
Select from over 100 security speaking sessions to learn about the security solutions and trends that will help protect your business, including:
- Secure Network Access (BYOD & ISE Deployment)
- Email and Web Security
- Advanced Malware Protection
- Next-Generation Firewalls, IPS, and VPN
- Data Center Security
- Threat Defense, Countermeasures, and Controls
- Cloud Computing and Security
For a complete list of security technical sessions, click here.
Please also join us for these theater sessions within the Cisco Campus:
- Tuesday, May 20, 1:30 pm
Data Center Threat Management with Next Generation IPS
By Bart McGlothin, Enterprise Architect
Cisco Secure Data Center Validated Designs provide real world deployment and installation guidance. Learn how to confidently integrate Cisco and Sourcefire security portfolios to respond to sophisticated attacks targeted at the data center. This security intelligence integrated into the fabric of the data center enables rapid provisioning, increased agility, and advanced threat protection. Resulting in an industry leading comprehensive solution to protect data centers from today’s malicious threats.
- Tuesday, May 20, 4:00 pm:
Advanced Malware Protection – A Continuous Model for Pervasive Protection
By Tom Stitt
At the same time business models continue to evolve, so do the attack vectors that security teams need to address—private networks, cloud-based web applications, remote endpoints, mobile devices, and virtualized environments. As attacks become increasingly sophisticated, traditional point-in-time defenses are no longer effective. In fact, 100 percent of companies surveyed by Cisco have connections to domains that are known to host malicious files or services. Cisco’s comprehensive and integrated suite of network, gateway, and endpoint security solutions allows you to achieve high levels of advanced malware protection across all vectors of attack—network, cloud, mobile, endpoint, and virtual. Learn how Cisco’s continuous analytics model goes beyond point-in-time detection to increase security effectiveness and operational efficiency while decreasing incident response times.
- Wednesday, May 21, 10:30 am:
Cisco Managed Threat Defense’s Advanced Analytics Framework
By Mike Burg, Security Architect
At Cisco, our Managed Threat Defense team uses a HortonWorks HDP 2.x to replace a large portion of our security analytics tools and unify our analytics workflows. Yarn allows us to run a stream processor (Storm) alongside MapReduce jobs and Tez to give us the best of both worlds: a scalable stream analytics and alerting framework to detect real-time threats, and a traditional batch analytics framework to help us derive further insights from big data. Currently our system uses Storm on Yarn, Flume, ElasticSearch, HBase (will be switching to Hoya), Hive/Stinger, Pig Scripts (Packet Pig and Binary Pig), and MapReduce (experimenting with Tez). This technical overview of our system goes over the motivations for building it, our future roadmap, deployment and operations, and lessons learned.
- Thursday, May 22, 1:15 pm:
FirePOWER and FireSIGHT – Next-Generation Threat Protection
By Dave Stuart
This session explores Cisco’s Next-Generation Security Solutions, including recently acquired solutions from Sourcefire. Experience the high threat effectiveness and throughput performance that FirePOWER delivers and the advanced contextual awareness of FireSIGHT. Share Cisco’s vision of a new model for security that protects across the entire attack continuum — before, during, and after an attack. Hear how you can take advantage of these technologies and programs that can enhance your protection today.
Lunch and Learn
- Tuesday, May 20, 1:00 p.m. – 3:00 p.m.
Lunch and Learn: Building Trustworthy Systems with Cisco Secure Development Lifecycle
Marriott Marquis, Foothills G
- ONLINE ONLY: Monday, May 19, 1:00 p.m.
New Era, New Data Protection Model
By Evelyn De Souza
Just as you wouldn’t use a telegraph to send a message today, you shouldn’t leave protection of your cloud data to a bygone era. Join this webcast to test-drive a new model of industry data protection. You’ll come away with a practical blueprint for securing data in public cloud models that shows you how it works in your industry and where to prioritize data protection efforts according to your particular risk sensitivities. To register, visit Cisco Live online.
Meet with Our Security Experts
Cisco executives and subject-matter experts will be available to meet with you one-on-one at Cisco Live 2014. To schedule your private meeting, contact your Cisco representative.
Join Our Security Communities
Interact with your peers and industry visionaries. Share your insights on secure network access and next-generation firewalls, IPS, and VPN. Discover details of threat defense, countermeasures and controls, and best practices for deploying security technologies.