Scribd Logo
Upload

Welcome to Scribd!

  • 44 views

    Industry Collaboration To Address Emerging Security Threats: Cisco Network Admission Control Program Co-Sponsors

    Uploaded by

    strabase
    Cisco Security Vision is an initiative to dramatically improve the network's ability to identify, prevent and respond to emerging security threats. This presentation may contain projections or other forward-looking statements regarding future events or the future financial performance of the Company. These projections or statements are only predictions.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content

    You might also like

    Industry Collaboration To Address Emerging Security Threats: Cisco Network Admission Control Program Co-Sponsors

    Uploaded by

    strabase
    44 views25 pages
    Cisco Security Vision is an initiative to dramatically improve the network's ability to identify, prevent and respond to emerging security threats. This presentation may contain projections or other forward-looking statements regarding future events or the future financial performance of the Company. These projections or statements are only predictions.

    Original Description:

    Original Title

    Cisco_NAC

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Cisco Security Vision is an initiative to dramatically improve the network's ability to identify, prevent and respond to emerging security threats. This presentation may contain projections or other forward-looking statements regarding future events or the future financial performance of the Company. These projections or statements are only predictions.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    44 views25 pages

    Industry Collaboration To Address Emerging Security Threats: Cisco Network Admission Control Program Co-Sponsors

    Uploaded by

    strabase
    Cisco Security Vision is an initiative to dramatically improve the network's ability to identify, prevent and respond to emerging security threats. This presentation may contain projections or other forward-looking statements regarding future events or the future financial performance of the Company. These projections or statements are only predictions.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 25

    INDUSTRY COLLABORATION

    TO ADDRESS EMERGING
    SECURITY THREATS
    Co-Sponsors:
    Cisco Network Admission Control Program

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 1


    The World Is a Network of Networks

    Suppliers Partners

    Customers Employees

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 2


    Threat Levels Escalating
    Target and
    Scope of
    Damage

    Seconds

    Minutes

    Days
    Weeks

    1980s 1990s Today Future


    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 3
    Threat Levels Escalating

    • Magnitude of infrastructure threats increasing


    • Rapid worldwide propagation of attacks
    • Current point product solutions can’t keep up

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 4


    Approach to Security Must Change

    PAST NEEDED NOW

    Reactive Automated, Proactive

    Standalone Integrated,
    Multiple Layers
    Point Product Network /
    End-Point Systems

    A Collaborative Systems Approach


    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 5
    The Network as the Human Body

    • IT infrastructure (and network) needs to


    operate same as human body…
    • Viruses… ever-present fact of life
    We carry them with us
    We pick them up from all sorts of contact
    • Human body functions at high level even
    though we carry viruses and disease
    • Cisco NAC and Self-Defending Network
    Initiative modeled around this Autoimmune
    concept

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 6


    Cisco Security Vision

    INTEGRATED INDUSTRY SYSTEM LEVEL


    SECURITY COLLABORATION SOLUTION

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 7


    Cisco Forward-Looking Statement

    This presentation may contain projections or other forward-


    looking statements regarding future events or the future financial
    performance of the Company. These projections or statements
    are only predictions. Actual events or results may differ
    materially from those in the projections or other forward-looking
    statements. Please see the Company’s Annual Report to
    Shareholders and its filings with the SEC, including its most
    recent filings on Forms 10-K and 10-Q, each as it may be
    amended from time to time, for a discussion of important risk
    factors that could cause actual events or results to differ
    materially from those in the projections or forward-looking
    statements.

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 8


    Cisco Security Vision

    An initiative to dramatically
    improve the network’s ability
    to identify, prevent, and
    adapt to threats

    INTEGRATED INDUSTRY SYSTEM LEVEL


    SECURITY COLLABORATION SOLUTION
    • Secure Connectivity • Network Admission • Dynamically identify,
    • Threat Defense Control Program prevent, and respond
    to threats
    Systems
    • Trust & Identity Mgmt • End-to-End

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 9


    Industry Collaboration -
    Critical for Success

    Cisco Network Admission Control Program Co-Sponsors

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 10


    Why Cisco Network Admission Control?

    1. Non-compliant endpoint 2. Connection allowed 3. Infection spreads;


    attempts connection endpoints exposed

    BRANCH OR CAMPUS
    CAMPUS
    Corporate Net

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 11


    Cisco Network Admission Control Program:
    What It Does

    1. Non-compliant endpoint 2. Quarantine 3. Infection containment;


    attempts connection remediation endpoints secured

    BRANCH CAMPUS
    Corporate Net

    Remediation
    Cisco
    Trust Quarantine VLAN
    Agent

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 12


    Cisco Network Admission Control Program:
    How It Works

    Endpoint Cisco
    Cisco Network Anti-Virus Vendor
    Security + Access Device + Policy + Policy Server
    Software Server

    Cisco Security Credential Checking


    Security
    Agent
    Cisco Permit
    Anti- Trust Deny
    Virus Agent Quarantine
    Client Remediate

    Security Policy Security Policy Anti-Virus Policy


    Enforcement Creation Evaluation

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 13


    Cisco Network Admission Control:
    Benefits

    One Integrated System:


    • Endpoint Security Solutions know security condition
    • Policy Servers know compliance / access rules
    • Network Access Devices enforce admission policy

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 14


    CO-SPONSOR PRESENTATIONS

    Cisco Network Admission Control Program

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 15


    Safe Harbor Statement
    n This presentation contains forward-looking
    statements.
    n These statements are based on
    management’s current expectations.
    n We caution listeners that actual results may
    vary, perhaps materially, from the forward-
    looking statements in this presentation.
    n We encourage listeners to review the
    company’s filings with the Securities and
    Exchange Commission for a more complete
    description of risks and uncertainties related
    to the Company and its business.
    McAfee® Protection-in-Depth™ Strategy

    McAfee® System McAfee® Network


    Protection Solutions Protection Solutions

    Desktop Server Core Edge

    McAfee® VirusScan® McAfee® SpamKillerTM Sniffer® Network Sniffer® Portable


    McAfee® Desktop Firewall™ McAfee® WebShield® Protection Platform McAfee ® IntruShieldTM
    McAfee® ePolicy Orchestrator™ McAfee® GroupShield® nPOTM Solution
    McAfee® IntruShieldTM
    Magic Service Desk McAfee® Entercept® Magic Service Desk
    InfiniStreamTM Forensics
    The 3 Steps to a Trusted Connection
    Step 1 Step 2 Step 3

    Detect Known
    Assess AV Remediate
    and
    & Security & Protect
    Unknown
    Compliance
    Systems
    McAfee Trusted Connection
    LAN

    Information
    Remote Assets

    VPN Rogue

    Firewall
    VPN user

    Not
    Un-trusted Trusted Trusted Un-trusted
    Router Switch Compliant

    RAS

    Remote Compliant
    Site
    Page 20
    Trend Micro® Enterprise Protection Strategy (EPS)
    &
    Cisco® Network Admission Control
    Trend Micro Enterprise Protection Strategy
    RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
    Top 10 2003 Infection Statistics

    1999 2001 2002 2003


    6.00
    Millions of infections

    5.00
    4.00 5 of Top 10 in 2003
    released 1-4 years ago
    3.00
    2.00
    1.00
    0.00
    N.D

    Z.H

    .E

    .12
    E.F
    99

    I.A
    E.G
    O

    IG.
    SE
    .A-
    .40

    CH

    ND
    ER

    LE

    AT

    OB
    AT
    DA

    LO
    VE

    NA
    _K

    TIB
    VG
    LK

    VG

    _S
    OC
    IM
    LO

    RM
    _E

    UL
    O

    RM
    _LO

    RM
    _N

    _N

    _L
    UN

    PE

    WO

    _M
    PE

    WO
    RM

    WO
    JS

    RM
    _F

    OJ
    WO
    PE

    WO

    TR
    Virus name and original date released
    Trend Micro Enterprise Protection Strategy
    RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
    Top 5 Customer Reasons for Infection/Reinfection

    • Mixed threat attacks need more than pattern files


    § Attack-specific policy and system assessment and cleanup
    • Inconsistent or inaccurate security policy settings
    § Manual approach is mistake prone, change management is difficult
    • Inability to respond quickly enough when outbreak or
    reinfection occurs
    § Pattern files take time to develop and deploy
    • Out-of-date pattern files, AV software not present on
    all hosts and pathways
    § Lack of proactive enforcement = too little, too late
    • Security devices don’t coordinate
    § Enterprises must coordinate themselves with several vendors; cumbersome
    and mistake prone

    * 2002 Global Customer Survey


    Trend Micro Enterprise Protection Strategy
    RUNNING HEADER, 14 PT., ALL CAPS, Line Spacing=1 line
    Why Network Admission Control is valuable to our customers

    Outbreak Prevention Virus Response Assessment and Restoration

    Threat Attack Notification Pattern Scan and Assess and Restore and
    Information Prevention and File Eliminate Cleanup Post-
    Assurance Mortem

    $ $$ $ $$ $$ $$$$ $

    Attack Prevention Phase


    • Most critical phase of customer outbreak management
    • Network-based AV policy enforcement is the most effective option
    • Independent -- AV software alone can’t manage ‘out of state’ or unprotected users
    • Scalability -- Customer or Trend Micro-generated policies difficult to deploy,
    manage, and enforce across 1000s of clients
    • Cisco® Network Admission Control and Trend Micro EPS directly address 3 of
    top 5 customer concerns
    Cisco Network Admission Control (NAC)
    Summary

    • Cisco-led industry collaboration


    • Initial Cisco NAC co-sponsors:
    Network Associates
    Symantec
    Trend Micro
    • Focused on limiting damage from emerging security threats,
    e.g. viruses and worms
    • Limits network access to compliant and trusted endpoint devices
    • Key element of the Cisco Self-Defending Network Initiative

    8949_11_2003 © 2003 Cisco Systems, Inc. All rights reserved. 25

    You might also like