Professional Documents
Culture Documents
D2S6.Email Security Roadmap 13.5 and Beyond
D2S6.Email Security Roadmap 13.5 and Beyond
Roadmap Deep-Dive
Filipe Lopes
Technical Marketing Engineer
October 2019
Global
#GST #CISCOVT #CISCOSE
Sales Training
Attackers rely primarily on email
to distribute spam, malware, and
other threats. To prevent
breaches, you need a powerful
email security solution.
Talos Team
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
1 FY19 Overview -> FY20 Priorities
2 Consolidated Roadmap
Agenda
3 FY20 Roadmap Deep-Dive
4 Call to Action
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Disclaimer
Many of the products and features
described herein remain in varying
stages of development and will be
offered on a when-and-if-available
basis.
This roadmap is subject to change at
the sole discretion of Cisco, and Cisco
will have no liability for delay in the
delivery or failure to deliver any of the
products or features set forth in this
document.
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
FY19: A Record Year for Email Security
Highlights Keys to Success
Frankfurt
Significant investments in
4
Melbourne Tokyo
infrastructure
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
FY20 Priorities
Improved phishing 3rd phase of integration New User Interface for East / West email visibility
detection with Cloud with Cisco Threat Cloud Email Security
based URL analysis Response Reading of Reporting and
New interface for Mailbox data from
Faster lookup times via Advanced Phishing Registered Envelope Exchange
new cloud architecture Sensor on CES/ESA Service
Native integration with
New scanning engines Publish of Public API for Domain Protection and Exchange folders (Junk,
for emerging threats Configuration Advanced Phishing Quarantine, etc.)
Reports
On-demand retraction of
emails
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
Email Security Initiatives FY19-20 Available Now In Planning
2019 2020
January June September February
v12.0 v12.5 v13.0 v13.5
Thought
Leadership
External Threat Feeds Support Using
Auto Remediation for Exchange 2016+
*
Mailbox On-Demand Retraction : For On-
STIX over TAXII standard prem, cloud and Hybrid O365, MS
SafePrint File Disarm and Reconstruction Exchange
Threat
Efficacy Enhanced IMS Engine: Revamped Efficacy Improvements: Enhanced anti-
Sender Domain Reputation (SDR) Phishing Improvements: Detection of
Intelligent Multi-scan engine to better spam with additional profiles & improved
Domain reputation, age based filtering credential phishing, malware download,
detect spams, phishing outbreak filters for better phishing
browser attack links
detection
Infrastructure
Expansion Japan, Australia CES DC Launch Site-to-site VPN for APJC customers New multi-tenant dashboard in CES
New EU Data center: Germany DC in
preparation for Brexit
GDPR Compliance for CES Load balancers for US CES data centers Load balancers for EU, APJC data centers
Cisco on
Cisco Cisco Threat Response Integration Integration of Advanced Phishing
Cisco Threat Response : Support for Cisco Threat Response: Casebook, Pivot
Integration Protection sensor, Domain Protection “My
multiple regions (US, EU) menu support
ThreatGrid Cluster support Domains” Report
Platform DANE Support: Meet EU standards CEF logs & AWS S3 bucket upload Scalable SMA: To handle more gateways
X95 Platform support: new and better
Enhancements performing platform
Smart Licensing: Simplified licensing SSO access to Email gateways via SAML CRES Custom branded CRES UI
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Version 13.0 Summary
ESA 13.0 Enhancements SMA 13.0 Enhancements
• Enhancements to Mailbox Auto Remediation • SMA UX – phase 3
• Exchange Hybrid support • Configuration of Quarantines
• Exchange 2013, 2016 support • Scheduled Reporting
• O365 Multi-tenant support
• PDF of reports in new UI format
• Cisco Threat Response – pivot menu, casebook
• Single Log Line (CEF)
• SAML for administrative authentication
• FIPS/CC Certification
• Phishing enhancements - phase 1
• x95 platform support
• Reporting / Tracking / Quarantine UI on ESA
w/APIs
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
Mailbox Auto Remediation Enhancements
MS Exchange Office 365 Office 365
2016, 2019 (main tenant) (Secondary tenant)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
CEF Formatted Logs
CEF allows for standardized log format so that SIEM vendors can easily ingest logs
All data / verdicts / actions on the email are logged into a single entry after the final
action of the email is taken
CEF uses reduces disk consumption in SIEM applications, with faster indexing
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
CEF Formatted Logs
CEF:0|Cisco|ESA|11.1|SERIAL|0|IP|HostName|SenderGroup|ICID|MFP|Action|MID|OfficalSantaLetters@specialnewss
anta.icu|me@cisco.com |Make Christmas Magical again!|Policy|IPAS|AV|AMP|GRM|CF|OF|Drop
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
SAML for Administrative Authentication
• SSO Authentication
• Map roles to groups
• SAML verified against
ADFS, Azure AD and
Duo
• ESA and SMA
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
New! x95 Hardware Refresh for ESA/WSA/SMA
Data Sheets Product
Overview
with
Migration
Guide
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
SafePrint
Malicious & Suspicious Document Types or URLs in Attachments
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
SafePrint – Content Disarm
End User
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
13.5 and Beyond…
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
AsyncOS 13.5 & Beyond
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
Anti-Phishing Enhancements
12.x 13.0 13.5
Cloud URL Analysis for
CASE/OF Engine not CASE/OF Engine detection inline URL inspection of
detecting all URL-based improvements anomalies Real-time Cloud queries
Threats for IP and URL reputation
SDR verdict is not passed
Pass SDR, URL’s in
to CASE OF/Re-scan improvements
attachments
information to passing intermediate scan
Upon release from OF, only
results, Suspect spam Support for additional URL
AS/AV rescans the email CASE/OF Shortened services
handling
Passing Macro detection , Re-scan an email by all
SPF and DKIM verification engines on release from Infrastructure Improved Telemetry and
verdict to CASE OF quarantine improvements for faster exchanging contextual data
URL’s reputation updates across services
IMS-NG (Advanced CASE New Aggressive scanning
and new spam detection) profile for IPAS users
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
Anti-Phishing Enhancements – Phase 2
Cloud URL Analysis (CUA)
o Browser Exploits
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
SMA & DP Integration
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
ESA & APP Integration
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
ESA & APP Integration
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
ESA & APP Integration
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
Performance and Scalability Enhancements
SMA Scalability
Robust Scanning
Parallel Processing
Faster UI responses
Benchmarks
ESA
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20
Call to Action! Call to Action!
Sales Training
SMA – Reporting Scalability Enhancements
13.0 13.5
SMA SMA
1 – 20/25 1 – 40+
Email Security Email Security Email Security Email Security
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
CES v2
• Vision: CES to be a cloud native SEG
• Load balancer & Multi-tenant portal: building blocks of this architecture
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
Cisco Success Network&Telemetry
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
Email Security Portfolio
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
FY19 Overview/FY20 Priorities Initiatives 13 Highlights FY20 Call to Action!S a l e s T r a i n i n g
Renaissance (ESA 13.5 + SMA 13.6)
We need you!!
• Direct link to product development!
• Private weekly calls with the product team
• New feature training; TAC support
• Free beta loaners for your test lab
• Ensure your bugs are fixed by GA
Enroll today!
http://cs.co/security-beta-nomination
ask-sbg-beta@cisco.com
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Email Security Call to Action
Upsell and Engage Customers
• Email Security + AMP bundle
Utilize Email Security Demos & PoV (Single SKU)
• Threat Analyzer v2 for O365 (v3…!) • Health check & Customer Success
• Updated Email Security PoV Guide! • CTR Awareness & Integrations!
• Email Security dCloud Instant Demo • Include Domain Protection, Advanced
• DP & APP PoV guide Phishing Protection, Security
• DP & APP dCloud Instant Demo Management Platform in every
• CES Eval process via Atlas 5.0 conversation
Christian Clasen
Technical Marketing Engineer
October 2019
Global
#GST #CISCOVT #CISCOSE
Sales Training
Today’s Agenda
Market and Positioning
12.0 Features
Forward Looking
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Market and Positioning
In a cloud-obsessed world,
where is the on-prem proxy
market?
VS.
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Key Market Verticals for On-Prem Proxy
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Health Care Financial Services
Granular Reporting
Strong Identity
VDI Support
DLP
Log Retention
Behavioral Analysis
WSA
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Globally Recognized Certifications
FIPS Common
Certification Criteria
AsyncOS 10.5
Global
AsyncOS 11.8 (CC pending)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Sales Training
US-Centric Certification
DoDIN
APL
AsyncOS 10.5
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
AsyncOS 11.8 Global
Sales Training
Key geographies
European Market
GDPR compliance
Cloud reluctance
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Regulatory compliance
3rd Party
CTA Cloud Services Cloudlock
Anonymization
IP Address
Username
Group
Global
3rd Party DLP
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
WSA Sales Training
Agenda
© 2018
2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Road Map
Q2CY19 11.8 (LD) Q4CY19 12.0 (Beta) Q1CY20 12.5
• UX refresh / REST API • High Performance (phase I) • High Performance (phase II)
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
The WSA is the only
Cisco security product
that can decrypt
TLS 1.3
TLS
v1.3
WSA 12.0
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
TLS 1.3 Benefits
TLS
v1.3
Global
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
AsyncOS 12.0 Sales Training
High Performance WSA
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
New Reporting UI
• Less cluttered
• More modern
• Customizable
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
AsyncOS 12.0 Global
Sales Training
CTR integration
Query the WSA or SMA Web Tracking Database
Observables
Domain
Destination IP
URL
Filename
File Hash
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
AsyncOS 12.0 Sales Training
System Health Dashboard
Status Info
CPU by Process
Memory
Disk
Traffic Profile
RPS
Bandwidth
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
DecryptGRate
lobal
AsyncOS 12.5 Sales Training
System Health Dashboard
Service Details
Status
Latency
Historical Alerts
ISE
AMP
Authentication
WBRS
And More…
Global
AsyncOS 12.5
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Sales Training
Proxy IP spoofing
New feature
IP 1
WSA P
IP 2 B
R
12.0 IP 3
WSA
Global
AsyncOS 12.5
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Sales Training
YouTube categories
Music News and
{API} Gaming
Sports
Education
Politics More
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
AsyncOS 12.5 Sales Training
Agenda
© 2018
2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
HTTP/2.0 Support
• 2.2x Faster
• Fewer Connections
• No competitor support
http/2
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
CTR Remediation WSA
Policy
Enforcement
Investigate Remediate
Global
CTR
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Sales Training
New Configuration UI
Policy
Configuration
{API}
{API}
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Agenda
© 2018
2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Active campaigns
Forcepoint and Symantec takeout
Competitive 3Y for price of 2Y
5Y for price of 3Y
Stackable Discounts
Migration Incentives Up to 71% discounts for partners moving customers to Cisco
https://salesconnect.cisco.com/#/program/PAGE-12501
Ratio pricing for education
SLED Licensing 1:5 for students
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Cisco Software Support for Security
SKU: WSA-SW-SUPP
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training
Resources
© 2019 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Global
Sales Training