Add to collection(s) Add to saved
  1. No category

Chip Sharp

Chip Sharp
chsharp@cisco.com
© 2010 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
1
LOW
Volume
Evolution of Threat Landscape
MASS EMAIL
ADOPTION
SPAM
VIRUS OUTBREAKS
Network Evasions
Polymorphic Code
CFO
CEO
PHISHING
Worms
HIGH
$ VALUE
APTs
Covert, Sponsored
Targeted Attacks
Botnets
Code Red
HIGH
Volume
LOW
$ VALUE
Aurora
Conficker
Attachment-based
Image
Spam
Slammer
IPv6-based
Custom URL
Targeted
Phishing
PAST
TODAY
LOW
Volume
Intellectual Property
Quarantine
Filter
LOW
$ IMPACT
Encrypt
Everything
DLP
Data
Classification
TLS
Brand
HIPAA
PCI
Social Security Numbers
COMPLIANCE
Evolution of Outbound Protection
© 2012 Cisco and/or its affiliates. All rights reserved.
CUSTOMER ASSETS
Identity
Aware
HIGH
Volume
HIGH
$ IMPACT
Cisco Public
2
Securing Email for the Evolving Workforce
PAST
YESTERDAY’S EMAIL USER
THE ANYTIME, ANYWHERE
TODAY’S EMAIL USER
Checked email only from
company issued workstations
Checks email from multiple devices
Text with attachment
Always accessed email from
behind the corporate firewall
ü  7 billion mobile devices
worldwide by 2015
ü  1 in 3 employees uses at
least 3 devices for work
Expects email access
anytime, anywhere
Global
TODAY
Blends work and play
Believes IT is ultimately
responsible for security
Rich HTML email
Will violate IT policies
to get the job done
Relies heavily on
Social Media
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
3
Cisco Email Security Architecture
Management
Threat Defense
Data Security
Antispam
Data Loss Prevention
Antivirus and Virus Outbreak Filter
Encryption
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
4
cloud-based global threat intelligence
24x7x365
600+
$100M+
OPERATIONS
SPENT IN DYNAMIC RESEARCH AND
DEVELOPMENT
40+
ENGINEERS, TECHNICIANS AND RESEARCHERS
80+
LANGUAGES
PH.D.S, CCIE, CISSP, MSCE
Cisco SIO
WWW
IPS
Web
Networks
Endpoints
Visibility
1.6M
GLOBAL SENSORS
75TB
DATA RECEIVED PER DAY
35%
WORLDWIDE EMAIL TRAFFIC
13B
WEB REQUESTS
Information
Devices
Actions
Email
ScanSafe
AnyConnect
WWW
ESA
ASA
WSA
Control
3 to 5
MINUTE UPDATES
5,500+
IPS SIGNATURES PRODUCED
150M+
8M+
DEPLOYED ENDPOINTS
RULES PER DAY
© 2012 Cisco and/or its affiliates. All rights reserved.
IPS
200+
PARAMETERS TRACKED
70+
PUBLICATIONS PRODUCED
Cisco Public
5
•  35% of the world’s email traffic
•  75 TB of web data per day
•  13 billion web requests
•  1.6 million deployed devices
•  More than 150 million endpoints
Data & Content
Yes
Malware
Email
Reputation
Filters
Malware
Scanning
Outbreak
Filters
Spam
Malware
Blocked
APPLIANCE
CLOUD
VIRTUAL
Deployment Type
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
6
Paul Roberts
ger
ing Mana
Engineer chnology, Co.!
e
Global T
TARGET
Technology Intellectual
Property
60!
Born: land, 19
y
r
a
M
,
a
!
Bethesd
children
2
h
t
i
w
Married
e: Residenc l!
il
Morgan H
football
Favorite imore Ravens!
lt
team: Ba
company:
Previous
!
Verizon
Targeted Attacks have quadrupled in the last year.
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
7
Paul Roberts
er
ng Manag Co.!
i
r
e
e
n
i
g
En
y,
echnolog
Global T
Friend
paul@email.com
1960!
Born: aryland,
M
,
a
d
s
e
Beth
dren!
h 2 chil
t
i
w
d
e
i
Marr
e: Residenc l!
il
Morgan H
football ens!
e
t
i
r
o
v
v
a
a
F
timore R
l
a
B
:
m
a
te
company:
s
u
o
i
v
e
r
P
!
Verizon
Request for Review
Paul,
I forward my thesis to you for review.
Please open it and provide comments.
www.Personal Site.com/Thesis_Draft.pdf
Hope all is well since Verizon.
Best regards,
Friend
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
8
Cisco Email Security blocks with reputation, malware and outbreak filters
?
?
?
??
?
?
Reputation Filters Malware Scans
?
Outbreak Filters
>99% Catch Rate
Block 90%
of Spam < 1/1M False Positives
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
9
Before
http://www.threatlink.com/
Friend
paul@email.com
Request for Review
Paul,
After
http://secure-web.cisco.com/auth=X&URL=www.threatlink.com!
I forward my thesis to you for review.
Please open it and provide comments.
www.Personal Site.com/Thesis_Draft.pdf
Hope alls well since Verizon.
Best regards,
Friend
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
10
7
M
Updates per Day
1Tb
Threat Telemetry
Identified: Targeted Attack
Content: Malware Payload
Vector: Email
Action: Blocked
Friend
paul@email.com
Request for Review
Paul,
I forward my thesis to you for review.
Please open it and provide comments.
www.Personal Site.com/Thesis_Draft.pdf
Hope alls well since Verizon.
Best regards,
Friend
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
11
http://secure-web.cisco.com…
Malware
Payload Blocked
Cisco Security
The requested web page
has been blocked
http://www.threatlink.com
Cisco Email and Web Security protects your
organization’s network from malicious software.
Malware is designed to look like a legitimate email
or website which accesses your computer, hides
itself in your system, and damages files.
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
12
Summary
• Email threats have evolved beyond blanket
attacks
• Targeted attacks and new vulnerabilities
introduced by BYOD
• Inbound Defense – Outbreak Filters, Leveraging
SIO, Anti-Malware, Anti-Virus, Anti-Spam
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Public
13
Related documents
10_2_1_2 Worksheet - Answer Security Policy Questions
10_2_1_2 Worksheet - Answer Security Policy Questions
WWW+Internet+networking - Edulink
WWW+Internet+networking - Edulink
Download