Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

Cisco Threat Awareness Service: Providing Can Count On

advertisement 
White Paper
Cisco Threat Awareness Service: Providing
Easily Accessible Threat Intelligence Data You
Can Count On
Threat intelligence is currently one of the hottest topics in the security industry.
Many analysts have been reporting on the increasing need for companies of all sizes to
implement threat awareness solutions. Threat intelligence allows organizations to have
visibility to negative activities that may be occurring—or being planned—against their
networks. Awareness of these threats allows companies to quickly and efficiently
respond to malicious activities.
Threat Awareness Service
Cisco is committed to helping you secure your network. That’s why we developed Threat Awareness
Service directly into the Smart Net Total Care portal. As a Cisco customer, you probably already have this
portal—and its new base level threat visibility—installed in your network and ready for your use. Seriously,
you probably do! This is because Cisco’s Smart Net was merged with our Smart Net Total Care. So, every
former Smart Net customer now has access to this portal. And, if you have any smart-enabled contracts,
you also have this same functionality.
Cisco’s Threat Intelligence Knowledge Base
Cisco’ threat intelligence knowledge-base is extensive. It was developed by leading threat researchers,
who are backed by big data infrastructures. These systems have analyzed millions of web requests,
malware samples and network intrusions. Cisco also collaborates with other security industry leaders to
obtain threat data. The result is an unrivaled security intelligence capability. Cisco Threat Awareness
Service is our way of extending this knowledge to you through an easy-to-use portal-based application.
Visibility Into Various Types Of Threats
The Threat Awareness Service base functionality provides visibility into three types of threats. The base
functionality, which comes with Smart Net Total Care, includes:
1.
Exposed Services: Open services exposed to the external world
2.
Malicious Activity: Destructive behaviors that are observed, based on IP Addresses
3.
DNS Observations: Unexpected DNS names and domains that aren’t associated with the network,
but are pointing to the customers’ IP Address
You can optionally upgrade to a premium version which includes a fourth threat type—Suspicious DNS
Requests—and provides expanded intelligence for each of first three categories.
How Threat Awareness Service Works
The Threat Awareness Service’s threat intelligence is based on destination addresses. We look at
destination address traffic as it appears from the outside world.
This is similar to the way law enforcement would conduct surveillance on potential criminal activity. The
criminal activity, from the Threat Awareness Service perspective, can be seen as the destination address.
Law enforcement—with a search warrant, of course—logs all of the suspect’s telephone calls with their
associated phone numbers. They can now tell who the potential criminals are contacting and who calls
them.
While this analogy is intended to help you better understand this new offer, it’s important to note that
Threat Awareness Service does NOT monitor our customers’ networks. However, it does obtain critical
information from the destination.
©2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 2 of 4
Receive Actionable Intelligence
As you use this service, you’ll receive actionable threat intelligence, based on Cisco’s large security data
knowledge and experience. This service will help your IT and security professionals make decisions about
potential threats to your organization and improve your overall network security.
Cisco Threat Awareness Service only provides visibility into threats. By itself, it does not take any action to
mitigate the risk. The service does not automatically generate reports. It does not reduce the risk of
existing or potential threats. And, since it’s hosted externally, it can only provide limited information on your
internally-hosted, intranet IP addresses.
Threat Awareness Service provides visibility into potential threats coming both from within your own
network and from external sources. And, it then makes threat mitigation recommendations. If a potential
threat is found, Threat Awareness Service explains the best way to reduce that risk.
Using Threat Awareness Service
If you have an active Smart Net Total Care contract, simply login to the Smart Net Total Care portal where
you’ll find the Threat Awareness Service’s base functionality. And, this is also the same location where
premium subscribers will find that application.
To obtain access to the Smart Net Total Care portal, simply follow the self-service registration and
onboarding instructions, which can be found online through this link. It’s that easy!
In order for the Threat Awareness Service to gain visibility into any potential threats to your network, you
need to register new network resources. These can be expressed as either:
1.
a domain name
2.
a single IP address
3.
an IP Address range, or
4.
a Classless Inter-Domain Routing (CIDR) block
Once network resources are authorized, threat view information will be available on the portal within
approximately 24 hours. At that point, the service will start providing threat visibility into potential malicious
or suspicious activity.
No Collector Required
Although Threat Awareness Service is integrated into the Smart Net Total Care portal, it is independent of
the Smart Net Total Care asset management functionality. The Threat Awareness Service does not require
you to deploy the Smart Net Total Care Common Services Platform Collector. Plus, there is no
dependency on any IB management functionality. And, you do not need to upload Cisco inventory into the
portal.
Threat Awareness Service is externally-hosted and easy to deploy. With this no-touch service, Cisco does
not scan your network. And, it requires:
©2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 3 of 4
•
No capital expenditures
•
No configuration changes
•
No network instrumentation
•
No new software deployments
•
No sensors in customer networks
•
No additional human resources
You Don’t Even Need Lots Of Security Expertise
Threat Awareness Service is all about making sure that you have access to actionable information about
any potential threats to your network. In today’s world, malicious activities are a reality for businesses of all
sizes. Threat Awareness Service aims to provide information that can help minimize these risks.
We realize that you may not have security experts on you team. With this service, our customers only
need to know their domain names and IP Address ranges. People with entry level networking experience
can easily set up the Threat Awareness Service.
For additional information, contact your Cisco Account Manager or Authorized Cisco Reseller.
©2016 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 4 of 4
Related documents
A. Explain the nature of marketing plans. B. Explain the role of
A. Explain the nature of marketing plans. B. Explain the role of
ex_buisness_expansion
ex_buisness_expansion
Stress Management - Dr. Fayose
Stress Management - Dr. Fayose
The Threat from Within
The Threat from Within
The foremost goal of the information security function should be to
The foremost goal of the information security function should be to
Statement of Richard Perle Fellow, American Enterprise Institute Before the
Statement of Richard Perle Fellow, American Enterprise Institute Before the
Download
advertisement