/
Customer Presentation September 2016 Customer Presentation September 2016

Customer Presentation September 2016 - PowerPoint Presentation

karlyn-bohler
karlyn-bohler . @karlyn-bohler
Follow
345 views
Uploaded On 2019-03-12

Customer Presentation September 2016 - PPT Presentation

Customer Presentation SCRIPTED Cisco ONE Advanced Security Use this presentation to pitch Cisco ONE Advanced Security offers to customers primary audience network buyer secondary audience security buyer ID: 755460

amp security access cisco security amp cisco access advanced threat data secure defense center asa services wan network ise software protection firepower

Share:

Link:

Embed:

Download Presentation from below link

Download Presentation The PPT/PDF document "Customer Presentation September 2016" is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.


Presentation Transcript

Slide1

Customer Presentation

September 2016

Customer Presentation [SCRIPTED]

Cisco ONE Advanced SecuritySlide2

Use this presentation to pitch Cisco ONE Advanced Security offers to customers – primary audience - network buyer, secondary audience – security buyer

First, please read the section in this deck titled “Internal Only

Important Sales Information: Must Read”

Familiarize yourself with the 4 buying programs and where to position Cisco ONE Advanced SecurityThere are 2 slides that provide the summary of the offers in section “2 slide overview”

The rest of the deck contains an introduction & 3 sections one each for Data Center, WAN/Edge & Access.

Each section is self-containedThe slide “Security Disrupters and Trends” has 2 options – one high level and one detailed. Use one or the other depending on your audienceYou can present either all 3 sections together or specific sections of interest.Each slide is scripted.Use in slideshow mode for animations

How To Use This Presentation

Remove This Slide Before PresentingSlide3

2 slide overviewSlide4

The Need For Simplicity In Security

Sophisticated Attacks

No Place Spared

DC | WAN | Access | Endpoints

Solution Complexity

30+ Solutions Deployed On Average

Gaps In Solutions

Customers Are Less Secure Than Ever

© 2016 Cisco

And/Or

Its Affiliates. All Rights Reserved. Cisco ConfidentialSlide5

Cisco ONE Advanced Security

Making It Easier To Protect The Inside And Perimeter Of Your Organization

© 2016 Cisco and/or its affiliates.

All rights reserved. Cisco Confidential

Secure Remote Access And Client VPN

Advanced Malware Protection

Intrusion Prevention

Blocks Over 280M+ Out Of

Policy Websites

Centralized Identity And Context

Based Access

Visibility, Compliance And

MDM Support

VPN & Secure Endpoint

Advanced Malware Protection

Intrusion Prevention

Blocks Over 280M+ Out Of

Policy Websites

Virtualized Firewall Services

URL FilteringAMPSecurity ContextNG IPS

Data Center

URL Filtering

AMP

AnyConnect Plus

NG IPS

ISE Plus

ISE Apex

AnyConnect Apex

Access

WAN and Edge

Simple

Predefined Offers

Investment Protection

For Midterm Upgrades

Flexible

And Integrated

Access To Latest

Threat Intel. & FeaturesSlide6

Security Disrupters and Trends

50+ Different Vendors

Complexity Is Making Customers More Vulnerable

Sophisticated, Distributed Attacks

Global Cybercrime Market Is $450B – $1T

Security Has Been A CIO Top 5 Spending Priority Since 2006

Option 1

Customers Are Less Secure Than Ever

Active Adversaries

Aren’t Going Away

Security Is A

Board Level ConcernSlide7

Mobility/BYOD

3.3 Devices Per Knowledge Worker

1

Cloud

545 Cloud Apps Per Organization

2

Internet Of Things

15 Billion Devices By 2015

1

Source: (1) Cisco IBSG (2) Skyhigh Networks Industry Report (3) CNBC (4) The Nilson Report Aug 2013 (5) Cisco 2014 Security Report (6) Ponemon Institute Study (7) TrustWave 2014State of Risk Report

New Attack Vectors

Malicious Traffic Visible On 100% Of Corporate Networks

5

Sophisticated Cybercriminals

Or Nation States

Global Cybercrime Market: >$450B

3

Digitization Of Information$11B Estimated Payment Card Fraud4

Multiple Data Locations & Platforms

63% Of Surveyed Businesses Do Not Have A Fully Mature Method To Control And Track Sensitive Data

7

High Operational Costs

& Lack Of Flexibility

54% Of Breaches Remain Undiscovered For Months

6

Increasing

Attack Surface

Dynamic

Threat Landscape

Complexity & Fragmentation

Security Disrupters and Trends

Option 2Slide8

BEFORE

Discover

Enforce

Harden

AFTER

Scope

Contain

Remediate

Attack Continuum

Network

Endpoint

Mobile

Virtual

Cloud

Detect

Block

Defend

DURING

Cisco Threat Centric Security Model

Point in Time

ContinuousSlide9

Let Us Look At Security In 3 Key Areas

Data Center

Branch – WAN & Edge

AccessSlide10

Secure Data CenterSlide11

Why is Data Center Security So Important

Without integrated security, our customer’s data centers are at risk

60%

of data is

stolen in

HOURS

54%

of data center breaches remain undiscovered for

MONTHS

YEARS

MONTHS

WEEKS

HOURS

START

85%

of data center intrusions

aren’t discovered for

WEEKS

51%

increase in companies

reporting a $10M loss

or more in the last

YEARSlide12

What If You Could

Continuous Business Operations

Fast Recovery After Attack

Data & Application

Integrity

Detect

Stealth Malware & Other Malicious Activity

Sooner

Get

Visibility

Into All Data Center Traffic: Users, Apps, Files & Threats

Detect & Stop

Known &

Unknown Threats

Protect Against

Multi-Vector Attacks

Reduce

complexity

Across the Attack Continuum at Scale

Reduce

RiskSlide13

Cisco ONE Advanced Security: Threat Defense for Data Center

FirePOWER Services on FirePOWER & ASA*

Detect, Block

Stealth Malware And Zero Day Attacks

With AMP

Virtualize ASA Firewall for

Segmented Policies

With Security Context*

Multi-vector Known & Unknown Threat

Prevention & Mitigation With Sourcefire

Next Gen IPS

Reputation & Category Based

Filtering Of 280M+ web sites

In 80+ Categories

** Security Context available on ASA platform (not FirePOWER) | ASA Software image updates covered as part of SmartNet |

FireSight Management Center is recommended and must be purchased separately

Virtualized Advanced Firewall Services

Next Generation Intrusion Prevention

Advanced Malware Protection

Block

Out-

of

-

policy

Websites

Cisco ONE Advanced Security:

Threat Defense for Data Center Slide14

FirePOWER Services on FirePOWER & ASA

Security Context*

*Security Context available on ASA platform (not FirePOWER)

Mitigate and protect data center resources across the attack continuum

Multi-layered threat defense in a single device

Full contextual visibility of users, infrastructure, applications, and content

Multi-vector threat & breach detection with automated defense response

Cisco ONE Advanced Security: Threat Defense for Data Center

Delivers Comprehensive Security Capabilities

Capabilities for

Secure Data Center

Threat Centric

Security Model

Cisco ONE Advanced Security: Threat Defense for Data Center

Attack ContinuumSlide15

Customer Case Study

Beachbody, LLC

Challenge

Disparate network without standardized platform hindered growth

Isolated data, security, and telecom did not allow single-pane network view

Manual configuration and management of firewalls required intensive time

Solution

Built a new data center with following security capabilities

Cisco ASA 5585-X Next-Generation Firewall

Cisco Identity Services Engine

Cisco TrustSec

Results

Reduces data center footprint by 50 percent

Automates management in virtualized environment with simplified rule set

Simplifies security management and operations, while leaving room for future growth Slide16

Customer Case Study

Expo Milan

Challenge

Protect visitors and pavilions with an advanced, effective, and pervasive security system

Manage both the physical and the digital components from a single control platform

Solution

The Cisco’s integrated approach to advanced protection from security threats

ASA protected traffic from and to cloud

AMP and IPS used to analyze 40Gbps of traffic for intrusion attempts

Results

Blocked more than half a million intrusion attempts during 6 months

Stopped more than 10,000 attempts to take control of applications and devices

Pervasive protection right across the networkSlide17

ASA 5585-X Subscriptions

FirePOWER 9300/4100 Subscriptions

Cisco ONE Advanced Security: Threat Defense for Data Center

ASA 5585-X FirePOWER (IPS, URL, AMP)

Security Context

FirePOWER 9300/4100 FirePOWER Threat Defense (IPS, URL, AMP)

Subscriptions*

Detailed Licenses

ASA 5585-X Appliance

FirePOWER 9300 or 4100 Appliance

Required Hardware (Purchased Separately)

*Includes software support (signature updates, license portability & access to on-going innovation)Slide18

Cisco ONE Advanced Security Benefits

© 2016 Cisco and/or its affiliates.

All rights reserved. Cisco Confidential

Simple

Predefined

OffersInvestment

Protection

for Midterm

Upgrades

Flexible

Access to Latest

Threat Intel.

and FeaturesSlide19

Upfront Savings with Cisco ONE Software

Cisco ONE Adv. Security Subscription Savings Illustration

For Data Center

Prices may vary for other platformsSlide20

Secure WAN & EdgeSlide21

Rich Media

Content

Omni-channel

Experience

Source: Gartner: How to Cost-Justify WAN Optimization

Remote

Experts

Thin Client

Apps

Mobility

Digital

Signage

Why is Branch Security Important

*

Tech Target, Branch Office Growth Demands New Devices, 2013 | **US The Census Bureau of the Department of Commerce, 2015

Cloud/

SaaS

Guest Wi-Fi

IoT

“By 2016,

30%

of advanced targeted threats

up from less than

5%

today

will specifically target

branch offices

as an entry point.”

80%

Of employee and customers are served in branch offices*

More Users

73%

Growth in in mobile devices from 2014–2018**

More Devices

20–50%

Increase in Enterprise bandwidth per year through 2018**

More Apps

Branch

BranchSlide22

What If You Could

Allow

secure remote access

, site to site

Protect data

from eavesdropping, unauthorized access and tampering

Secure Direct Internet Access

Defend against threats such as

malware, intrusions & denial-of-service

attacks

Meet regulatory compliance requirements

Secure Connectivity

Branch Threat DefenseSlide23

Secure IWAN (DMVPN, Integrated Firewall, ACL & TrustSec)

Enable Secure hybrid WAN

Secure connectivity across the WAN

Secure direct internet access

Basic VPN services & Perimeter Control

Cisco ONE Foundation for WAN

That Delivers Foundational Security Capabilities

Capabilities for

WAN

Intelligent WAN

Cisco ONE Foundation for WANSlide24

Cisco ONE Advanced Security: Threat Defense for WAN & Edge

FirePOWER Services on ASA, AnyConnect Plus

Detect, Block

Stealth Malware And Zero Day Attacks

with AMP

Secure Remote Access & Client VPN

With AnyConnect Plus

Multi-vector Known & Unknown Threat

Prevention & Mitigation with Sourcefire Next Gen IPS

Reputation & Category Based

Filtering of

280M+

websites

in 80+ Categories

ASA Software image updates covered as part of SmartNet

FireSight Management Center is recommended and must be purchased separately

Remote

Access

Next Generation Intrusion Prevention

Advanced Malware Protection

Block Out-of-policy Web Sites

Cisco ONE Advanced Security:

Threat Defense for WAN & EdgeSlide25

FirePOWER Services on ASA

AnyConnect

Plus

Protect branch against targeted attacks

Multi-layered threat defense

in a single device.

Visibility Into Applications and Devices

Secure Mobile, Remote Access

Multi-vector threat & breach detection with automated defense response

Cisco ONE Advanced Security: Threat Defense for WAN & Edge

Delivers Expanded Security Capabilities

Attack Continuum

Capabilities for

Secure Branch

Threat Centric

Security Model

Cisco ONE Advanced Security: Threat Defense for WAN & EdgeSlide26

Customer Case Study

Swanson Health Products

Challenge

Protect business and sensitive customer information from network security threats

Help ensure security protections do not

reduce productivity

Simplify security management

Solution

Deployed Cisco ASA 5585-X Adaptive Security Appliance with Next-Generation Firewall Services

Results

Selectively gave employees access to

different websites needed for jobs

Improved compliance with Payment Card

Industry (PCI) security standards

Reduced help desk calls regarding website

access by 50 percent Slide27

Cisco ONE Advanced Security Benefits

© 2016 Cisco and/or its affiliates.

All rights reserved. Cisco Confidential

Simple

Predefined

OffersInvestment

Protection

for Midterm

Upgrades

Flexible

Access to Latest

Threat Intel.

and FeaturesSlide28

ASA 5500-X Subscriptions

Cisco ONE Advanced Security: Threat Defense for WAN & Edge

ASA 5500-X FirePOWER (IPS, URL, AMP)

AnyConnect Plus

Subscriptions*

Detailed Licenses

ASA 5506, 5508, 5516, 5525, 5545, 5555 Appliance

Required Hardware (Purchased Separately)

*Includes software support (signature updates, license portability & access to on-going innovation)Slide29

Upfront Savings with Cisco ONE Software

Cisco ONE Adv. Security Subscription Savings Illustration

For WAN & Edge

*Prices may vary for other platformsSlide30

Secure AccessSlide31

It’s harder than ever to see who is on your network and what they are doing

?

?

?

31

© 2015 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

And you can’t protect what you don’t see

of surveyed organizations are not “fully aware” of the devices accessing their network

90%

of companies say their mobile devices were targeted by malware in the last 12 months

75%Slide32

What If You Could

Ensure Access From Anywhere

Enable secure access

to the enterprise network for any user, from any device, at any location

Gain Greater Visibility

Provide IT with

full visibility

into users & devices

Deliver a Solution That’s Easy to Use

Provide a seamless

user experience without

creating complexity

Keep Users and Devices Secure

Main Data & Application Integrity Through

User and Device ProtectionSlide33

Cisco ONE Advanced Security: Policy & Threat Defense for Access

Integrated Policy Based Secure Access

Advanced Compliance

Centralized Identity

& Context Based

Access from Anywhere (ISE-Plus*)

Visibility, Compliance

& MDM Support

(ISE-Apex)

VPN & Secure Endpoint

(AnyConnect Apex)

* Note: Cisco ONE Foundation is not a pre-requisite for Cisco ONE Advanced Security offer (Exception: ISE-Base is required for ISE Plus)

Endpoint Security

Identity & Device Based Secure Access

Cisco ONE Advanced Security:

Policy & Threat Defense for AccessSlide34

Identity Services Engine (ISE) Plus & Apex

AnyConnect Apex

Secure Applications &

Data Through Context

Based Access

Access based on Identity & Context (Device, Location)

Broad Visibility into Users, Devices & Traffic

End Device Compliance

Cisco ONE Advanced Security: Threat Defense for Access

Delivers Comprehensive Security Capabilities

Attack Continuum

Capabilities for

Secure Access

Threat Centric

Security Model

Cisco ONE Advanced Security:

Policy & Threat Defense for AccessSlide35

Customer Case Study

VyStar Credit Union

Challenge

To protect customer's financial information, VyStar needed a way to control network access

The secure connection had to be easy for employees-and fast

Solution

Before allowing a device to connect, Cisco Identity Services Engine authenticates the user and device

It also checks that the device is running the latest security software

Employees find it easy to connect to the VPN using AnyConnect Secure Mobility Client

Results

The network team has tight control over

who and what can connect to the network

And connecting is just as fast and simple as

it was beforeSlide36

Cisco ONE Advanced Security Benefits

© 2016 Cisco and/or its affiliates.

All rights reserved. Cisco Confidential

Simple

Predefined

OffersInvestment

Protection

for Midterm

Upgrades

Flexible

Access to Latest

Threat Intel.

and FeaturesSlide37

Cisco ONE Advanced Security:

Policy & Threat Defense for Access

ISE and Any Connect Subscriptions

ISE Apex

ISE Plus

AnyConnect Apex

Subscriptions*

Detailed Licenses

ISE appliance

Required Hardware (Purchased Separately)

*Includes software support (signature updates & access to on-going innovation)Slide38

Cisco ONE Adv. Security Subscription Savings Illustration

For Access

* Prices vary for other platformsSlide39

Advanced ServicesSlide40

Quick-Start Services

Adoption, Change Management, and Optimization Services

Simplified Professional Services Specifically Designed To:

Provide expert business guidance along with deep security expertise

Help assess and

analyze risks and

evolve security strategy to stay ahead of industry disruptions

Update and align security infrastructure to adopt BYOD, Cloud, and IoT

Improve efficiency and increase network security and reliability

Support incident investigation and remediation with access to security investigators and engineers 24/7/365

Services for Cisco ONE For Advanced Security

Making it easier to consume the value of Cisco’s softwareSlide41
Slide42

Cisco ONE Advanced Security: Threat Defense for Data Center

Protecting the Inside and Perimeter of Organization

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Advanced malware protection

Intrusion prevention

Blocks over 280M+ out of policy websites

Virtualized firewall services

Security

Context

Data Center

URL

Filtering

AMP

NG IPS

Supported on ASA 5585-X and Firepower 4100/9300 Appliance (purchased separately)

Subscription includes software licenses & software support (software & signature updates, midterm upgrade credits)Slide43

© 2016 Cisco and/or its affiliates.

All rights reserved. Cisco Confidential

Advanced malware protection

Intrusion prevention

Blocks over 280M+ out of policy websites

Secure remote access and client VPN

Anyconnect

Plus

WAN and Edge

Cisco ONE Advanced Security: Threat Defense for WAN & Edge

Protecting the Inside and Perimeter of Organization

URL

Filtering

AMP

NG IPS

Supported on ASA 5506, 5508, 5516, 5525, 5545, 5555 Appliance (purchased separately)

Subscription includes software licenses & software support (software & signature updates, midterm upgrade credits)Slide44

Cisco ONE Advanced Security

Protecting the Inside and Perimeter of Your Organization

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential

Centralized identity and context

based access

Visibility, compliance and MDM support

VPN and secure endpoint

Anyconnect

Apex

ISE Apex

ISE Plus

Access

Supported on ISE physical/virtual appliance (purchased separately)

Subscription includes software licenses & software support (software & signature updates, midterm upgrade credits)Slide45

Threat

Protection

Cisco AnyConnect

AnyConnect – Way more than VPN

Basic VPN

Endpoint Compliance

Enterprise Access

Inspection Service

Network Visibility

AnyConnect features

Integration with other Cisco solutions

Identity Services

Engine (ISE)

ASR / CSR

Switches and

Wireless Controllers

Cloud Web Security Services (CWS + WSA)

ISR

Adaptive Security

Appliance (ASA)

Advanced VPN

NetFlow Collectors

Advanced

Malware ProtectionSlide46

Network Resources

Access Policy

Traditional

Cisco TrustSec®

BYOD Access

Threat Containment

Guest Access

Role-Based

Access

Identity Profiling

and Posture

Who

Compliant

What

When

Where

How

Introducing Cisco Identity Services Engine (ISE)

A centralized security solution that automates context-aware access to network resources and shares contextual data

Network

Door

Physical or VM

Context

ISE pxGrid

ControllerSlide47

Gain visibility into who and

what is on your network

Grant access on a

“need to know” basis

Provide threat context to network behavioral analysis

Contain through network elements and security ecosystem

Get better forensics and prepare for the next attack by sharing information with ecosystem partners

Context Enhances Protection Across the

Attack Continuum

BEFORE

ISE

How

What

Who

Where

When

DURING

AFTER