seguridad integral con cisco meraki · 2020. 1. 30. · cisco meraki cloud managment seguridad con...
TRANSCRIPT
-
Seguridad integral con Cisco Meraki
Noviembre 2019
-
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Agenda
Tendencias de Seguridad
Cisco Meraki Cloud Managment
Seguridad con Meraki
Demo
Portafolio & Licenciamiento
Q&A
-
Malware Volume Has Grown 10X
53% of attacks $500k+ in damages
Source: Cisco 2018 Security Capabilities Benchmark Study
Cloud-Managed Security for Distributed Networks
-
Security IT professionals have little time
•44% of alerts are not investigated
• Lack of headcount
• Lack of trained personnel
• Budget constraints
Cloud-Managed Security for Distributed Networks
Source: Cisco 2018 Security Capabilities Benchmark Study
-
Malware
PhishingIntrusion
Insider Threats
SW Vulnerabilities
Ransomware
APT & DDoS
Man in the Middle
Endpoint vulnerabilities
?
-
M E R A K I M I S S I O N :
Simplifying powerful
technology to free passionate
people
to focus on their mission
Cloud-Managed Security for Distributed Networks
-
Simplifying IT with Cloud Management
A complete cloud managed IT solution
Wireless, switching, security, SD-WAN, unified endpoint management (UEM), and security cameras
Integrated hardware, software, and cloud services
Leader in cloud managed IT
Among Cisco’s fastest growing portfolios
350k+Unique customers
4.5M+Meraki devices
online
5.5M+Active Meraki
dashboard users
Cloud-Managed Security for Distributed Networks
-
Benefits of a cloud-managed solution
WAN / Internet
Management DataUser Traffic
Security & SD-WANAppliances
Switches
Access Points Systems Manager
Security Cameras
RELIABILITY
SECURITY
SCALABILITY
FUTURE-PROOFING
Insight
Cloud-Managed Security for Distributed Networks
-
The Cloud Increases IT Efficiency
M A N A G E A B I L I T Y
S C A L A B I L I T Y
C O S T S A V I N G S
Turnkey installation and management
Integrated, always up to date features
Scales from small branches to large networks
Reduces operational costs
Cloud-Managed Security for Distributed Networks
-
Zero Touch Provisioning
One-time remote, web-
based configuration
Configuration templates
simplify large multi-site
deployments
No pre-staging
No onsite configuration
Unbox and plug in
devices at required
locations
Cloud-Managed Security for Distributed Networks
-
Increasingly Valuable IT Investment
Over-the-web feature delivery with quarterly updates
Granular control over firmware versions
Cloud-Managed Security for Distributed Networks
-
Ironclad Cisco security, Meraki simplicity
Meraki
Cloud-Managed Security for Distributed Networks
-
Security is hard, Meraki is easy
Cloud-Managed Security for Distributed Networks
-
Simplified Enterprise Security
Enterprise-class security
features for security-
conscious environments
Air Marshal WIDS/WIPS Detect wireless attacks; contain rogue APs; cloud-based alerting and diagnostics
User and device aware security
UTM and content security
User, device, and group-based firewall rules (layer 3 / 7) with Active Directory integration
Application firewall; content filtering matching 1B+ URLs; antivirus/anti-malware filtering; Google safe-search; intrusion prevention;
Cloud-Managed Security for Distributed Networks
-
Flexible Authentication and Access Control
Flexible built-in authentication mechanism
Flexible authentication
Dynamic access control
Secure 802.1X, ISE/NAC, and Active Directory authentication; Facebook Authentication
for branding and targeted social marketing; SMS self-service authentication; and hosted
sign-on splash pages
Assign clients layer 3 / 7 firewall rules, VLANs, and application-aware quality of service by identity, group, location, or device type
Cloud-Managed Security for Distributed Networks
-
Endpoint Management
Rapid provisioning, application management, security, and capacity for BYOD-ready deployments right out of the box
Device-aware security
Integrated endpoint management
Simplified onboarding
Device-aware firewall and access control; antivirus scan; LAN isolation; Bonjour Gateway; content and security filtering
Enforce encryption, passcodes, and device restrictions; deploy enterprise applications; remotely lock or wipe devices
Flexible authentication with Active Directory integration, SMS authentication, hosted splash pages, and automatic EMM enrollment
Cloud-Managed Security for Distributed Networks
-
Automated Site-to-Site VPN (Auto VPN)
SimpleThe ability to configure site-to-site, Layer 3 IPsec VPN tunnels in just two clicks in the Cisco Meraki dashboard over any WAN link
AutomaticVPN configuration generated and deployed automatically from the cloud – create a mesh or
hub-and-spoke topology with only a few clicks
ResilientAutomatically adjusts to changes in order to maintain secure connectivity during an ISP or datacenter outage, hardware failure, or IP address update
Cloud-Managed Security for Distributed Networks
-
1.5 million malware samples / day
600 billion email messages / day
16 billion web requests / day
Honeypots
Open source communities
Internalvulnerability discovery
Telemetry
eInternet-wid scanning
Backed by Cisco Talos threat intelligence
Over 250 full time threat researchers
Millions of telemetry agents
4 global data centers
Over 100 threat intelligence partners
Over 1100 threat traps
Cloud-Managed Security for Distributed Networks
-
Anti-fragile architecture delivered by the cloud
?
Cloud-Managed Security for Distributed Networks
-
Meraki Wireless Scanning Radio AirMarshall Access Policies
Meraki Firewall Identity based Firewall IDS/IPS
Cisco AMP Auto VPNContent Filtering
Meraki Switching 802.1X Authentication Access Policies
VLAN Port Isolation Rogue DHCP Detection L7 Visibility
Meraki EMMCisco Security Connector
Access Policies
Cisco AMP
RADIUSSyslog
Umbrella DNS
Umbrella DNS
An End to End Approach to Security
Meraki dashboard Centralized visibility of entire network
Meraki CameraPhysical Security
Cloud-Managed Security for Distributed Networks
-
Demo
Cloud-Managed Security for Distributed Networks
-
What’s Needed
-
Simple, All-Inclusive Licensing
1:1 ratio of licensing and hardware
3, 5, 7, and 10 year durations available
Centralized management with network-wide visibility and remote troubleshooting tools
Over-the-web firmware and security updates
24/7 enterprise support and warranty
All features included as standard, no per-feature licensing
Cloud-Managed Security for Distributed Networks
-
Next Generation Firewall
Site-to-site and client VPN
Intelligent path control
Link bonding and failover
Bandwidth shaping and QoS
Branch routing
Web caching
Active/Passive high availability
Enterprise License Advanced Security License
*additional Threat Grid subscription required
All enterprise features, plus
Content filtering (with Google SafeSearch enforcement)
Cisco Advanced Malware Protection
Snort IDS/IPS
Threat Grid integration*
Geo-based firewall rules
Licensing that fits the business’ needs
Cloud-Managed Security for Distributed Networks
-
A Model for Every Location
MEDIUM BRANCH LA RGE BRANCH, CAMPU S OR CON CEN TR ATOR VIRTUAL
MX64/65
~50 users
802.11ac Wireless* & PoE
FW throughput: 250 Mbps
MX67/68
~50 users
802.11ac Wave 2* & PoE
FW throughput: 450 Mbps
MX67C/68CW
~50 users
802.11ac Wave 2* & PoE
FW throughput: 450 Mbps
CAT 6 LTE
MX84
~200 users
FW throughput: 500 Mbps
MX100
~500 users
FW throughput: 750 Mbps
MX250
~2,000 users
FW throughput: 4 Gbps
MX450
~10,000 users
FW throughput: 6 Gbps
vMX100 for AWS & Azure
FW throughput: 750 Mbps
VPN & SD-WAN
TELEWORKER
Z3 Z3C
~5 users
802.11ac Wave 2 Wireless & PoE
FW throughput: 100 Mbps
CAT 3 LTE (Z3C)
SMALL BRANCH
Cloud-Managed Security for Distributed Networks
-
Industry Leading SD-WAN Meets Industry Leading Security
Delivered by a powerful all-in-one appliance
Cloud-Managed Security for Distributed Networks
-
A complete cloud-managed IT portfolio Single-pane-of-glass management
An Integrated Meraki Network for More Benefits
Wireless Access PointsOptimized for high-density with
802.11ac and Bluetooth
Enterprise Mobility ManagementUnified managed and control of thousands
of devices
Security CamerasStreamline deployment and
monitoring of video security cameras
Security & SD-WAN AppliancesFeature rich security and unified threat
management platform
SwitchesLayer 2 and layer 3 switches for
mission-critical networks
MIOptimize User Experience,
Accelerate IT
Cloud-Managed Security for Distributed Networks
-
©h20t17tCpiscosan:d//or i/ts amffiliatees. Arll raighkts reise.rcvedi. sCisccooCon.fidcenotial m/firstyearonus/es
Meraki First Year On Us
-
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Security Made Simple with Cisco Meraki: https://meraki.cisco.com/security-made-simple
• Cloud Managed Security & SD-WAN: https://meraki.cisco.com/products/appliances
• Technical references: https://documentation.meraki.com/MX
References
-
Thank you