90 likes | 104 Vues
CiscoWorks VMS Security Management Software helps protect business networks and resources, offering centralized management, scalable solutions, remote OS updates, and comprehensive monitoring capabilities. Manage security in data centers, branch offices, and network access control systems effectively. Review your security management practices, reduce configuration errors, and address security challenges with this reliable solution.
E N D
Protecting the Business Networkand Resources with CiscoWorks VMSSecurity Management SoftwareGirish Patel, VMS Product Marketing, Cisco Security Technology Group
Internet Network Security Complexity CentralManagement Problem • Large number of firewalls, routers, VPNs, IDS • Controlling changes with multiple administrators • Unreachable devices: dynamically addressed or intermittent links • Remote OS updates Need • Scalable management that can handle hundreds of devices • Change management for multiuser environment • Implement configurations to remote firewalls that are not always reachable • Device inventory of network • Software image management and code distribution to devices Local Security Operations
SolutionCiscoWorks Security Information Management Solution (SIMS) • High-level graphical summary of enterprise security landscape • Real-time view of security event trends across the enterprise • Correlate and visualize to identify and respond to threats in real time • Over 250 canned reports provide extensive data-mining capabilities • Support for multivendor network Global view provides “big picture” view of security trends
Private VLANs for Increased Server isolation Managing Security in the Data Center Let Insiders in Secure systems approach within and between data centers Keep Outsiders out • Data Center Security Challenges • Protect confidential data • Protect business critical applications • Prevent security threats from outside and inside the organization • Data Center Security Solutionswith VMS • Manage agents to protect key servers and desktops • Manage Intrusion prevention for threat analysis • Manage firewall appliances, switch modules’ filtering and traffic • Manage VPNs for secure communications • Monitor security and performance for automated correction of emerging problems • Centralized management of all network security Internet Intranet
Managing Security for the Branch Office Corporate Office • Branch Security Challenges • Protect business communications • Prevent malicious traffic, threats, worms, etc. • Adopt new network services/apps without performance impact • Little to no remote IT staff Security Scalablewith Business Needs IPSec Tunnel Service Provider PSTN • Branch Security Solutions with VMS • Manage router-embedded security services (FW, VPN, IPS) • Manage router-integrated VPN, IDS modules for secure connectivity and threat prevention • Distribute consistent policies to hundreds of remote locations • Monitor health and performance to prevent downtime • Reduce configuration errors
6 5 2a 4 2 1 3 Managing Security for the Cisco NAC Solution Hosts Attempting Network Access Network Access Devices Policy Server Decision Points Policy (AAA) Server Vendor Server Credentials Credentials Credentials Management and Monitoring SystemCiscoWorks VMSCiscoWorks SIMS HTTPS RADIUS EAP/UDP, EAP/802.1x Access Rights Comply? Notification Cisco Trust Agent Enforcement • NAC Security Management • Manage software agents to protect desktops • Monitor performance and health of the access devices • Monitor end points, access devices, policy servers, and antivirus products • Centrally manage policies to ensure access points are configured according to policies • NAC Security Management Challenges • How to manage agents on lots of hosts • How to get a holistic view of access control, as opposed to a view of individual components • How to automate distribution of policy
Summary: Business Justification for Security Management “95% of all security breaches are attributed to misconfigurations.” – The Lippis Report, Vol 35: An Enterprise Network Security Framework Review your day-to-day activities: Where do IT staff spend their time? Management Products and Importance • 72% monitoring/reporting tools • 54% performance, service level, and application management tools • 53% platforms, frameworks, element managers • – Infonetics Research, 2003 • Over three years, the primary costs are not hardware or software but admin costs. • Cisco management software targets these primary costs and lowers TOC. • Dealing with the increased sophistication of attacks requires more than point products – it requires treating management as an integrated system. Cisco provides an integrated solution.