Solutions Guide
Cisco Self-Defending Network: A Strategic Systems Approachto Information Security
“
Cisco’s solution delivers reliable, yet efficient security. Customers will be able to realize greaterprotection of business-critical applications with less intervention from IT staff.
”
—Joel Conover, Current Analysis
Each day, forward-thinking organizations reinvent how they conduct business by adopting Internet-based business models. The results?Competitive advantage, new sources of revenue, and optimized business processes.But Internet connectivity without appropriate security can compromise the very gains in productivity that make today’s companies moreprofitable. In the past, security threats from external sources were slow-moving and easy to defend against. In today’s connectedenvironment, outbreaks spread across the world in a matter of minutes, and security systems must react instantly.Increasingly, security attacks target browser-based business applications. Because these dynamic, complex custom applications may nothave antivirus signatures or regularly available application patches, one breach in security can expose assets, trigger legal liability, severelydamage customer confidence, and negatively affect profitability.Today’s administrators grapple with the consequences of tactical, reactionary point-solution approaches to security. Point solutionsintroduce complexity and inconsistency into the environment. A highly complex, inconsistent environment results in:
●
Weaker security—Complexity and inconsistency introduce risk gaps
●
Lower end-to-end visibility—The insight needed for effective operational management and policy control is impeded
●
Security posture erosion—Organizations are unable to maintain security capability, much less improve it
●
Higher total cost of ownership—Point solutions, needing complex integration, require more focus to implement, maintain, and manageover time
●
Lack of agility—Complexity impedes the organization’s ability to align policy with evolving business objectivesIn some industries, such as medical and financial services, governments now regulate data privacy. Point solutions can protect data privacyat network endpoints, but point solutions do not provide insight and visibility into all areas of the network. End-to-end security visibilitygives security managers the information they need to implement best practices all along the network and ensure compliance withgovernment requirements.In today’s environment, it is imperative to align information technology (IT) processes with business objectives. Because the network touches all parts of the business infrastructure, an integrated, networkwide security solution is uniquely positioned to help businesses meettheir objectives.
THE CISCO VISION
Cisco Systems
®
empowers security managers to safely deploy critical business applications and processes on integrated networks to helpthem increase productivity and gain competitive advantage. These networks are integrated, resilient, and adaptable. The confidence thatcomes from knowing that an organization’s business processes and information assets are secure is a critical factor in unlockingtremendous gains in productivity and dynamic growth.
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 9
Other security vendors can provide point solutions to achieve a base level of security for IP networks. Such solutions frequently requirecomplex, costly, and time-consuming integration efforts.Cisco
®
delivers advanced, integrated network security systems and services required for an organization’s mission-critical networks. Ciscocontinues to add security intelligence to the network infrastructure, understanding that security is not an afterthought—it is fundamental tobusiness processes and, ultimately, to business success.
BUILDING THE SELF-DEFENDING NETWORK
The Cisco Self-Defending Network is a strategic systems approach to security that uses the network to identify, prevent, and adapt tothreats from internal and external sources. A Self-Defending Network simplifies the security environment through tight integration,comprehensive security, increased end-to-end visibility, and improved total cost of ownership. All components of the network—the securenetwork platform, advanced services and technologies, and operational management and policy control—play a part in securing thenetworked environment.Integration, collaboration, and adaptability are core capabilities of the Self-Defending Network and are unique to Cisco. With anunmatched breadth and depth of offerings and security expertise, only Cisco can offer such a network-based, system approach.
●
Integration
of security throughout the existing infrastructure—built-in, not added on. Every element in the network acts as a point of defense.
●
Collaboration
between network and security components throughout the network. Security becomes a system involving cooperationbetween security-aware endpoints, network elements, and policy enforcement.
●
Adaptability
of the network to intelligently evolve and adapt to emerging threats. Examples include innovative behavioral methods thatautomatically recognize new types of threats as they arise, mutual awareness among and between security services and network intelligence for more proactive response, and broad recognition capabilities to address threats at multiple layers of the network.
CRITICAL COMPONENTS OF NETWORK SECURITY
The Cisco Self-Defending Network consists of five components critical to effective network security.
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 9
The secure network platform is the foundation for every Cisco Self-Defending Network. Upon this platform, you can layer advancedsecurity technologies and services when and where needed to solve your requirements for threat control and containment, confidentialcommunications, and secure transactions. Spanning the network from end-to-end, operational management and policy control provides theframework for efficient security management, control, and response.
Secure Network Platform
The secure network platform is a strong, secure, flexible base from which you build your own Self-Defending Network. At Cisco, securityis considered an integral and fundamental network feature. Capabilities that were traditionally provided only by point solution overlays arenow a fundamental feature of the network infrastructure. With security embedded into the very fabric of the network, the secure network platform provides a flexible, elegant foundation upon which you can easily add advanced security technologies and services. In thismanner, a secure network platform based on Cisco technology enables you to evolve your network organically—at predictable, planned ITrefresh cycles—and strategically—using what you have to deploy security where and when you need it the most. This approach enablesyou to protect your investment, simplify your environment, and ultimately reduce the total cost of ownership as well as security.Many traditional security point solutions such as firewalls, access control systems, network antivirus protection, intrusion preventionsystems (IPSs), IP Security (IPSec) virtual private networks (VPNs), and Secure Sockets Layer (SSL) VPNs are now fully integrated andembedded in secure network platforms built with Cisco technology.
Threat Control and Containment
Cisco’s threat control and containment solution consists of innovative, advanced technologies that go beyond simply defending againstthreats—they proactively and collaboratively control and contain them. Businesses cannot afford the downtime and loss of businessproductivity caused by security breaches. The threat control and containment solution protects not only vulnerable endpoints but alsomultiple points within the network infrastructure. In today’s security environment, unknown threats are as harmful as known threats. Ciscoadvanced technologies continuously and proactively monitor and analyze network activity looking for anomalous behavior—potentialunknown threats. If suspicious activity is detected, Cisco technologies automatically and proactively apply security policy rules, sendalarms to security staff, and propose fixes for suspected problems.Benefits of Cisco’s threat control and containment solution include:
●
Proactive protection against known and unknown threats
●
Proactive containment and distributed mitigation of infections and outbreaks
●
Manageable patching and updating due to enforced endpoint compliance
●
Reduced operational costsExamples of the advanced technologies used to achieve these benefits include behavioral-based endpoint protection, distributed denial-of-service (DDoS) attack mitigation, intrusion prevention, network antivirus protection, policy enforcement, and proactive response.
Confidential Communications
Cisco’s confidential communications solution enables your organization to take advantage of and enjoy the positive business benefits of data, voice, video, and wireless communications, while ensuring the privacy and integrity of critical business communications over thesemedia. The solution consists of integrated, collaborative, and adaptive network products, technologies, and services that protectcommunications while cost-effectively extending the reach of the network to a highly mobile workforce. The solution includes advancedVPN capabilities and comprehensive solutions for secure voice and wireless communications.
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 9
of 00
cisco pdf
1,280 Reads
Info and Rating
| Category: | Uncategorized. |
| Rating: | |
| Upload Date: | 05/28/2009 |
| Copyright: | Attribution Non-commercial |
| Tags: |
Free download as PDF File (.pdf), text file (.txt) or read online for free.
Leave a Comment