SCOR

Cloud.
Cloud deployment models include the following:
Public cloud.
Open for public use
Private cloud.
Used just by the client organization on-premises (on-prem) or at a dedicated area in a cloud provider
Community cloud.
Shared between several organizations
Hybrid cloud.
Composed of two or more clouds (including on-prem services).
Cloud computing basic models:
Infrastructure as a Service (IaaS).
IaaS describes a cloud solution where you are renting infrastructure.
You purchase virtual power to execute your software as needed.
This is much like running a virtual server on your own equipment, except you are now running a virtual server on a virtual disk.
This model is similar to a utility company model because you pay for what you use.
Platform as a Service (PaaS).
PaaS provides everything except applications.
Services provided by this model include all phases of the system development life cycle (SDLC) and can use application programming
interfaces (APIs), website portals, or gateway software.
These solutions tend to be proprietary, which can cause problems if the customer moves away from the provider s platform.
Software as a Service (SaaS).
SaaS is designed to provide a complete packaged solution.
The software is rented out to the user.
The service is usually provided through some type of front end or web portal.
While the end user is free to use the service from anywhere, the company pays a per-use fee.

CISCO UMBRELLA
A solution that evolved from the OpenDNS acquisition.
A cloud-delivered solution that blocks malicious destinations using DNS.
Cisco Umbrella has the ability to see attacks before the application connection occurs.
This limits the load on network security devices and helps to reduce alerts.
Umbrella looks at the patterns of DNS requests from devices and uses them to detect Compromised systems, C&C callbacks, Malware,
phishing attempts and Malicious traffic.
You can use Cisco Umbrella (OpenDNS) by just pointing your DNS configuration to the Anycast IP addresses and

Free trial: https://signup.umbrella.com/

SCOR Page
CISCO EMAIL SECURITY IN THE CLOUD
ESA is an on-premises email security solution.
There is also a cloud-based email security solution provided by Cisco.
This allows you to provide protection against threats like ransomware, business email compromise (BEC), phishing, spear phishing,
whaling, and many other email-driven attacks.
Forged Email Detection
A feature used to detect spear phishing attacks by examining one or more parts of the SMTP message.

Email Security can provide protection for Office deployments.

SCOR Page
 CISCO CLOUDLOCK
Cloudlock was a company that Cisco acquired a few years ago (Now called Cisco Cloudlock).
The solution is a cloud access security broker (CASB).
CASB is on-premises or cloud based software that sits between cloud service users and cloud applications, and monitors all activity
and enforces security policies.
Cisco Cloudlock integrates with cloud services such as:
- Box
- Dropbox
- G Suite ( the suite of cloud computing, productivity and collaboration tools, software and products developed by Google )
- Office
- Okta ( provides cloud software that helps companies manage and secure user authentication into modern applications)
- OneLogin
- Salesforce
- ServiceNow
- Slack

SCOR Page
The Figure shows the Cisco Cloudlock Incidents dashboard.
An incident in Cisco Cloudlock is a record of an instance of a document, object, event, or app triggering a Cloudlock policy.

Any access to content by security administrators is recorded in the Cloudlock Audit Log.

SCOR Page
Policies are the rules you create in Cisco Cloudlock to customize information protection to match your organization s needs.
In this example, a policy is added to alert and block and transactions that may include United States Social Security numbers.

SCOR Page
STEALTHWATCH CLOUD.
This solution allows network administrators and cybersecurity professionals to analyze network telemetry in a timely manner to defend
against advanced cyber threats.
You can also monitor on-premises networks in your organizations using Cisco Stealthwatch Cloud.
To do so, you need to deploy at least one Cisco Stealthwatch Cloud Sensor appliance (virtual or physical appliance).

APPDYNAMICS CLOUD MONITORING

AppDynamics was another company acquired by Cisco.
AppDynamics (or AppD for short) provides end-to-end visibility of applications and can provide insights about application
performance.
AppD is able to automatically discover the flow of all traffic requests in your environment by creating a dynamic topology map of all
your applications.

SCOR Page
CISCO TETRATION
A solution created by Cisco that utilizes rich traffic flow telemetry to address critical data center operationality use cases.
It uses both hardware and software agents as telemetry sources and performs advanced analytics on the collected data.
Cisco Tetration supports both on-premises and public cloud workloads.
Tetration uses software agents and can also obtain telemetry information from Cisco network infrastructure devices.
The Tetration software agent is a piece of software running within a host operation system (such as Linux or Windows).
Its core functionality is to monitor and collect network flow information.
Also collects other host information such as network interfaces and active processes running in the system.

SCOR Page
The Vulnerability Dashboard, shown in the figure enables administrators to focus their effort on critical
vulnerabilities and workloads that need the most attention.

SCOR Page
SCOR Page