cisco livelocal2014 whysourcefire

Local Edition

Everything You Want To Know About Sourcefire

Session ID 14PT

Alex Kirk, CSE

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Agenda

•  Introduction

•  History of Sourcefire

•  Security for the Real World

•  Better Together

•  Product Demo

•  Conclusion

2

Local Edition

History of Sourcefire

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

“Security DNA”

4

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

The Marty Roesch Story

5

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

RNA/FireSight

6

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Multi-Gigabit Platforms

7

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Collective Security Intelligence

8

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Our First Sandbox

9

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Zero to NGFW in 12 Months

10

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

We Even Acquired A Company!

11

Local Edition

Security for the Real World

Local Edition

“The network discovery is primarily passive for Sourcefire RNA…it can tell what OS version is on a server, what services it’s running, and the specific versions of each service. With the information from RNA, I can correlate events to determine any impact.”

Senior Network Engineer ReD Retail Decisions

Local Edition

“Mapping a username to an IP address was taking us away from a backlog of other important tasks. With Sourcefire RUA, what used to take up to an hour now takes just a second or two.”

Security Engineer AutoTrader.com

Local Edition

“VeriSign MSS manages more than 20 different products for our customers… the technical support we receive from Sourcefire is unsurpassed.”

Network Security Manager VeriSign

Local Edition

“Without Sourcefire, we would have never passed the [PCI] audits, which could have led to regulatory fines or loss of business with our partners.”

Network Security Administrator The Banker’s Bank

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Retrospective Detection

17

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Security for the Real World

18

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

An Example – Heartbleed

19

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Real-World Adversaries

20

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Open APIs

21

Local Edition

Better Together

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Cisco Sees More

23

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Smart Management Is Keeping The Brains Around

24

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Device Access Will Be Web 2.0, Not Java

25

© 2014 Cisco and/or its affiliates. All rights reserved. Presentation_ID Cisco Public Local Edition

Internet of Things

26

Local Edition

Demo

Local Edition