cloud computing a new frontier in cloud security · 3. build private cloud and paas 2. open and...
TRANSCRIPT
![Page 1: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/1.jpg)
CLOUD COMPUTING
A NEW FRONTIER IN CLOUD SECURITY
Jon Ebmeier, Technical Solutions Architect
Cisco Systems, US Commercial
![Page 2: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/2.jpg)
Data Center Strategy
![Page 3: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/3.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
App is the new business
Multicloud is the new Data Center
Developer is the new Customer
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
![Page 4: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/4.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
80%Employees use software not
cleared by IT.
Study by Stratecast and Frost & Sullivan
83%IT Staff admit to using
unsanctioned software and services.
8%Enterprises understand
impact of Shadow IT.
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
![Page 5: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/5.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Will usemultiple clouds
84% 73%Have a hybrid cloud strategy81%
Evaluating or using
public cloud
![Page 6: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/6.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Public
MicroServices
Developers
DevOpsPrivate
Virtualized
ITData Center
Bare - Metal
The Perfect Storm
Application evolution
Management and operations
Workload locations
“50% Fortune 500 companies are expected to no longer exist within 10 years”
- John Chambers
![Page 7: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/7.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Challenges for IT
New apps
Average enterprise hasat least 13 cloud-native business
apps
Complexity
New users
20M developers today growing to 25M by
2020
Compliance
New attack surfaces
6 months to detect breach3
Compromise
![Page 8: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/8.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
1. Modernize infrastructure
3. Build private Cloudand PaaS
2. Open and automated
4. Use public Cloud
Converged HyperConverged
IaaS SaaSManaged
6. P
erva
sive
sec
uri
ty
5. P
erva
sive
an
alyt
ics
Network Compute Storage
Capturing Customer Intent
4a. Common Application Blueprints
4b. Extend Common Policy Model
4c. Instrumented for Developers and DevOps
Private
![Page 9: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/9.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Is your Data Center doing what you intend?
![Page 10: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/10.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The Intent-Based Data CenterInformed by Intent. Powered by Context. Delivered across your Multicloud.
![Page 11: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/11.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco ConfidentialC97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
The Intent Cycle
Adapt
Learn
Protect
APP
![Page 12: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/12.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Benchmark each <app-cloud>
Every packet | Every flowEvery app
Machine learningto optimize
Constantly
Learning
![Page 13: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/13.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Multicloud App mobilityRun-time provisioning On-demand capacity
Constantly
Adapting
![Page 14: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/14.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Zero-trust modelMicro-segmentation
based isolationSecuring data in transit
Constantly
Protecting
![Page 15: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/15.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Putting It All Together
Modernize Data Center
On-prem/Co-lo
Policy Driven, Openand Automated
Multi-Cloud
Public SaaSManaged Service
Per
vasi
ve A
nal
ytic
s
Common Application Blueprints
Extend Common Policy Model
Instrumented for Developers and DevOps
Private
Orchestration
Software Define Networking
Policy
Intent-Based Data Center
Application Performance Monitoring
Switching Compute Storage / Hypercoverged
Policy
Per
vasi
ve S
ecu
rity
Net
wo
rk A
nal
ytic
s (T
etr
atio
n)
Net
wo
rk S
ecu
rity
(Te
trat
ion
and
Lay
ere
d e
ffec
t)
![Page 16: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/16.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Data Center Reference Architecture
Infra. Manager
Infra. ops
Developer
Cloud Admin
LOB/IT Apps
Security Admin
Tetr
atio
nan
alyt
ics
Cis
co s
ecu
rity
po
rtfo
lio
Ap
pD
ynam
ics
Cis
co w
ork
load
o
pti
miz
atio
n m
anag
erD
ata
Cen
ter
Net
wo
rk
Mo
nit
ori
ng
(DC
NM
)
Application and business performance monitoring
Workload optimization and placement
Infrastructure health and performance monitoring
CiscoCloudCenter
Switching ComputeStorage / Hyperconverged
Software Defined Cisco Intersight
Cisco Prime ServiceCatalog (PSC/CPO)
3rd Party ITSM
![Page 17: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/17.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Pillars of Cisco’s Data Center Strategy
Hardware innovationApplication awareMulticloud First Capture Intent
![Page 18: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/18.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Data Center Use Cases
Multicloud Mobility Security Modernize Infra.
• Threat Intel
• Multi-layer
• Compliance
• Performance
• Security
• Scale
Analytics
• Infra.
• Apps.
• Ops.
Automation
• Ops
• Provision
• Maint.
• Benchmark
• Policy
• Blueprints
![Page 19: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/19.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
“We need to reduce complexity and match the agility of a public cloud”
VP virtualization, IT
Automation
![Page 20: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/20.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Data Center Automation Strategy
Install Provision (Auto) Scale Maintain
Automating the complete application
Lifecycle
![Page 21: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/21.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Private Cloud - Automating Infrastructure
Unified management w/ACI
Embedded automation
Storage
SAN
Compute
LAN
Distribution
Core
Mission critical
Business critical
Userapplications
Enterprise Data Center
Open, programmable interfaces
![Page 22: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/22.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Private Cloud - Automating Operations
Private Cloud
Troubleshooting and remediation
Policy-based networkingSpine
Leaf
Compute
Storage
Edge
Objectstorage
Userapplications
Webapplications
Cloudnative
![Page 23: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/23.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Automating Scale Within and Across Clouds
Private and Public Multi-Cloud
Cisco CloudCenter
Intersight
Self-service user portals
Self-managing applications
Workload modeling and deployment
![Page 24: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/24.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco and Docker Solutions
Contivnetwork plugin
Docker Datacenter On FlexPod CVD
Docker Datacenter On Cisco UCS
Modernize traditionalapplications: turnkey offer
Stronger togetherOpen source COMMUNITY
and technology partners to build solutions
+
![Page 25: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/25.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Analytics
“Need to deploy apps faster with performance targets.“
Application Manager
![Page 26: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/26.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Analytics Strategy
Infrastructure App Users App Dependency
Full stack visibility.
Machine learning to benchmark.
![Page 27: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/27.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Infrastructure Insights
Enterprise Data Center
Mission Critical
Business Critical
UserApplications
Cisco Intersight
![Page 28: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/28.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Dependency Mapping
Private Cloud
Spine
Leaf
Compute
Storage
Edge
Objectstorage
Userapplications
Webapplications
Cloudnative
Cisco Tetration
![Page 29: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/29.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Application Performance Insights
Private and Public Multi-Cloud Application Performance Monitoring
![Page 30: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/30.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Multicloud Challenges
They find themselves in a world where every line of business has the opportunity, if
they choose, to go buy their own SaaS platform.
And the CIO and the chief security officer are being asked, ‘So how are we doing at deploying policy and maintaining compliance across all of this?’ And they
don’t know.
Complex No data controlFragmented
-Chuck Robbins
![Page 31: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/31.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Multicloud Strategy
Networking
Security
Analytics
Management
Multi-Cloud intelligence
…we’re going to help our customers bring structure to allof this…
-Chuck Robbins
![Page 32: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/32.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Multicloud strategy
Evolveinfrastructure to support cloud
Addcloud services for
specific uses
Managea Multi-Cloud environment
![Page 33: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/33.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Multicloud Suites
AWS GCP Azure
ON-PREMCLOUD STACK
CISCOINFRA
Hybrid clouds
Hybrid clouds
Multi-Cloud Suite• A set of targeted Cisco software
and service offers that deliver
Multi-Cloud intelligence to our
customers.
• Migrate to cloud
• Connect clouds
• Secure clouds
• Consume cloud apps
![Page 34: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/34.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Security
“Ensure data protectionfrom threat penetration in our data centers and cloud."
-Info Security Manager
![Page 35: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/35.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
SecurityChallenges
• Not enough threat visibility in the network, workloads, applications
• Inconsistent policies across workloads
• Too many point security vendors
• Hackers are more sophisticated
• Attack surface is too broad
![Page 36: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/36.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco Data Center Security Strategy
Visibility“See Everything”
Threat Protection“Stop the Breach”
Segmentation“Reduce the Attack Surface”
![Page 37: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/37.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Visibility: See everythingacross the enterprise
01 0302
• Complete enterprise-wide network visibility across users, hosts/devices, networks, infrastructure (switches, routers, firewalls, servers)
• Host-to-Host communication across north-south, east-west flows
• Real-time situational awareness of network traffic
• Holistic network audit trails
Cisco Stealthwatch
Enterprise Network
Branch
Campus
Data Center
Cloud
![Page 38: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/38.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Visibility: See all applications & workloads
01 0302
Cisco Tetration
• Full visibility of the application workloads and processes
• Application dependencies
• Real-time and historical analysis
• Zero-trust policies (whitelist/blacklist)
![Page 39: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/39.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Segmentation: Reduce the Attack Surface
01 0302
Cisco NGFW
East-WestProcess to
Process
North-South Perimeter
Cisco ACI
Cisco Tetration
![Page 40: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/40.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
East-WestProcess to
Process
North-South Perimeter
North-SouthPerimeter
Segmentation: Reduce the Attack Surface
01 0302
Segmentation across multiple clouds
Cisco NGFW
Cisco ACI
Cisco Tetration
![Page 41: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/41.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ACITetration
Next-gen Firewall
Threat Protection: Stop the Breach
By strategically deploying threat sensors north-south, east-west
01 0302
Multi-Layered Threat SensorsQuickly detect, block, and respond dynamically when threats arise to
prevent breaches from impacting the business
Next-Gen Firewall with AMP
Next-Gen IPS with AMP
Stealthwatch
Next-Gen Firewall with Radware DDoS
![Page 42: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/42.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Protect the WorkloadEverywhere
030201
![Page 43: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/43.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Key Advantages
Complete Insight & Contextual Awareness
DeploymentFlexibility
Automation Holistic Threat Defense
![Page 44: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/44.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
“We need to keep networking, compute and storage solutions up-to-date to meet new requirements for performance and scale”
-Dir Infrastructure, IT
Modernize Infrastructure
![Page 45: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/45.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Better TCO
Lower risk
Operational simplicity
Benefits of Cisco Intent-Based Data Center
40% 53% 46%
![Page 46: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/46.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Constantly protecting
Constantly adapting
Constantly learning
![Page 47: CLOUD COMPUTING A NEW FRONTIER IN CLOUD SECURITY · 3. Build private Cloud and PaaS 2. Open and automated 4. Use public Cloud Converged HyperConverged Managed IaaS SaaS tics rity](https://reader034.vdocument.in/reader034/viewer/2022042305/5ed0818cfcf1ce4f7a22b529/html5/thumbnails/47.jpg)
C97-739634-00 © 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
INTENTbased
data center
Pervasive SecuritySeamless Multicloud
mobilityMaximize App performance