integration of advanced malware protection (amp) on cisco email and web security
DESCRIPTION
Integration of Advanced Malware Protection (AMP) on Cisco Email and Web Security. Cisco Partner Confidential: Not For Distribution: Under NDA. Advanced malware in the news. Source: Providence Journal. There is No Silver Bullet. Attack Continuum. BEFORE. DURING. AFTER. Detect Block - PowerPoint PPT PresentationTRANSCRIPT
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1
Integration of Advanced Malware Protection (AMP) on Cisco Email and Web Security
Cisco Partner Confidential: Not For Distribution: Under NDA
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2Cisco Confidential 2© 2013 Cisco and/or its affiliates. All rights reserved.
Advanced malware in the news
Source: Providence Journal
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
There is No Silver Bullet
Gaps in protection as new attack vectors emerge
Point-in-time defenses can be evaded
Malware prevention is not 100%
BEFOREDiscoverEnforce Harden
AFTERScope
ContainRemediate
Attack Continuum
Detect Block Defend
DURING
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
A New Approach is Needed
BEFOREDiscoverEnforce Harden
AFTERScope
ContainRemediate
Attack Continuum
Detect Block Defend
DURING
Need continuous protection throughout the attack lifecycle – before, during and after an attack
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
AMP on Cisco Email and Web Security
Comprehensive malware defeating solution Malware detection and blockingContinuous analysisRetrospective alerting
Simple license add-on• Cisco Email Security Appliances• Cisco Web Security Appliances• Cisco Cloud Web Security
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
File Sandboxing
Behavioral analysis of unknown files
File Retrospection
Retrospective alerting after an attack
Key Features of AMP on Content Security
File Reputation
Preventative blocking of suspicious files
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
Beyond the Event Horizon
Antivirus
SandboxingInitial Disposition = Clean
Point-in-time Detection
Initial Disposition = Clean
AMP
Blind to scope of compromise
Actual Disposition = Bad = Too Late!!
Turns back time
Visibility and Control are Key
Not 100%Analysis Stops
Sleep TechniquesUnknown ProtocolsEncryptionPolymorphism
Actual Disposition = Bad = Blocked
Retrospective Detection,Analysis Continues
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Superior Protection and Value for Customers
Advanced Protection
Unmatched Visibility & Control
Flexibility and Choice
• Blocking of malicious files where no signatures exist
• Continuous monitoring of files that have traversed the gateway
• Protection across the attack continuum – before, during, and after
• Visibility to reputation and file behavior
• Alerting of threats inside the network
• Granular policies based on file reputation and file behavior
• Additionally licensed feature, added to existing deployments
• Simple and cost effective solution
• Choose the AMP model that is best for you
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Proving the Better Together Story
• Threat intelligence and file reputations from AMP cloud
• File behavioral analysis and sandboxing
• Retrospective security
• Broadest worldwide traffic monitoring and threat telemetry network
• Integrated, multi-layer malware defense for adaptive detection and mitigation
Sourcefire’s deep knowledge of advanced threats
and analytics expertise
Cisco’s industry leading Web and Email Security Solutions
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Continuous Protection Across the Attack Continuum
BEFOREDiscoverEnforce Harden
AFTERScope
ContainRemediate
Attack Continuum
Detect Block Defend
DURING
Filtering
Reputation
Malware Signature
File Reputation
File Behavior
File Retrospection
Threat AnalyticsUsage Controls
Actionable Reporting
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
What’s in it for you?Effective entry point with customers• Target breach and other news coverage highlights need for AMP
• Combined power of Cisco and Sourcefire
• Flexible deployment and easy activation
Huge upsell opportunity • Attach AMP to broad ESA, WSA, and CWS install base
• 35,000 customers
• 60,000 appliances
• 250M users
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12Cisco Confidential 12© 2013 Cisco and/or its affiliates. All rights reserved.
What’s In It for Partners
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
What’s in it for Partners• Be more competitive and profitable with broader portfolio of integrated solutions• Capture the huge Installed base - 35,000 customers, 60,000 appliances 250M
users• Increase revenue with more migration, upsell, and acquisition opportunities • Create recurring revenue streams with value added services
More revenue.
Stronger partners.
Plenty of opportunity.
• Act as a trusted Security advisor with integrated solutions and pre validated designs
• New specialization is easier, faster, and cheaper for partners.• Specialized partners equals more sales.
• Enhance profitability with Cisco programs and incentives• Keep sales moving while securing new opportunities.• Two new security campaigns create demand — today.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Security Promotions | Available in all regions• Up to 60% savings • Switching, Wireless, Cisco Prime Infrastructure, and Cisco Identity Services Engine (ISE)• Until July 26, 2014
Unified Access Breakaway
Cisco ASA 5500 to Cisco ASA 5500-X Next-
Generation Firewall Migration
Try and Buy Program for Email and Web
Security
Cisco BYOD (Bring Your Own Device)
Smart Solution Promotion
• Up to 15% trade-in credit• Migrate to Cisco ASA 5500-X appliances with TMP• Until April 30, 2014
• 90-day free try and buy options• Cisco Email or Web Security solution• Ongoing
• Up to 60% off • When purchasing ISE and WLAN at the same time• Until July 26, 2014
http://www.cisco.com/web/partners/incentives_and_promotions/index.html
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Make Security Services an IntegralPart of Your Services Business Strategy
PROFESSIONALSERVICES
SUPPORTSERVICES
• Drive Incremental Services Revenue
• Increase Margins Using Automation
• Provide Extra Coverage and Support During Security Technology Transitions
• Increase Service Value and Customer Loyalty
Optimize Your Existing Practice
• Gain Expertise to Deliver New Professional Security Services
• Help Your Customers Evolve and Develop a Security Strategy
• Align your customers security strategy with their business objectives
• Leverage Cisco Assets to Build a Managed Services Practice
Quickly Expand intoNew Practices
MANAGEDSERVICES
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Next Steps…
ReadyFamiliarize with
New Cisco Security Portfolio
GoClose
the Deal
SetStart Customer Conversations
• Capture the Opportunity - Sell Cisco
• Combine Bundles, Promotions, Services & Capital
• Attach Technical Services
• Close the Deal• Register the Deal for Credits
• Educate Yourself
• Launch Page: www.cisco.com/go/rsa-partner-launch
• Identify Key Prospects
• Position Value-Added Security Services
• Leverage Tools & Offers
• UA Breakaway• TMP• Cisco BYOD Smart Solution
• Start Conversations
• Use Security Marketing Campaigns and Partner Resources
• Next Generation Threat Defense (Avail end of Feb)
• Safeguarding Your Organization
• Assess & Discover
• Security Assessments• Services for Migration• Cisco Security Services• Cisco Validated Designs
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Partner ResourcesRSA Partner Launch ResourcesExecutive Briefing Center (EBC) PresentationSecurity Partner Launch At-A-Glance
Partner LinksCisco Partner Brand ExchangeCisco Partner CentralCisco Partner Marketing CentralSell ServicesCisco CapitalCisco Competitive Edge PortalCisco Partner Education ConnectionCisco Security Partner CommunityPartner Incentives and PromotionsSourcefire Acquisition ResourcesSteps to Success
Promotions and IncentivesUnified Access Breakaway PromotionCisco ASA 5500 to Cisco ASA 5500-X Next-Generation Firewall MigrationTry and Buy Program for Email and Web SecurityCisco BYOD (Bring Your Own Device) Smart Solution PromotionCisco Smart Acceleration Uncovered Rebate PromotionSMARTnet 3 for 2 PromotionPartner-Fast TrackDisti –Fast TrackFree Content Security Appliance Promo
Security CampaignsNext Generation Threat DefenseEmail and Web SecuritySecure Data CenterCisco Partner Marketing Central
Related Security LinksPartner Architecture Home PageUse Case Tool and ResourcesSales and Marketing Resources
ServicesCisco Branded Security Services Collaborative Security ServicesGlobal Proposal Services
Technical ServicesSmart CarePartner Support ServiceSMARTnetSmart Net Total Care
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Thank You