revised scansource partner event v3 - security simplified
TRANSCRIPT
TRAININGCISCOFASTPATHADVANCED MALWARE PROTECTION
FOCUS ARCHITECTURES
Collaboration NetworkingSecurity
Winning with Cisco Security and VAULT
Security in the Multi-Cloud Era
What You’ll Get in the Next Hour
• Current State of the Market• Portfolio Overview• VAULT • Call to Action!
• What to sell/do now• Partner Profitability
• Resources
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
RansomwareMobile work force
IoTCloud applications
Automation
Cost Complexity People shortage
Security challenges for Partners
Compliance
Cybercriminals are increasingly targeting mid-size companies
25% Midsize organizations with
no dedicated in-house information security role
60%of all online attacks target
small and midsize businesses
$4MAverage cost of a breach
globally
26%is the likelihood of a
breach happening over 2 years
Current State of the Market
The Market Landscape
• Shortage of Security Talent
• Flood of Security Vendors
• Undetected Multi-vector Threats
• 50B Devices online by 2020
• $106B Total Security Market, CAGR 8.4%*
* Gartner Inc., Forecast: Information Security, Worldwide, 2013 – 2019 1Q15 UpdateContu, Canales, Deshpande, Pingree, April 28, 2015
Firewall
Last 20 years of security:Got a problem?Buy a Box
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Firewall
VPN
Email Security
Web Security
DLP
SIEM
Replacement Box
Failover The Existingsecurity stack…Persistent Threats
IDS
Firewall 2.0
VPN 2.0
Email Security 2.0
Web Security 2.0
DLP 2.0
SIEM 2.0
Replacement Box 2.0
Failover 2.0
Persistent Threats 2.0
IDS 2.0
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Customers have a vendor buffet of Options
Future Consolidation?
Problem: Lots of Vendors = Lots of Complexity
The Security Effectiveness Gap
• Attack Surface Diversity: Growing exponentially due to IoT, SaaS / IaaS, and personal device trends
• Threats: Continuous rise in sophistication of attackers combined with rapid iteration and evolution of attacker techniques and tools
• Detection: Efficacy of classical detection methods eroding
• User Behavior: No longer constrained to IT controlled places, apps or devices
Ability to Defend Getting More Complex
Advantages of Cisco’s Architectural Approach to Security
What Cisco Has…
IntegratedArchitecture
Best ofBreed
toDays
Industry Average TTD
100Hours3
Advantage: Time to Detect
Advantage: Talos
Endpoint CloudNetwork
Threat Intelligence -
Cisco Threat Intelligence: Unprecedented Breadth & Depth
Daily Security Intelligence
1.6MCisco Threat Intelligence: Unprecedented Breadth & Depth
Deployed Security Devices
120TBSecurity
Intelligence
19.7BCisco Threat Intelligence: Unprecedented Breadth & Depth
Daily Threats Blocked
120TBSecurity
Intelligence
1.6MDeployed Devices
Cisco Threat Intelligence: Unprecedented Breadth & Depth
Daily Malware Sandbox Reports
120TBSecurity
Intelligence
1.6MDeployed Devices
19.7BThreatsBlocked
1.1MSandbox Reports
Cisco Threat Intelligence: Unprecedented Breadth & Depth
120TBSecurity
Intelligence
1.6MDeployed Devices
19.7BThreatsBlocked
150,000Micro-
applications
1,000Applications
93BDaily Email Messages
35%Enterprise
5,500IPS
Signatures
150MDeployed Endpoints
3-5 min
Updates
Cisco Security Intelligence Global VisibilityGlobal Footprint
5BDaily Email Connections
4.5BDaily Email
Blocks
14MDeployed Access
Gateway
75,000FireAMP Updates
6,000New Clam AV Sigs
1.1MSandbox Reports
Cisco Security Architecture –Security that works together
Services
Threat intelligence -
NGFW
ISE
DNA Center
AnyConnect
AMP
Umbrella
Cloudlock
Stealthwatch Cloud
Endpoint CloudNetwork
Solutions from the VAULT What you can sell and position today
Network Security – NGFW, Meraki MX*
Cloud Security – Cisco Umbrella, Stealthwatch Cloud, Cloud Lock
Advanced Threat – AMP and AMP4EP*, ThreatGrid, Stealthwatch, Umbrella*
Policy and Access – ISE, TrustSec and Anyconnect Security Mobility Client
*Products growing more than 100% Y/Y : Partners adding subscription increase margins
Business appsSalesforce, Office 365,
G Suite, etc.
Branch office
Critical infrastructureAmazon, Rackspace, Windows Azure, etc.
Roaming laptops
Workplace desktops
Business apps
Critical infrastructure
InternetThe way we work has changed
21
Protect anywhere users connectMalwareC2 CallbacksPhishing
HQ
Sandbox
NGFW
Proxy
Netflow
AV AV
BRANCH
Router/UTM
AV AV
ROAMING
AV
First lineNetwork and endpoint
Network and endpoint
Endpoint
Cisco Umbrella
Safe access anywhere users go, even off VPN
First line of defense and inspection
Secure onramp to the cloud
AMP - Continuous Analysis and Retrospective SecurityOnly AMP Continuously Monitors and Analyzes All File Activity, Regardless of Disposition
Across all control points
To answer the questions that matter…
Take advantage of key capabilities
Web
WWW
EndpointsEmail Network
â
Mobile
Track it’s rate of progression and how it spread
See what it is doingIdentify a threat’s point of origin
See where it's been Surgically targetand remediate
If Something Gets in, Retrospective Security Helps You Find Answers to the Most PressingSecurity Questions
What happened?Where did the malware come from?Where has the malware been?What is it doing?How do we stop it?
See AMP in Action!
The AMP Everywhere ArchitectureAMP Protection Across the Extended Network for an Integrated Threat Defense
AMPThreat Intelligence
Cloud
Windows OS Android Mobile Virtual MAC OSCentOS, Red Hat Linux for servers and datacenters
AMP on Web and Email Security AppliancesAMP on Cisco® NGFW
Firewalls
AMP Private Cloud Virtual Appliance
AMP for Networks (AMP on Firepower NGIPS
Appliance bundle)
AMP on Cloud Web Security and Hosted Email
CWS/CTA
Threat GridMalware Analysis + Threat
Intelligence Engine
AMP on ISR with Firepower Services
AMP for Endpoints
AMP for Endpoints
Remote Endpoints
AMP for Endpoints can be launched from AnyConnect
© 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Cisco and Apple securing managed Corporate Devices
AMP for Endpoint dashboard
Meraki SMMDM Solution
Umbrella app extension
Clarityapp extension
Umbrelladashboard
Systems Manager Enterprise1 License per Device
Cisco Security Connector AppNo license for the app itself
(No cost – deployed by MDM)
Cisco Umbrella1 License per User
AMP for Endpoint (Clarity)1 License per Device
Pushes CSC app to iOS supervised devices
Features enabled byCisco Umbrella license
Features enabled byAMP for Endpoint license
AND/OR
MDM Solution
App Extensions
Start WithMeraki
SecureNetwork
ADD Services Meraki ServicesSmartNet
Finance with EASY PAY
Customer Monthly Billing Partner Managed
Start with NGFW
SecureNetwork
ADD Services FTD Service (TMC 3Y)SmartNet
Finance with EASY PAY
Customer Monthly BillingPartner Managed
Firepower NGFW(FPR5506-FPR2110)
SECURITY – Solutions Simplified
AMPCiscoAMP4EPAnyConnect
Meraki MX
Advantage: Architecture Helps Customers Save Money
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Compliance & reduced risk
• Improved FTE productivity (20%)
• Better threat detection• Easier implementation• Automation
Cisco Advantages Summary
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
ü Close the Capabilities-Complexities Gap
ü Reduce time to detection
ü Reduce customer expense
ü TALOS – check out their Blog
VAULTWe built a training program designed to jumpstart your security practice from the ground up. Learn from our specially trained, Cisco-certified instructor in a hands-on lab format, as you configure and test devices and manage threats in a test environment. Plus, you’ll leave with definitive next steps on how to get certified and start selling Security.
UPCOMING CLASSESü April 3rd at 1:00pm
ü April 17th at 1:00pm
ü May 1st at 1:00pm
www.scansourcekbz.com/vault
www.scansourcekbz.com/vault
Ransomware: A Real World Example
Umbrella blocks the requestNGFW blocks the connectionEmail Security w/AMP blocks the phishing email
AMP for Endpoint blocks the file
Umbrella blocks the request NGFW blocks the connection
Umbrella blocks the request to Encryption Key Infrastructure
Umbrella Next-Gen Firewall AMP EndpointEmail w/AMP
OR
Have a Ransomware Conversation• Did you know you can stop most ransomware attacks at the DNS layer?
(OpenDNS conversation)• What is your last line of defense against a ransomware attack? (AMP
for Endpoint conversation)• What is your protection against Phishing email attacks? (Cloud Email
with AMP conversation)• Do you have containment established for quick damage control if you
do get hit? (NaaE, AMP ThreatGrid, NGFW discussion)• How will your company respond to a ransomware attack? (IR Services
conversation)
For more info on ransomware, click here
1
More info on all Cisco Security Products: http://www.cisco.com/c/en/us/products/security/product-listing.html
Product AMP for Endpoints Umbrella
Price Estimate $60 per seat $40 - $80 per seat per year
What is it?
AMP (Advanced Malware Protection) is a cloud-managed endpoint security solution that provides the visibility, context and control to not only prevent cyber attacks, but also rapidly detect, contain, and remediate advanced threats if they evade front-line defenses and get inside
Cloud based security solution, protects on and off the network
New layer of security that has been ignored until recently (DNS)
Stops phishing, malware, and ransomware earlier
When to Position Sell to customers who want to protect end point devices -PCs, Macs, Linux, Mobile Devices
Sell to every customer – most customers don’t have any DNS Protection (greenfield – new layer of defense)
Customer Benefit
100% Security Effectiveness rating - the highest of all vendors tested
Only vendor to detect and block 100% of malware, exploits, and evasion techniques during testing
Fastest time to detection of all vendors tested
Minimizes time and op cost to contain and remediate
Helps prevent ransomware outbreaks – most outbreaks use DNS
Can be deployed enterprise-wide rapidly (from minutes to days)
Benefit to you Provides recurring revenue and helps sell other solutions (Threat Grid)
Provide recurring revenue – over 90% of deployments are renewed
Position Cisco Umbrella and AMP for End Points2
• Free 14-day trial of Umbrella, click here
• Free Eval of Cloud Email Security, click here
• Free 2 - 4 week trial of AMP for Endpoints, click here
Use Trials to get Customers Hooked!3
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Make Money!4
Go to Selling Security frequently for the latest offers
Register your Deals with Ignite!
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Training
Cisco Rewards: 2 Ways to Earn
\
Selling
https://communities.cisco.com/docs/DOC-72110
Resources
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
• Selling Security: http://www.cisco.com/c/en/us/products/security/partner.html• Cisco Rewards: http://www.cisco.com/c/en/us/partners/sell-integrate-
consult/incentives-promotions/rewards.html• Ransomware Defense for Dummies Book: http://b2me.cisco.com/LP=2388• Security Ignite: http://www.cisco.com/c/en/us/partners/sell-integrate-
consult/incentives-promotions/security-ignite.html• Ransomware Solution: www.cisco.com/go/ransomware• AMP: http://www.cisco.com/c/en/us/products/security/advanced-malware-
protection/index.html?stickynav=2• Umbrella: https://umbrella.cisco.com/• Email: http://www.cisco.com/c/en/us/products/security/email-
security/index.html?stickynav=2
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Thank you!
SPECIALIZED SUPPORTONBOARDING & ENABLEMENT
We offer options ranging from leasing to trade credit terms, so partners can optimize purchases and pursue sales
opportunities they're passionate about.
RESELLER FINANCIAL SERVICES
We have a fully certified team there to help with pre and post sale support, from everything to design review and
planning to being a demo resource for you.
PRE-SALES TECH/DESIGN SUPPORT
With a centrally-located warehouse near the Memphis, Tennessee, FedEx Hub, we maintain a shipping rate
accuracy of more than 99%. We also have a Custom Configuration Center to help build and pre-provision
hardware.. .
LOGISTICS
Each team is aligned with a Cisco territory and a dedicated contact in that territory who knows your day-to-day business, to ensure that you always get the precise level of support
DEDICATED SALES TEAM
We understand good things take time, but with our programs we will have prospects calling you. Whether it be through events, collateral or a demand gen campaign, we have the key to your growth.
MARKETING AND DEMAND GENERATION
Leverage our demo center to view demonstrations through the cloud or get the product you need to give your customers a hands-on experience.
DEMO
From early-stage project planning and assessment, to on-site engineering, project management, contract management, and tech support, ZCare Services are an end-to-end professional services solution across the lifecycle of your collab deployment.
ZCARE
A fully customized training program, taking you through Cisco's portfolio all the way through developing your
technical and sales expertise with trainings and test vouchers .
THANK YOULet us help you be successful and profitable with Cisco.
Chris BlackwellSecurity Business Development at ScanSource [email protected]