Beruflich Dokumente
Kultur Dokumente
“Cisco’s solution delivers reliable, yet efficient security. Customers will be able to realize greater
protection of business-critical applications with less intervention from IT staff.”
—Joel Conover, Current Analysis
Each day, forward-thinking organizations reinvent how they conduct business by adopting Internet-based business models. The results?
Competitive advantage, new sources of revenue, and optimized business processes.
But Internet connectivity without appropriate security can compromise the very gains in productivity that make today’s companies more
profitable. In the past, security threats from external sources were slow-moving and easy to defend against. In today’s connected
environment, outbreaks spread across the world in a matter of minutes, and security systems must react instantly.
Increasingly, security attacks target browser-based business applications. Because these dynamic, complex custom applications may not
have antivirus signatures or regularly available application patches, one breach in security can expose assets, trigger legal liability, severely
damage customer confidence, and negatively affect profitability.
Today’s administrators grapple with the consequences of tactical, reactionary point-solution approaches to security. Point solutions
introduce complexity and inconsistency into the environment. A highly complex, inconsistent environment results in:
● Lower end-to-end visibility—The insight needed for effective operational management and policy control is impeded
● Security posture erosion—Organizations are unable to maintain security capability, much less improve it
● Higher total cost of ownership—Point solutions, needing complex integration, require more focus to implement, maintain, and manage
over time
● Lack of agility—Complexity impedes the organization’s ability to align policy with evolving business objectives
In some industries, such as medical and financial services, governments now regulate data privacy. Point solutions can protect data privacy
at network endpoints, but point solutions do not provide insight and visibility into all areas of the network. End-to-end security visibility
gives security managers the information they need to implement best practices all along the network and ensure compliance with
government requirements.
In today’s environment, it is imperative to align information technology (IT) processes with business objectives. Because the network
touches all parts of the business infrastructure, an integrated, networkwide security solution is uniquely positioned to help businesses meet
their objectives.
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 1 of 9
Other security vendors can provide point solutions to achieve a base level of security for IP networks. Such solutions frequently require
complex, costly, and time-consuming integration efforts.
Cisco® delivers advanced, integrated network security systems and services required for an organization’s mission-critical networks. Cisco
continues to add security intelligence to the network infrastructure, understanding that security is not an afterthought—it is fundamental to
business processes and, ultimately, to business success.
Integration, collaboration, and adaptability are core capabilities of the Self-Defending Network and are unique to Cisco. With an
unmatched breadth and depth of offerings and security expertise, only Cisco can offer such a network-based, system approach.
● Integration of security throughout the existing infrastructure—built-in, not added on. Every element in the network acts as a point of
defense.
● Collaboration between network and security components throughout the network. Security becomes a system involving cooperation
between security-aware endpoints, network elements, and policy enforcement.
● Adaptability of the network to intelligently evolve and adapt to emerging threats. Examples include innovative behavioral methods that
automatically recognize new types of threats as they arise, mutual awareness among and between security services and network
intelligence for more proactive response, and broad recognition capabilities to address threats at multiple layers of the network.
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 2 of 9
The secure network platform is the foundation for every Cisco Self-Defending Network. Upon this platform, you can layer advanced
security technologies and services when and where needed to solve your requirements for threat control and containment, confidential
communications, and secure transactions. Spanning the network from end-to-end, operational management and policy control provides the
framework for efficient security management, control, and response.
Many traditional security point solutions such as firewalls, access control systems, network antivirus protection, intrusion prevention
systems (IPSs), IP Security (IPSec) virtual private networks (VPNs), and Secure Sockets Layer (SSL) VPNs are now fully integrated and
embedded in secure network platforms built with Cisco technology.
Examples of the advanced technologies used to achieve these benefits include behavioral-based endpoint protection, distributed denial-of-
service (DDoS) attack mitigation, intrusion prevention, network antivirus protection, policy enforcement, and proactive response.
Confidential Communications
Cisco’s confidential communications solution enables your organization to take advantage of and enjoy the positive business benefits of
data, voice, video, and wireless communications, while ensuring the privacy and integrity of critical business communications over these
media. The solution consists of integrated, collaborative, and adaptive network products, technologies, and services that protect
communications while cost-effectively extending the reach of the network to a highly mobile workforce. The solution includes advanced
VPN capabilities and comprehensive solutions for secure voice and wireless communications.
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 3 of 9
Benefits of Cisco’s confidential communications solution include:
● Gains in productivity
Cisco’s advanced VPN capabilities include a feature that deletes confidential information from memory and hard drives—for example, at
an Internet kiosk—when users finish SSL VPN sessions. Secure voice and wireless solutions include user authentication services and
encryption products and technologies.
Secure Transactions
Today’s agile organizations rely on application-to-application transactions for business and customer-facing transactions. In many cases,
the transactional information resides on highly vulnerable custom or homegrown applications. Hackers can exploit security holes in the
custom code of these vulnerable applications and steal, intercept, change, or destroy critical application data. Cisco’s secure transactions
solution helps ensure the security and availability of vulnerable applications and the privacy of the most sensitive information residing on
them. The solution inspects and protects application transactions using Layer 4–7 inspection, encryption, policy enforcement, and
application control. In addition, the secure transactions solution helps ensure that your security complies with government-mandated
compliance requirements.
● Application availability
● Customer privacy
Cisco’s secure transactions solution is an innovative application-layer security service that overlays the secure network platform and brings
security to the application protocol and payload level for greater, more thorough control.
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 4 of 9
● Proper workflow management
Cisco’s powerful monitoring, analysis, and response technology simplifies security management and provides end-to-end visibility into the
information used for compliance reporting and the auditing process.
The Cisco model for service and support is based on the understanding that taking advantage of the power of the Internet not only speeds
the resolution of networking issues, but also enables you to access critical information quickly, to educate your staff, and to work
proactively to improve overall network performance.
Cisco.com is the foundation of a suite of interactive networked applications that provide immediate, open access to Cisco information,
resources, and systems. Through Cisco.com, direct customers and partners have access to numerous applications, including Cisco Internet
Technical Support (ITS) applications, which deliver comprehensive technical support solutions online.
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 5 of 9
To help achieve maximum network uptime, technical assistance is available around the clock from Cisco Technical Assistance Center
(TAC) networking engineers. For more information, visit:
http://www.cisco.com/tac
Plan and assess. Cisco can provide you with a comprehensive evaluation of your organization’s network security posture, including an
analysis of your overall network security architecture and incident preparedness. Delivered by security experts with extensive field
experience, the Security Posture Assessment provides a snapshot of the security state of your network by conducting a thorough evaluation
of network devices, servers, desktops, and databases. Cisco experts analyze your network security in reference to industry best practices,
identifying vulnerabilities that could threaten your business. Based on in-depth analysis, Cisco offers recommendations on how to improve
your overall security posture and prioritizes actions for remediation. The Network Security Architecture Review delivers a comprehensive
assessment of your network security architecture, identifying corrective actions to assist you in better aligning with ISO 17799, industry
best practices, and your organization’s internal security policies.
Designed to help organizations be prepared to effectively detect, report, and respond to security incidents, Cisco Advanced Services offers
a suite of incident readiness and response services, including an Incident Readiness Assessment, which analyzes an organization’s incident
management practices, operational tools and procedures, and network security infrastructure to identify actions that improve overall
incident preparedness. Cisco Advanced Services can also assess the readiness of your network to support new Self-Defending Network
solutions such as Network Admission Control (NAC), the Cisco Security Agent, and Cisco IPS software and appliances.
Design. Cisco can work with you to design a strong Self-Defending Network. Using an in-depth, architectural approach, Cisco Advanced
Services can help you develop a multilayer defense against directed attacks from hackers, viruses, and worms. The Incident Readiness
Design Development design service can be used to develop technical and procedural improvements to your incident management
technology, tools, and procedures. With this service, Cisco can recommend improvements to your existing security design, including
network topology, device placement, and connectivity. Taking into consideration all the aspects of network security—such as scalability,
performance, and manageability—Cisco can recommend protocol, policy, and feature configurations to better secure against threats.
Implement. A Self-Defending Network must be not only strategically designed, but also carefully deployed, configured, and integrated
into the network infrastructure. After your security solution design is set, Cisco engineers can support your team through implementation
tasks to help you deploy, configure, and integrate a new solution such as Cisco NAC, Cisco Security Agent, Cisco IPS software or
appliances, or Cisco Guard and Detector into your production environment. Strengthening your team’s ability to meet aggressive schedules
while minimizing costly disruptions to your infrastructure, Cisco engineers can deliver the expertise needed to implement and manage the
security solution.
Operate and optimize. After your security solutions have been successfully designed and deployed, your network infrastructure must be
ready to support increased demands that arise from changing business dynamics or newly occurring threats. Cisco Services for IPS delivers
timely information, signature file updates, and comprehensive support for Cisco IPS solutions. MySDN provides up-to-date intelligence
reports about current vulnerabilities and threats. The Cisco Incident Response service is available to provide assistance by Cisco security
experts to your staff during a network attack. As network conditions change, Cisco engineers work with you to perform optimization
checks to help ensure that your network security infrastructure continues to meet performance objectives.
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 6 of 9
Cisco Outsourcing Services
Whether offering managed VPN services, managed security services, or both, you can take advantage of capabilities of the Cisco routers
and Cisco Catalyst® switches that you currently use for connectivity. By using your current investment, you minimize deployment costs
and maximize service opportunities for new revenue streams.
The Cisco Technology Developer Partner Program is a testing and comarketing program that validates the interoperability of
complementary, third-party security solutions with Cisco products. The program evolves independent products into more-effective security
solutions and offers trusted and tested security implementations for Cisco customers.
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 7 of 9
SUMMARY
Security is now a baseline architecture for all Cisco communications technologies. Whether you are deploying routers; securing the
switching infrastructure; implementing advanced productivity-enhancing technologies such as voice, video, or wireless; or protecting the
data stored throughout the organization, security is a fundamental component of every piece of the network. The Cisco Self-Defending
Network—an integrated, collaborative, and adaptive strategic systems approach—helps organizations of all sizes make the journey from
complex point solution strategies to proactive, simplified end-to-end security. The Cisco Self-Defending Network enables organizations to
implement business-driven security practices; reduce risk gaps and complexity; lower the total cost of ownership; and protect, optimize,
and grow their business.
To learn more about the Cisco Self-Defending Network and Cisco’s strategic systems approach to information security, visit:
http://www.cisco.com/go/sdn
http://www.cisco.com/go/securityconsulting
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 8 of 9
C02-332256-00 02/06
All contents are Copyright © 1992–2006 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 9 of 9