THIS IS THE POWER OF CISCO SECURITY now

THIS IS THE POWER OF CISCO SECURITY. now. Cisco Security NOW © 2003, Cisco Systems, Inc. All rights reserved. 1

End – to – End Security This presentation highlights how every device on a Cisco Powered Network can be locked down to perform Defense in Depth. This multilayered approach presents an extremely difficult target to: Hackers Unauthorized Access Worms Rogue Devices Viruses Spoofing Attacks Do. S / DDo. S attacks © 2003, Cisco Systems, Inc. All rights reserved. 2

Threats Can be From Internal Sources Internal Most expensive attacks come from inside (Up to 10 x more costly) Accidental: Misconfiguration Source: CSI / FBI Security Study 2003 © 2003, Cisco Systems, Inc. All rights reserved. 3

Threats Also Come from External Sources External 78% of Attacks Come from Internet Connection (up from 57% in 1999) Source: CSI / FBI Security Study 2003 © 2003, Cisco Systems, Inc. All rights reserved. 4

Threats Can Already Be Known to You… Known Good Security Practices Allow You to Protect Yourself Against “Known” Threats © 2003, Cisco Systems, Inc. All rights reserved. 5

Or Unknown … Unknown How Can You Protect Yourself Against Something You Don’t Know About © 2003, Cisco Systems, Inc. All rights reserved. 6

Threat from Hackers • 2, 524 new vulnerabilities discovered in 2002 • Many recently discovered vulnerabilities remain highly viable targets for future threats • “Blended threats” present the greatest risk • Companies experience 30+ attacks per week • 2000% increase (’ 99 -’ 02) in financial losses from hacker-caused denial of service $65. 6 M in reported cost (2002) © 2003, Cisco Systems, Inc. All rights reserved. 7

Threat from Theft • Theft of proprietary information causes greatest financial loss: $2. 7 M per incident (2003) • 90% of respondents detected computer security breaches within last 12 months Source: CSI / FBI Security Study 2003 “The average amount of money, as a % of revenue, that companies spend on IT security is. 0025 % or slightly less than they spend on coffee. ” Richard Clarke Former Special Advisor to the President for Cyberspace Security © 2003, Cisco Systems, Inc. All rights reserved. 8

Threat Evolution Target and Scope of Damage Seconds Global Infrastructure Impact Next Gen Regional Networks Minutes Days Multiple Networks Individual Computer Weeks 1 st Gen • Boot viruses 1980 s © 2003, Cisco Systems, Inc. All rights reserved. 2 nd Gen • • Macro viruses Email Do. S Limited hacking 1990 s 3 rd Gen • Network Do. S • Blended threat (worm + virus+ trojan) • Turbo worms • Widespread system hacking Today • Infrastructure hacking • Flash threats • Massive worm driven DDo. S • Damaging payload worms Future 9

The Sapphire Worm or “Slammer” • Infections doubled every 8. 5 seconds • Infected 75, 000 hosts in first 11 minutes • Caused network outages, cancelled airline flights and ATM failures Minutes after Release Cisco Responded in 10 11 At Peak, Scanned 55 Million Hosts per Second 8 6 © 2003, Cisco Systems, Inc. All rights reserved. 10

How Cisco Stopped “Slammer” Locked down the appropriate ports (inside and outside Cisco) Slammer launched Corporate networks, internal nets, LANs etc Anomaly detection technology identified “unusual” traffic 00: 00 00: 03 Cisco Security Agent Stops Threat on Protected Hosts 00: 06 “Unusual” traffic verified and triggered alarm RESULT: No infections found within Cisco © 2003, Cisco Systems, Inc. All rights reserved. 00: 10 00: 30 Vulnerability Scan of Cisco’s network (200+ systems identified as vulnerable internally) 11

Security Paradigm is Changing • Security is no longer a “product level” proposition. Security is tied directly to the business proposition • Server and desktop management Increasing number of vulnerabilities Must scale to thousands in large Enterprises • Legacy endpoint security TCO challenge Reactive products force deployment of multiple agents and management paradigms to update • Day Zero Damage Rapidly propagating attacks (Slammer and Blaster) happen too fast for reactive products to handle - an automated security system is needed © 2003, Cisco Systems, Inc. All rights reserved. 12

Deploy Security as an Integrated System Secured Doors and Vaults Firewalls and Router ACLs Security Room CCTV Centralized Security and Policy Management © 2003, Cisco Systems, Inc. All rights reserved. Surveillance and Alarms Patrolling Security Guard Network and Host-based Intrusion Detection Scanner Card Readers Identity, AAA, Access Control Servers and Certificate Authorities Secure Transport Encryption and Virtual Private Networks (VPN’s) 13

Security is a Systematic Process Architecture Design and Implementation Vulnerabilities and Risk Assessment Corrective Action Forensic Analysis Central Security Management Incident Response Security Policy/ Procedures Deploy Security Policy Surveillance, Monitoring, Audit & Analysis © 2003, Cisco© 2002, Cisco Systems, reserved. Systems, Inc. All rights reserved. 14

Cisco Security Strategy Evolution Severity of Security Threats • Basic router security • Command line interface Intelligent Information Networks • Security appliances • Enhanced router security • Separate management software 1990 s © 2003, Cisco Systems, Inc. All rights reserved. 2000 • Integrated security Routers Switches Appliances Endpoints • FW + VPN + IDS • Anomoly detection • Integrated management software • Evolving advanced services Today • End to End Protection • Application oriented (per port basis) • Security aware elements • Self-protecting • Self-managing Full suite of advanced services Fully Integrated Security Future 15

End-to-End Security VPN Cisco Systems is the only vendor that can provide you security on every point of your network © 2003, Cisco Systems, Inc. All rights reserved. 16

© 2003, Cisco Systems, Inc. All rights reserved. 17