Академический Документы
Профессиональный Документы
Культура Документы
Как Cisco защищает себя
Как Cisco защищает себя
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
1/ 58
C i s c o
D O S
N e tw o r k A d m is s io n C o n tr o l
(R e m o t e A c c e s s V P N )
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
2/ 58
C i s c o
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
3/ 58
. . .
" "
-
,
,
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
4/ 58
S T G
F in a n c e
G G S G
H R
CA
S a le s
CM O
In fo r m a tio n
S e c u r ity
CD O
Ch a n n e l s
B D
L e g a l
IB S G
L o s s
P r e v e n tio n
M a n u fa c tu r in g
V e n d o r s /S u p p lie r s
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
5/ 58
In te g r a te d B u s in e s s S e c u r ity S tr a te g y
-
,
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
6/ 58
4
(W o r k p l a c e )
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
7/ 58
C IA G
C r itic a l In fr a s tr u c tu r e A s s u r a n c e g r o u p
S E O
C i s c o
S a f e t y a n d S e c u r i t y (L o s s P r e v e n t i o n )
,
(S O C )
B r a n d P r o te c tio n
C is c o o n C is c o
( ..)
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
8/ 58
A d v is o r y S e r v ic e s
,
,
A d v a n c e d S e r v ic e s fo r N e tw o r k S e c u r ity
: , , , ,
P S IR T P r o d u c t S e c u r ity In c id e n t R e s p o n s e T e a m
C i s c o , ,
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
9/ 58
1.
2 .
3 .
1.
2 .
3 .
4 .
5 .
6 .
7 .
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
(S D N )
10 / 58
: ,
( , C I O )
1.
2 .
3 .
"
( ,
")
( , )
( , )
( , C F O )
1.
2 .
3 .
( ,
( , )
( ,
, )
1.
2 .
3 .
C is c o o n C is c o
( , C E O )
( , -
e b - )
(
)
( , )
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
11/ 58
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
12/ 58
(N V O )
,
,
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
13/ 58
,
e L e a r n i n g
C E O
,
,
!
,
C E O , C is c o S y s te m s
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
14/ 58
In fo r m a tio n S e c u r ity A w a r e n e s s P r o g r a m
2005 -
K e e p in g C is c o S e c u r e
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
15/ 58
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
2006
16/ 58
: P r i v a c y F i l t e r D e f c o n 1
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
17/ 58
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
18/ 58
C i s c o
:
5 0 , 0 0 0
2 7 , 0 0 0
:
6 2 ,0 0 0 W in d o w s
1 4 ,0 0 0 S o la r is L in u x
8 , 4 0 0
:
C i s c o
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
19/ 58
3 C i s c o
I P -
,
:
,
,
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
20 / 58
C i s c o
Cisco CSA
N AC, 8 0 2 . 1 x
Cisco G u a r d
C is c o o n C is c o
D o S -
/
Arbor
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
/
M A R
S IM S
S ,
C is c oIP S
21/ 58
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
22/ 58
D D o S -
-
,
,
.
- ,
..
C i s c o N e t F l o w ( ) ,
C i s c o N e t F l o w ,
D o S -
,
.
?
N e t F l o w
.
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
23/ 58
( A C L ) D D o S -
D D o S - F W S M
C is c o o n C is c o
-
I SP
Ar b or N e t w or k s P e a k f l ow
T r a f f ic
Ar b or N e t w or k s P e a k f l ow
Cisco G u a r d /D e t e ct or
Ar b or N e t w or k s P e a k f l ow
Cisco G u a r d /D e t e ct or
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
D oS
D oS
B G
24/ 58
Cisco N e t F l ow
C is c o o n C is c o
D a t a A r b or N e t w or k s P e a k f l ow
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
T r a f f ic
25/ 58
S a p p h i r e ( S Q L S l a m m e r )
8 . 5
1 1 7 5 , 0 0 0
,
,
11
C is c o o n C is c o
5 5 .
8
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
26/ 58
: S Q L S l a m m e r N e t F l o w
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
27/ 58
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
28/ 58
S e cu r e A r
ch it e ct u r e f or E -B
,
.
u sin e ss (S A F E )
(I D S ) 4 2 5 0
I P S / I D S I n f oS e c
, ,
.
I n f oS e c ,
.
?
C is c o o n C is c o
Cisco I D S 4 2 3 0 Cisco I D S
4 2 5 0
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
29/ 58
CiscoW or k s S I M S
I n f oS e c
?
N A C
M A R S
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
30 / 58
,
.
:
:
: .
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
31/ 58
u R P F
- ,
,
C A R /
IO S /F W
(C B A C )
E CT (S t e a l t h )
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
32/ 58
C a t a l y s t
( C a t a l y s t I n t e g r a t e d S e c u r i t y F r a m e w o r k )
C a ta ly s t In te g r a te d S e c u r ity
C is c o o n C is c o
Port Security
D H C P Sn oop in g
D yn a m ic A R P I n s p ection
I P Source G ua rd
B PD U G ua rd
R oot G ua rd
A C L
2 0 0 6 C i s c o S y s t
e m 2 0 s , 0 I 5 n c C . i s A c l o l r i S g y h s t s t e r m e s s e , r I nv e c d . A . l l r i g C h i t s s c o r e C s e o r n v f e i d d e . n t i a l
33/ 58
8 0 2 . 1x - ,
5 .
1 . 8 0 2.1 x -
6 .V L A N
1 0
E n g i Authentication
n e e r i n g V LI nfA o N
802.1x
2.
4 0 0 0 S e r ie s
6 5 0 0 S e r ie s
3 5 5 0 / 29 5 0
S e r ie s
A c c e s s P o in ts
8 0 2.1 x -
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
S e t p o r t to e n a b le
S e t p o r t v la n 1 0
4 .
+
C is c o S e c u r e A C S
A A A R A D IU S S e r v e r
8 0 2.1 x A u t h e n t i c a t i o n S e r v e r
C is c o C o n fid e n tia l
A c tiv e D ir e c to r y
3 .
34/ 58
8 0 2 . 1x
, W in d ow s
A CS
N A C P h a se 2
8 0 2 .1 x
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
35/ 58
R o o t G u a rd / B P D U
G u a rd
,
S T P
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
36/ 58
P r iv a te V L A N
,
CCO
CCO
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
37/ 58
V A C L
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
38/ 58
D H C P S n o o p in g
P o r t S e c u r ity
:
,
: , ,
D y n a m ic A R P In s p e c tio n
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
39/ 58
7 5 0 5
( 3 0 0 0 )
F W S M ( ) P I X
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
40 / 58
D C
F W S M
CCO
w e b -
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
41/ 58
,
,
Cisco S e cu r it y A g e n t 3 7 , 0 0 0 W in d ow s ,
U n if ie d Com m u n ica t ion (U n it y , Ca l l M a n a g e r )
2 0 0 4 9 9 .8 6 %
b a g l e .a a
C is c o o n C is c o
CS A
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
42/ 58
C is c o S e c u r ity A g e n t C is c o
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
3 0000
2 5 000
2 0000
1 5 000
1 0000
5 000
0
3 5 000
C i s c o S e c u r i t y A g e n t
4 7 , 0 0 0
43/ 58
b a g l e . a a
2 0 0 4
3 8 , 3 7 0 C i s c o S e c u r i t y A g e n t ,
6 0 0 6 2 0
Y e s
. ?
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
44/ 58
S Q L S l a m m e r
( C i s c o )
Slammer
Slammer
C
A
is c o G
rb o r P
0 0 :0 0
u ard / A n o
eak f lo w
maly D et ec t o r
0 0 :0 3
C i s c o Sec u ri t y A g en t
0 0 :0 6
0 0 :1 0
0 0 :3 0
C is c o
: :
C C i i s s c c o o
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
45/ 58
C is c o N e tw o r k A d m is s io n C o n tr o l
-
E CT
A CS ,
N A C
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
46/ 58
2 0 0 1 D S L - Cisco . Cisco I T
9 0 0 0
S P M a n a g e d V P N S e r v ice
V P N -
, .
Cisco I T V P N - ,
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
47/ 58
: 19 9 9
: ,
-
R h y t h m s N e t C o n n e c t i o n s
x D S L -
R h y t h m s D S L " D S L
,
Cisco
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
48/ 58
2 0 0 1 : R h y t h m s N e t C o n n e c t i o n s ;
9 0 0 0 ,
R h y t h m s D S L
s e r v ic e
9 0 0 0
,
1 0
,
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
49/ 58
V P N -
:
V P N
(G P R S , CD M A , W i-F i, D S L ..)
Cisco
Cisco I T V P N -
- Cisco
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
50 / 58
.
1 0 -4 0 %
,
.
2 0 0 1 C is c o 9 0 0 0 D S L
, 2 0 0 3
2 3 , 0 0 0 .
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
51/ 58
,
,
,
, ..
..
C is c o o n C is c o
Cisco
,
,
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
52/ 58
H a r d w a r e c l i e n t
V P N - , Cisco 8 3 1
E t h e r n e t B r oa d b a n d R ou t e r
V P N
Cisco I T
V P N ,
E x t r a n e t -
V P N
Con ce n
C is c o o n C is c o
. Cisco I T
G r ou p L ock Cisco V P N 3 0 6 0
t r a t or , Cisco I T V P N
,
V P N
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
53/ 58
Cisco I T w ir e l e ss V P N
"
Cisco I T ,
I P S e c
V P N - .
W i-F i Cisco
,
S S L V P N
Cisco I T
Cisco A
C is c o o n C is c o
S S L V P N
S A . Cisco I T
,
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
V P N -
Cisco
S S L .
54/ 58
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
55/ 58
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
56/ 58
se cu r it y -r e q u e st @ cisco.com
: (4 9 5 ) 9 6 1 -1 4 1 0
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
57/ 58
C is c o o n C is c o
2 0 0 6 C is c o S y s te m s , In c . A ll r ig h ts r e s e r v e d .
C is c o C o n fid e n tia l
58/ 58