Milestones for Adopting a Cybersecurity Architecture
„Extending Security Everywhere”, the workshop recently organized by Datanet Systems and Cisco Romania, highlights the practical approach of TrustSec, Cisco ISE and Cisco FireAMP in consolidating and raising the security level of any organization. More than 60 IT security professionals interested in upgrading the level security of their company attended the event.
During the first session, Alexandru Nacea and Octavian Szolga, Solutions Architects at Datanet Systems, demonstrated how Cisco Identity Service Engine (ISE) manages to optimize the security level of an organization.
The resources access management platform is the central pillar of Cisco ISE security architecture that ensures a centralized security policy and automates their application, offering extended visibility on network. Cisco platform simplifies the process of defining access rules and enable rapid creation of flexible mechanisms for authentication, authorization, monitoring and filtering. Moreover, by integrating security solutions from various vendors (via pxGrid), Cisco ISE reduces the security architectures heterogeneity and contributes significantly to improving the speed of detection and blocking of threats based on contextual information.
A key point highlighted by Datanet specialists was TrustSec technology, already embedded technology in Cisco switches, routers, and wireless and security devices, which simplifies and secures access to the network.
„Cisco TrustSec technology uses software-defined segmentation mechanisms based on user/device identity to simplify the provisioning of network access, accelerate security operations, and consistently enforce policy anywhere in the network. This technology facilitates flexible application of rules across the network, regardless of the type and topology of the network, with direct effect in lowering operating costs,”mentioned Octavian Szolga, Datanet Systems.
Datanet Team also showed how Cisco ISE dynamic and flexible rules apply depending on user identities, associated roles, devices used or even data access time and location. The workshop covered both configuration and enrolling, monitoring and managing mobile devices. Cisco ISE simplifies the BYOD adoption within organizations and offers a strong integration with different MDM (Mobile Device Management) solutions.
The second session’s main topic supported by Datanet Systems experts was Advanced Threat Protection using Cisco Sourcefire Advanced Malware Protection (AMP). Cisco FireAMP is a security product that integrates ThreatGrid technologies and covers all three phases of a security incident (before, during, and post-incident), providing continuous protection against threats and prioritizing automatically alerts depending on their critical level.
The presentation revealed limitations of security solutions that rely solely on mechanisms of Point-in-Time Detection type, exemplifying the benefits of FireAMP retrospective analysis technology. Cisco solution constantly monitors potential threats and provides extended visibility on the trajectory and evolution of threats, not just at the network level, but also the end-point (device and/or user).
Cisco Advanced Malware Protection (AMP) offers a global threat intelligence, advanced sandboxing, and real-time malware blocking to prevent breaches.
But because you can’t rely on prevention alone, AMP also continuously analyzes file activity across your extended network, so you can quickly detect, contain, and remediate advanced malware. FireAMP performs a dynamic analysis based on file behavior and can quickly determine when, who and what type of applications have accessed a file identified as a threat and what areas were affected. Based on this information, decisions can be made for locking and introducing in quarantine infected files and equipment. That reduces the reaction time and limits related damages. Cisco FireAMP increased efficiency is enhanced by using filtering mechanisms based on reputational analysis that reduce the workload and on Sandbox technologies (cloud or on-premises) that provide early detection of files with dangerous behavior.
„It is important to detect as soon as possible what caused a security incident. Cisco FireAMP allows users to see quickly and clearly for each individual and device what file had been accessed, what happened, what was the behavior, what are the real threats, whether they were generated by other malicious files, etc. So users can take the necessary measures in order to stop and subsequently eliminate the threats,” explained Alexandru Nacea from Datanet Systems.
During the workshop, Adrian Aron, Security Consultant at Cisco Romania, approached the topic of micro segmentation and the impact of this technology in Datacenter security. The speaker has reviewed the main currently existing technologies, highlighting the benefits and disadvantages of each one and exemplifying them with industry use case scenarios.
The Workshop “Extending Security Everywhere” provided the entire audience with a series of practical solutions with immediate application, through which organizations can increase security level.
“Datanet Systems is a leading Cisco partner in Romania and has the skills and necessary certifications to help companies to develop a highly efficient integrated security infrastructure. The projects Datanet Systems managed till now gave us the ability and experience to deal with this critical area, “said Gabriel Musat, Technical and Marketing Director at Datanet Systems.
In 18 years of partnership, Datanet Systems won numerous Cisco awards at national and regional level, and earlier this year the company received the “Cisco Enterprise Partner of the Year 2015” for the EMEAR region.
For more information regarding Cisco solutions presented in the text above, please visit:
Learn more about Datanet Systems’ portfolio, in the dedicated section.
For more details please contact:
Technical and Marketing Manager