Forward-Looking Statements

“ Many of the products and features described

herein remain in varying stages of

development and will be offered on a when-

and-if-available basis. This roadmap is

subject to change at the sole discretion of

Cisco, and Cisco will have no liability for

delay in the delivery or failure to deliver any

of the products or features set forth in this

document.”

Cisco SecureX

Security

Architecture

Hrvoje Dogan,

Consulting Systems Engineer,

Security

TODAY’S SECURITY CHALLENGESPiecemeal security approach

Security based on physical structure

doesn’t fit virtual world

New risks in user-owned devices

Vulnerable connections,

confidentiality/compliance risk

Inconsistent wired/wireless access

policies

Compliance

Business ArchitectureCustomers Need to Balance Opposing Forces

Access Control

Cyber Security Smart Connected Communities

Mobility

Cloud

Collaboration

Virtualization

Smart Grid

Connected Cameras, Printers…

Acceptable Use

Threat Protection

Data Security

Control Open

spam bot virus

anti-spam anti-bot anti-virus

Multi-

Dimensional

Challenge

Significant

Change

Requires a new security approach

Multi-

dimensional

Challenge

The Traditional Model

DMZDesktop

The Network

Mobile

Applications and

Data

DMZDesktop

The Network

Mobile

Applications and

Data

DMZDesktop

The Network

The Network

Cisco SecureX Architecture

The Network

The NetworkCisco SecureX

Forward-Looking Statements

“ Many of the products and features described

herein remain in varying stages of

development and will be offered on a when-

and-if-available basis. This roadmap is

subject to change at the sole discretion of

Cisco, and Cisco will have no liability for

delay in the delivery or failure to deliver any

of the products or features set forth in this

document.”

The

Network

Context Aware Enforcement

Appliance Module Cloud

Tru

stS

ec

Tru

stS

ec

Context Aware Policy

An

yC

on

ne

ct

Virtu

al a

nd

Clo

ud

ServicesPartners Management

Application Programming Interfaces

Cisco SecureX Architecture

Cisco SIO

Local, Global and Correlated Context

TrustSec Support

Cisco ASA: Context Aware

Firewall

WEBFIREWALL/IPS EMAIL

0010 010 10010111001 10 100111 010 000100101 110011 01100111010000110000111000111010011101 1100001110001110 1001

1100001 11000 1110100111010010 010 10010111001 10 100111 010 000100101 110011 01100111010000110000111000111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00 0111000 111010011 101

1100001 11000 1110100111010010 010 10010111001 10 100111 010 000100101 110011 01100111010000110000111000111010011101 1100001110001110 1001

1100001 11000 111010011101

0110 10 1011000 101

Global ContextLocal Context +CORRELATED

CONTEXT

Application

Content

Posture

Location

User and Device

Identity

TrustSec

1H 2011 2H 2011

Cisco ASA: Context Aware

Firewall

Fast, Accurate Protection

Cisco

AnyConnect

Any Device,

Anywhere

Email

Corporate

Headquarters

Web

ISP

Datacenter

Firewall/IPS

Branch

Office

Threat

Telemetry

Threat

Telemetry

Cisco SIO

SensorBaseThreat Operations

CenterDynamic Updates

Cisco SIO

Why Cisco SecureX

1 Pervasive Network Visibility and Control

2 Consistent Enforcement of Context-aware Policy

3Security Intelligence (SIO) Protects Against Next Generation of Threats

4 Network Integration Delivers Scalable Security from End Points to Data Center

5

Industry’s Richest, Most Innovative Security Portfolio and Professional Services

Simplified Policy

Enforcement

Context-Aware Scanning

Global Security Fabric

Next Generation Endpoint

Powered by Cisco SIO

Cisco

SecureX

Architecture