Cisco Stealthwatch: Look Deep Into Networks

Description

Detect attacks across the dynamic network with high-fidelity alerts enriched with context such as user, device, location, timestamp, and application. Analyze encrypted traffic for threats and compliance, without decryption. Quickly detect unknown malware, insider threats like data exfiltration, policy violations, and other sophisticated attacks using advanced analytics. Store telemetry data for long periods for forensic analysis. Define smarter segmentation policies without disrupting the business. Create custom alerts to detect any unauthorized access and ensure compliance. Use Secure Network Analytics with Identity Services Engine (ISE) to enforce policies and contain threats.

Challenges:

Protecting a variety of sensitive member data and financial assets

Being able to prove audit requirements and ensure other internal business and security policies are being enforced

Monitor a distributed network spread across 22 branches and multiple ATM locations

Maintaining a first-class security strategy and infrastructure with a lean team

Solutions:

● Secure Network Analytics (Stealthwatch)

● Identity Services Engine (ISE)

● Secure Firewall (Firepower)

● Secure Endpoint (AMP for Endpoints)

● Umbrella

● Secure Email (Cloud Email Security)

● AnyConnect

● Secure Malware Analytics (Threat Grid)

Results

● Unprecedented threat visibility with actionable alerts infused with context

● Ability to easily prove audit requirements like cryptographic compliance, and to monitor for any business or security policy violations with custom alerts

● Achieved automated detection and response across the network, endpoints and web, and extended investments with an integrated security architecture

● Transitioned to a remote workforce without compromising on security and infrastructure uptime

TAKE THIS COURSE