Intelligent Cybersecurity

for the Real World

Cisco Cybersecurity
Pocket Guide
EMEA 2015

Content
What an Opportunity!
Security Investment is a Top Priority
Why Cisco?
Cisco is the Leading Security Company
Market Recognition
Security Intelligence & Research
The Cisco Security Strategy
The Security Challenge
The Threat-Centric Security Model
What to Sell - Focus Products

Network Security
Advanced Malware Protection
Web- & Email-Security
Secure Access & Secure Mobility
Attach Security to Your Data Center Deals

Security Channel Partner Program

Security Architecture Specialisations
Incentives & Promotions
Demand Generation & Demo

2

2014 Cisco and/or its affiliates. All rights reserved.

What an Opportunity!
Security Investment is a Top Priority

56%

73%

of organisations state
IT security is critical
in meeting their top
business objectives

of organisations state
that IT security is one
of the top 5 priority
areas for IT investment
for the next fiscal year

51%
of organisations say
IT security is more
important than other
IT initiatives

Source: Cisco Annual Security Report 2014

Security: The Critical Boardroom Topic

There is mounting concern at the senior executive and board level
regarding information security.
Chief Information Security Officers (CISOs) are challenged to push
boardroom discussions into additional security investment.
Security breaches mean lost intellectual property, compromised
customer information and confidence, and valuation impact.
These are critical considerations as organizations become more agile
and try to grow their business models in the face of the evolving trends
of mobility, cloud computing, and advanced targeted attacks.

Partner Confidential

Why Cisco?
Cisco is The Leading Security Company
Based on our (Breach
Detection Systems) reports,
Advanced Malware Protection
from Cisco should be on
everyones short list.
Cisco is
disrupting the
advanced threat
defense
industry.

So do any network security

vendors understand data center
and whats needed to
accommodate network security?
Cisco certainly does.

2014 Vendor
Rating for
Security:
Positive

AMP will be
one of the most
beneficial aspects
of the [Sourcefire]
acquisition.

The AMP products will provide deeper capability to Cisco's role in

providing secure services for the Internet of Everything (IoE).

Market Recognition
Cisco Confidential

2013-2014 Cisco and/or its affiliates. All rights reserved.

Cisco is Leader in four Gartner Magic Quadrants:

Magic Quadrant for Network Access Control, Dec 2013
Magic Quadrant for Intrusion Prevention Systems, Dec 2013
Magic Quadrant for Secure Web Gateways, June 2014
Magic Quadrant for Secure Email Gateways, July 2014
Ciscos Security portfolio has been rated Positive in Gartners Vendor
Rating 2014.
We licensed online versions of the Gartner reports for distribution. Ask us
for the access links!

4

2014 Cisco and/or its affiliates. All rights reserved.

Why Cisco?
NSS Labs Next-Generation Firewall
Reports 2014
Cisco ASA with FirePOWER Services Excels!
NSS Labs conducted the most rigorous next-generation firewall testing
to date. Cisco ASA with FirePOWER Services excelled when compared to
other tested products. The industrys first, threat-focused NGFW is now
also the first in security effectiveness, according to NSS Labs reports.
Next Generation Firewall (NGFW) Security Value MapTM
Cisco (2)

Cisco (3)

100%

Cisco (1)

Dell SonicWALL
Check Point

WatchGuard
Fortinet (1)
McAfee

95%

Fortinet (2)

Average
Barracuda

90%

Cyberoam

85%

80%

75%

Product Legend
Barracuda F800b
Check Point 13500

70%

Cisco (1) FirePOWER 8350

Cisco (2) ASA 5525-X
Cisco (3) ASA 5585-X SSP60
Cyberoam CR2500iNG-XP
Dell SonicWALL SuperMassive E10800
Fortinet (1) FortiGate-3600C
Fortinet (2) FortiGate-1500D
McAfee NGF-1402

65%

Palo Alto Networks PA-3020

WatchGuard XTM1525

60%

Average

Palo Alto Networks

$70

$60

$50

$40

$30

$20

September 2014

$10

55%

$0

TCO per Protected-Mbps

Source: NSS Labs 2014 Security Value Map

Download your copies of the reports, and share the link with your customers!
http://cisco.com/go/nssngfw2014
Partner Confidential

Why Cisco?
Cisco Talos Security Intelligence &
Research Group
More Than Just a Traditional Response Team
The Cisco Talos Security Intelligence and Research Group is comprised
of elite cybersecurity experts whose threat intelligence detects, analyses,
and protects against both known and emerging threats by aggregating
and analyzing Ciscos unrivaled telemetry data of
1.1 million incoming malware samples per day
4.2 billion web filtering blocks per day
1 billion sender base reputation queries per day
100 TB of data received per day
More than just a traditional response

Available
7 x 24 x 365

organization, Talos works around the clock to

proactively discover, assess, and respond to
the latest trends in hacking activities, intrusion
attempts, malware and vulnerabilities with

new rules, signatures, file analysis and security tools to better protect
Cisco customers.
Talos also maintains the official rule sets of Snort.org, ClamAV,
SenderBase.org and SpamCop.

Cisco Security Research: www.cisco.com/security/center/home.x

Cisco 2014 Midyear Security Report: www.cisco.com/go/msr2014

6

2014 Cisco and/or its affiliates. All rights reserved.

Why Cisco?
Cisco is Serious about Security.
We are Transforming to Harness the
Opportunity.

Cisco is Transforming
Our objective is to be our customers
#1 Trusted Security Advisor
N
 ew Focus on Security: Investment and
momentum in Security to create the industrys
broadest solution portfolio
N
 ew Go-To-Market Approach: Empowered,
dedicated Security organisation the Global
Security Sales Organisation
N
 ew Security Partner Program: Incentives,
promotions and new security specialisations for
higher partner profitability

Partner Confidential

The Cisco Security Strategy

Security Challenges
A combination of three major realities that exist today has made the task
of defending a network more difficult than ever, while helping attackers to
find new ways to evade the defences.

Changing Business Models - The Internet of Everything will accelerate

the degree of change in the years to come, making it even more difficult
to defend the organisation.
Dynamic Threat Landscape - The attackers have become much more
sophisticated and the attacks have moved from static to dynamic.
Without near real-time discovery capabilities an organisation will be at a
significant disadvantage.
Complexity and Fragmentation - Most organisations have dozens of
security technologies that do not interoperate, and this is exacerbated by
a significant lack of security specialists available in the market.

8

2014 Cisco and/or its affiliates. All rights reserved.

The Cisco Security Strategy

The Attack Continuum
The best way to communicate the totality of the challenge is to look
at the attack continuum. There are three stages to an attack: Before,
During, and After.

Attack Continuum

Network

Endpoint
Point in Time

Mobile

Virtual

Cloud

Continuous

Before an attack - Organisations need to know what they are defending.

They need to know what is on their network to be able to defend it
(devices, operating systems, applications, users )
During an attack When attackers get through, the customers need to
be able to detect them. Once they detect the attack, they will be able to
block them and defend the environment.
After the attack Invariably, some attacks will be successful, and
customers need to be able to determine the scope of the damage,
remediate, and bring operations back to normal.

Partner Confidential

The Cisco Security Strategy

The Threat-Centric Security Model:
An Integrated, Open, Pervasive, and
Continuous Approach
By taking a threat-centric and operational approach to security,
organisations can reduce complexity and fragmentation, while providing
superior visibility, continuous control, and advanced threat protection
across the extended network and the entire attack continuum.

Unmatched
Visibility

Global
Intelligence With
the Right Context

Consistent
Control

Consistent Policies
Across the Network
and Data Center

Advanced
Threat
Protection

Detects and
Stops
Advanced
Threats

Reduced
Complexity

Fits and Adapts

to Changing
Business Models

Visibility-Driven - Get global intelligence and context for deeper insights

and better decisions.
Threat-Focused - Detect, understand, and stop threats across the entire
attack continuum
Platform-Based - Reduce fragmentation by using a platform-based
approach to protect the network, devices and the Cloud.

10

2014 Cisco and/or its affiliates. All rights reserved.

The Cisco Security Strategy

Only Cisco Delivers:
Platform-based solutions that integrate into an overall security system.

Attack Continuum

Firewall

VPN

NGIPS

Advanced Malware Protection

NGFW

UTM

Web Security

Network Behavior Analysis

NAC + Identity Services

Email Security

Malware Sandboxing

Security Services

Context-aware Security - Including physical and virtual hosts,

operating systems, applications, services, protocols, users, content
and network behaviour.
Continuous Security - Aggregate and correlate data from across
the extended network, discriminating between active attacks and
reconnaissance versus simply background noise.
Retrospective Security - Detect malware that is sophisticated enough
to alter its behaviour to avoid detection, and evaluate full packet capture
in order to successfully remediate.

Partner Confidential

11

What to Sell Focus Products

Next-Generation Network
& Data Center Security
Protect high-value data and data center resources with threat defence,
secure virtualisation, segmentation, and policy control.

Cisco ASA 5500-X with FirePOWER Services (NGFW)

Industrys first threat-focused NGFW
C
 ombines ASA firewall with Cisco Next-Generation
IPS (NGIPS) and Advanced Malware Protection (AMP)
P
 latform series with wide range of sizes and form
factors

Cisco ASA 5585-X with FirePOWER Services (NGFW)

Purpose-build security appliance for data centers
H
 ighest performance, resiliency, and scalability
through leading-edge clustering
C
 ombines ASA firewall with Cisco Next-Generation
IPS (NGIPS) and Advanced Malware Protection (AMP)

Cisco FirePOWER Next-Generation IPS (NGIPS)

The most advanced threat protection in the industry
Industry-leading throughput, threat detection efficacy,
and low TCO
Platform series with wide range of sizes and form factors

Cisco FireSight Management Center

C
 entrally manages operational functions for ASA with
FirePOWER Services and FirePOWER NGIPS
Automatically aggregates and correlates information
R
 educes cost by streamlining operations and
automating recurring analysis and management tasks

12

2014 Cisco and/or its affiliates. All rights reserved.

What to Sell Focus Products

Next-Generation Network
& Data Center Security
Reduce complexity while gaining superior visibility, consistent control, and
advanced threat protection across the entire attack continuum.

Cisco ASA Virtual Appliance (ASAv)

Fully integrated Application Centric Infrastructure (ACI) security
C
 onsistent transparent security across physical, virtual, ACI,
SDN, and Cloud
vSwitch support for Cisco, hybrid, and non-Cisco data centers

Cisco Virtual Next-Generation IPS for VMware

Virtualised offering of Cisco FirePOWER NGIPS solution
Reclaim visibility lost when virtualizing
E
 xtend Payment Card Industry (PCI) compliance to virtual
environments

Cisco Virtual Security Gateway

Integrates with Cisco Nexus 1000V virtual switch
D
 elivers security policy enforcement and visibility at a virtual
machine level
L
 ogically isolates applications in virtual data centers and
multi-tenant environments
E
 nforces separation of duties between security and server
administrators

Cisco ASA 1000V Cloud Firewall

Integrates with the Cisco Nexus 1000V virtual switch
Employs proven ASA technology
Spans and helps to secure multiple VMware ESX hosts
Enables consistency across physical, virtual, and cloud infrastructures

Partner Confidential

13

What to Sell Focus Products

The Cisco ASA Refresh Opportunity in Detail
Migrate from ASA 5500 End-of-Life Products
Migrate to:
ASA 5500-X with FirePOWER Services products
Include Technical Support Services
Key Selling Points:
M
 igrate to the new threat-focused NGFW that delivers
multi-layered protection, improved visibility, and reduced security
cost and complexity
O
 btain integrated threat defence across the entire attack
continuum by combining proven ASA NGFW capabilities with
industry-leading Cisco NGIPS and AMP
Up-Sell:
Cisco Security Migration Services
Cisco Network Device Security Assessment Services
If appropriate: Cisco ISE and ISE Assessment Services

Upgrade from ASA 5500-X without FirePOWER Services

Upgrade to:
FirePOWER Services for Cisco ASA
Include Cisco FirePOWER Services Subscription for AMP and
URL Filtering
Key Selling Points:
Same as Migration Key Selling Points
Up-Sell:
Same as Migration Up-Sell opportunities

14

2014 Cisco and/or its affiliates. All rights reserved.

What to Sell Focus Products

The Cisco ASA Refresh Opportunity in Detail
Migrate from Cisco IPS 4200 End-of-Sale Products, or
from Cisco IPS 4300 and 4500 Series
Migrate to:
Industry-leading Cisco FirePOWER 7000 and 8000 Series
Next-Generation IPS (NGIPS)
Include Cisco FirePOWER Services Subscription for AMP and
URL Filtering
Key Selling Points:
Dedicated NGIPS / AMP appliance
Very high throughput (>6 Gbps transactional IPS)
Up-Sell:
Cisco Security Migration Services
Cisco Network Device Security Assessment Services
If appropriate: Cisco ISE and ISE Assessment Services

Offer to Network-Centric Buyers: Convergence

Cisco ASA with FirePOWER Services allows convergence of the
ASA platform and Sourcefire IPS, AMP, URL Filtering

Offer for Security-Centric Buyers: Better Together

Cisco ASA 5500-X Series plus FirePOWER 7000 or 8000 Series as
best-in-class solutions

Partner Confidential

15

What to Sell Focus Products

Advanced Malware Protection
Cisco Advanced Malware Protection provides the continuous analysis and
advanced analytics that support Ciscos Retrospective Security capabilities.
Unlike the many point-in-time solutions on the market, Cisco Advanced
Malware Protection offers protection across the full attack continuum.

Point-in-time Detection:
Antivirus /Sandboxing

Analysis Stops
Sleep Techniques
Unknown Protocols
Encryption
Polymorphism

Initial Disposition = Clean

Retrospective Detection:
AMP

Actual Disposition = Bad

Analysis Continues

Initial Disposition = Clean

Actual Disposition = Bad

1

AMP Everywhere - We offer the industrys broadest portfolio of

integrated Advanced Malware Protection solutions
AMP for Cisco Web Security
AMP for Cisco Cloud Web Security
AMP for Cisco Email Security
AMP for Networks
AMP for Endpoints
Integrated in ASA with FirePOWER Services

16

2014 Cisco and/or its affiliates. All rights reserved.

What to Sell Focus Products

Web- & Email Security
Ciscos Content Security portfolio protects organisations from evolving
email and web threats. Email and Web security are critical components
of a holistic security strategy and represent a multibillion dollar market
in Europe.

Cisco Email Security (Appliances & Cloud-based)

F
 ights spam, viruses, and blended threats for
organisations of all sizes
E
 nforces compliance and protects reputation
and brand assets
A
 lso available as Cloud-based and Hybrid
solution (onsite appliance + Cloud)

Cisco Web Security (Appliances & Cloud-based)

P
 roactive security, application visibility, and
control for all users
E
 xtend real-time protection and policy
enforcement to remote employees
A
 lso available as Cloud-based solution and
Cloud-based integrated with Cisco firewalls

Opportunity!
L
 everage AMP integration as a key competitive differentiator
(AMP Everywhere)
C
 heck out www.cisco.com/go/promotions for latest Security
Incentives and Promos

Partner Confidential

17

What to Sell Focus Products

Secure Access & Mobility
Enhance network visibility and control with identity-aware secure
access solutions.

Cisco Identity Services Engine (ISE)

S
 ecurity policy management platform that
enforces secure access to network resources
(wired, wireless, and VPN)
A
 ccurately identifies every user and device that
connects to the network

Cisco Network Admission Control (NAC)

E
 nforces network security policies by allowing
access only to trusted devices
B
 locks access by noncompliant devices and
limits damage from emerging threats and risks

Cisco TrustSec
S
 ecure network access based on rich contextual data
(who, what, where, when, how)
A
 utomates firewall rules and access control list
administration, uses plain-language policies
E
 mbedded in the operating systems of Cisco ISE,
Catalyst and Nexus switches, Integrated Services
Routers, and ASA firewalls

Cisco AnyConnect Secure Mobility Services

H
 ighly secure, simple, and reliable off-premise
connectivity
E
 ndpoint intelligence and context across any access
method (wired, wireless, VPN ), from any device
R
 emote secure access to authorised applications for
tablets and smartphones
18

2014 Cisco and/or its affiliates. All rights reserved.

What to Sell Focus Products

The Avenue for Driving Incremental Pipeline:
Attach Security to Data Center Opportunities
Did you know that including Cisco security architectures as a component
of all data center opportunities can drive an average of 41% incremental
revenue on each deal?
Since there are no data center designs without a security component,
you will be addressing one of your data center customers top concerns.

Make Ciscos tightly integrated solution portfolio one

of your key competitive advantages:
Differentiate your offerings by selling an end-to-end data center
solution, which reduces the complexity of working with multiple
vendors and point products.

Check out the Cisco Secure Datacenter Solutions and the Cisco
Validated Designs
Check out www.cisco.com/go/promotions for latest Security
Incentives and Promos

www.cisco.com/go/securedatacenter

Partner Confidential

19

Partner Program
Security Architecture Specialisations
Cisco has re-designed the Security Specialisation program, aligning it to
the new product portfolio.

Master Security Specialisation

Complexity

Complete Security Portfolio

Advanced Security Architecture Specialisation

Complete Security Portfolio

Express Security Specialisations

Web | Email | NG Firewall | NG IPS

SMB

Midmarket

Enterprise

Market Segment
Cisco Confidential

2014 Cisco and/or its affiliates. All rights reserved.

Express Security Specialisation A new entry point into security

specialisations, allowing a partner to focus on one or several specific
products (Email, Web, Next-Generation Firewall, IPS).
Advanced Security Architecture Specialisation This specialisation
covers the breadth of Ciscos Security Portfolio, and offers more
advanced enablement for threat defence, secure access, Cloud and
management solutions.
Master Security Architecture Specialisation This specialisation
builds upon expertise attained in the Advanced Security Architecture
Specialisation and enables partners to deliver value-added security
solutions to their customers.
www.cisco.com/go/specializations -> Security Architecture
Specializations

20

2014 Cisco and/or its affiliates. All rights reserved.

Partner Program
Security Promotions & Incentives
Incentive Programs & Promotions are Ciscos commitment to Partner
Profitability. Increase your revenue potential with upfront discount and
backend payment programs, and special promotions that have been
designed to help you sell Cisco security products and solutions.

Marketing & Demand Generation

The free, ready-to-use marketing campaigns are designed to showcase
your partnership with us, and help you effectively market Cisco security
products and solutions to your customers.

Demoing Cisco Security Solutions

Cisco dCloud, the Cisco Demo Cloud, provides powerful self-service
capabilities for Cisco Partners. From scripted, repeatable demonstrations
to fully customized labs with complete administrative access, Cisco
dCloud can work for any use case.
www.cisco.com/go/promotions -> Filter Category Security
www.cisco.com/web/partners/sell/marketing-campaigns.html
dcloud.cisco.com

Partner Confidential

21

Partner Program
Useful Links
Cisco Security Intelligence Operations
tools.cisco.com/security/center/home.x

Security Community

communities.cisco.com/community/technology/security

Cisco Security Blog

blogs.cisco.com/security

Partner Support

www.cisco.com/web/partners/support

Training & Certification

www.cisco.com/web/learning

Certification Tracking
cisco.pearsoncred.com

Marketing Assets Library

bx.cisco.com/cbx-portal

Competitive Information

www.cisco.com/web/partners/sell/competitive

22

2014 Cisco and/or its affiliates. All rights reserved.

What Next?
Build and Practice your Security Pitch
Focus on Business Challenges
Focus on The Attack Continuum
Become comfortable talking about security

Have a Security Conversation with Your Customer

Identify the Security decision makers
Open the door for a deeper dive
Engage With Your Cisco Security Team!

Security can be a major contributor to your companys bottom line

S
 ecurity is no stand-alone technology, it is a differentiator for
your portfolio
T
 he Security market is very fragmented; Cisco provides you and
your customers a One-Stop-Shop

Partner Confidential

23