School Work

Choosing the Right Security Deployment

Categories
Published
of 8
All materials on our website are shared by users. If you have any questions about copyright issues, please report us to resolve them. We are always happy to assist you.
Related Documents
Share
Description
Cisco IronPort Security White Paper Choosing the Right Security Deployment Executive Summary Table of Contents 1 Executive Summary 2 Hosted Security 4 Hybrid Hosted Security 6 Managed
Transcript
Cisco IronPort Security White Paper Choosing the Right Security Deployment Executive Summary Table of Contents 1 Executive Summary 2 Hosted Security 4 Hybrid Hosted Security 6 Managed Security 8 Summary Enterprises of all sizes face the same daunting challenges increasing mail volumes and new, evolving threats. The Cisco IronPort Security services portfolio provides customers superior choice of deployment models built on the solid foundation of industry-leading security technology that protects 40 percent of Fortune 1000 companies from inbound threats and outbound data loss possibilities. Today's -borne threats consist of viruses, spam, false positives, distributed denialof-service (DDoS) attacks, spyware, phishing (fraud), regulatory compliance violations, data loss and more. Cisco IronPort Security addresses the issues faced by corporations, both large and small, by incorporating preventive and reactive security measures that are easy to deploy and manage. While threats continue to grow and evolve, organizations are demanding more from their IT teams more protection, more efficiency and more flexibility. To meet these demands, IT teams need more flexibility to architect solutions that address these business imperatives. Flexibility provides choice in deployment options for security and falls under three board categories. First, there are customers that want to improve operational efficiency by outsourcing the problem of spam through the use of hosted or software as a service (SaaS) solutions. The second includes customers that want to maintain maximum control of sensitive outbound information through the deployment of on-premises security infrastructure. The third category encompasses customers that want to use a hybrid (or divided) approach which includes use of hosted solutions for efficiency while still maintaining the benefits of an on-premises appliance-based deployment. Having choice, based on an organization s existing and future business needs, is important when selecting a solution and vendor. Cisco IronPort Security services provide customers the choice of the available form factors, all built upon the same industry-leading IronPort security technology and backed by the Cisco SenderBase Network. These form factors suit the needs of any administrator: Cisco IronPort Hosted Security Cisco IronPort Hybrid Hosted Security Cisco IronPort Managed Security This document discusses the various Cisco IronPort Security service options and provides insights into choosing the solution that best fits your organization s business needs. 1 Hosted Security Cisco IronPort Hosted Security provides industry-leading IronPort security technology via a dedicated infrastructure deployed in multiple, geographically-diverse Cisco data centers. A hosted security solution is suitable when organizations seek any of the following: To reduce data center footprint thus reducing rack space, power and cooling demand, as well as administrative overhead To lower Total Cost of Ownership (TCO) To expedite time to deployment for current and future capacity requirements Remove Spam & Malware Cisco IronPort Hosted Security cleans in the data center prior to it entering the customer's network Customer Cisco Data Centers 2 Pass Clean Optional: Outbound Filtering These business elements are essential when it comes to choosing a hosted solution. However, traditional hosted security solutions have a number of drawbacks that can seriously limit the effectiveness of the solution. The section below outlines each of these limitations and indicates how Cisco IronPort Hosted Security addresses these problems. Anti-Spam Efficacy Spam volumes have continued to double year over year. As a result, organizations are recognizing the need for an anti-spam vendor that is effective at catching spam. Every percentage point of missed spam means double the number of actual messages in users inboxes annually. In addition to having a good spam catch rate, it is equally important to have a low false-positive (legitimate messages classified as spam) rate. Traditional hosted security vendors have hovered around the 95 percent catch rate with a very high false-positive rate. The result is that end-users either spend time dealing with spam messages in their inbox or (even worse) keep calling the administrator, with the frustration that their legitimate business has been classified by the security vendor as spam and likely quarantined. Cisco is the industry leader in anti-spam technology. Cisco s IronPort technology consistently delivers a more than 99 percent catch rate and balances this near-perfect statistic with an industry-best rate of less than one false positive per million messages. This is one of the principal differentiators for Cisco solutions and a key reason why customers continue to choose Cisco over the competition. Service Uptime and Data Contamination Traditional hosted security vendors base their solutions on a shared infrastructure. While this helps reduce costs, the risk of the shared fate phenomenon is that if one customer s mail environment has a problem it can ripple through other customers sharing that same infrastructure. Major hosted security vendors whose solutions are based on a shared infrastructure have recently experienced significant downtime. 2 With Cisco IronPort Hosted Security, every customer gets a dedicated infrastructure that is not shared with any other customer. In fact, each dedicated infrastructure is deployed in multiple geographically-diverse data centers to ensure maximum uptime. Moreover, the service provides the highest levels of risk protection from data contamination in a hosted form factor due to the physical separation of customer s and data. Advanced Controls While even the smallest of organizations are faced with -borne threats (such as viruses, spam, false positives, DDoS attacks, spyware, phishing, regulatory compliance violations, data loss and more) on a daily basis, traditional hosted security vendors provide very rudimentary security controls. The result is that customers have to make do with whatever is provided by the vendor. Cisco IronPort Hosted Security provides the customer a set of advanced, enterprisegrade controls that can be leveraged to strengthen their security. These include capabilities like bounce verification, SPF, DKIM, TLS, compliance dictionaries, smart identifiers and a slew of advanced content filter rules. All of these advance controls are available at no extra charge. Message Tracking While the performance and accuracy of the security elements are paramount, an equally important aspect is the ability to track messages. administrators want to have the flexibility to immediately determine the disposition of a message that passed through the hosted security solution. With traditional hosted security vendors, customers have to open a ticket with customer support and then wait (sometimes hours at a length) to get an answer. This can be very frustrating for an administrator especially in the case where a CEO has called asking about a business-critical message that was supposed to have been delivered hours ago. Cisco IronPort Hosted Security provides customers with an easy-to-use message tracking interface that allows them to search for messages in real time. As a result, the administrator can respond to critical calls and provide answers within minutes, rather than waiting hours for their vendor to respond to the open ticket. Reporting In addition to message tracking, security reporting is critically important to administrators. Cisco IronPort Hosted Security provides very sophisticated management, monitoring and reporting tools. The service includes a unique reporting system providing both a real-time and historical look at mail flowing through an organization s infrastructure. These tools provide administrators with the necessary informa tion to make critical security decisions in real time, export professional, visually rich reports in PDF for management consumption as well as the ability to schedule reports for automatic delivery to particular addresses. 3 Hybrid Hosted Security Cisco IronPort Hybrid Hosted Security is a unique security service that provides customers with the choice to deploy security in the way that best meets their business needs. The architecture includes security infrastructure divided between cloud-based and on-premises form factors. Organizations typically deploy inbound security controls (anti-spam, anti-virus, etc.) through a hosted infrastructure while protecting sensitive information through encryption and data loss prevention (DLP) solutions via on-premises appliances. A hybrid hosted security solution is suitable for organizations that want to address some of the following business requirements: Remove Spam & Malware 1 The Cisco IronPort Hybrid Hosted Security service has the added benefit of outbound filtering on the customer premises Pass Clean 2 Customer Cisco Data Centers 3 Apply DLP & encryption policies Leveraging the benefits of a hosted form factor Maintaining control of outbound data on-premises Simplifying management Customers desire a best in class security solution that helps with business planning predictability. The section below specifies each of these business requirements and describes how Cisco IronPort Hybrid Hosted Security addresses these problems. Outbound Control Data loss prevention (DLP) is a serious issue for companies, as the number of incidents (and the cost to those experiencing them) continues to increase. Whether it s a malicious attempt, or an inadvertent mistake, data loss can diminish a company s brand, reduce shareholder value, and damage the company s goodwill and reputation. In addition, organizations need to comply with numerous regulations that put strict requirements on how sensitive data needs to be handled. These regulatory requirements are best met with an on-premises deployment which allows customers to scan sensitive data, and even encrypt it, before it is sent out on a public network. Many organizations are looking to increase their business and operational efficiencies through the use of hosted inbound security, but also want to leverage an on-premises solution for advanced content filtering. Cisco IronPort Hybrid Hosted Security is a unique service that allows customers to achieve this goal by dividing the control. Spam and virus filtering occurs through the hosted infrastructure, while on-premises appliances are used for compliance, DLP and encryption technologies. To help organizations successfully solve their business problems, pre-defined content filters (for HIPAA, GLB, SOX, and other regulatory filters), smart identifiers (Social Security numbers, bank routing numbers, and more) as well as the Cisco IronPort Encryption solution are all available with Cisco IronPort Hybrid Hosted Security. 4 Simplified Management While a hybrid hosted deployment option makes great business sense, customers still have to deal with tracking and reporting of data spanning both form factors (given that now flows through two sets of deployments). When a CEO calls the administrator asking, What happened to that I was expecting two hours ago?, the administrator should not have to log in to two separate interfaces to search for messages, or open tickets with a vendor to figure out the disposition of the CEOs message. The interface to search messages across both deployments should be available to provide answers in an expedient manner. Similarly, instead of having to go to multiple interfaces to view reports and download statistics on flow, a common interface should be available to greatly improves administrator efficiency. Cisco IronPort Hybrid Hosted provides customers the power of real-time message tracking and reporting in an easy-to-use interface that spans both the hosted and onpremises deployments. Administrators can use the message tracking interface to immediately pinpoint the status of messages of interest. In addition, they can view a large number of pre-canned reports, download them in PDF format, export them to CSV format and even schedule them for delivery based on time preferences. The tracking and reporting features greatly simplify both administration and management, resulting in significant efficiency gains. Business Planning Predictability When choosing a solution, organizations should evaluate not only the technical aspects, but also the business aspects. Today s IT executives have CFO mandates to reduce costs and make them more predictable. These costs include initial and ongoing hardware and software expenditures. Additionally, companies have limited flexibility when it comes to Capital Expenditure (CapEx) budget dollars. Traditional hosted solutions provide customers with benefits including a predictable, per-user per-year pricing model, future capacity assurance required to meet spam volume growth as well as an Operating Expenditure (OpEx) model that provides more flexibility over the CapEx model. Cisco IronPort Hybrid Hosted Security provides the same benefits that are offered by traditional hosted vendors, but on both deployment form factors hosted and on-premises. Customers receive the following additional advantages on the entire infrastructure, available for a simple per-user, per-year price: Initial hardware infrastructure Ongoing capacity Software license OpEx vs. CapEx billing With Cisco IronPort Hybrid Hosted Security, the software licensing is unique. Customers get hardware, support and software licenses in a single package. The software license can be deployed by the customer wherever they chose some of the license capacity can be utilized in the cloud and some on premises. For example, many customers will deploy anti-spam and anti-virus in the cloud and encryption and content filtering on-premises. However, for outbound scanning, customers have the flexibility to deploy the anti-virus solution even on their on-premises appliances at no additional cost. 5 Managed Security Cisco IronPort Managed Security is a service that monitors and manages an organization s delivery infrastructure, allowing IT managers to focus on other strategic initiatives. This service eliminates the need to continuously train personnel and budget for more hardware due to increasing spam volumes. Customers benefit from the highest levels of data security provided by an on-site security appliance, while taking advantage of the flexibility to delegate some or all of the management and maintenance responsibilities. A managed security solution is suitable for organizations faced with the following challenges: Difficulty finding trained personnel Free resources to focus on strategic IT initiatives Cisco IronPort Managed Security provides 24x7 support for the customer's on-premises infrastructure VPN Tu nnel Cisco Security Operations Center (SOC) Secure Administration The need for an on-premises security solution with predictable pricing Customer Flow Remote Monitoring and Management With Cisco IronPort Managed Security, IronPort appliances are deployed in customer data centers and remotely monitored and managed at all times by security experts on the Cisco Remote Management Services team. Utilizing a proven, Information Technology Infrastructure Library (ITIL) based methodology and processes, the Cisco team delivers trusted solutions to ensure business continuity. Customers retain ultimate control of their own network, and have real-time visibility into its health and the status through an easy-to-use portal. Incident record and location image from the customer support portal 6 Flexible Management Models Most managed service providers restrict customers from gaining management control to the infrastructure that is deployed on their own premises. While this may be suitable for some, most administrators want access the infrastructure to provide quick and simple responses to queries like, What happened to my ? or Who are the top offenders of the recently added content policy?. Without management access, administrators will have to depend on the service provider for even the smallest of requests. With Cisco IronPort Managed Security, the customer has a choice when it comes to deciding the best way to manage their infrastructure. The service provides organizations with two options: Co-Managed Model: This model offers Cisco as an extension of the customer s IT team. It provides critical security management and monitoring support based on organizational needs. The co-management model is flexible and customized to adapt to your businesses processes. The customer always has full access to all IronPort appliances in their network, backed by the administrative support of the Cisco services team. Fully-Managed Model: This model provides an always on service whereby all aspects of security are remotely handled by Cisco experts. This comprehensive service includes ongoing configuration support, incident management, up-to-date ticket tracking, reporting and other operational functions ensuring the health and welfare of a company s infrastructure. Business Planning Predictability Like the other deployment options discussed earlier, Cisco IronPort Managed Security provides business planning predictability through a single, per-user per-year price that includes: Initial hardware infrastructure Ongoing capacity Software licenses The result is that customers receive flexibility through an OpEx cost model, versus a CapEx cost model. Cisco IronPort Managed Security enables the highest levels of security with a flexible management model desired by administrators. With either selection, the important tasks are being managed and monitored by experts. This model allows administrators to focus on more strategic initiatives, such as growing their business. 7 Conclusion The Cisco IronPort Security services portfolio provides organizations with the opportunity to select the security infrastructure that is best for them security leadership with choice, backed by security experts. Depending upon business needs, customers can choose one of many deployment options including Cisco IronPort Hosted Security, Cisco IronPort Hybrid Hosted Security or Cisco IronPort Managed Security. Regardless of the deployment model, customers get the benefits of hardware capacity assurance, predictable budgetary planning and simplified management. Cisco has helped organizations worldwide with security services, backed by industry-leading support and corporate stability. For more information about Cisco IronPort Security services, please visit: Americas Headquarters Cisco Systems, Inc. San Jose, CA Asia Pacific Headquarters Cisco Systems (USA) Pte. Ltd. Singapore Europe Headquarters Cisco Systems International BV Amsterdam, The Netherlands Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at CCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iphone, iquick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet
Search
Related Search
We Need Your Support
Thank you for visiting our website and your interest in our free products and services. We are nonprofit website to share and download documents. To the running of this website, we need your help to support us.

Thanks to everyone for your continued support.

No, Thanks