Cyber Threat Defense Overview
Gain visibility into Advanced Persistent Threats (APTs) and other attacks. (Video - 3:09 min)
Cisco 2014 Annual Security Report
Read breaking analysis with a global perspective into evolutionary threats.
Engage with Cisco Security
Find out what's new with Cisco Security and engage with experts and peers.
Gain Visibility into Advanced Persistent Threats
Cisco Cyber Threat Defense focuses on the most complex, dangerous information security threats, which lurk in networks for months or years, stealing vital information and disrupting operations.
It exposes these threats by identifying suspicious network traffic patterns within the network interior. Then, it provides contextual information about the attack, users, identity, and more - all visible from a single pane of glass.
What You'll See
Through Cisco Cyber Threat Defense, security analysts learn about advanced attacks, including:
- Network reconnaissance, which probes the network to exploit attack vectors through custom-crafted cyber threats
- Network interior malware proliferation, which spreads malware across hosts to gather security reconnaissance data
- Command and control traffic, which communications between the attacker and compromised internal hosts
- Data exfiltration, which exports sensitive information back to the attacker, generally through command and control communications
How It Works
Cisco Cyber Threat Defense safeguards your network by:
- Providing threat defense in the network interior, home to the most elusive and dangerous threats
- Helping enable scalable, ubiquitous, and cost-effective security telemetry throughout the network, using NetFlow data
- Simplifying error-prone and expensive manual threat investigation processes
- Using existing Cisco switch, router, and ASA 5500 network footprint
The Cisco Cyber Threat Defense Solution is built on the following components:
- Unique interior network traffic telemetry capabilities of Cisco Catalyst switches, Cisco routers, and Cisco ASA 5500 Series Next Generation Firewalls.
- Network traffic analysis from the StealthWatch System from Lancope
- Identity, security, and application-type contextual information for discerning the target and threat severity from:
- The StealthWatch Management Console provides the unified view
Cisco Cyber Threat Defense Solution At-a-Glance (PDF - 425 KB)
Cisco Security -- Gain Visibility Across Attack Continuum (PDF - 75 KB)
Detecting Network Reconnaissance Guide (PDF - 1 MB)
Security for Evolving Threats Executive Perspective (PDF - 121 KB)
1.0 Design and Implementation Guide (PDF - 1 MB)
Gaining Visibility and Context Through NetFlow Security Event Logging Guide (PDF - 945 KB)
Gain Visibility in the Data Center with the Cisco NetFlow Generation Appliance Guide (PDF - 891 KB)
Detecting BotNet Traffic Guide (PDF - 1 MB)
Detecting Internal Malware Spread Guide (PDF - 1 MB)
Detecting Data Loss Guide (PDF - 1 MB)
Integrating the Cisco Identity Services Engine with StealthWatch 6.3 Guide (PDF - 1 MB)
ASR 1000 Series NetFlow Configuration Guide (PDF - 498 KB)
Cisco Cyber Threat Defense Solution Data Sheet
Cisco Cyber Threat Defense Solution Overview
Cisco Security Intelligence Operations -- Defense in Depth (Presentation PDF) (PDF - 3 MB)
Find details about hardware devices, software applications, and specialized components that relate to your networking solution.