Security Officer Scenario

Ajay is Chief Security Officer (CSO) with a Delhi-based international talent search organization that employs a number of mobile workers. Traveling for extended periods, these employees access the office intranet facilities using a conventional VPN client. While this provides unsecured access to company information, it makes the system vulnerable to security attacks.

The management has learned from an external source that a public website is featuring the company’s confidential information. Ajay has a mandate to investigate, remediate the incident and report back to management. After day-long data mining and log analysis, Ajay learns that a hacker has exploited an existing vulnerability on the SQL database and accessed confidential company information.

Would it not be easier for Ajay if he had a system in place to detect the attack in progress against critical infrastructure and be able to launch a policy to stop the attack?

To be able to correctly analyze the attack in progress, Ajay and his team need an event analysis and co-relation solution (Cisco CS-MARS) which enables them to detect attack in progress and support mitigation suggestions. Now they can use Cisco Security Manager to centrally roll out security policies across their infrastructure and protect the enterprise.

The CSA solution on an SQL server is ideal to protect the server from day-zero attacks. For extending secure remote access, the company should look to implement the SSL-VPN and NAC technology. SSL-VPN will allow their employees to access corporate applications remotely while NAC will do a detailed posture check of the devices before granting access to the corporate network. These two, together, will ensure that end-users comply with company policies and provide port security functionality so that no unauthenticated user can access confidential information.

Technology Details

CS-MARS (Event Co-relation, Incident Management)
Cisco Security Monitoring, Analysis and Response System (CS-MARS) is an all-inclusive security event management solution that can be deployed out-of-the box and customized according to your needs via customer-led rule-creation, threat reporting, incident investigation and a host of other features including security posture and threat reports. It allows network and security administrators to monitor, identify, isolate, and counter security threats.

CSM (Security Configuration, Policy Management)
Cisco Security Manger (CSM) can centrally provision all aspects of device configurations and security policies for firewalls, VPNs and intrusion prevention system (IPS) devices.

NAC (Role based admission access control, Device Posture assessment, Port Security)
Network admission control (NAC) helps organizations reduce risk by preventing vulnerable hosts from obtaining and retaining normal network access. NAC helps ensure that all hosts comply with the baseline security policies prior to obtaining normal network access.

Self Defending Network
Rather than patch together a selection of offerings from multiple vendors that may have compatibility issues, Ajay opted to install the Cisco Self-Defending Network in his organization. The Cisco SDN is a systems architecture that provides end-to-end network defense while enforcing policy compliance. The network comprises a collection of devices that enable collaboration, enhance business agility, increase productivity, and facilitate the delivery of new services.

Ajay and his organization benefited tremendously from the deployment of the SDN:

  • His people and IT assets are safe
  • His organization is more resilient and reliable
  • He has derived maximum business benefit from IT investments
  • Compliance with security regulations is complete.
  • Unified communications and mobility solutions are secure.
  • Data centers and branch locations are secure.

Little wonder that he found it to be the ideal end-to-end collaborative security service since it was integrated into the network itself, and deployed an easy-to-use scalable model suitable to all sizes and types of organizations.


Featured Content

John Chambers, CEO, Cisco presents the keystones of a robust security policy.


Mobile Worker Scenario

Ajay has put in place several measures to ensure that the organisation’s employees derive maximum benefits while the server and systems have foolproof security. Read on to see the end-user challenges that these measures addressed, particularly for Sheila, a mobile worker.

Learn More

Let Us Help