In less than a week, in Las Vegas, Cisco will showcase a revolutionary solution for defense and detection against encrypted malware.
In a recent global study, more than 40% of attackers used encryption to evade detection. Things will get much worse. By 2020, 80% of WW traffic will be encrypted according to multiple analysts. Simultaneously, weak, out-of-date, ciphers are proliferating, due to the rapid growth of users, devices and sessions. Enterprises often decrypt traffic for inspection on access networks. This approach will become prohibitively expensive due to sheer complexity, new privacy regulations and the adoption of perfect forward secrecy.
What is needed is to ubiquitously scan for threats in their encrypted state and continuously monitor your entire access infrastructure for the strong cryptography.
Cisco’s new Encrypted Traffic Analytics combines both these capabilities with new machine learning systems both in the cloud and on-premise. And it leverages your own network. Without decryption it detects hidden malware with high precision and it instantly identifies older cyphers and protocols so they can be updated.
At CiscoLive, Cisco will demonstrate the full power of machine learning enabled by Cisco Stealthwatch, Cognitive Analytics and new networking technologies.
Hidden Figures: Securing What You Cannot See - Session ID: INSSEC-1013
Detect Threats in encrypted Traffic without decryption - Session ID: BRKCRS-1560
Detecting Threats with Advanced Analytics Martin Rehak - Session ID: BRKSEC-3106
Deciphering Malware's Use of TLS (without Decryption) - Session ID: BRKSEC-2809
Understanding Encrypted Traffic Using "Joy" for Monitoring and Forensics - Session ID: DEVNET-1218
DevNet Workshop - An Introduction to Monitoring Encrypted Network Traffic with "Joy" - Session ID: DEVNET-1215
Security Monitoring with StealthWatch: The detailed walkthrough - Session ID: BRKSEC-3014
Building Network Security Policy Through Data Intelligence - Session ID: BRKSEC-2026
After CiscoLive, join us on July 12, 2017 in the Cisco Customer Connection program. We'll have a special technical deep-dive breifing on Stealthwatch 6.9.2 and whole ETA solution. Simply join the Customer Connection program to register and navigate your way to the online briefings session registration. www.cisco.com/go/ccp
And later in July, look for another Cisco blog on the science of encrypted malware detection using machine learning.
Look forward to your attendance in person in Las Vegas and on-line for the webinar and follow-up blog.
I have a customer who needs the document for confirmation that it's not possible to install 3rd party AV software on FMC and IronPort WSA VM or appliance. Does anyone know of any documentation? Thank you for help!
Hello Team We have planned a downtime.. and need to reload standalone ISE 2.7.2 version. Just want to understand.. any live radius connection will drop during this time.. as we have some anyconnect client connected to the network via Radius...
Hello, I performed a SMA upgrade from 13.6.2-058 to 13.8.1-074 I noticed in Access Policies that the URL filtering has different values in the Blocked, Monitored ... section It is one or two fewer in some policies Any idea ...
So I posted a question last week with some questions about Cisco routers and VPN's. I already have my CCNA in routing and switching, but I'm starting to work with more VPN's. I've set up an IPSec tunnel between two devices before, but as I'm starting to t...