In less than a week, in Las Vegas, Cisco will showcase a revolutionary solution for defense and detection against encrypted malware.
In a recent global study, more than 40% of attackers used encryption to evade detection. Things will get much worse. By 2020, 80% of WW traffic will be encrypted according to multiple analysts. Simultaneously, weak, out-of-date, ciphers are proliferating, due to the rapid growth of users, devices and sessions. Enterprises often decrypt traffic for inspection on access networks. This approach will become prohibitively expensive due to sheer complexity, new privacy regulations and the adoption of perfect forward secrecy.
What is needed is to ubiquitously scan for threats in their encrypted state and continuously monitor your entire access infrastructure for the strong cryptography.
Cisco’s new Encrypted Traffic Analytics combines both these capabilities with new machine learning systems both in the cloud and on-premise. And it leverages your own network. Without decryption it detects hidden malware with high precision and it instantly identifies older cyphers and protocols so they can be updated.
At CiscoLive, Cisco will demonstrate the full power of machine learning enabled by Cisco Stealthwatch, Cognitive Analytics and new networking technologies.
Hidden Figures: Securing What You Cannot See - Session ID: INSSEC-1013
Detect Threats in encrypted Traffic without decryption - Session ID: BRKCRS-1560
Detecting Threats with Advanced Analytics Martin Rehak - Session ID: BRKSEC-3106
Deciphering Malware's Use of TLS (without Decryption) - Session ID: BRKSEC-2809
Understanding Encrypted Traffic Using "Joy" for Monitoring and Forensics - Session ID: DEVNET-1218
DevNet Workshop - An Introduction to Monitoring Encrypted Network Traffic with "Joy" - Session ID: DEVNET-1215
Security Monitoring with StealthWatch: The detailed walkthrough - Session ID: BRKSEC-3014
Building Network Security Policy Through Data Intelligence - Session ID: BRKSEC-2026
After CiscoLive, join us on July 12, 2017 in the Cisco Customer Connection program. We'll have a special technical deep-dive breifing on Stealthwatch 6.9.2 and whole ETA solution. Simply join the Customer Connection program to register and navigate your way to the online briefings session registration. www.cisco.com/go/ccp
And later in July, look for another Cisco blog on the science of encrypted malware detection using machine learning.
Look forward to your attendance in person in Las Vegas and on-line for the webinar and follow-up blog.
I use old good Cisco ASA 5550-failover clusters.I dont understand its current throughput.In Cisco datasheet info : Firewall Throughput Up to 1.2 Gbps ( 600 Mbps input + 600 Mbps output ) - right ? My config: Firewall mode: Transparent&...
Hi, I have FMC1000 appliance which running on version 6.3. I would like to verify hardware infomation of the FMC via CLI such as NIC, CPU cores, Memory, Event storage space and power supply status. Unfortunately, I have found only "show ver...
Team Hi,While reading about IPSec VPN the below mentioned statement has raised me a doubt "The peer that has traffic that should be protected will initiate the IKE phase 1 negotiation." So as per the above statement it states that the peer...
I am proposing to upgrade a customer's SNS-3595 from ISE 2.2 to ISE 2.4 via the rebuild process ;-) These nodes have some corruption in them and I would feel more with a complete rebuild. I don't have the luxury to reconfigure fro...
i´m playing around with trustsec a little bit and wondering if segmentation inside the same VLAN on the same switch is possible. Lets say i have 2 clients assigned SGT5 by 802.1x in the same boardcast domain on the same switch. In ISE i blocked the client...