1 00:00:06,700 --> 00:00:08,520 - [Instructor] One of the most important aspects 2 00:00:08,520 --> 00:00:11,533 of security is network visibility. 3 00:00:12,670 --> 00:00:14,460 The truth is you can't secure it 4 00:00:14,460 --> 00:00:17,220 if you don't know that it exists on your network. 5 00:00:17,220 --> 00:00:19,070 Visibility is the first step 6 00:00:19,070 --> 00:00:22,060 in controlling and securing your environment. 7 00:00:22,060 --> 00:00:23,430 There are multiple techniques 8 00:00:23,430 --> 00:00:25,580 that can be utilized on your network 9 00:00:25,580 --> 00:00:29,750 to obtain visibility necessary to maintain control 10 00:00:29,750 --> 00:00:32,590 during an outbreak or compromise. 11 00:00:32,590 --> 00:00:35,416 If you do not have complete visibility, 12 00:00:35,416 --> 00:00:38,810 you'll have blind spots under your network. 13 00:00:38,810 --> 00:00:41,660 The blind spots are where the bad guys hide. 14 00:00:41,660 --> 00:00:43,390 This includes critical systems 15 00:00:43,390 --> 00:00:45,890 as well as unnecessary services. 16 00:00:45,890 --> 00:00:48,490 Any of these can be compromised. 17 00:00:48,490 --> 00:00:50,660 Some of the most common technologies 18 00:00:50,660 --> 00:00:51,992 that can be utilized 19 00:00:51,992 --> 00:00:54,050 to obtain network visibility 20 00:00:54,050 --> 00:00:58,930 include NetFlow, IPFIX, Cisco StealthWatch, 21 00:00:58,930 --> 00:01:01,560 intrusion detection and prevention systems, 22 00:01:01,560 --> 00:01:04,290 as well as advanced malware protection. 23 00:01:04,290 --> 00:01:06,622 Many organizations fail to use 24 00:01:06,622 --> 00:01:08,423 one of the strongest tools 25 00:01:08,423 --> 00:01:12,540 that can help protect against today's security threats. 26 00:01:12,540 --> 00:01:14,250 The network itself. 27 00:01:14,250 --> 00:01:17,280 For example, Cisco Catalyst Switches, 28 00:01:17,280 --> 00:01:18,930 data center switches, 29 00:01:18,930 --> 00:01:22,500 ASR routers, integrated services routers, 30 00:01:22,500 --> 00:01:27,170 NextGen firewalls, NextGen intrusion prevention systems, 31 00:01:27,170 --> 00:01:29,090 NetFlow generation appliances 32 00:01:29,090 --> 00:01:32,140 such as StealthWatch flow sensors, 33 00:01:32,140 --> 00:01:34,400 and advanced malware protection, 34 00:01:34,400 --> 00:01:35,970 all work in conjunction 35 00:01:35,970 --> 00:01:39,060 with the Cisco application centric infrastructure 36 00:01:39,060 --> 00:01:42,783 to protect before, during, and after the attack. 37 00:01:42,783 --> 00:01:44,660 The network can be used 38 00:01:44,660 --> 00:01:48,120 in security in two different fundamental ways. 39 00:01:48,120 --> 00:01:50,250 The network as a sensor, 40 00:01:50,250 --> 00:01:55,250 where NetFlow allows you to use the network as a sensor, 41 00:01:55,770 --> 00:01:57,760 giving you deep and broad visibility 42 00:01:57,760 --> 00:02:01,700 into unknown and unusual traffic patterns, 43 00:02:01,700 --> 00:02:04,760 in addition to compromised devices. 44 00:02:04,760 --> 00:02:06,720 And the network as an enforcer, 45 00:02:06,720 --> 00:02:09,330 where you can use Cisco TrustSec 46 00:02:09,330 --> 00:02:13,610 to contain attacks by enforcing segmentation 47 00:02:13,610 --> 00:02:15,820 and user access control, 48 00:02:15,820 --> 00:02:18,893 even when bad actors are involved.