Upload
others
View
12
Download
0
Embed Size (px)
Citation preview
Cisco Customer EducationGet AMP'ed with Cisco Advanced Malware Protection
This session was recorded via Cisco WebEx! You can watch the live session recording via the following URL:
https://acecloud.webex.com/acecloud/lsr.php?RCID=2a9e13dcb37a4721b5c9fc97052488bb
Thanks for your interest and participation!
This session was recorded via Cisco WebEx! You can watch the live session recording via the following URL:
https://acecloud.webex.com/acecloud/lsr.php?RCID=0371b71ece314275bf2f948eec096506
Presentation Agenda
► Welcome from Cisco
► Security in the 21st Century
► Conclusion
► Talos and Advanced Malware Protection
► Next Generation Threat Protection
► Conclusion
Priors:Cisco Sales and Channels (10.5 yrs)President and CEO (6 yrs) - Cisco Premier Partner Director of Sales (2 yrs) - Cisco Silver PartnerFinancial Analyst (7 yrs) - Sprint Corporation
About Your HostBrian AveryTerritory Business ManagerCisco Systems, [email protected]
Who Is Cisco?
Cisco Confidential 4© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Computer scientists, Len Bosack and Sandy Lerner found Cisco Systems
Bosack and Lerner run network cables between two different buildings on the Stanford University campus
A technology has to be invented to deal with disparate local area protocols; the multi-protocol router is born
1984
WellFleet
SynOptics
3Com
ACC
DEC
Proteon
IBM
Bay Networks
Newbridge
Cabletron
Ascend
Fore
Xylan
3ComNortel
Ericsson
Alcatel
JuniperLucent
Siemens
NECFoundry
Redback
Riverstone
Extreme AristaHP
Avaya
Juniper
Huawei
Aruba
Brocade
Checkpoint
Fortinet
ShoreTel
Polycom
Microsoft
F5
Riverbed
Dell
Internet of Everything
1990 – 1995 1996 – 2000 2001 – 2007 2008 – Today
The Landscape is Constantly
Changing
Leading for Nearly 30 Years
2016
Cisco Confidential 6© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Who Is Cisco?
Chuck Robbins,CEO, Cisco
• Dow Jones Industrial AverageFortune 100 Company (AAPL, CSCO, INTC, MSFT)
• $117B Market Capitalization
• $49.6B in Revenue
• $10B in Annual Net Profits
• $34B More Cash than Debt
• $6.3B in Research and Development
http://finance.yahoo.com/q/ks?s=CSCO+Key+Statistics
No. 1Voice
41%
No. 1TelePresence
50%
No. 1Web
Conferencing43%
No. 1Wireless LAN
50%
No. 2x86 Blade Servers
29%
No. 1RoutingEdge/Core/
Access
47%
No. 1Security
31%
No. 1SwitchingModular/Fixed
65%
No. 1Storage Area
Networks47%
Market Leadership Matters
Cisco Confidential 8C97-731719-02 © 2014 Cisco and/or its affiliates. All rights reserved.
Security in the 21st Century
Cisco Confidential 9© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Remember This Movie?
http://www.imdb.com/title/tt0086567/
It’s All About The MoneyIndustrial Hackers Are Making Big Money with Innovative Tactics
1990 1995 2000 2005 2010 2015 2020
Viruses1990–2000
Worms2000–2005
Spyware and Rootkits2005–Today
APTs CyberwareToday +
Phishing, Low Sophistication Hacking Becomes
an Industry Sophisticated Attacks, Complex Landscape
of large companies targeted by malicious traffic95% of organizations interacted
with websites hosting malware100% 1. Cybercrime is lucrative, barrier to entry is low2. Hackers are smarter and have the resources to compromise your organization3. Malware is extremely sophisticated and complex4. Cybercrime is now a formal, for-profit industry
Source: 2014 Cisco Annual Security Report
Global Cybercrime Market $450B‒$1T
Cisco Confidential 11© 2013-2014 Cisco and/or its affiliates. All rights reserved.
High Profile Breaches
As of 12/31/2014 http://www.idtheftcenter.org/images/breach/DataBreachReports_2014.pdf
1,000,000
70,000,000
56,000,0002,600,000
1,100,000
And Yet…Organizations of every size are targets
60% of UK small businesses were compromised in 2014 (2014 Information Security Breaches Survey)
100% of corporate networks examined had malicious traffic(Cisco 2014 Annual Security Report)
41% of targeted attacks are against organizations with fewer than 500 employees (July 2014 The National Cyber Security Alliance (NCSA)
41% of targeted attacks are against organizations with fewer than 500 employees (July 2014 The National Cyber Security Alliance (NCSA)
Information of up to 750 million individuals on the black market over last three years.
54% of breaches remain undiscovered for months.
YearsMonths
Impact of a Breach
HoursStart
Breach occurs 60% data in breaches is stolen in hours.
Today’s cyber-threat reality
If you know you are going to be compromised, how should you do security
differently?
Why? Because you’ll never be able to prevent 100% of
attacks.
Your environmentwill get breached –it’s not an “IF” it’s a
“WHEN”
The Attack Surface
Attack surface – web browsers
More than
85% of the companies studied were affected each month by malicious browser extensions
Users becoming complicit enablers of attacksUntrustworthy sources
Clickfraud and Adware
Outdated browsers 10% 64%IE requests running latest version
Chrome requests running latest version
vs
Attack surface – user error on web
Attackers:Shifts in the attack vectors
Java
Silverlight
Flash
Java drop 34%
Silverlight rise 228%
PDF and Flash steady
Log Volume
2015 Cisco Annual Security Report
Attack surface – web applications
Attackers:
Malvertising is on the rise: low-limit exfiltration makes infection hard to detect
In October 2014, there is a spike of
250%
Compromising without clicking
Exploit Kits, e.g. Cryptowall version 4
• Notorious ransomware • Version 1 first seen in 2014• Distributed via Exploitkits and Phishing Emails• Fast Evolution
CRYPTOWALL 4.0
Phishing and Social Engineering
Attackers:
A growing appetite to leverage targeted phishing campaigns
Example: Snowshoe SPAM attack
SPAM up
250%
Attack surface - email
Social EngineeringWaiting for his plane
Meet Joe. He is heading home for a well deserved vacation.
He’s catching up on email using the airport Wi-Fi while he waits for his flight.
Social EngineeringChecks his email
Joe just got an email from his vacation resort.
Your Tropical Getaway
Joe,
Thank you for choosing us. We look forward to seeing you.
Before your arrival, please verify your information here: www.vacationresort.com
Best,Resort Team
Social EngineeringInstinctively, he clicks on the link
No problem, right? Everything looks normal.
The site may even be a trusted site, or maybe a site that is newly minted.
Your Tropical Getaway
Joe,
Thank you for choosing us. We look forward to seeing you.
Before your arrival, please verify your information here: www.vacationresort.com
Best,Resort Team
Social EngineeringJoe is now infected
Joe opens the link and the resort video plays.
Although he doesn’t know it, Joe’s machine has been compromised by a Silverlight based video exploit.
The malware now starts to harvest Joe’s confidential information:
• Passwords
• Credentials
• Company access authorizations
Cisco Security Overview
Too Many Disparate Security Products Mean Gaps in Protection
vs
Fragmented offerings across multiple vendors
Streamlined advanced security solution
Cost
Lower opex and easier to manage
Higher total cost to build and run
Overall performance
Less communication between components
Better communication and integration
Time to detection
Faster time to detection
More lag in finding threats
Antivirus
Legacy IPSInitial Disposition = Clean Actual Disposition = Bad
Too Late!!
Analysis Stops
Even
t Hor
izon Sleep Techniques
Unknown ProtocolsEncryptionPolymorphism
Blind to scope of compromise
Point-in-Time Detection Tools Alone Are Insufficient and Provide Limited or No Visibility Into Threats Once They Get in
Not 100%
I'm going for fearsome here, but I just don't feel it!
I'm think I'm just coming off as annoying.
Competitors
What’s Needed to Protect Against Advanced Threats That Manage to Slip by YourFront-Line Defenses?
Deep Visibility
Control
+
Defending Against These Advanced Threats Requires Greater Visibility and Control Across the Full Attack Continuum
BeforeDiscover EnforceHarden
DuringDetect Block
Defend
AfterScope
ContainRemediate
Attack Continuum
Data Center/Servers EndpointsEmail and Web Network Mobile
Threat intelligence and analytics
Point-in-Time detection
Retrospective security and continuous analysis
Defending Against These Advanced Threats Requires Greater Visibility and Control Across the Full Attack Continuum
BeforeDiscover EnforceHarden
DuringDetect Block
Defend
AfterScope
ContainRemediate
FireSIGHT and pxGrid
ASA VPN
OpenDNS Meraki
Advanced Malware Protection
Network as Enforcer
NGIPS
ESA/WSA
CWSSecure Access + Identity Services ThreatGRID
Attack Continuum
Cisco Advanced Malware Protection
AMP
Cisco Advanced Malware Protection
Software-as-a-ServiceCloud Managed
Subscription Based
Threat Intelligence and Advanced AnalyticsThe Numbers
1.6 million global sensors 100 TB of data received
per day 150 million+
deployed endpoints Experienced team of
engineers, technicians, and researchers
35% worldwide email traffic
13 billion web requests 24x7x365 operations 4.3 billion web blocks
per day 40+ languages 1.1 million incoming
malware samples per day AMP Community Private/Public
Threat Feeds
Talos Security Intelligence AMP Threat Grid
Intelligence AMP Threat Grid Dynamic
Analysis10 million files/month
Advanced Microsoft and Industry Disclosures
Snort and ClamAV Open Source Communities
AEGIS Program
Web
WWW
Endpoints DevicesNetworksEmail IPSAutomatic updates
in real time
101000 0110 00 0111000 111010011 101 1100001 1101100001110001110 1001 1101 1110011 0110011 101000 0110 00
1001 1101 1110011 0110011 101000 0110 00 101000 0110 00 0111000 111010011 101 1100001 1100001110001110 1001 1101 1110011 0110011 10100
1001 1101 1110011 0110011 101000 0110 00 Cisco®
Collective Security
IntelligenceCisco Collective
Security Intelligence Cloud
AMPAdvanced Malware Protection
Threat Intelligence and Advanced AnalyticsThe Numbers
1.6 million global sensors 100 TB of data received
per day 150 million+
deployed endpoints Experienced team of
engineers, technicians, and researchers
35% worldwide email traffic
13 billion web requests 24x7x365 operations 4.3 billion web blocks
per day 40+ languages 1.1 million incoming
malware samples per day AMP Community Private/Public
Threat Feeds
Talos Security Intelligence AMP Threat Grid
Intelligence AMP Threat Grid Dynamic
Analysis10 million files/month
Advanced Microsoft and Industry Disclosures
Snort and ClamAV Open Source Communities
AEGIS Program
Web
WWW
Endpoints DevicesNetworksEmail IPSAutomatic updates
in real time
101000 0110 00 0111000 111010011 101 1100001 1101100001110001110 1001 1101 1110011 0110011 101000 0110 00
1001 1101 1110011 0110011 101000 0110 00 101000 0110 00 0111000 111010011 101 1100001 1100001110001110 1001 1101 1110011 0110011 10100
1001 1101 1110011 0110011 101000 0110 00 Cisco®
Collective Security
IntelligenceCisco Collective
Security Intelligence Cloud
AMPAdvanced Malware Protection3.5 BILLION
SEARCHESTODAY
19.7 BILLION THREATS BLOCKED
TODAY
Cisco Security Decreases Time to Detection
37
Current Industry Average (TTD)
100 days- Source: 2016 Cisco Annual Security Report
Cisco Security Decreases Time to Detection
38
Cisco Security Decreases Time to Detection
39
100 days to 17.5 hours- Source: 2016 Cisco Annual Security Report
Point in Time Protection
Point-in-Time DetectionAMP Delivers the First Line of Defense, Blocking Known and Emerging Threats with Point-in-Time Defenses
One-to-one signature
Fuzzy finger-printing
Machine learning
Advanced analytics
Static and dynamic analysis (sandboxing)
Offer better accuracy and dispositioning
Block known and emerging threats
Protect your business with no lag
Automatically stop as many threats as possible, known and unknown
Dynamic Analysis
Machine Learning
Fuzzy ger-printing
Advanced Analytics
Indications of Compromise
Device Flow Correlation
Behavioral Detection: ExamplePoint-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Collective Security Intelligence Cloud
File of unknown disposition is encountered1
File replicates itself and this information is communicated to the cloud
2
File communicates with malicious IP addresses or starts downloading files with known malware disposition
3
Combination of activities indicates a compromise and the behavior is reported to the cloud and AMP client
4
These indications are prioritized and reported to security team as possible compromise
5
namic alysis
Advanced Analytics
Device Flow Correlation
Behavioral Detection: ExamplePoint-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Collective Security Intelligence Cloud
IP: 64.233.160.0
Device Flow Correlation monitors communications of a host on the network
1
Two unknown files are seen communicating with a particular IP address
2
One is sending information to the IP address, the other is receiving commands from the IP address
3
Collective Security Intelligence Cloud recognizes the external IP as a confirmed, malicious site
4
Unknown files are identified as malware because of the association
5
TrajectoryBehavioralIndications
of Compromise
BreachHunting
nuous ysis
Attack Chain Weaving
Behavioral Indications of Compromise: Example
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Behavioral Indications of Compromise uses continuous analysis and retrospection to monitor systems for suspicious and unexplained activity… not just signatures!
Using the power of Attack Chain Weaving, Cisco® AMP is able to recognize patterns and activities of a given file, and identify an action to look for across your environment rather than a file fingerprint or signature
An unknown file is admitted into the network
1The unknown file copies itself to multiple machines
2Duplicates content from the hard drive
3Sends duplicate content to anunknown IP address
4
How Malware Gets In to Your Network
Breach Prevention Rapid Breach Detection, Response, Remediation Threat Intelligence
But Point-in-Time Detection Alone Will Never Be100% Effective
Continuous Analysis and Retrospective SecurityOnly AMP Continuously Monitors and Analyzes All File Activity, Regardless of Disposition
Across all control points
To answer the questions that matter…
Take advantage of key capabilities
Web
WWW
EndpointsEmail Network
Mobile
Track it’s rate of progression and how it spread
See what it is doingIdentify a threat’s point of origin
See where it's been Surgically targetand remediate
Continuous Analysis and Retrospective Security
0001110 1001 1101 1110011 0110011 101000 0110 00 0111000 111010011 101 1100001 110
1000111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00
0100001100001 1100 0111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00
Web
WWW
Endpoints NetworkEmail DevicesIPS
File Fingerprint and Metadata
Process Information
Continuous feed
Continuous analysis
File and Network I/O
Breadth and Control points:
Telemetry Stream
Talos + Threat Grid Intelligence
TrajectoryBehavioralIndications
of Compromise
Threat Hunting
Retrospective Detection
AMP Rapidly Isolates and Remediates Malware
Context Enforcement Continuous Analysis
Who What
Where When
How
Event History
Collective Security Intelligence
If Something Gets in, Retrospective Security Helps You Find Answers to the Most PressingSecurity Questions
What happened?Where did the malware come from?Where has the malware been?What is it doing?How do we stop it?
See AMP in Action!
See Where It Entered the System
What happened?
Track threat’s origin and progression: • How did it get into the system• What is the point of origin• What was the attack vector
Where has the malware been?What is it doing?How do we stop it?
Where did the malware come from?
See AMP in Action!
See Everywhere That It Has Been
What happened?Where did the malware come from?Where has the malware been?
What is it doing?How do we stop it?
Track infected areas in the system: • Where is the attack now• What other endpoints have seen it• Where should I focus my response• Where is still safe
See AMP in Action!
Determine What the Malware Is Doing
What happened?Where did the malware come from?Where has the malware been?What is it doing?
How do we stop it?
Understand the details of how themalware works: • What is it trying to do, in plain English• How does the malware behave• Get detailed information vital for
incident response
See AMP in Action!
Stop It with a Few Clicks
Where did the malware come from?Where has the malware been?What is it doing?
Knowing the details above,surgically remediate: • Stop it at the source and all infected areas• Simply right click, add to a blocklist, and
remediate the malware from theentire system
What happened?
How do we stop it?
See AMP in Action!
Introducing Threat Grid Everywhere
Suspicious File
Analysis Report
Edge
Endpoints
ASA w/ FIREPOWER
Services
ESA
CTA
WSA
AMP for Endpoints
AMP for Network
Partner Integration
S E C U R I T Y
SecurityMonitoring Platforms
Deep Packet Inspection
Gov, Risk, Compliance
SIEM
Dynamic Analysis
Static Analysis
Threat Intelligence
AMP Threat Grid
Cisco Security Solutions Non-Cisco Security Solutions
Suspicious File
Premium Content Feeds
Security Teams
Third Party ValidationNSS Labs Security Value Map for Breach Detection Systems - 2015
Who is NSS Labs? NSS Labs is an independent testing organization focused on the cyber security industry.
What was measured?Security Effectiveness of Breach Detection Systems• Malware delivered by HTTP, Email, and Server Message Block
(SMB), Drive-by and Social Exploits, and Evasions• Total Cost of Ownership per protected Mbps
What Cisco productswere tested?
Advanced Malware Protection• AMP for Networks and AMP for Endpoints• FirePOWER 8120 (with AMP subscription)*
What competitor products were evaluated?
Blue Coat, Check Point, Fidelis, FireEye, Fortinet, Lastline, Trend Micro
Methodology BDS Methodology 2.0
The Leader in Security Effectiveness
99.2% Security Effectiveness rating in BDS testing, the highest of all vendors tested.
Only vendor to block 100% of evasion techniquesduring testing.
Excellent performance with minimal impact on network, endpoint, or application latency.
Download the flysheet and full report here.
Cisco AMP offers superior security effectiveness, excellent performance, and provides security across more attack vectors than any other vendor
Next-Generation Security
Cisco Advanced Malware Protection (AMP) Deployment Options Get Visibility and Control across all attack vectors to defend against today’s most advanced threats.
Protect your Endpoints! Get visibility into file and executable-
level activity, and remediate advanced malware on devices
running Windows, Mac OS, Linux, and Android.
Supercharge your next-generation firewall by turning on AMP
capabilities on the Cisco Firepower NGFW or the Cisco ASA with
Firepower Services.
Get deep visibility into threat activity and block advanced malware with
AMP deployed as a network-
Add AMP to a Cisco Web Security Appliance (WSA) or Cisco Cloud
Web Security (CWS) and get visibility and control to defend
against advanced threats launched from the web.
Add AMP to a Cisco Email Security Appliance (ESA)
and get visibility and control to defend against advanced
threats launched via email.
Combat and block network-based threats by deploying
AMP capabilities on the Cisco Integrated Services
Router (ISR).
For high privacy environments that restrict the use of the public cloud, use an on-premises, air-gapped
private cloud deployment of AMP for Networks or AMP for Endpoints.
An on-premises appliance or cloud-based solution for static and dynamic malware analysis
(sandboxing) and threat intelligence.
based solution running on AMP-bundled security appliances (NGIPS).AMP for Endpoints
AMP for Firewalls
AMP for Networks
AMP for Email
AMP for ISR
AMP for Web
Threat Grid
AMP for Private Cloud Virtual Appliance
Cisco Confidential 60© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Introducing Cisco Adaptive Security Appliances
Industry’s First Threat-Focused NGFW
• Integrating defense layers helps organizations get the best visibility
• Enable dynamic controls to automatically adapt
• Protect against advanced threats across the entire attack continuum
Proven Cisco ASA firewalling
Industry leading NGIPS and AMP
Cisco ASA with FirePOWERServices Next-Generation
Firewall (NGFW)
Cisco ASA with FirePOWER Services
Cisco Confidential 61© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Superior Integrated & Multilayered Protection
Cisco ASA
URL Filtering(Subscription)FireSIGHT
Analytics & Automation
Advanced Malware
Protection(Subscription)
Application Visibility & ControlNetwork Firewall
Routing | Switching
Clustering & High Availability
WWW
Cisco Collective Security Intelligence Enabled
Built-in Network Profiling
Intrusion Prevention
(Subscription)
World’s most widely deployed, enterprise-class ASA stateful firewall
Granular Cisco® Application Visibility and Control (AVC)
Industry-leading FirePOWERnext-generation IPS (NGIPS)
Reputation- and category-based URL filtering
Advanced malware protection
Identity-Policy Control & VPN
Cisco Confidential 62© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Malware
Client applications
Operating systems
Mobile Devices
VOIP phones
Routers & switches
Printers
C & C Servers
Network Servers
Users
File transfers
Web applications
Applicationprotocols
Threats
No other NGFW offers this level of visibility• The more infrastructure you see, the better protection you get
Typical IPS
Typical NGFW
Cisco ASA with FirePOWER Services
Cisco Confidential 63© 2013-2014 Cisco and/or its affiliates. All rights reserved.
Meraki MR Wireless LAN
Meraki MX Security
Appliances
Meraki MS Ethernet Switches
Cisco Meraki - Cloud Managed Networking
Meraki SMEEnterprise Mobility
ManagementMC
Communications
Cisco Confidential 64C97-731719-02 © 2014 Cisco and/or its affiliates. All rights reserved.
Application ControlTraffic Shaping, Content Filtering, Web Caching
SecurityNG Firewall, Client VPN, Site to Site VPN, IDS/IPS
NetworkingNAT/DHCP, 3G/4G Cellular, Static Routing, Link Balancing
Cisco Confidential 65C97-731719-02 © 2014 Cisco and/or its affiliates. All rights reserved.
Enterprise License Advanced Security License
Stateful firewall
Site to site VPN
Branch routing
Internet load-balancing (over dual WAN)
Application control
Web caching
Intelligent WAN (IWAN)
Client VPN
`
All enterprise features, plus
Content filtering (with Google SafeSearch)
Kaspersky Anti-Virus and Anti-Phishing
SourceFire IPS / IDS
Geo-based firewall rules
Advanced Malware Protection (AMP)
On-Prem Managed Cloud Managed
CiscoArchitecture
Cisco Traditional
ISR / ASA
Catalyst
Aironet
Meraki Systems Manager EMM
Cisco Meraki
MX
MS
MR
Systems Manager EMMCisco ISE
Policy & Control
Cisco PrimeManagement & Analytics
The AMP Everywhere ArchitectureAMP Protection Across the Extended Network for an Integrated Threat Defense
AMPThreat Intelligence
Cloud
Windows OS Android Mobile Virtual MAC OSCentOS, Red Hat Linux for servers and datacenters
AMP on Web and Email Security Appliances
AMP on Cisco® ASA Firewall with Firepower Services
AMP Private Cloud Virtual Appliance
AMP on Firepower NGIPS Appliance
(AMP for Networks)
AMP on Cloud Web Security and Hosted Email
CWS/CTA
Threat GridMalware Analysis + Threat
Intelligence Engine
AMP on ISR with Firepower Services
AMP for Endpoints
AMP for Endpoints
Remote Endpoints
AMP for Endpoints can be launched from AnyConnect
AMP on MerakiMX Appliances
Conclusion
Cisco AMP Provides Threat Intelligence,Point-in-Time Detection, and Continuous Analysis of Files to Defeat Advanced Threats
Attack Continuum
Data Center/Servers EndpointsEmail and Web Network Mobile
Before During AfterBefore
Discover EnforceHarden
DuringDetect Block
Defend
AfterScope
ContainRemediate
Threat intelligence and analytics
Point-in-Time detection
Retrospective security and continuous analysis
Learn about threats faster
Threat Intelligence and Advanced AnalyticsAMP Strengthens Defenses Using Threat Intelligence and Malware Analysis
Extensive and growing back-end research on the latest threats and security trendsKnowledge base
Analytics and behavioral indicators for your system written in plain English Insight
Team of threat analysts/researches working to provide you with the latest threat intelligence 24/7Expertise
13 billionweb requests per day
100 TBof data received daily
1.1 millionincoming malwaresamples per day
35% worldwide email traffic
Thank You and Next Steps
Brian [email protected]
www.
Learn more about Cisco Security:www.cisco.com/go/security/
Contact Your Cisco Partnerhttps://tools.cisco.com/WWChannels/LOCATR/performBasicSearch.do
• CCE sessions are held weekly on a variety of topics• CCE sessions can help you understand the
capabilities and business benefits of Cisco technologies
• Watch replays of past events and register for upcoming events!
Visit http://cs.co/cisco101 for details
Join us again for a future Cisco Customer Education Event