使用 Meraki 系統管理器在零信任之旅中保護端點.pdf

《使用 Meraki 系統管理器在零信任之旅中保護端點.pdf》由會員分享，可在線閱讀，更多相關《使用 Meraki 系統管理器在零信任之旅中保護端點.pdf（44頁珍藏版）》請在三個皮匠報告上搜索。

1、#CiscoLive#CiscoLiveAdrian KokKevin CarterBRKMER-1005Protect Endpoints on the Zero Trust Journey with Meraki Systems Manager 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEnter your personal notes hereCisco Webex App Questions?Use Cisco Webex App to chat with the speaker

2、 after the sessionFind this session in the Cisco Live Mobile AppClick“Join the Discussion”Install the Webex App or go directly to the Webex spaceEnter messages/questions in the Webex spaceHowWebex spaces will be moderated by the speaker until June 9,2023.12343https:/ 2023 Cisco and/or its affiliates

3、.All rights reserved.Cisco PublicBRKMER-10053Agenda 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicWhat is Zero Trust?Managed EndpointsSecure UsersSecure EndpointsSecure NetworksBRKMER-10054 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDo We Have Enoug

4、h Zero Trust?BRKMER-10055What is Zero Trust?2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicThe oldsecurity model no longer works Businesses competing as ecosystems Everyone is an insider Hybrid work is here to stayBRKMER-10057 2023 Cisco and/or its affiliates.All rights reserved.Ci

5、sco Public#CiscoLiveZero Trust means different things to different peopleIts endpoint securityIts firewallIts identityIts ZTNAIts segmentationBRKMER-10058 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicZero Trust principles Never assume trust Always verify Enforce least privilegeBR

6、KMER-10059Cisco Zero Trust Architecture 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCiscos Zero Trust CapabilitiesUser/device/service identity Posture+contextRisk-based authentication Micro-segmentationUnified access controlLeast privilege+explicit trustRe-assessment o

7、f trustIndicators of compromiseShared signalsBehavior monitoring threat and non-threat activityVulnerability managementPrioritized incident responseOrchestrated remediationIntegrated+open workflowsEstablish TrustEnforce Trust-Based AccessContinuously Verify TrustRespond to Change in TrustUser&Device

8、SecurityNetwork&Cloud SecurityApplication&Data SecurityBRKMER-100511 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCisco Zero Trust FrameworkBRKMER-100512 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEndpoints:A Foundation for Zero TrustSecu

9、re EndpointsSecure UsersSecure NetworksManaged Endpoints with Meraki Systems ManagerBRKMER-100514 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveHow Secure Are Your Networks and Endpoints?BRKMER-100515Managed Endpoints 2023 Cisco and/or its affiliates.All rights reserved.

10、Cisco Public#CiscoLiveEndpoint Trust:Secure Devices Intelligently Dynamic policy adjustment Seamless provisioning and enrollmentEnforce/prevent OS&app updates Enforce Data encryptionFull remote control Automatic quarantine&remediationBRKMER-100517 2023 Cisco and/or its affiliates.All rights reserved

11、.Cisco Public#CiscoLiveEndpoint Trust:with MDMProvisionConfigureControlApps and SoftwareRetireSecureInventorySelf Service PortalAutomated Device EnrollmentAndroid Zero TouchAndroid Work ProfileApple User EnrollmentEnterprise Wi-FiCertificate MgmtIntegrated IOT viewApple Business Mgr SyncVPNShared iP

12、ad/Android KioskSupervised DevicesPasscode and BiometricsDynamic taggingFull API accessRemote shell/controlLive Process/Network StatsCustom AppsApp Store VPPPublic Apps and App ConfigSoftware and app inventoryGeo-fencingRemote wipe and lockiOS Lost ModeActivation LockRemote notificationsChromeOS Dev

13、ice SyncFull MDM supportFull OS supportBRKMER-100518Demo:Dashboard 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveAUTOMATESIMPLIFYSECURESentry Wi-Fi&Trusted AccessSentry VPNSentry PoliciesTrusted endpointDevice postureDeploy&secureZERO TRUST NETWORK ACCESSDEPLOY&CONFIGURE

14、 CISCO SECURITYBridge cloud and network securityBRKMER-100520Secure Users 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSecure Users1MFASSO23BRKMER-100522 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveTwo-step authentication with DuoAPPAPPAPP

15、Staff/Guest devicesDouble automated authenticationBRKMER-100523 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveConnect device to identity with ISE Identify user and endpoints Profile and classify devices Automated on-boarding security Sync groups with security policyEnrol

16、led in SMCUSTOMER DATA CENTERWORKER/STAFFGUEST DEVICESIDENTITY SERVICESENGINE Configuration automation User/device/network app policyNot enrolledBRKMER-100524Secure Endpoints 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveIntegrated Threat Defense with Device InsightsXDR

17、Device Insights,customers get a Single console view for endpoints across Meraki Systems Manager,Umbrella,Duo,Orbital and Secure Endpoint and custom sources.BRKMER-100527 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive All office locations Any device on or off your network

18、 Every port and protocolFirst line of defense against internet attacks with UmbrellaSD-WANBRKMER-100528 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveUmbrella Integration with SM on Windows/MacOSAutomatically import configuration from Umbrella with Umbrella Roaming Clien

19、tPUSHESCisco AnyConnectCisco Umbrella Roaming ClientINHERITSPer-device configurations from Cisco UmbrellaWindows/MacOS devicesAutomatically enrolled toCisco cloud servicesDashboardmaps policiesto identitiesDeploy Cisco Security Solutions*Pro Tip*Deploy Kernel Extensions with MDM for smoother MacOS d

20、eploymentBRKMER-100529 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveUmbrella Integration with SM on AndroidAutomatically import configuration from Umbrella with Cisco AnyConnectvia APIPUSHESCisco AnyConnectPUSHESManaged App Config for Cisco AnyConnectAndroid devicesAuto

21、matically enrolled toCisco cloud servicesDashboardmaps policiesto identitiesAuto-Import Umbrellaconfigurations*Requires full MDM enablementBRKMER-100530 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveUmbrella Integration with SM on iOS/iPadOSAutomatically import configura

22、tion from Umbrella&Clarity with Cisco Security Connectorvia APIAuto-Import SE&Umbrella configurationsSecure EndpointDashboard maps policiesto identitiesPUSHESPer-device configurations for the Cisco Security Connector reflecting one or both policiesvia APIiOS devicesAutomatically enrolled toCisco clo

23、ud servicesDashboardmaps policiesto identitiesPUSHESCisco Security Connector*Requires full MDM enablementBRKMER-100531SecureNetworks 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSeamless,secure onboarding to the networkSecure NETWORKSSecure ENDPOINTSZero Trust Network A

24、ccess with MerakiTrusted endpoints and authorized usersBRKMER-100534 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSentry Wi-Fi with Meraki MRConnect devices to corporate WIFI via secure auto-provisioned authentication BRKMER-100535 2023 Cisco and/or its affiliates.All r

25、ights reserved.Cisco Public#CiscoLiveClientless ZTNATrusted Access with Meraki MREnable personal devices to access critical resources without requiring installation of an MDM BRKMER-100536 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSentry Policies with Meraki MS,MX Al

26、low/Deny access to network segmentsPosture Assessment:Platform type?User Identity?OS version?Restrict/Limit network bandwidthBRKMER-100537 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveZero Trust Architecture,NIST SP 800-207“one of the key requirements of ZTA is the abil

27、ity to identify and manage devices”BRKMER-100539 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEndpoints:A Foundation for Zero TrustSecure EndpointsSecure UsersSecure NetworksManaged Endpoints with Meraki Systems ManagerAuthenticate Authenticate endpoints with endpoints

28、with users+Duo MFAusers+Duo MFAProtectProtectendpoints with endpoints with UmbrellaUmbrellaGet endpoints on Get endpoints on securesecure networksnetworksManage Endpoints with MDMManage Endpoints with MDM(try out Systems Manager)BRKMER-100540 2023 Cisco and/or its affiliates.All rights reserved.Cisc

29、o Public#CiscoLiveLearn MoreTry out Meraki Systems Manager and Try out Meraki Systems Manager and other products(MR,MX)with a free other products(MR,MX)with a free trial.trial.https:/ out Cisco Duo and Cisco Umbrellahttps:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveB

30、RKMER-100542 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCisco Learning and CertificationsFrom technology training and team development to Cisco certifications and learning plans,let us help you empower your business and at the event?Visit us at The Learning and Certif

31、ications lounge at the World of SolutionsPay for Learning with Cisco Learning Credits(CLCs)are prepaid training vouchers redeemed directly with Cisco.Cisco Training BootcampsIntensive team&individual automation and technology training programsCisco Learning Partner ProgramAuthorized training partner

32、s supporting Cisco technology and career certificationsCisco Instructor-led and Virtual Instructor-led trainingAccelerated curriculum of product,technology,and certification coursesCisco Certifications and Specialist CertificationsAward-winning certification program empowers students and IT Professi

33、onals to advance their technical careersCisco Guided Study Groups180-day certification prep program with learning and supportCisco Continuing Education ProgramRecertification training options for Cisco certified individualsLearnCisco U.IT learning hub that guides teams and learners toward their goal

34、sCisco Digital LearningSubscription-based product,technology,and certification trainingCisco Modeling LabsNetwork simulation platform for design,testing,and troubleshootingCisco Learning Network Resource community portal for certifications and learningTrainCertifyBRKMER-100543 2023 Cisco and/or its

35、affiliates.All rights reserved.Cisco Public#CiscoLiveFill out your session surveys!Attendees who fill out a minimum of four session surveys and the overall event survey will get Cisco Live-branded socks(while supplies last)!These points help you get on the leaderboard and increase your chances of wi

36、nning daily and grand prizesAttendees will also earn 100 points in theCisco Live Challenge for every survey completed.BRKMER-100544 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicContinue your educationVisit the Cisco Showcase for related demosBook your one-on-oneMeet the Engineer

37、meetingAttend the interactive education with DevNet,Capture the Flag,and Walk-in LabsVisit the On-Demand Library for more sessions at www.CiscoL you#CiscoLive 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveGamify your Cisco Live experience!Get points Get points for attend

38、ing this session!for attending this session!Open the Cisco Events App.Click on Cisco Live Challenge in the side menu.Click on View Your Badges at the top.Click the+at the bottom of the screen and scan the QR code:How:123447 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicBRKMER-100547#CiscoLive