This threat intelligence data is pulled by the Cisco ESA every three to five minutes. The Cisco ESA is constantly updated by real-time feeds from the Cisco Talos, which detects and correlates threats and solutions by using a worldwide database monitoring system. The Cisco ESA is a device that is designed to monitor Simple Mail Transfer Protocol (SMTP). This is particularly crucial in today’s environment where, according to the SANS Institute, 95% of all attacks on enterprise networks are the result of a successful spear phishing attack. Spear phishing targets high-profile employees or executives that may have elevated login credentials. Recall that a phishing attack entices the user to click a link or open an attachment. Phishing attacks are a particularly virulent form of spam. The figure is a simple topology representing all the network security devices and endpoint solutions discussed in this module.Ĭontent security appliances include fine-grained control over email and web browsing for an organization’s users.Īccording to the Cisco’s Talos Intelligence Group, in June 2019, 85% of all email sent was spam. Advanced Malware Protection (AMP) products include endpoint solutions such as Cisco AMP for Endpoints. However, today endpoints are best protected by a combination of NAC, host-based AMP software, an email security appliance (ESA), and a web security appliance (WSA). These endpoints have typically used traditional host-based security features, such as antivirus/antimalware, host-based firewalls, and host-based intrusion prevention systems (HIPSs). Endpoints are particularly susceptible to malware-related attacks that originate through email or web browsing. If an internal host is infiltrated, it can become a starting point for a threat actor to gain access to critical system devices, such as servers and sensitive data.Įndpoints are hosts which commonly consist of laptops, desktops, servers, and IP phones, as well as employee-owned devices that are typically referred to as bring your own devices (BYODs). Most of these devices are susceptible to the LAN-related attacks that are covered in this module.īut many attacks can also originate from inside the network. LAN devices such as switches, wireless LAN controllers (WLCs), and other access point (AP) devices interconnect endpoints.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |