Решения Cisco для создания защищенного ЦОД
-
Upload
cisco-russia -
Category
Technology
-
view
425 -
download
6
Transcript of Решения Cisco для создания защищенного ЦОД
-
-
Cisco
-
2 Cisco / , 2015. . Cisco
,
,
,
-
3 Cisco / , 2015. . Cisco
,
(-)
76 %
(-)
17 %
7 %
-
4 Cisco / , 2015. . Cisco
()
OSPF/BGP
(ECMP)
(EtherChannel) LACP
-
5 Cisco / , 2015. . Cisco
vPC/VSS Virtual PortChannel (vPC) Nexus
(VSS) Catalyst
Etherchannel LACP
(NSF) OSPF/BGP
-
6 Cisco / , 2015. . Cisco
VLAN
Overlay Transport Virtualization (OTV)
A B
.
-
7 Cisco / , 2015. . Cisco
ACI
1001 00010111100010
1110
1001 00010111100010
1110
1001 00010111100010
1110
1001 00010111100010
1110
1001 00010111100010
1110
1001 00010111100010
1110
1001 00010111100010
1110 SSL
1 2 FW IPS
- -
| | | |
-
8 Cisco / , 2015. . Cisco
.
16-
,
-
9 Cisco / , 2015. . Cisco
APIC
ASA *
16
ACI
*16- ( ASA).
-
10 Cisco / , 2015. . Cisco
APIC
!
ACI
-
11 Cisco / , 2015. . Cisco
APIC
ACI
-
12 Cisco / , 2015. . Cisco
( )
2. ,
SSL IPS AMP FW 1. ,
FW AMP
SSL IPS
SSL IPS AMP FW
.
ACI
-
13 Cisco / , 2015. . Cisco
,
,
,
, ,
,
-
14 Cisco / , 2015. . Cisco
ASA NGFW
(SDN, NFV, ACI)
ACI , APIC
Cisco ASAv ASA
Cisco ASA 5585-X FirePOWER NGIPS, AMP, AVC, URL-
640 / , 16
-
15 Cisco / , 2015. . Cisco
IPS FirePOWER
, URL- AMP
-
-
16 Cisco / , 2015. . Cisco
VolP
C & C
-
-
,
Cisco ASA NGFW Cisco FirePower NGIPS
-
17 Cisco / , 2015. . Cisco
Cisco AMP
0001110 1001 1101 1110011 0110011 101000 0110 00 0111000 111010011 101 1100001 110
1000111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00
0100001100001 1100 0111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00
www
-
IPS
/
Talos + Threat Grid Intelligence
-
-
18 Cisco / , 2015. . Cisco
Firepower 9300
* Firepower Threat Defense
- NGIPS, AMP, URL, (AVC)
ASA - , (VPN), CGNAT
- Radware DDoS -
- 3RU
- 240 - 30 + - 5 - 10G/40G I/O; 100G -
- 1,2
,
Restful/JSON API
* Cisco.
-
19 Cisco / , 2015. . Cisco
NGFW
L27
NGIPS
,
URL-
,
VPN
,
www
,
AMP
,
API-
-
20 Cisco / , 2015. . Cisco
1001 0001011110001011
10
1001 0001011110001011
10
1001 0001011110001011
10
1001 0001011110001011
10
1001 0001011110001011
10
: , ,
1001 0001011110001011
10
1001 0001011110001011
10
DDoS
SSL
FW
WAF
IPS
SSL
DDoS WAF
FW IPS
-
-
21 Cisco / , 2015. . Cisco
Cisco
1001 0001011110001011
10
DDoS
SSL
FW
WAF
IPS
SSL
DDoS WAF
FW IPS
1001 00010111100010
1110 DDoS FW WAF NGIPS SSL AMP
-
Cisco
-
22 Cisco / , 2015. . Cisco
?
1001 00010111100010
1110 DDoS SSL WAF NGIPS AMP FW
x x x
Cisco
-
23 Cisco / , 2015. . Cisco
NGIPS *, Gartner, , (, DDoS-)
(RU) : 240 / 30 / + , 5 , 100 / ? 1,2 /
, Firepower 9300 Cisco ASAv NGIPSv SDN/ACI?
x86,
,
* Cisco.
-
24 Cisco / , 2015. . Cisco
-
,
,
RESTful API
=
Cisco +
Firepower 9300,
-
25 Cisco / , 2015. . Cisco
.
,
*
* ACI.
-
26 Cisco / , 2015. . Cisco
Trustsec
Cisco ASA 5585-X
Cisco Security Manager
Cisco UCS Director
-
vSphere
1
Cisco Nexus 1000V
vSphere
2
Cisco Nexus 1000V
N
Cisco Nexus 1000V
Vblocks/ FlexPods
Cisco Nexus
, -
VPN
Identity Services Engine
- -
SG
SG
SG
ASA
.
-
27 Cisco / , 2015. . Cisco
APIC
,
APIC *
* ACI.
-
28 Cisco / , 2015. . Cisco
ACI
APIC *
-
-
-
* ACI.
-
29 Cisco / , 2015. . Cisco
ACI
ACI
L47
Cisco
Cisco ACI
NGFW
NGIPS
,
L4L7
, ( L4)
ASA/FirePOWER/AMP
ASA, FirePOWER, AMP
-
30 Cisco / , 2015. . Cisco
ACI
Cisco ACI
,
-
31 Cisco / , 2015. . Cisco
ACI
-
-
--
-
-
VLAN 1 VXLAN 2
VLAN 3 Intra-EPG
Intra-EPG
VM
OVS/OpFlex
/
-
32 Cisco / , 2015. . Cisco
ACI
REST API
-
APIC
-
33 Cisco / , 2015. . Cisco
ACI
-
-
-
-
-
-
-
APP
-
-
-
-
-
-
APIC
-
34 Cisco / , 2015. . Cisco
ACI
,
-
35 Cisco / , 2015. . Cisco
ACI
?
?
?
?
,
-
-
36 Cisco / , 2015. . Cisco
,
-,
-
,
-
Cisco
-
37 Cisco / , 2015. . Cisco
!