cisco customer education · 2020. 4. 27. · sandboxes powered by cisco ® amp threat grid . 1 ....
TRANSCRIPT
You've Already Been Hacked. Now What? Cisco Next-Gen Security Can Help
Cisco Customer Education
Brian Avery Territory Business Manager, Cisco
This session was recorded via Cisco WebEx! You can watch the live session recording via the following URL:
Check http://cs/co/cisco101 for replay
Thanks for your interest and participation!
You've Already Been Hacked. Now What? Cisco Next-Gen Security Can Help
Cisco Customer Education
Brian Avery Territory Business Manager, Cisco
Connect using the audio conference box or you can call into the meeting:
1. Toll-Free: (866) 432-9903
2. Enter Meeting ID: 306 072 345 and your attendee ID number.
3. Press “1” to join the conference.
Presentation Agenda
► Welcome from Cisco
► There’s Big Money in Hacking
► Lancope Stealthwatch
► Introducing Cisco Security
► Advanced Malware Protection
About Your Host Brian Avery Territory Business Manager, Cisco Systems, Inc.
[email protected] ► Conclusion
Who Is Cisco?
Cisco Confidential 5 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Computer scientists, Len Bosack and Sandy Lerner found Cisco Systems
Bosack and Lerner run network cables between two different buildings on the Stanford University campus
A technology has to be invented to deal with disparate local area protocols; the multi-protocol router is born
1984
Cisco Confidential 6 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Who Is Cisco?
Chuck Robbins, CEO, Cisco
• Dow Jones Industrial Average Fortune 100 Company
• $145B Market Capitalization
• $48B in Revenue
• $8B in Annual Profits
• $33B More Cash than Debt
• $5.9B in Research and Development
http://finance.yahoo.com/q/ks?s=CSCO+Key+Statistics
Market Leadership Matters
No. 1 Voice
39%
No. 1 TelePresence
43%
No. 1 Web
Conferencing 41%
No. 1 Wireless LAN
50%
No. 2 x86 Blade Servers
27%
No. 1 Routing Edge/Core/
Access
45%
No. 1 Security
33%
No. 1 Switching Modular/Fixed
64%
No. 1 Storage Area
Networks 47%
Q1CY14
§ CCE is an educational session for current and prospective Cisco customers
§ Designed to help you understand the capabilities and business benefits of Cisco technologies
§ Allow you to interact directly with Cisco subject matter experts and ask questions
§ Offer assistance if you need/want more information, demonstrations, etc.
What Is the Cisco Customer Education Series?
There’s Big Money in Hacking
The Reality: Organizations Are Under Attack
1990 1995 2000 2005 2010 2015 2020
Viruses 1990–2000
Worms 2000–2005
Spyware and Rootkits 2005–Today
APTs Cyberware Today +
Phishing, Low Sophistication Hacking Becomes
an Industry Sophisticated Attacks, Complex Landscape
of large companies targeted by malicious traffic 95% of organizations interacted
with websites hosting malware 100% § Cybercrime is lucrative, barrier to entry is low § Hackers are smarter and have the resources to compromise your organization § Malware is more sophisticated § Organizations face tens of thousands of new malware samples per hour
Source: 2014 Cisco Annual Security Report
Dynamic Threat Landscape
It is a Community that hides in plain sight
avoids detection, and attacks swiftly
60% of data is stolen in hours
54% of breaches
remain undiscovered for months
100% of companies connect to domains that host
malicious files or services
Cisco Confidential 12 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
High Profile Breaches
As of 12/31/2014 http://www.idtheftcenter.org/images/breach/DataBreachReports_2014.pdf
Total Breaches in 2014 - 783 Records Exposed – 85,611,528
1,000,000
70,000,000
56,000,000 2,600,000
1,100,000
Cisco Confidential 13 C97-731719-02 © 2014 Cisco and/or its affiliates. All rights reserved.
But… I am just a small fish in a BIG pond.
Yet organizations of every size are targets
Adversaries are attacking you And using you By targeting your organization’s: To attack your enterprise customers and partners:
Customer data
Intellectual property
Company secrets
60% of UK small businesses were compromised in 2014 (2014 Information Security Breaches Survey)
100% of corporate networks examined had malicious traffic (Cisco 2014 Annual Security Report)
41% of targeted attacks are against organizations with fewer than 500 employees (July 2014 The National Cyber Security Alliance (NCSA)
The Question Is No Longer if Malware Will Get Into Your Network
Where do I start?
How bad is the situation?
What systems were affected?
What did the threat do?
How do we recover?
How do we keep it from happening again?
Confirm Infection
Analyze Malware
Malware Proliferation
Remediate Search Network Traffic
Search Device Logs
Scan Devices
Define Rules (from
profile)
Build Test Bed
Static & Dynamic Analysis
Device Analysis
Network Analysis
Proliferation Analysis
Notification Quarantine Triage
Malware Profile
Stop
Search for Re-infection
Update Profile
Confirm
Infection Identified
Cannot Identify Infection No Infection
It’s How Quickly You Can Detect the Infection, Understand Scope, and Remediate the Problem
If you knew you were going to be compromised, would you do security differently?
Cisco Security Overview
Defending Against These Advanced Threats Requires Greater Visibility and Control Across the Full Attack Continuum
Attack Continuum
Before Discover Enforce Harden
During Detect Block
Defend
After Scope
Contain Remediate
Network Endpoint Mobile Virtual Cloud Email & Web
Point in Time Continuous
Defending Against These Advanced Threats Requires Greater Visibility and Control Across the Full Attack Continuum
Attack Continuum
Before Discover Enforce Harden
During Detect Block
Defend
After Scope
Contain Remediate
FireSIGHT and pxGrid
ASA VPN
NGFW Meraki
Advanced Malware Protection
Network as Enforcer
NGIPS
ESA/WSA
CWS Secure Access + Identity Services ThreatGRID
Advanced Malware Protection
Network as Enforcer
Comprehensive Security Requires
Breach Prevention Rapid Breach Detection, Response, Remediation Threat Intelligence
Source: http://www.pcworld.com/article/2109210/report-average-of-82-000-new-malware-threats-per-day-in-2013.html
Cisco Sourcefire Advanced Malware Protection
Cisco Advanced Malware Protection Built on unmatched collective security intelligence
1.6 million global sensors 100 TB of data received per day 150 million+ deployed endpoints 600 engineers, technicians, and researchers 35% worldwide email traffic
13 billion web requests
24x7x365 operations
4.3 billion web blocks per day
40+ languages
1.1 million incoming malware samples per day
AMP Community
Private/Public Threat Feeds
Talos Security Intelligence
AMP Threat Grid Intelligence
AMP Threat Grid Dynamic Analysis 10 million files/month
Advanced Microsoft and Industry Disclosures
Snort and ClamAV Open Source Communities
AEGIS Program
Email Endpoints Web Networks IPS Devices
WWW Automatic Updates in real time
101000 0110 00 0111000 111010011 101 1100001 110 1100001110001110 1001 1101 1110011 0110011 101000 0110 00
1001 1101 1110011 0110011 101000 0110 00 101000 0110 00 0111000 111010011 101 1100001 1100001110001110 1001 1101 1110011 0110011 10100
1001 1101 1110011 0110011 101000 0110 00 Cisco®
Collective Security
Intelligence Cisco Collective
Security Intelligence Cloud
AMP Advanced Malware Protection
Cisco AMP Threat Grid Feeds Dynamic Malware Analysis and Threat Intelligence to the AMP Solution
Cisco® AMP Threat Grid platform correlates the sample result with millions of other samples and billions of artifacts
Actionable threat content and intelligence is generated that can be utilized by AMP, or packaged and integrated into a variety of existing systems or used independently.
1100001110001110 1001 1101 1110011 0110011 101000 0110 00
101000 0110 00 0111000 111010011 101 1100001 110
1001 1101 1110011 0110011 101000 0110 00
Analyst or system (API) submits suspicious sample to Threat Grid
Low Prevalence Files
An automated engine observes, deconstructs, and analyzes using multiple techniques
Actionable threat content and intelligence is generated that can be packaged and integrated in to a variety of existing systems or
used independently.
AMP Threat Grid platform correlates the sample
result with millions of other samples and
billions of artifacts
101000 0110 00 0111000 111010011 101 1100001 110
101000 0110 00 0111000 111010011 101 1100001 110
1001 1101 1110011 0110011 101000 0110 00
Threat Score/Behavioral Indicators Big Data Correlation
Threat Feeds
Sample and Artifact Intelligence Database
Actionable Intelligence
§ Proprietary techniques for static and dynamic analysis
§ “Outside looking in” approach
§ 350 Behavioral Indicators
Unique to Cisco® AMP
Cisco AMP Delivers a Better Approach
Point-in-Time Protection
File Reputation, Sandboxing, and Behavioral Detection
Retrospective Security
Continuous Analysis
Cisco AMP Defends With Reputation Filtering And Behavioral Detection
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Continuous Protection Reputation Filtering Behavioral Detection
Dynamic Analysis
Machine Learning
Fuzzy Finger-printing
Advanced Analytics
One-to-One Signature
Indications of Compromise
Device Flow Correlation
Dynamic Analysis
Machine Learning
Fuzzy Finger-printing
Advanced Analytics
One-to-One Signature
Indications of Compromise
Device Flow Correlation
Reputation Filtering Behavioral Detection
Dynamic Analysis
Machine Learning
Fuzzy Finger-printing
Advanced Analytics
One-to-One Signature
Indications of Compromise
Device Flow Correlation
Reputation Filtering Is Built On Three Features
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Unknown file is encountered, signature is analyzed, sent to cloud
1
File is not known to be malicious and is admitted 2
Unknown file is encountered, signature is analyzed, sent to cloud
3
File signature is known to be malicious and is prevented from entering the system
4
Collective Security Intelligence Cloud
Dynamic Analysis
Machine Learning
Fuzzy Finger-printing
Advanced Analytics
One-to-One Signature
Indications of Compromise
Device Flow Correlation
Reputation Filtering Is Built On Three Features
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Collective Security Intelligence Cloud
Fingerprint of file is analyzed and determined to be malicious 1
Malicious file is not allowed entry 2
Polymorphic form of the same file tries to enter the system 3
The fingerprints of the two files are compared and found to be similar to one another
4
Polymorphic malware is denied entry based on its similarity to known malware
5
Dynamic Analysis
Machine Learning
Fuzzy Finger-printing
Advanced Analytics
ne-to-One Signature
Indications of Compromise
Device Flow Correlation
Reputation Filtering Is Built On Three Features
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Collective Security Intelligence Cloud
Machine Learning Decision Tree
Possible clean file
Possible malware
Confirmed malware Confirmed clean file
Confirmed clean file
Confirmed malware
Metadata of unknown file is sent to the cloud to be analyzed 1
Metadata is recognized as possible malware 2
File is compared to known malware and is confirmed as malware
3
Metadata of a second unknown file is sent to cloud to be analyzed
4
Metadata is similar to known clean file, possibly clean 5
File is confirmed as a clean file after being compared to a similarly clean file
6
Dynamic Analysis
Machine Learning
Fuzzy ger-printing
Advanced Analytics
Indications of Compromise
Device Flow Correlation
Behavioral Detection Is Built On Four Features
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Collective Security Intelligence Cloud
File of unknown disposition is encountered 1
File replicates itself and this information is communicated to the cloud
2
File communicates with malicious IP addresses or starts downloading files with known malware disposition
3
Combination of activities indicates a compromise and the behavior is reported to the cloud and AMP client
4
These indications are prioritized and reported to security team as possible compromise
5
Dynamic Analysis
achine earning
Advanced Analytics
Indications of Compromise
Device Flow Correlation
Behavioral Detection Is Built On Four Features
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Collective Security Intelligence Cloud
Collective User Base
AMP Threat Grid Sandbox
Dynamic Analysis Engine executes unknown files in on-premises or cloud sandboxes powered by Cisco® AMP Threat Grid
1
Two files are determined to be malware, one is confirmed as clean
2
Intelligence Cloud is updated with analysis results, and retrospective alerts are broadcast to users
3
Dynamic Analysis
Advanced Analytics
cations mpromise
Device Flow Correlation
Behavioral Detection Is Built On Four Features
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Collective User Base
Collective Security Intelligence Cloud
Cisco® AMP Threat Grid Analysis
Receives information regarding software unidentified by Reputation Filtering appliances
1
Receives context regarding unknown software from Collective User Base
2
Analyzes file in light of the information and context provided 3
Identifies the advanced malware and communicates the new signature to the user base
4
namic alysis
Advanced Analytics
Device Flow Correlation
Behavioral Detection Is Built On Four Features
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Collective Security Intelligence Cloud
IP: 64.233.160.0
Device Flow Correlation monitors communications of a host on the network
1
Two unknown files are seen communicating with a particular IP address
2
One is sending information to the IP address, the other is receiving commands from the IP address
3
Collective Security Intelligence Cloud recognizes the external IP as a confirmed, malicious site
4
Unknown files are identified as malware because of the association
5
Cisco AMP Delivers A Better Approach
Unique to Cisco® AMP
Point-in-Time Protection
File Reputation, Sandboxing, and Behavioral Detection
Retrospective Security
Continuous Analysis
Cisco AMP Defends With Retrospective Security
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
To be effective, you have to be everywhere
Continuously
Why Continuous Protection Is Necessary
0001110 1001 1101 1110011 0110011 101000 0110 00 0111000 111010011 101 1100001 110
1000111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00
0100001100001 1100 0111010011101 1100001110001110 1001 1101 1110011 0110011 101000 0110 00
Web
WWW
Endpoints Network Email Devices
Gateways
File Fingerprint and Metadata
Process Information
Continuous feed
Continuous analysis
File and Network I/O
Breadth and Control points:
Telemetry Stream
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Talos + Threat Grid Intelligence
Why Continuous Protection Is Necessary
Context Enforcement Continuous Analysis
Who What
Where When
How
Event History
Collective Security Intelligence
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Cisco AMP Defends With Retrospective Security
Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Trajectory Behavioral Indications
of Compromise
Elastic Search
Continuous Analysis
Attack Chain Weaving
Trajectory Behavioral Indications
of Compromise
Breach Hunting
Continuous Analysis
Attack Chain Weaving
Retrospective Security Is Built On… Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Performs analysis the first time a file is seen
1
Persistently analyzes the file over time to see if the disposition is changed
2
Giving unmatched visibility into the path, actions, or communications that are associated with a particular piece of software
3
Trajectory Behavioral Indications
of Compromise
Breach Hunting
Continuous Analysis
Attack Chain Weaving
Retrospective Security Is Built On… Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Uses retrospective capabilities in three ways:
File Trajectory records the trajectory of the software from device to device
File Trajectory 1
Process Monitoring monitors the I/O activity of all devices on the system Communications Monitoring monitors which applications are performing actions
Attack Chain Weaving analyzes the data collected by File Trajectory, Process, and Communication Monitoring to provide a new level of threat intelligence
Process Monitoring 2
Communications Monitoring 3
Trajectory Behavioral Indications
of Compromise
Breach Hunting
nuous ysis
Attack Chain Weaving
Retrospective Security Is Built On… Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Behavioral Indications of Compromise uses continuous analysis and retrospection to monitor systems for suspicious and unexplained activity… not just signatures!
Using the power of Attack Chain Weaving, Cisco® AMP is able to recognize patterns and activities of a given file, and identify an action to look for across your environment rather than a file fingerprint or signature
An unknown file is admitted into the network
1 The unknown file copies itself to multiple machines
2 Duplicates content from the hard drive
3 Sends duplicate content to an unknown IP address
4
Trajectory Behavioral Indications
of Compromise
Breach Hunting
ck Chain eaving
Retrospective Security Is Built On… Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
File trajectory automatically records propagation of the file across the network
Collective Security Intelligence Cloud
Computer
Virtual Machine
Mobile
Mobile
Virtual Machine Computer
Network
Collective Security Intelligence Cloud
Mobile
Mobile
File Trajectory Unknown file is downloaded to device 1
Fingerprint is recorded and sent to cloud for analysis 2
The unknown file travels across the network to different devices
3
Sandbox analytics determines the file is malicious and notifies all devices
4
If file is deemed malicious, file trajectory can provide insight into which hosts are infected, and it provides greater visibility into the extent of an infection
5
Trajectory avioral cations
mpromise
Breach Hunting
Retrospective Security Is Built On… Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Computer
Unknown file is downloaded to a particular device 1
The file executes 2
Device trajectory records this, the parent processes lineage and all actions performed by the file
3
File is convicted as malicious and the user is alerted to the root cause and extent of the compromise
4
Drive #1 Drive #2 Drive #3
Device Trajectory
Trajectory avioral cations
mpromise
Elastic Search
Retrospective Security Is Built On… Point-in-Time Detection Retrospective Security
Cisco Collective Security Intelligence
Elastic Search is the ability to use the indicators generated by Behavioral IoCs to monitor and search for threats across an environment
1
When a threat is identified, it can be used to search for and identify if that threat exists anywhere else
2
This function enables quick searches to aid in the detection of files that remain unknown but are malicious
3
Cisco AMP Provides Contextual Awareness and Visibility That Allows You to Take Control of an Attack Before It Causes Damage
These applications are affected
What
The breach affected these areas
Where
This is the scope of exposure over time
When
Here is the origin and progression of the threat
How
Focus on these users first
Who
Cisco AMP Everywhere Strategy Means Protection Across the Extended Network
AMP Advanced Malware
Protection
AMP for Networks
AMP on Web & Email Security Appliances
AMP on Cisco® ASA Firewall with FirePOWER Services
AMP for Endpoints
AMP for Cloud Web Security & Hosted Email
AMP Private Cloud Virtual Appliance
MAC OS
Windows OS Android Mobile
Virtual
CWS
AMP Threat Grid Malware Analysis + Threat
Intelligence Engine
Appliance or Cloud
*AMP for Endpoints can be launched from AnyConnect
There Are Several Ways You Can Deploy AMP AMP
Advanced Malware Protection
Deployment Options Email and Web; AMP
on Cisco® ASA CWS
AMP for Networks (AMP on FirePOWER Network
Appliance)
AMP for Endpoints AMP Private Cloud Virtual Appliance
Method License with ESA, WSA, CWS, or ASA customers Snap into your network Install lightweight
connector on endpoints On-premises Virtual Appliance
Ideal for New or existing Cisco CWS, Email /Web Security, ASA customers
IPS/NGFW customers Windows, Mac, Android, virtual machines
High-Privacy Environments
Details
§ ESA/WSA: Prime visibility into email/web
§ CWS: web and advanced malware protection in a cloud-delivered service
§ AMP capabilities on ASA with FirePOWER Services
§ Wide visibility inside network
§ Broad selection of features- before, during, and after an attack
§ Comprehensive threat protection and response
§ Granular visibility and control
§ Widest selection of AMP features
§ Private Cloud option for those with high-privacy requirements
§ For endpoints and networks
PC/MAC Mobile Virtual
Protection Across Networks
The Network platform uses indications of compromise, file analysis, and in this example file trajectory to show you exactly how malicious files have moved across the environment
Endpoint
Content
Network
WWW
Protection Across Endpoints
The Endpoint platform has device trajectory, elastic search, and outbreak control, which in this example is shown quarantining recently detected malware on a device that has the AMP for Endpoints connector installed
Endpoint
Content
Network
WWW
Protection Across Web and Email
Cisco® AMP for Web and Email protects against malware threats in web and email traffic by blocking known malware and issuing retrospective alerts when unknown files are convicted
Endpoint
Content
Network
WWW
Network as Enforcer
Cisco Confidential 51 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
You Can’t Protect What You Can’t See The Network Gives Deep and Broad Visibility
010101001011
010101001011
010101001011
010101001011
Cisco Confidential 52 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
NetFlow – The Heart of Network as a Sensor Example: NetFlow Alerts With Lancope StealthWatch
Denial of Service SYN Half Open; ICMP/UDP/Port Flood
Worm Propagation Worm Infected Host Scans and Connects to the Same Port Across Multiple Subnets, Other Hosts Imitate the Same Above Behavior
Fragmentation Attack Host Sending Abnormal # Malformed Fragments.
Botnet Detection When Inside Host Talks to Outside C&C Server
for an Extended Period of Time
Host Reputation Change Inside Host Potentially Compromised or
Received Abnormal Scans or Other Malicious Attacks
Network Scanning TCP, UDP, Port Scanning Across Multiple Hosts
Data Exfiltration Large Outbound File Transfer VS. Baseline
§ The StealthWatch System . . . § Collects and analyzes NetFlow data and brings it together with user
information, application awareness, and other security context to provide pervasive visibility and security intelligence across the network.
§ StealthWatch helps organizations: § Accelerate incident identification and response. § Improves forensic investigations. § Reduces overall enterprise risk.
What is the StealthWatch System?
53 11/16/2015
Cisco Confidential 54 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
Use Case – Defense against Data Breaches Anatomy of a Data Breach Network as Enforcer
enterprise network
Attacker
Perimeter (Inbound)
Perimeter (Outbound)
Infiltration and Backdoor establishment
1
C2 Server
Admin Node
Reconnaissance and Network Traversal
2
Exploitation and Privilege Elevation
3
Staging and Persistence (Repeat 2,3,4)
4
Data Exfiltration
5
Cisco Confidential 55 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
What Can the Network Do for You? Network as Sensor
Detect Anomalous Traffic Flows, Malware e.g. Communication with Malicious Hosts, Internal Malware Propagation, Data Exfiltration
Detect App Usage, User Access Policy Violations e.g. Maintenance Contractor Accessing Financial Data
Detect Rogue Devices, APs and More e.g. Maintenance Contractor Connecting an Unauthorized AP in Bank Branch to Breach
Cisco Confidential 56 © 2013-2014 Cisco and/or its affiliates. All rights reserved.
What Can the Network Do for You? Network as Enforcer
Segment the Network to Contain the Attack TrustSec - Secure Group Tagging, VRF, ISE and More
Encrypt the Traffic to Protect the Data in Motion MACsec for Wired, DTLS for Wireless, IPSec/SSL for WAN and More
Secure The Branch and Remote Users for Direct Internet Access Anyconnect, IWAN, Cloud Web Security and More
Conclusion
Defending Against These Advanced Threats Requires Greater Visibility and Control Across the Full Attack Continuum
Attack Continuum
Before Discover Enforce Harden
During Detect Block
Defend
After Scope
Contain Remediate
Network Endpoint Mobile Virtual Cloud Email & Web
Point in Time Continuous
Only Cisco Security Can Deliver… Visibility and Control Across the Full Attack Continuum
Attack Continuum
Before Discover Enforce Harden
During Detect Block
Defend
After Scope
Contain Remediate
FireSIGHT and pxGrid
ASA VPN
NGFW Meraki
Advanced Malware Protection
Network as Enforcer
NGIPS
ESA/WSA
CWS Secure Access + Identity Services ThreatGRID
Thank You and Next Steps
Brian Avery [email protected]
Contact Your Cisco Partner https://tools.cisco.com/WWChannels/LOCATR/performBasicSearch.do
www.
Learn more about Cisco Security: www.cisco.com/go/security/
• CCE sessions are held weekly on a variety of topics
• CCE sessions can help you understand the capabilities and business benefits of Cisco technologies
• Watch replays of past events and register for upcoming events!
Visit http://cs.co/cisco101 for details
Join us again for a future Cisco Customer Education Event