Cisco Content Security Technology Overview And Update
Hrvoje Dogan Security Solutions Architect, SBG [email protected]
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 • Email Security Evolution • Inbound Protection Features • Outbound Control Features Agenda • Web Security Trends • Web Security Appliance and Update • Cloud Web Security and Update
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2 Many of the products and features described herein remain in varying stages of development and will be offered on a when-and-if-available basis. This roadmap is subject to change at the sole discretion of Cisco, and Cisco will have no liability for delay in the delivery or failure to deliver any of the products or features set forth in this document.
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3 Email Threat Landscape Evolution: Inbound
HIGH VOLUME LOW VOLUME ? LOW $ VALUE HIGH $ VALUE Past Today Tomorrow
???
Targeted Attacks Virus Outbreaks
Blended Phishing Threats Targeted Spam Phishing
Network Evasions
Inbound Threats Inbound Polymorphic Code Botnets Advanced Conficker Persistent Threats Covert, Sponsored Image Targeted Attacks Code Red Spam Slammer Stuxnet Custom URL Attachment-based Worms
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4 Email Threat Landscape Evolution: Outbound
LOW VOLUME HIGH VOLUME ? LOW $ IMPACT HIGH $ IMPACT Past Today Tomorrow
Changing legislation Intellectual property
European Union laws Customer asset loss Trade secrets Data breaches State laws Federal laws Outbound Compliance Corporate espionage Province laws Legal documents HIPAA
State regulations Credit card numbers PCI Product-planning documents 4 Brand Social security numbers
Access email only By 2015, access Access email from behind from over 7B
Usage anywhere, anytime corporate firewall mobile devices
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5 Global Spam Volume Trend
Tripled since January
Highest level since 2010
Anti-spam industry problem
Cisco maintains efficacy leadership
Source: http://www.opus1.com/www/whitepapers/antispamresults2013.pdf
Volume UP = Count of Spam UP Source: http://www.spamcop.net/spamgraph.shtml?spamyear Source: http://cbl.abuseat.org/totalflow.html
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6 Jan 2013 – Apr 2014
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7 Missed Spam Analysis
Offer spam (Micro-category) = Sell goods or services. Categories of Missed Spam (customer submissions since Jan/14) Diplomas Mkt Svcs Casino Majority of Offer spam uses Snowshoe techniques Seminar Link Insurance Malware Dating Porn Luxury Snowshoe spam – technique used by spammers to Drug Loan Stocks Lottery cover their tracks, go under the radar. Its objective is Job to defeat traditional Anti-Spam techniques. Scam short campaigns – morphs fast – constantly changing Phish
Anti-Sender Reputation Anti-Content Analysis • Never use the same IP to send • Never use the same series of more than x amount of spam in words more than y period of time. • Never reuse the same images • Never send the same spam • Never use the same URL
Offer from the same IP.
Not “new” techniques, however, usage has increased
Fine line to balance catch rate and false positive
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8 Opus One Report April 2014
Cisco’sThis graphic email securitywas published solution by demonstrated Opus One in thetheir highest2014 “COMPARING spam capture INDUSTRY-LEADINGrate and the most accurate rate of detection. The results are remarkable given the tradeoffANTI-SPAM between SERVICES” spam capture and false positive rates.All of theFor anti-spam example, solutions a vendor in Gartner’s can catchJuly 2013 100% “Leaders” of spamand “Challengers” if they block Magic every Quadrant message categories but were then tested. the falseIn total, eight vendors were evaluated over the course of a year. positiveThe only ratevendor would mentioned also by be name 100%, is Cisco which (Cisco’s is obviously Email unacceptable.Security Appliance was previously called “Ironport” but Cisco is Ciscophasing consistently out the IronPort outperformed brand name). The the remaining other vendors, vendor names have been obfuscated. with the highest spam capture rate in eight of the twelveTo ensure months consistency measured. and reliability, When Opus another One operated vendor within had the following parameters during the 12-month long analysis from a Januarybetter 2013anti-spam to December catch 2013. rate than Cisco, it came at the cost of a significantly higher false positive rate: from 16 to 40 times worse. Opus One Joel Snyder, April 2014
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9 There is no Silver Bullet
Attack Continuum
BEFORE DURING AFTER Control Detect Scope Enforce Block Contain Harden Defend Remediate
Gaps in protection Point-in-time Malware prevention as new attack defenses can be is not 100% vectors emerge evaded
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10 Cisco Email Security Threat Defense Complete Inbound Protection
SenderBase Reputation Filtering Drop
Anti-Spam Drop/Quarantine
Cisco® SIO Anti-Virus Drop/Quarantine
Advanced Malware Protection AMP Drop/Quarantine
Outbreak Filters Quarantine/Re-write
Real-time URL Analysis cws
Re-write Deliver Quarantine Drop URLs
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11 The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again. Cisco SenderBase: Email Reputation Database
Threat Intelligence Spam Traps Complaint IP Blacklists • Over 1.6M global devices Reports and Whitelists • Historical library of 40,000 threats • 35% of global email traffic seen per day • 13B+ Worldwide web requests seen per day • 200+ parameters tracked Message Compromised Website • Multi-vector visibility Composition Host Lists Composition Data Data
Benefits
• 360 degree dynamic threat visibility Global Volume Domain Other Data • Understanding of vulnerabilities and Data Blacklist and exploit technologies Safelists • Visibility into highest threat vehicles • Latest attack trends and techniques IP Reputation Score
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. -10 0 +10 Cisco Confidential 12 DKIM and SPF DNS Email Authentication
Your Company Trusted_Partner.com Verified SIGNEDü
Cisco ESA Imposter
Trusted_Partner.com Drop/Quarantine
• Block phishing and spoofing attacks • Apply more liberal policies to AUTHENTICATED external sources
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13 DMARC DNS Standardizing Email Authentication DMARC p=reject
Trusted_Partner.com
Verified SIGNEDü
Report Cisco ESA Imposter
Drop/Quarantine Trusted_Partner.com
• Reduce the exposure of your users to phishing • Tie DKIM and SPF together and address their shortcomings • Identifies actions to take if message authentication fails for sender’s domains • Allows for sending of aggregate reports back to sending domain to inform of message disposition C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14 URL Defense Integrated email and web security
Rewrite
Email Contains URL Send to Cloud
BLOCKEDwww.playboy.comBLOCKED Defang BLOCKEDwww.proxy.orgBLOCKED
Cisco SIO Replace “This URL is blocked by policy”
URL Categorization
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15 Cisco Zero-Hour Malware Protection Advanced Malware Protection
Reputation SourceFire AMP update integration File File Reputation Sandboxing
Known File Unknown files are Reputation uploaded for sandboxing
Advanced Malware Protection Outbreak Filters
Cloud Powered Zero-Hour Telemetry Based Zero-Hour Malware Detection Virus and Malware Detection
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16 Key Features of AMP
• Blocks files known to be malicious File Reputation • Reputation verdicts delivered by AMP cloud intelligence network
• Behavioral analysis of unknown files File Sandboxing • Looks for suspicious behavior • Feeds intelligence back to AMP cloud
• Continuous analysis of files that have traversed the gateway File Retrospection • Retrospective alerting after an attack when file is determined to be malicious
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17 Layered Protection across the Attack Continuum
Reputation Filtering Block BEFORE Cisco® SIO URL Filtering Block
Signature, AV, Spam scanning Block
DURING File Reputation Block SourceFire AMP Cloud File Behavior Block
AFTER File Retrospection Alert
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18 Cisco Email Security Provides Strong Outbound Control
Rate Limiting Encrypt AS/AV Checks Compliance/ DKIM/SPF Outbound DLP Sensitive Data
Sender Recipient
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19 Rate Limiting Outbound Rate Limit Per Mail From: 1-100 Emails 101-1000 Emails
• Receive alerts identifying high-volume ! possibly infected senders Malicious Sender
• Rate limit can be set higher for senders such as marketing or the customer help desk Known High Volume Sender
• Users can send up to 100 mails per hour
Typical User
Policy !
• Administrator can set rate limit for individual
senders Alert admin when limit is hit
Admin
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20 Outbound Infection Containment and Control
!
Alert Rate Limit per Anti-Spam Anti-Virus Admins Mail From (Intelligent Multi-Scan)
Stay off of blacklists • Stop malicious and abusive use of systems • Know which machines/users to remediate • Combine with Outbreak Filters for bi-directional protection
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21 Email Authentication: Outbound DMARC
Verified SIGNED SIGNEDü
From: Your_Company.com From: Your_Company.com From: Your_Company.com
Report
Publish DMARC, DKIM, and Cisco ESA SPF Your Company ISP SPF Records Records Query DMARC, DKIM, and DNS Public Server • Protect your identity from phishing • Improve sender reputation and deliverability • Visibility and control of sent email and who is sending on your behalf
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22 IPv6 Support Defense for email systems against emerging IPv6 threats
IPv6 Addressing Is your Email Security
filtering content with IPv6
addressing appropriately?
• Supports: IPv4/IPv6 addressing – single or dual stack – with Anti-Spam, Anti-Virus, Content Filters, DLP, Encryption, and more • Translates: IPv6 in and IPv4 out… or vice versa • Full reporting and Message Tracking support
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23 Flexible Deployment Options Industry-leading, Best of Breed Email Protection at the Gateway
On-premises Cloud
Deployment Options Appliance Virtual Hybrid Hybrid Cloud Managed
Multi-device Support Desktop Mobile Laptop Tablet
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24 Email Security Appliance – Cisco on Cisco
Emails delivered Emails / mo Emails / day Emails / employee / day %
Attempted 124 M 5.6 M 73
Blocked 77 M 3.5 M 46 63%
Delivered 37 M 1.7 M 22 30%
Delivered, marked “Marketing” 9 M 0.4 M 5 7%
ESA Blocked Emails Emails* / mo Emails / day Emails / employee / day %
By reputation 73 M 3.3 M 43 94%
Malware Spam By spam content 4.3 M 0.2 M 3 5% By invalid receipts 0.4 M 0.02 M 0.25 1%
3.5M Emails blocked each day
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25 Web Security Stakes Are Higher Than Ever Before
Exploitation Theft & Espionage Disruption
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26 0 100% 200% 300% 400% 500% 600% 700%
Accounting Agriculture and Mining Automotive Aviation Industry Risk and Banking and Finance Charities and NGOs Clubs and Organizations Web Malware Education Electronics Energy, Oil, and Gas Encounters, 2013 Engineering and Construction Entertainment Food and Beverage Government Healthcare Heating, Plumbing, and A/C IT and Telecommunications Industrial Insurance Legal Manufacturing Media and Publishing Pharmaceutical and Chemical Professional Services Real Estate and Land Mgmt. Retail and Wholesome Transportation and Shipping Travel and Leisure Utilities
© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27 Malicious Attacks Generated through PDF, Flash, and Java, 2013
16%
14%
12% PDF
10% Flash
8% Java
6%
4%
2%
0 Jan. Feb. Mar. Apr. May Jun. Jul. Aug. Sep. Oct. Nov.
Month
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28 Cumulative Annual Alerts
7000 2013
2012 6000 2011
5000 2010
4000
3000
2000
1000
0 Jan. Feb. Mar. Apr. May Jun. Jul. Aug. Sep. Oct. Nov. Dec.
Month
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29 New and Updated Alerts
1000 320 800 278 293 291 256 600 281 212 211 221 224 517 215 437 400 391 387 386 366 347 333 324 Update Alert 303 286
200 New Threat Alert
0 Jan. Feb. Mar. Apr. May Jun. Jul. Aug. Sep. Oct. Nov.
Month C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30 The Pervasiveness of Malicious Traffic
Connections to domains that are known High-Threat Malware malware threat sites or threat vectors. 100%
Suspicious and excessive trafc going to Government and Military places not typically contacted by the public. 100%
Connections to known hijacked infrastructure Hijacked Infrastructure or compromised sites. 96%
Connections to blank sites that may have code Sites without Content on them to inject malware into systems. 92%
Suspect FTP Unexpected connections to irregular FTP sites. 88%
Connections from within an organization to Suspect VPN suspicious VPN sites. 79%
Connections to universities in suspicious places, potentially Education via Threat(s) serving as pivot points for other kinds of malware. 71%
Very high volume of attempts to connect to Pornography known pornography sites. 50%
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31 Outbreak IntelligenceTM Vs. Signature Detection
Zbot Daily Blocks, 2013 (Source: Cisco Cloud Web Security) (webmail) 100% Solimba 90% AirInstall FirstSerial NBC.com and downloader downloader iBryte Installer 80% related downloader CryptoLocker 70% compromises ransomware 60% Google Doc iphonedevsdk.com50% Watering Hole phishing Watering40% Hole Attacks against Attacks targeting Energy & Oil 30%Tech Industry 20% 10% 0% 1-Jan-13 1-Feb-13 1-Mar-13 1-Apr-13 1-May-13 1-Jun-13 1-Jul-13 1-Aug-13 1-Sep-13 1-Oct-13 1-Nov-13 1-Dec-13
Signature Outbreak Intelligence™
§ This chart shows the day to day rate of OI detected threats vs. 78% standard antivirus signatures. 22% § In 2013, 22% of Web malware was blocked by Cisco Outbreak Intelligence before signature detection became available Signature Outbreak Intelligence™ § Outbreak Intelligence provides early detection of new threats based on heuristic analysis of behavioral characteristics and machine learning C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32 32 Web Pages Contain Hidden Threats
• Flash • Java • JPG • PDF Potential threats • Script • .exe • Etc.
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33 Loss of Productivity is Also a Threat How much bandwidth and time is being wasted on web 2.0 every day?
Facebook time: Bytes on YouTube Pandora: Total browse time for 2,110,516 minutes or video playback: 713,884,303,727 the day: 35,175 hours, 1465 11,344,463,363,245 or .6 TB 2,270,690,423 or days, 4.1 years! or 10 TB 4,320 Years. # of Facebook likes: Total bytes for the day: 3,925,407 at 1 second a 70,702,617,989,737 like that’s almost 1100 or 64 TB over 15% from hrs/day or 45 days just YouTube! liking things!
Source: Cloud Web Security Report
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34 We Can Help. Cisco Web Security Provides…
Strong Protection Safeguards every device, everywhere, all the time
Complete Control Enables control of all web traffic on all devices
Investment Value Delivers more for your investment
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35 Cisco Web Security Provides Strong Protection
WWW
URL Filtering WWW Block Time of Request
Reputation Filter WWW Block
Cisco® SIO Dynamic Content Analysis (DCA) WWW Block
Time of Signature-based Anti-Malware Engines WWW Block Response
AMP Real-time Sandbox Analysis
Partial WWW Allow WWW Warn WWW WWW Block Block
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36 Telemetry • Cisco plays a critical role in evaluating threats, given the prevalence of its solutions and the breadth of its security intelligence: • 16 billion web requests are inspected every day through Cisco Cloud Web Security
• 93 billion emails are inspected every day by Cisco’s hosted email solution • 200,000 IP addresses are evaluated daily
• 400,000 malware samples are evaluated daily
• 33 million endpoint files are evaluated every day by FireAMP
• 28 million network connects are evaluated every day by FireAMP
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37 Results • This activity results in the following threats being detected by Cisco: • 4.5 billion emails are blocked every day
• 80 million web requests are blocked every day • 6450 endpoint file detections occur every day in FireAMP • 3186 endpoint network detections occur every day in FireAMP • 50,000 network intrusions are detected every day
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38 AsyncOS 8.0.6: AMP Integration
FireAMP WSA Cloud
FireAMP Client
File Reputation Query Web FireCloud Local Client Web/Sender Cache Heartbeat -retrospective Reputation File Reputation Proxy VRT update Client Unknown File, upload for Sandboxing
AV Scanners VRT Sandboxing
FireCloud Client acts like another scanner with Advanced Malware Protection capabilities
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39 Scanning Performance Improvement
• Two Phase Approach: 1st Phase in AsyncOS 8.0 2nd Phase in AsyncOS 8.5 Shared Memory Multi-Threading Proxy Architecture for HTTPs Performance
Reporting Optimized Regular Improvements Expression Engine
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40 Scanning Performance Improvement
Test Configuration Platform RPS on AsyncOS 7.7 RPS on AsyncOS 8.0
Premium bundle S370 316 450 (WBRS, AVC, Auth, (42%) HTTPs 10%, Webroot, Sophos) S380 396 683 (25%) ( 72%) (116%) S670 615 1050 (70%) S680 711 1050 (15%) (48%) (70 %)
Orange -- % Increase by upgrading from x70 to x80, running AsyncOS 7.7 Green -- % Increase by running the same HW, but upgrading from AsyncOS 7.7 to AsyncOS 8.0 Red -- % Increase by upgrading from x70 to x80, and also upgrading from AsyncOS 7.7 to AsyncOS 8.0 All the RPS numbers in the table are sustained RPS
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41 Kerberos Authentication
• Supported for AD Server 2003, 2008, 2012
• Support for Multiple Platforms: Windows, Mac OSX, and web browsers
• Deployment scenarios on-par with Multi-forest NTLM features Multiple Kerberos realms Group based policies
• Setup/Configure similar to Multi-forest NTLM feature
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42 IPv6 -- WSA Data Features
Feature IPv6 Support
WBRS (Web Reputation) Ready
SaaS Yes
Authentication Surrogates Yes
AVC, Bandwidth Control Yes
X-Forwarded-For Headers Yes
End User Notification, End User Acknowledgement Yes
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43 IPv6 -- WSA Control Features
Feature Support for IPv6
DNS Yes
Authentication (LDAP, RADIUS, etc.) N/A
Transparent User Authentication Yes
WCCP Ready*
ICAP (External DLP) Yes
PAC File Hosting N/A
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44 Virtual WSA Cloud Connector
• Background: Update to WSA 7.5.7 Release (Limited GA) WSA Cloud Connector 8.0 is the virtualized version of WSA 7.5.7.
• Applications: Provision multiple virtual WSA Cloud Connectors to meet traffic demand
• Advantage: Scale, easy management and deployment.
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45 Multiple proxies within in each Datacenter
Current Datacenters Chennai Paris Chicago San Jose Copenhagen Sao Paulo Dallas Singapore Frankfurt Sydney Hong Kong Tokyo Johannesburg Toronto 2X London Vancouver Miami Zurich New York 2X
• 21 data centers • 19 locations
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46 46 What is a Cloud Proxy?
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47 47 Proxy Layout - Today
• Each logical Proxy consists of: Active/Passive Firewalls Active/Passive Load Balancers Application Switches Distribution Switches 2 x Chassis of 16 Blades each (32 Total)
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48 48 Built from the Ground up to deliver the next gen Cloud services
Improved capacity management Convergence
Improved content delivery performance
Intelligence
Platform for new services
Automation VM infrastructure on scalable Cisco UCS hardware Future services + Room for product evolution
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49 Cisco Cloud Attach Model
Use your existing Cisco asset to leverage CWS
Cloud Web Security
AnyConnect ASA ISR G2 WSA WSAv Hosted PAC & Connector Web Security Connector Authentication
Cisco Device No Cisco Device
Attach Based Direct to Cloud
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50 50 Cognitive Threat Analytics
Reduced time to discovery Active, continuous monitoring to stop the spread of an attack
Normal… or not? Spots symptoms of infection using behavioral anomaly detection algorithms and trust modeling
Security that evolves Uses machine learning to learn from what it sees and adapt over time
No more rule sets Discovers threats on its own…just turn it on.
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51 Cognitive Threat Analytics Continuous Monitoring of Threats After an Attack
CTA is a cloud-based solution that reduces time to discovery of threats operating inside the network.
Identifies Learns from Adapts new threats what it sees over time
Licensed feature on CWS, part of new CWS Premium package
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52 Call to Action
Talk to your Cisco or partner account teams to set up an evaluation
Evaluations available for: • Cloud • Virtual • On-premise appliances using Demo Loaner Program
C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53 C97-728331-00 © 2013 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54