Листовка для Cisco Cisco IPS 4255 Sensor
Customer Case Study
have to be easy to manage and maintain.
“When we build a security environment that is flexible,
manageable, and layered, we can handle any new
challenges that may appear. Our Cisco solution
definitely gives us this capability.”
manageable, and layered, we can handle any new
challenges that may appear. Our Cisco solution
definitely gives us this capability.”
—Al Grapoli, Network Manager, State of Oregon
Network Solution
In 2005, the State of Oregon began work on the CNIC initiative, which was based on a new
converged data center featuring a Cisco
converged data center featuring a Cisco
®
network. The Cisco Self-Defending Network was a critical
component of the CNIC project in that the new data center clearly needed to protect highly
confidential information, comply with government regulations, and be flexible to meet the diverse
needs of all of its agencies.
confidential information, comply with government regulations, and be flexible to meet the diverse
needs of all of its agencies.
“To achieve a comprehensive approach to security, we looked at a variety of products and
architectures. The Cisco solution delivered the highest level of flexibility, and enabled us to build
multiple layers of security. It really fit into what we needed to do, because each agency required a
specific level of security for its operations,” says Grapoli.
architectures. The Cisco solution delivered the highest level of flexibility, and enabled us to build
multiple layers of security. It really fit into what we needed to do, because each agency required a
specific level of security for its operations,” says Grapoli.
As a first step in implementing its new security architecture, Grapoli and his team converted its
existing repertoire of Cisco PIX Firewalls to Cisco ASA 5500 Series Adaptive Security Appliances
at more than 60 remote offices. More robust and flexible than the Cisco PIX Firewall, the Cisco
ASA 5500 Series Adaptive Security Appliances are purpose-built security solutions that can easily
scale to meet the state of Oregon’s changing needs. A core component of the Cisco Self-Defending
Network, the Cisco ASA 5500 Series provides proactive threat defense that stops attacks before
they spread through the network, controls network activity and application traffic, and delivers both
IPsec and Secure Socket Layer (SSL) VPN connectivity.
existing repertoire of Cisco PIX Firewalls to Cisco ASA 5500 Series Adaptive Security Appliances
at more than 60 remote offices. More robust and flexible than the Cisco PIX Firewall, the Cisco
ASA 5500 Series Adaptive Security Appliances are purpose-built security solutions that can easily
scale to meet the state of Oregon’s changing needs. A core component of the Cisco Self-Defending
Network, the Cisco ASA 5500 Series provides proactive threat defense that stops attacks before
they spread through the network, controls network activity and application traffic, and delivers both
IPsec and Secure Socket Layer (SSL) VPN connectivity.
“Migrating from Cisco PIX to the Cisco ASA has been straightforward, because we are using the
same operating system, yet gaining greater flexibility,” says Grapoli. “We haven’t had any
significant issues migrating; we simply take the rule set from the Cisco PIX and plug it into the
Cisco ASA.”
same operating system, yet gaining greater flexibility,” says Grapoli. “We haven’t had any
significant issues migrating; we simply take the rule set from the Cisco PIX and plug it into the
Cisco ASA.”
The state looks forward to exploring the many unique capabilities of the Cisco ASA 5500 Series,
and is already taking advantage of the advanced firewall and VPN capabilities. These robust
security features protect the network against unauthorized access and provide secure connectivity
for agency employees.
and is already taking advantage of the advanced firewall and VPN capabilities. These robust
security features protect the network against unauthorized access and provide secure connectivity
for agency employees.
“With the Cisco ASA, agency employees working at remote sites can securely access a wide
variety of tools and applications. For example, they can make changes to their employee benefits
plan over a secure Web site,” says Grapoli.
variety of tools and applications. For example, they can make changes to their employee benefits
plan over a secure Web site,” says Grapoli.
For end-to-end network protection, the state is deploying a Cisco Intrusion Prevention System (IPS)
solution. Using Cisco IPS 4200 Series Sensors, the state can identify, classify, and stop known and
unknown threats like worms, network viruses, and application threats.
solution. Using Cisco IPS 4200 Series Sensors, the state can identify, classify, and stop known and
unknown threats like worms, network viruses, and application threats.
“Intrusion detection can only go so far in stopping threats, but Cisco’s sophisticated intrusion
prevention capabilities let us work proactively to discover and eliminate threats early,” says Grapoli.
prevention capabilities let us work proactively to discover and eliminate threats early,” says Grapoli.
All contents are Copyright © 1992–2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 2 of 4