Техническая Спецификация для Cisco CS-MARS-GC2R-K9 CS-MARS-GC2R-K9-RF
Модели
CS-MARS-GC2R-K9-RF
Data Sheet
All contents are Copyright © 1992–2008 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information.
Page 1 of 9
Cisco Security Monitoring, Analysis, and Response System
(MARS) Release 6.0
(MARS) Release 6.0
Cisco Security MARS Overview
Cisco Security MARS is an appliance-based, all-inclusive solution that provides superior insight
into and control of your existing security deployment. Part of Cisco’s security management suite,
Cisco Security MARS empowers your security and network organizations to identify, manage, and
counter security threats. It works with your existing network and security investments to identify,
isolate, and recommend precise removal of offending elements. Cisco Security MARS also helps
maintain internal policy compliance and can be an integral part of your overall regulatory
compliance solution.
Security and network administrators face numerous challenges, including:
●
Security and network information overload
●
Poor attack and fault identification, prioritization, and response
●
Increases in attack sophistication, velocity, and remediation costs
●
Compliance and audit requirement adherence
●
Security staff and budget constraints
●
Cisco Security MARS addresses these challenges by:
●
Integrating network intelligence to modernize correlation of network anomalies and security
events
●
Visualizing validated incidents and automating investigation
●
Mitigating attacks by taking full advantage of your existing network and security
infrastructure
●
Monitoring systems, network, and security operations to aid in compliance
●
Delivering a scalable appliance that is easy to deploy and use with the lowest total cost of
ownership (TCO)
Cisco Security MARS transforms raw network and security data into intelligence that can be used
to subvert valid security incidents and maintain compliance. Cisco Security MARS enables
operators to centralize, detect, mitigate, and report on priority threats using the network and
security devices already deployed in your infrastructure.
The Defense-in-Depth Dilemma
Information security practices have evolved from Internet perimeter protection to an in-depth
defense model in which multiple countermeasures are layered throughout the infrastructure to
address vulnerabilities and attacks. Layering is necessary because of increased attack frequency,
diverse attack sophistication, and the rapid nature of attack velocity.
Network access points and systems are probed thousands of times each day in an attempt to
exploit vulnerabilities. Modern blended/hybrid attacks use multiple and deceptive attack
methodologies to gain unauthorized system access and control from outside and within