使用思科 SASE 扩展混合环境的分段策略.pdf

1、#CiscoLive#CiscoLiveRyan Shoemaker Technical Solutions ArchitectersatzshoeBRKSEC-2092Using Cisco SASEExtending Your Segmentation Strategy for Your Hybrid Environment 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEnter your personal notes hereCisco Webex App Questions?Use

2、 Cisco Webex App to chat with the speaker after the sessionFind this session in the Cisco Live Mobile AppClick“Join the Discussion”Install the Webex App or go directly to the Webex spaceEnter messages/questions in the Webex spaceHowWebex spaces will be moderated by the speaker until June 9,2023.1234

3、https:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicBRKSEC-20923#CiscoLive 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicAgendaIntroduction to SASE and SegmentationCloud security policy with segmentationLeveraging SAML for group-based policiesAutomating cloud

4、workload segmentation in CSPsConclusionBRKSEC-20924SASE Overview 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveVPN MPLSHistoric traffic flowsLed to the age of perimeter-based security and networkingInternetTRAFFICInternal 80%Internet 20%TRAFFICInternal 80%Internet 20%Roa

5、ming/mobileBranch officesHQSecurity stackNetwork:CentralizedSecurity:Single,on-premise security stackBRKSEC-20926 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveChanges in the types of traffic and destinationsHave inverted the traffic modelProblems:App performanceUser exp

6、erienceSecurity efficacy#Tools/vendorsIntegrationsVPN MPLSTRAFFICInternal 20%Internet 80%Roaming/mobileBranch officesHQTRAFFICInternal 20%Internet 80%Bottle neckSaaSIaaSPrivate cloudBrowsingInternetBRKSEC-20927 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveNetwork transf