Pci Dss Partner Ec Tdm Proposal

7/28/2019 Pci Dss Partner Ec Tdm Proposal

1/40

Payment Card Industry Data Security Standard

Partner/Reseller VersionSimplifying Compliance Strategies

Proposal for

July 2011

Note to AMs: If this document will be printed and bound, please create space forhole punching or binding as follows:

1. Select File / Page Setup.

2. On the Margins tab, set Gutter to .25 and Gutter Position to Left.

3. Select Whole Document from the Apply To drop-down list.

4. Update the table of contents (select TOC and press F9).

5. Delete this text box prior to submitting or printing document.

TDM Template


2/40

Template Instructions

Fill in all information that appears in within brackets and update font color. Instructions are given in text boxes. These should be deleted. See example below:

Insert appropriate cover graphic.

Insert Partner Logo and Customer Logo in the Header.

Highlight the table of contents and press F9 to update.

Delete this page.

CONFIDENTIAL - i - Payment Card Industry Data Security

Partner/Reseller Version


3/40

Legal Disclaimer

This proposal is being provided by a Cisco authorized reseller utilizing a Cisco solution. Certain technical and other information

in this response may have been provided by Cisco; however, nothing herein shall be construed as a quotation or offer tocontract directly with Cisco. The Cisco logos, trademarks and other information provided by Cisco appear in this response withCiscos permission and are proprietary and confidential information of Cisco Systems, Inc. All other information, including anypricing information, is provided by the Cisco authorized reseller and not by Cisco, and any relationship resulting from thisresponse will be directly with such reseller and not Cisco.

CONFIDENTIAL - ii - Payment Card Industry Data Security



4/40

Table of Contents

1EXECUTIVE SUMMARY.................................................................................................................................1

1.1S CHALLENGE...........................................................................................................................1

1.2PROPOSED SOLUTION.....................................................................................................................................2

1.3CUSTOMERBENEFITS.....................................................................................................................................3

1.4WHY ?..........................................................................................................................3

1.5CUSTOMERTESTIMONIALS.............................................................................................................................4

1.6CONCLUSION...................................................................................................................................................4

2SOLUTION OVERVIEW...................................................................................................................................5

1.7SOLUTION OVERVIEW.....................................................................................................................................5

1.8SOLUTION COMPONENTS................................................................................................................................5

1.8.1Cisco Routing.........................................................................................................................................6

1.8.2Cisco ISR G2 SEC and VSEC Bundles..................................................................................................6

1.8.3Cisco Switching......................................................................................................................................71.8.4Cisco Network Security..........................................................................................................................91.8.5Cisco Wireless......................................................................................................................................14

1.8.6Cisco MSE............................................................................................................................................15

1.8.7Cisco Adaptive wIPS with ELM...........................................................................................................16

1.8.8Cisco Physical Security........................................................................................................................19

1.8.9Cisco Compute Systems and Storage...................................................................................................20

1.8.10Cisco Management.............................................................................................................................21

1.8.11Cisco Voice........................................................................................................................................22

1.8.12Cisco WAN Optimization...................................................................................................................23

3SERVICES & SUPPORT OVERVIEW..........................................................................................................25

1.9SERVICES OVERVIEW....................................................................................................................................25

1.10SERVICES OPTIONS.....................................................................................................................................251.10.1Cisco PCI Compliance Professional Services...................................................................................25

1.10.2Cisco PCI Technical Services............................................................................................................26

1.11FINANCIAL OPTIONS...................................................................................................................................27

4CUSTOMER BENEFITS & RETURN ON INVESTMENT........................................................................28

1.12CUSTOMERBENEFITS.................................................................................................................................28

1.13GENERAL RETURNON INVESTMENT / BUSINESS IMPACT..........................................................................28

5CUSTOMER PROOF POINTS........................................................................................................................30

6STATEMENT OF COMPLIANCE.................................................................................................................31

7PRICING............................................................................................................................................................32

8APPENDICES....................................................................................................................................................33

1.14ADDITIONAL INFORMATION........................................................................................................................33

1.15ACRONYM LIST...........................................................................................................................................33

CONFIDENTIAL - iii - Payment Card Industry Data Security



5/40

1 Executive Summary

1.1 s Challenge

According to the American Bankers Association, an estimated 10,000 paymentcard transactions are made every second around the world. Founded by the cardbrands (AmEx, MC, Visa, and Discover/JCB), the PCI DSS is designed to protectcardholder data. However, retailers still need to create a network architecturethat works for their business and also meets the PCI DSS compliance standardsthat are required by all major credit card brands for any organization thatprocesses payment cards or transfers and stores payment card data.

But, as organizations begin to take advantage of wireless technology to improveoperations and gain a competitive advantage, PCI DSS requires retailers toextend the same level of security from the wired network to the wireless networkand provides specific guidelines as to how to protect point-of-sale data over the

wireless network.

For todays retailer, any solution that deals with PCI DSS compliance must beable to:

Build and maintain a secure network: A secure network meansfulfilling PCI DSS requirements one and two about network firewalls,default settings, and other security parameters.

Protect cardholder data: Protecting data requires the solution to protectstored data as well as encrypting a variety of other data as set forth in

CONFIDENTIAL - 1 - Payment Card Industry Data Security



6/40

PCI DSS requirements three and four.

Maintain a vulnerability management program: This requirement fromPCI DSS means that networks must regularly update antivirus softwareand develop secure systems and applications per guidelines five and six.

Implement strong access control measures: The requirement alsoincludes restricting physical access to cardholder data as well asassigning a unique computer ID to each person in the company andrestricting computer access to sensitive data as per PCI DSS guidelinesseven, eight, and nine.

Regularly monitor and test networks: A solution that regularly testedthe security systems and tracked all access to end-user data would be inaccordance with PCI DSS requirements 10 and 11.

Maintain an information security policy: Finally, a solution thatmaintained a policy that addresses every aspect of information security

would meet guideline 12 of the PCI DSS.

Clearly, retailers require a solution that can meet the needs of their stores whilealso meeting the guidelines of the PCI DSS. Being in compliance with thoseguidelines will save retailers a great deal of money, time, and effort.

1.2 Proposed Solution

The Cisco PCI Solution for Retail 2.0, proposed by , wasdeveloped to help retailers simplify and maintain PCIcompliance. The solution consists of strategicguidance as well as tactical implementation. A criticalelement ofs proposed Cisco PCI

DSS Solution is Cisco network architecture andvalidated network designs. More than just printeddiagrams, these designs, used and recommended by, were deployed and tested inCisco Labs. Because of this, sproposed Cisco solution applies its enterprise-widearchitecture experience to the requirements of PCI.

Most industry experts agree that the best way toachieve and maintain PCI compliance is to adopt astrategic, holistic approach to network security risk,management, and compliance that includes the network infrastructure, policies,and procedures. The ability to centrally manage systems, network services, and

security is essential to a holistic solution.

In addition to simplifying retailers approach to PCI requirements, centralmanagement improves operational efficiency and can accelerate delivery offuture retail applications that will travel the network infrastructure.

s proposed solution offers a network foundation that is animportant step for retailers to achieve regulatory compliance requirements andimplement data security best practices.




7/40

s proposed solution was built and tested using a holisticenterprise perspective including the following:

Cisco network architectures, used and recommended by, have been designed for stores, enterprise datacenters, and the Internet edge to support e-Commerce operations, storeemployees, customers, and teleworkers.

s proposed Cisco PCI Solution for Retail 2.0 alsosupports wireless 3G technology deployments and multiple storeformats, including pop-up stores and convenience stores, in addition totypical small, medium, and large stores.

Verizon Business reviewed the products and network designs and issuedan assessment report.

The result is a set of architectures and designs that simplify the process of aretailer becoming PCI compliant, maintaining that posture and providing the

capability of awareness when under attack.

1.3 Customer Benefits

The Cisco PCI Solution for Retail 2.0, proposed by ,addresses many of the 12 PCI DSS requirements and helps retailers simplifytheir compliance strategies. It goes beyond just the requirements to providecomprehensive best practices for securing sensitive information. In addition,s proposed Cisco PCI Solution for Retail 2.0 helps protectmobile applications and data. It helps to: build a foundation for ongoingcompliance; enhance your companys physical security and risk management;strengthen shopping security; and, enable new business initiatives.

Because s proposed Cisco solutions use an architecturalapproach, you can reap benefits not found in a single-box approach. Thesebenefits include:

Increased end-to-end compliance

Increased investment protection

Improved efficiency in deploying PCI DSS updates

1.4 Why ?

Whether you have two stores across town or 2,000 around the globe,s proposed Cisco solution offers solutions, experience, andexpertise to help improve your effectiveness and operational capacity. The CiscoPCI Solution for Retail 2.0, proposed by , can help pulleverything together to effectively address the PCI DSS with:

A comprehensive wired and wireless solution:sproposed solution provides a comprehensive wired and wireless solution,enabling complete end-to-end PCI DSS compliance. Specifically forwireless, s proposed Cisco solution provides best-in-class solutions to meet PCI DSS compliance, and also provides




8/40

incremental solutions that extend security beyond PCI DSS complianceto meet the objective of truly securing cardholder data.

Dedicated compliance resources: In addition to developing technologyand solutions for achieving PCI DSS compliance, sproposed Cisco solution has dedicated resources to truly understand thenature of PCI DSS compliance and to provide valuable insight into PCIupdates and revisions. Dedicated personnel actively participate asmembers of the Worldwide PCI Council Board of Advisors in order torepresent Cisco expertise, adopted by , in networksecurity, and represent our customers concerns with regard to PCIcompliance.

Designs that meet or exceed requirements:,through Cisco, offers collaboration with a third-party QSA to help ensurethat the designs meet and/or exceed PCI DSS requirements. Thisprocess allows customers to deploy s proposed

solution architectures with the utmost confidence that they will achievePCI DSS compliance.

1.5 Customer Testimonials

1.6 Conclusion

Because cyber-criminals never sleep, many retailers are concerned aboutmoving their cardholder information overa wireless network. They have goodreason to be concerned because anumber of large corporations have beenhacked and thousands of credit cardnumbers have been compromised.

However, with an architectural approachto network security, such as the solutionproposed by , retailerscan create a system that providescompliance with PCI DSS as well as improves the productivity and speed of thenetwork itself. This kind of network is constantly looking for intruders while alsosecuring data behind firewalls and adhering to strict permissions access.

would be pleased to discuss s proposed Ciscosolution to grow in difficult environments with you. can bereached at or.




9/40

2 Solution Overview

1.7 Solution Overview

s proposed solution has extensive experience working with wired and wirelessnetworking technologies. Using accumulated best practices, offers a set ofarchitectures in a lab environment with PCI requirements in mind. PCI auditor, Verizon Business, wasinvited to evaluate these architectures.

When deployed and configured as designated in the Cisco PCI Design and Implementation Guideavailable through , retailers can be confident in their compliance posture as well assecurity best practices. s proposed Cisco PCI Solution for Retail 2.0 networkarchitectures support secure transport for POS traffic, such as credit card data, cardholderinformation, transaction logs, and database records.

A critical element of the Cisco PCI Solution for Retail 2.0 is Cisco network architecture and validatednetwork designs, available through . Cisco network architectures have beendesigned for stores, enterprise data centers, and the Internet edge to support e-Commerceoperations, store employees, customers, and teleworkers. s proposed Cisco PCISolution for Retail 2.0 also supports wireless 3G technology deployments and multiple store formats,including pop-up stores and convenience stores, in addition to typical small, medium, and largestores. Cisco network architectures include solutions for virtualized, wired, and wireless deployments,all available through .

Retailers can use these network architectures as a guideline for deploying their own networkinstallations as they work toward PCI compliance. These architectures can be used throughout therange of retail environments, from small stores to large retail footprints.

To access the PCI Compliance Advisor Tool, please contact your representative.

1.8 Solution Components

s proposed Cisco PCI Solution designed for your particular store or group ofstores will be unique. To view Cisco Validated Designs for PCI, please contact your representative.

Many Cisco products already include features and the specific intelligence needed to help meet PCI




10/40

requirements. These products, all available through , include: Cisco ISR and ISRG2 Routers; Cisco ASR; Cisco Catalyst compact, access, and data center switches; Cisco Nexus

1000V Series Switches; Cisco Nexus 5000 and 7000 Series Switches; Cisco ACE; Cisco MDSSwitch; Cisco ASA; Cisco IronPort Email Security Appliance; Cisco NAC Appliance; CiscoAnyConnect VPN; Cisco FWSM; Cisco IDSM; Cisco IPS Appliances; Cisco Nexus VSG; Cisco IOSFirewall; Cisco IO SIPS; Cisco Secure ACS; Cisco Aironet Access Points; Cisco Wireless LANControllers; Cisco MSE; Cisco Adaptive wIPS; Cisco VSOM; Cisco Video Surveillance IP Cameras;Cisco Physical Security MSP; Cisco Physical Access Manager; Cisco Physical Access Gateways;Cisco UCS and UCS Express; Cisco Security Manager; Cisco WCS; CiscoWorks LMS; Cisco UnifiedCommunications Manager; Cisco Unified IP Phones; Cisco WAE; and Cisco WAAS.

1.8.1 Cisco Routing

1.8.1.1 Cisco ISR

Cisco ISRs, available through , integrate advanced communications and securitycapabilities based on Cisco IOS Software.

Features, available through , include:

Up to 45 Mbps WAN performance with services

Service module performance and capacity of 1x and up to 160 GB

Fast Ethernet with PoE

User-based privileges

For more information, please see:http://www.cisco.com/en/US/products/ps10906/Products_Sub_Category_Home.html

1.8.2 Cisco ISR G2 SEC and VSEC Bundles

The Cisco ISR G2s, available through , are part of the Cisco Borderless NetworkArchitecture that enables business innovation and growth across all remote sites. The next-generation architecture delivers a new workspace experience by meeting the performancerequirements for the next generation of WAN and network services, enabling the cost-effectivedelivery of high-definition collaboration at the branch office and providing the secure transition to thenext generation of cloud and virtualized network services.


Feature-rich security capabilities including video imaging and PCI DSS requirements

Media engines that enable business-grade video applications based on high-density video-ready DSPs that deliver the medianet high-definition experience

Bandwidth-optimized and scalable video services, including media-rich video conferencing,video surveillance, video streaming, and digital signage

High-performance (up to 8x), nonstop branch office experience to meet your future WAN andservices requirements

Investment protection with support for most of the prior generation of integrated servicesrouter interfaces


http://www.cisco.com/en/US/products/ps10906/Products_Sub_Category_Home.htmlhttp://www.cisco.com/en/US/products/ps10906/Products_Sub_Category_Home.html


11/40

For more information, please see:http://www.cisco.com/en/US/prod/collateral/routers/ps10538/aag_c45_556315.pdf

1.8.2.1 Cisco ASR

The Cisco ASR 1000 Series, available through , provides a significant enhancedvalue compared to prior generations of Cisco mid-range routing solutions by providing more thantenfold performance improvement with services running. In addition, the routers have hardware andsoftware redundancy, as well as an industry-leading high-availability design.

The Cisco ASR 1000 Series delivers multiple services embedded in the Cisco QuantumFlowProcessor, available through , at wire speeds from 2.5 Gbps to 40 Gbps. Theservices supported on the Cisco QuantumFlow Processor, and available through ,include security services (for example, encryption and firewall), QoS, NBAR, Cisco IOS FlexiblePacket Matching, broadband aggregation, and Cisco Unified Border Element, among others.

With the separation of the control and data planes in the Cisco ASR 1000 Series Router architectureprovided by , software redundancy (on the Cisco ASR 1001, ASR 1002 Fixed,

ASR 1002, and ASR 1004 Routers), and hardware redundancy (on the Cisco ASR 1006 and ASR1013 Routers) are provided. In addition, the modular Cisco IOS XE Software that is introduced withthe Cisco ASR 1000 Series, offered by , facilitates ISSU.


Superior application availability at the WAN edge

Multiservice, scalable, and secure headend

Embedded high-speed firewall

For more information, please see:http://www.cisco.com/en/US/prod/collateral/routers/ps9343/data_sheet_c78-447652.pdf

1.8.3 Cisco Switching

1.8.3.1 Cisco Catalyst Series Switches

Cisco Catalyst Series switches, available through , include compact switches,access switches, and data center switches. These switches contain many integrated tools thatfacilitate the construction of a self-defending network. These tools both apply to network-levelinteractions in a PCI-compliant network and protect the device itself.


Timed session terminations

Restricted and logged access

Security services

Flow management

For more information, please see:http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/ps713/aag_c45_484784_v1.pdf


http://www.cisco.com/en/US/prod/collateral/routers/ps10538/aag_c45_556315.pdfhttp://www.cisco.com/en/US/prod/collateral/routers/ps9343/data_sheet_c78-447652.pdfhttp://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/ps713/aag_c45_484784_v1.pdfhttp://www.cisco.com/en/US/prod/collateral/routers/ps10538/aag_c45_556315.pdfhttp://www.cisco.com/en/US/prod/collateral/routers/ps9343/data_sheet_c78-447652.pdfhttp://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps708/ps713/aag_c45_484784_v1.pdf


12/40

1.8.3.2 Cisco Nexus 1000V Series Switches

Cisco Nexus 1000V Series Switches, available through , provide a comprehensiveand extensible architectural platform for virtual machine networking. The switches are designed toaccelerate server virtualization and multi-tenant cloud deployments in a secure and operationallytransparent manner

Integrated into VMware vSphere hypervisor, the Cisco Nexus 1000V Series, available through, provides advanced virtual machine networking based on Cisco NX-OS operatingsystem and IEEE 802.1Q switching technology. It includes Cisco vPath technology for efficient andoptimized integration of virtual network services and secure, multi-tenant public and private cloudnetworks. These capabilities help ensure that the virtual machine is a basic building block of the datacenter, with full switching capabilities and a variety of Layer 4 through 7 services in both dedicatedand multi-tenant cloud environments.

For more information, please see:

http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9902/data_sheet_c78-492971.pdf

1.8.3.3 Cisco Nexus 5000 and 7000 Series Switches

The Cisco Nexus 7000 Series, available through , is a highly scalable end-to-end10 Gigabit Ethernet switch series for mission-critical data center operations. The fabric architecturescales beyond 15 Tbps, with future support for 40-Gbps and 100-Gbps Ethernet. Powered by NX-OS,a state-of-the-art modular operating system, the platform, available through , isdesigned for exceptional scalability, continuous system operation, serviceability, and transportflexibility. The Cisco Nexus 7000 Series, offered by , provides comprehensivesecurity features supported by a robust control plane and wire-rate encryption and decryption,allowing security controls that are less complex and more transparent to the protocols andapplications in the data center.

Cisco Nexus 5000 Series Switches, part of the unified fabric component of the Cisco DCBAarchitectural framework and provided by , deliver an innovative architecture tosimplify data center transformation that enables a high-performance, standards-based, multi-protocol,multi-purpose, Ethernet-based fabric. They help consolidate separate LAN, SAN, and server clusternetwork environments into a single Ethernet fabric. Backed by a broad system of industry-leadingtechnology partners, Cisco Nexus 5000 Series Switches, available through , aredesigned to meet the challenges of next-generation data centers, including the need for densemultisocket, multicore, virtual machine-optimized services, in which infrastructure sprawl andincreasingly demanding workloads are commonplace.

For more information about Nexus 5000 Series Switches, available through ,please see: http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9670/at_a_glance_c45-462427.pdf

For more information about Nexus 7000 Series Switches, available through ,please seehttp://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/brochure_cisco_nexus_7000_series_security_features.pdf

1.8.3.4 Cisco ACE Family

The Cisco ACE Family, offered by , is the next generation of server load balancingand content switching, delivering tightly integrated, essential application service functions in a single


http://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9902/data_sheet_c78-492971.pdfhttp://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9670/at_a_glance_c45-462427.pdfhttp://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9670/at_a_glance_c45-462427.pdfhttp://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/brochure_cisco_nexus_7000_series_security_features.pdfhttp://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/brochure_cisco_nexus_7000_series_security_features.pdfhttp://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9902/data_sheet_c78-492971.pdfhttp://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9670/at_a_glance_c45-462427.pdfhttp://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9670/at_a_glance_c45-462427.pdfhttp://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/brochure_cisco_nexus_7000_series_security_features.pdfhttp://www.cisco.com/en/US/prod/collateral/switches/ps9441/ps9402/ps9512/brochure_cisco_nexus_7000_series_security_features.pdf


13/40

powerful system. It provides full server load-balancing and application switching functions withgranular traffic control based on customizable Layer 4 through 7 rules. Extensive application health

checking directs connections past out-of-service and overburdened servers, reestablishingconnections as conditions permit. The Cisco ACE Family, available through ,provides state-of-the-art redundancy and failover and is integrated with the Cisco ACE GSS disasterrecovery and multiple-data-center failover system, offered by .

For more information, please see:http://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps6906/product_data_sheet0900aecd8045861b.html

1.8.3.5 Cisco MDS Switch with SME

Cisco SME, available through , secures data stored on heterogeneous tape drivesand virtual tape libraries in a SAN environment using secure IEEE standard AES 256-bit algorithms.Cisco SME, offered by , is built on a FIPS system architecture and offers secure,

comprehensive key management, with support for offline media recovery.

Cisco SME, available through , uses cryptographic engines on the Cisco MDS9222i MMS, MDS 9000 18/4-Port MSM, and MDS 9000 16-Port Storage Services Node, eachproviding enough throughput to sustain streaming continuously to multiple tape drives and availablethrough . Each Cisco MDS 9000 16-Port Storage Services Node offered by provides encryption throughput that is four times that provided by the Cisco MDS9222i and MDS 9000 18/4-Port Multiservice Module. Multiple encryption engines can be deployed ina Fibre Channel fabric to easily scale performance, enable load balancing, and increase availability.

Cisco SME hardware and software integration with the Cisco MDS 9000 family, available through, makes it easier to deploy and manage sensitive data on SAN attached storagedevices. Unlike competitive offerings, Cisco SME, offered by , requires nodowntime for deployment and no host agents. The Cisco MDS 9000 18/4-Port Multiservice Moduleand MDS 9000 16-Port Storage Services Node, offered by , are hot swappable,allowing them to be installed while an existing SAN is in use. No rewiring or SAN configurationchanges are required, and encryption provisioning can be performed without shutting downapplications.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/ps4159/ps6409/ps6028/ps8502/product_data_sheet0900aecd80692db2.pdf

1.8.4 Cisco Network Security

1.8.4.1 Cisco ASA

The Cisco ASA, offered by , provides intelligent threat defense and securecommunications services that stop attacks before they impact business continuity. The Cisco ASA,available through , enables organizations to lower their deployment and operationscosts while delivering comprehensive network security for networks of all sizes.


Content security capabilities

Threat-protected VPN


http://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps6906/product_data_sheet0900aecd8045861b.htmlhttp://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps6906/product_data_sheet0900aecd8045861b.htmlhttp://www.cisco.com/en/US/prod/collateral/ps4159/ps6409/ps6028/ps8502/product_data_sheet0900aecd80692db2.pdfhttp://www.cisco.com/en/US/prod/collateral/ps4159/ps6409/ps6028/ps8502/product_data_sheet0900aecd80692db2.pdfhttp://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps6906/product_data_sheet0900aecd8045861b.htmlhttp://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps6906/product_data_sheet0900aecd8045861b.htmlhttp://www.cisco.com/en/US/prod/collateral/ps4159/ps6409/ps6028/ps8502/product_data_sheet0900aecd80692db2.pdfhttp://www.cisco.com/en/US/prod/collateral/ps4159/ps6409/ps6028/ps8502/product_data_sheet0900aecd80692db2.pdf


14/40

URL filtering

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html

1.8.4.2 Cisco IronPort Email Security Application

, through Cisco, has partnered with RSA, the leader in DLP technology, to providean integrated DLP solution, RSA Email DLP, on Cisco IronPort email security appliances. To ensurecompliance with industry and government regulations worldwide and help prevent confidential datafrom leaving customer networks, RSA Email DLP offers easy management, comprehensiveprotection, and unparalleled accuracy.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps10128/ps10154/Cisco_IronPort_Email_Data_L

oss_Prevention_overview.pdf

1.8.4.3 Cisco NAC

The Cisco NAC Appliance, available through , is a powerful, easy-to-deployadmission control and compliance enforcement component of the Cisco TrustSec solution. Withcomprehensive security features, in-band or out-of-band deployment options, user authenticationtools, and bandwidth and traffic filtering controls, the Cisco NAC Appliance, offered by, is a comprehensive solution for controlling and securing networks. You canimplement security, access, and compliance policies through a central management point rather thanconfigure policies throughout the network on individual devices.


Prevents unauthorized network access to protect your information assets

Helps proactively mitigate network threats such as viruses, worms, and spyware

Addresses vulnerabilities on user machines through periodic evaluation and remediation

Recognizes and categorizes users and their devices before malicious code can causedamage

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/product_data_sheet0900aecd802da1b5.pdf

1.8.4.4 Cisco AnyConnect VPN

The Cisco AnyConnect Secure Mobility Client, offered by , consistently raises thebar in remote access technology by making the experience more seamless and more secure thanever. The AnyConnect Secure Mobility Client, available through , provides asecure connectivity experience across a broad set of PC- and smartphone-based mobile devices,such as the Apple iPhone. As mobile workers roam to different locations, an always-on intelligentVPN enables the AnyConnect Secure Mobility Client, available through , toautomatically select the most optimal network access point and adapt its tunneling protocol to themost efficient method, such as Datagram Transport Layer Security protocol for latency-sensitivetraffic, such as VoIP traffic or TCP-based application access.


http://www.cisco.com/en/US/prod/collateral/vpndevc/ps10128/ps10154/Cisco_IronPort_Email_Data_Loss_Prevention_overview.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps10128/ps10154/Cisco_IronPort_Email_Data_Loss_Prevention_overview.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/product_data_sheet0900aecd802da1b5.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/product_data_sheet0900aecd802da1b5.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps10128/ps10154/Cisco_IronPort_Email_Data_Loss_Prevention_overview.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps10128/ps10154/Cisco_IronPort_Email_Data_Loss_Prevention_overview.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/product_data_sheet0900aecd802da1b5.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps8418/ps6128/product_data_sheet0900aecd802da1b5.pdf


15/40

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-

527494.pdf

1.8.4.5 Cisco FWSM

The Cisco FWSM, available through , is a high-speed, integrated firewall modulefor Cisco Catalyst 6500 switches and Cisco 7600 Series routers, also available through. It provides the fastest firewall data rates in the industry: 5-Gbps throughput,100,000 CPS, and 1M concurrent connections. Up to four FWSMs can be installed in a singlechassis, providing scalability to 20 Gbps per chassis. Based on Cisco PIX Firewall technology, theCisco FWSM, provided by , offers large enterprises and service providersunmatched security, reliability, and performance.

The Cisco FWSM, offered by , includes a number of advanced features that helpreduce costs and operational complexity while enabling organizations to manage multiple firewalls

from the same management platform. Features such as resource manager helps organizations limitthe resources allocated to any security context at any time thus ensuring that one security contextdoes not interfere with another. The transparent firewall feature configures the FWSM, provided by, to act as a Layer 2 bridging firewall resulting in minimal changes to networktopology.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/modules/ps2706/product_at_a_glance0900aecd805c34d3.pdf

1.8.4.6 Cisco IDSM

Security threats have increased in complexity. Multi-gigabit environments and efficient networkintrusion security solutions are critical to maintaining a high level of protection. Vigilant protectionensures business continuity and minimizes the effect of costly intrusions. Cisco integrated networksecurity solutions, offered by , enable organizations to protect their connectedbusiness assets and increase the efficiency of intrusion prevention systems. The Cisco IDSM-2,available through , is part of the Cisco Systems family of IDS/IPS solutions. Itworks in concert with other Cisco IDS/IPS components, available through , toefficiently protect your data infrastructure.

Features include:

Multi-gigabit scalability

Hot swap modules

WAN interoperability support

Accurant prevention technologies

For more information, please see:http://www.cisco.com/application/pdf/en/us/guest/products/ps5058/c1650/ccmigration_09186a00801e55dd.pdf

1.8.4.7 Cisco IPS Appliance

The Cisco IPS Appliance, available through , can be used along with the Cisco IPS


http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-527494.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-527494.pdfhttp://www.cisco.com/en/US/prod/collateral/modules/ps2706/product_at_a_glance0900aecd805c34d3.pdfhttp://www.cisco.com/en/US/prod/collateral/modules/ps2706/product_at_a_glance0900aecd805c34d3.pdfhttp://www.cisco.com/application/pdf/en/us/guest/products/ps5058/c1650/ccmigration_09186a00801e55dd.pdfhttp://www.cisco.com/application/pdf/en/us/guest/products/ps5058/c1650/ccmigration_09186a00801e55dd.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-527494.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/data_sheet_c78-527494.pdfhttp://www.cisco.com/en/US/prod/collateral/modules/ps2706/product_at_a_glance0900aecd805c34d3.pdfhttp://www.cisco.com/en/US/prod/collateral/modules/ps2706/product_at_a_glance0900aecd805c34d3.pdfhttp://www.cisco.com/application/pdf/en/us/guest/products/ps5058/c1650/ccmigration_09186a00801e55dd.pdfhttp://www.cisco.com/application/pdf/en/us/guest/products/ps5058/c1650/ccmigration_09186a00801e55dd.pdf


16/40

Software solution, offered by , or separately, depending upon the needs of yourcompany, branch office, or retail store. You can determine the differences between the appliance and

the software by reading the data sheet comparison chart.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd806a1b7e.pdf

1.8.4.8 Cisco Nexus VSG

Cisco VSG for Cisco Nexus 1000V Series Switches, available through , is a virtualappliance that provides trusted access to secure virtualized data centers in enterprise and cloudprovider environments while meeting the requirements of dynamic policy-driven operations, mobility-transparent enforcement, and scale-out deployment for dense multi-tenancy. Cisco VSG, provided by, offers IT departments the benefits of workload virtualization with the security ofzone-based controls and activity monitoring, enhanced compliance with corporate security policies

and industry regulations, and simplified security audits. Cisco VSG, offered by ,helps ensure that access to trust zones is controlled and monitored through established securitypolicies.


Enhanced compliance with industry regulations

Simplified audit processes in virtualized environments

Reduced costs by enabling security in a broader set of virtualized workloads

For more information, please see:http://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps11208/data_sheet_c78-618244.pdf

1.8.4.9 Cisco IOS Firewall

Today there is increased pressure to comply with industry regulations as well as state and federalregulations created to enhance privacy, national security, and in many cases corporate accountability.Examples of these regulations include the PCI DSS, which affects all vendors who receive, store, ortransmit cardholder data. In the United States, other examples include HIPAA in the healthcareindustry, the Gramm Leach Bliley Act in the financial services industry, and the Sarbanes-Oxley Act inthe accounting field.

Cisco IOS Firewall, available through , offers the threat defense required fortodays changing threat environment. With more dangerous targeted attacks and the growth of themobile workforce, the perception of network borders and where the office starts and stops haschanged significantly to anywhere there is connectivity.

Deployed extensively at branch locations and home offices, Cisco IOS Firewall, available through, provides broad security coverage with deployment flexibility and the cost benefitsthat are fundamental to an integrated security approach. It is the simple-to-use, certified, cost-effective firewall solution.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/product_data_sheet09186a0080117962.pdf


http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd806a1b7e.pdfhttp://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd806a1b7e.pdfhttp://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps11208/data_sheet_c78-618244.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/product_data_sheet09186a0080117962.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/product_data_sheet09186a0080117962.pdfhttp://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd806a1b7e.pdfhttp://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd806a1b7e.pdfhttp://www.cisco.com/en/US/prod/collateral/modules/ps2706/ps11208/data_sheet_c78-618244.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/product_data_sheet09186a0080117962.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5708/ps5710/ps1018/product_data_sheet09186a0080117962.pdf


17/40

1.8.4.10 Cisco IOS IPS

In todays business environment, network intruders and attackers can come from outside or inside thenetwork. They can launch distributed denial-of-service attacks, they can attack Internet connections,and they can exploit network and host vulnerabilities. At the same time, Internet worms and virusescan spread across the world in a matter of minutes. There is often no time to wait for humanintervention; the network itself must possess the intelligence to recognize and mitigate these attacks,threats, exploits, worms, and viruses.

Cisco IOS IPS, available through , is an inline, deep-packet inspection-basedsolution that enables Cisco IOS Software to effectively mitigate a wide range of network attacks.While it is common practice to defend against attacks by inspecting traffic at data centers andcorporate headquarters, distributing the network level defense to stop malicious traffic close to itsentry point at branch or telecommuter offices is also critical.


http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd803137cf.pdf

1.8.4.11 Cisco Secure ACS

With the ever-increasing reliance on enterprise networks to perform daily job routines and theincreasing number of methods and opportunities to access todays networks, security breaches anduncontrolled user access are of primary concern among enterprises. Network security officers andadministrators need solutions that support flexible authentication and authorization policies that aretied to a users identity as well as to context such as the network access type, time of day, and thesecurity of the machine used to access the network. Further, there is a need to effectively auditnetwork use, monitor corporate compliance, and get broad visibility into policies and activities acrossthe network.

Cisco Secure ACS, available through , provides the policy control for the CiscoSelf-Defending Network architecture, an architecture that protects your business by identifying,preventing, and adapting to threats from inside and outside the company. Cisco Secure ACS, offeredby , is a highly scalable, high-performance access policy system that centralizesdevice administration, authentication, and user access policy and reduces the management andsupport burden for these functions.


A powerful, attribute-driven rules-based policy model that addresses complex policy needs ina flexible manner

A lightweight, web-based GUI with intuitive navigation and workflow

Integrated advanced monitoring, reporting, and troubleshooting capabilities for maximumcontrol and visibility

A distributed deployment model that enables large-scale deployments and provides a highlyavailable solution

For more information, please see:http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps5698/ps6767/ps9911/data_sheet_c78-614584.pdf


http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd803137cf.pdfhttp://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd803137cf.pdfhttp://www.cisco.com/en/US/prod/collateral/netmgtsw/ps5698/ps6767/ps9911/data_sheet_c78-614584.pdfhttp://www.cisco.com/en/US/prod/collateral/netmgtsw/ps5698/ps6767/ps9911/data_sheet_c78-614584.pdfhttp://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd803137cf.pdfhttp://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634/product_data_sheet0900aecd803137cf.pdfhttp://www.cisco.com/en/US/prod/collateral/netmgtsw/ps5698/ps6767/ps9911/data_sheet_c78-614584.pdfhttp://www.cisco.com/en/US/prod/collateral/netmgtsw/ps5698/ps6767/ps9911/data_sheet_c78-614584.pdf


18/40

1.8.5 Cisco Wireless

1.8.5.1 Cisco 802.11n Access Points

Cisco Aironet Access Points, offered by , provides industry-leading performancefor secure and reliable wireless connections. Whether you need entry-level wireless for a smallenterprise or mission-critical coverage at thousands of locations, s proposed Ciscosolution offers a broad portfolio of access points targeted to the specific needs of all industries,business types, and topologies.

Most access points can be purchased in a standalone or controller-based model to support uniquerequirements for scale and mobility services. Controllers reduce overall operational expenses bysimplifying network deployment, operations, and management. They allow network administrators toremotely configure and monitor several access points to thousands of access points in a simple andefficient way. A controller is required to support voice, location services, guest access, and advancedsecurity.


The 802.11n standard provides the bandwidth and reliability to support interactive multimediaapplications with up to nine times the performance of 802.11a/g networks. In addition,s proposed Cisco technology has true enterprise-class RF technologydesigned to maximize 802.11n performance. s proposed Ciscotechnologies, such as CleanAir, ClientLink, and VideoStream, plus optimized access pointradios and antennas, improve performance regardless of where client devices are located.

A limited lifetime hardware warranty

5 or 10-unit Eco-Pack bundles with a single, easy-to-open carton that streamlines the stagingand installation process and reduces packaging waste by 50 percent

Mounting brackets that can be easily retrofitted to existing Cisco legacy access points,available through , to minimize migration cost and time

For more information, please see:http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps10981/at_a_glance_c45-636090.pdf

1.8.5.2 Cisco Wireless LAN Controllers

Cisco Wireless Controllers, available through , help reduce overall operationalexpenses by simplifying network deployment, operations, and management. Extending the sameCisco Borderless Networks policy and security from the wired network core to the wireless edge,these Cisco wireless controllers, provided by , deliver the visibility, scalability, andreliability needed to build secure, enterprise-scale wireless networks from branch offices to small

enterprises to main campuses.


Flexibility to configure wireless policy, management, or security settings at any time throughcentralized provisioning and management

Faster response to business needs by centrally managing wireless networks

Standardized access point configuration for software versioning


http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps10981/at_a_glance_c45-636090.pdfhttp://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps10981/at_a_glance_c45-636090.pdf


19/40

wIPS capabilities

Networkwide QoS for voice and video across wired and wireless networks

Networkwide centralized security policies across wired and wireless networks

For more information, please see:http://www.cisco.com/en/US/prod/collateral/modules/ps2706/at_a_glance_c45-652653.pdf

1.8.6 Cisco MSE

Cisco Mobility Services, offered by , are a set of value-added network services thatconsolidate intelligence from various points in the network to enable and optimize the delivery ofbusiness mobility applications. This intelligence has typically been highly distributed throughout thenetwork, resulting in complex service provisioning and management. When services, control, anddata planes are combined into a single platform, the added complexity limits the networks ability to

scale and adapt to new services while maintaining consistent performance (see Figure: The MSEArchitecture).

The answer lies in centralized services architecture. While still critical to the ability of networks toprovide the intelligence for the optimal performance of mobile applications, mobility services shouldbe abstracted from the control and data planes in order to be centralized into the services engine.This centralization of services offers several benefits, including scalability and improved provisioningand management. In addition, centralized service architecture removes the direct linkage betweenservice and network, allowing services to extend across wired and wireless networks.


Extensible platform for rapid delivery of services and applications

Common framework for hosting multiple mobility services

Open API to support third-party and partner application development.

Ecosystem of application partners

For more information, please see:http://www.cisco.com/en/US/partner/prod/collateral/wireless/ps9733/ps9742/data_sheet_c78-475378.html


http://www.cisco.com/en/US/prod/collateral/modules/ps2706/at_a_glance_c45-652653.pdfhttp://www.cisco.com/en/US/partner/prod/collateral/wireless/ps9733/ps9742/data_sheet_c78-475378.htmlhttp://www.cisco.com/en/US/partner/prod/collateral/wireless/ps9733/ps9742/data_sheet_c78-475378.htmlhttp://www.cisco.com/en/US/prod/collateral/modules/ps2706/at_a_glance_c45-652653.pdfhttp://www.cisco.com/en/US/partner/prod/collateral/wireless/ps9733/ps9742/data_sheet_c78-475378.htmlhttp://www.cisco.com/en/US/partner/prod/collateral/wireless/ps9733/ps9742/data_sheet_c78-475378.html


20/40

Figure 1: The MSE Architecture

1.8.7 Cisco Adaptive wIPS with ELM

The Cisco Adaptive wIPS is integrated in the Cisco Unified Wireless Network infrastructure, availablethrough , and provides wireless-specific network threat detection and mitigationagainst malicious attacks, security vulnerabilities, and sources of performance disruption. Cisco

Adaptive wIPS, offered by , (see Figure: Cisco Adaptive wIPS System Overview)provides the ability to detect, analyze, and identify wireless threats, and centrally manages mitigationand resolution of security and performance issues. Cisco Adaptive wIPS, provided by, also delivers proactive threat prevention capabilities for a hardened wirelessnetwork core that is impenetrable by most wireless attacks, allowing customers to maintain constantawareness of their RF environment to minimize legal liability, protect brand reputation, and assureregulatory compliance-including PCI 2.0 standards.

The Cisco Adaptive wIPS solution, offered by , adds the ELM feature, allowingadministrators to use their deployed APs to provide comprehensive protection without the need for aseparate overlay network. Prior to ELM and in the traditional Adaptive wIPS deployment, dedicatedmonitor mode APs are required to provide PCI compliance needs or protection from unauthorizedsecurity access, penetration, and attacks. ELM effectively provides a comparable offering that easeswireless security implementation while lowering CapEx and OpEx costs.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/wireless/ps9733/ps9817/data_sheet_c78-501388.html


http://www.cisco.com/en/US/prod/collateral/wireless/ps9733/ps9817/data_sheet_c78-501388.htmlhttp://www.cisco.com/en/US/prod/collateral/wireless/ps9733/ps9817/data_sheet_c78-501388.html


21/40

Figure 2: Cisco Adaptive wIPS System Overview

1.8.7.1 Cisco Security Agent

The Cisco Security Agent, offered by , includes PCI policies and rule sets toautomatically help protect servers and clients against threats and information theft


Visibility and control of sensitive data protects against loss from both user actions andtargeted malware

Zero Update Protection reduces emergency patching in response to vulnerability

announcements Always Vigilant Security protecting even when users are not connected to the corporate

network or lack the latest patch

Predefined compliance and acceptable use policies allow for efficient management, reporting,and auditing of activities

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps5057/product_at_a_glance0900aecd80704fcb.pdf


http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps5057/product_at_a_glance0900aecd80704fcb.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps5057/product_at_a_glance0900aecd80704fcb.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps5057/product_at_a_glance0900aecd80704fcb.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5707/ps5057/product_at_a_glance0900aecd80704fcb.pdf


22/40

1.8.7.2 Cisco Secure ACS

The Cisco Secure ACS, offered by , is a highly scalable, high-performance accesspolicy system that centralizes authentication, user access, and administrator access policy andreduces the administrative and management burden. The Cisco Secure ACS, available through, is a central point for administering security policy for users and devices accessingthe network.


Supports two distinct protocols for AAA: RADIUS and TACACS+

Multiple databases can be used concurrently for maximum flexibility in enforcing accesspolicy

Allows the configuration of complex network access policies that may include authenticationprotocol requirements, device restrictions, time of day restrictions, posture validation, and

other access requirements

Centralized configuration management

Logs are viewable and exportable for use in other systems and support troubleshooting anddiagnostics, compliance and auditing, and other reporting and billing activities

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5712/ps2086/data_sheet_c78-453387_ps5338_Products_Data_Sheet.html

1.8.7.3 Cisco Security Manager

The Cisco Security Manager, available through , is an enterprise-class

management application designed to configure firewall, VPN, and IPS security services on Cisconetwork and security devices. The Cisco Security Manager, offered by , can beused in networks of all sizes, from small networks to large networks consisting of thousands ofdevices, by using policy-based management techniques.


The VPN Wizard provides easy configuration of site-to-site, hub-and-spoke, full-mesh, andextranet VPNs Firewall configuration

Content Filtering support for IOS-based device platform allows traffic filtering based on deepcontent inspection Bulk operation feature

Cisco IPS Update Wizard allows efficient automatic IPS updates, scheduling, and distribution

of policies with status and details notification

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6498/data_sheet_c78-546611.htm

1.8.7.4 Cisco Security MARS

The Cisco Security MARS, available through , is an appliance-based, all-inclusivesolution that provides superior insight into and control of your existing security deployment. Part of theCisco security management suite, Cisco Security MARS, offered by , empowers


http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6498/data_sheet_c78-546611.htmhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6498/data_sheet_c78-546611.htm


23/40

your security and network organizations to identify, manage, and counter security threats. It workswith your existing network and security investments to identify, isolate, and recommend precise

removal of offending elements. The Cisco Security MARS, provided by , also helpsmaintain internal policy compliance and can be an integral part of your overall regulatory compliancesolution


Comprehensive built-in and user-defined rules

SSH Protocol, SNMP, Telnet, and device-specific communications

Automated and user-tuned false positive analysis

Graphical attack path visualization with detailed investigation

GUI that supports numerous default queries and customized queries

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6241/data_sheet_c78-458671.html

1.8.8 Cisco Physical Security

1.8.8.1 Cisco VSOM

This web-based user interface authenticates and manages access to video feeds. It is a centralizedadministration tool for the management of Media Servers, cameras, encoders, and viewers.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdf

1.8.8.2 Cisco Video Surveillance IP Cameras

Cisco Video Surveillance IP Cameras, available through , are feature-rich digitalcameras that enable surveillance in a wide variety of environments. Available in standard and highdefinition, box and dome, wired and wireless, and stationery and pan-tilt-zoom versions, the camerassupport MPEG-4 and H.264 and offer efficient network utilization while providing high-quality video.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdf

1.8.8.3 Cisco Physical Security MSP

The Cisco Physical Security MSP servers, available through , enable thedeployment and management of physical security services such as video surveillance, accesscontrol, and incident response communications. The server suite includes 1-RU and 2-RU modelsand provides benefits such as high storage density, system resiliency, and hardware diagnostics. Anoptional encoder card is also available, providing up to 16 analog video inputs with full-frame rate atD1 resolution.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-


http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6241/data_sheet_c78-458671.htmlhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6241/data_sheet_c78-458671.htmlhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdf


24/40

468316.pdf

1.8.8.4 Cisco Physical Access ManagerCisco Physical Access Manager, offered by , is the management application usedto configure hardware, monitor activity, enroll users, and integrate with IT applications and datastores. It comes installed on hardware and is sold as an appliance.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9674/ps9688/datasheet_C78-464244.pdf

1.8.8.5 Cisco Physical Access Gateways

The Cisco Physical Access Gateway, available through , is an integral componentof the Cisco Physical Access Control solution and is the primary module used to connect door

hardware (readers, locks, etc.) to the IP network. The gateway can connect to a maximum of twodoors and associated inputs and outputs. The Cisco Physical Access Gateway, offered by, is a mandatory component of any access control deployment.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9674/ps9687/datasheet_C78-464240.pdf

1.8.9 Cisco Compute Systems and Storage

1.8.9.1 Cisco UCS

The Cisco UCS, available through , is a next-generation data center platform that

unites compute, network, storage access, and virtualization into a cohesive system designed toreduce TCO and increase business agility. The system integrates a low-latency, lossless 10 GigabitEthernet unified network fabric with enterprise-class, x86-architecture servers. The system is anintegrated, scalable, multi-chassis platform in which all resources participate in a unified managementdomain.


Reduced TCO at the platform, site, and organizational levels

Increased IT staff productivity and business agility through just-in-time provisioning andmobility support for both virtualized and non-virtualized environments

A cohesive, integrated system that is managed, serviced, and tested as a whole

Scalability through a design for hundreds of discrete servers and thousands of virtualmachines, and the capability to scale I/O bandwidth to match demand

Industry standards supported by a partner ecosystem of industry leaders

For more information, please see:http://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns224/ns944/at_a_glance_c45-523181.pdf


http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9674/ps9688/datasheet_C78-464244.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9674/ps9688/datasheet_C78-464244.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9674/ps9687/datasheet_C78-464240.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9674/ps9687/datasheet_C78-464240.pdfhttp://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns224/ns944/at_a_glance_c45-523181.pdfhttp://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns224/ns944/at_a_glance_c45-523181.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9145/ps9152/at_a_glance_c45-468316.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9674/ps9688/datasheet_C78-464244.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9674/ps9688/datasheet_C78-464244.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9674/ps9687/datasheet_C78-464240.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps6918/ps9674/ps9687/datasheet_C78-464240.pdfhttp://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns224/ns944/at_a_glance_c45-523181.pdfhttp://www.cisco.com/en/US/solutions/collateral/ns340/ns517/ns224/ns944/at_a_glance_c45-523181.pdf


25/40

1.8.9.2 Cisco UCS Express

The Cisco UCS Express, offered by , is a converged computing, virtualization, andnetworking platform for hosting essential infrastructure services and mission-critical businessapplications in the lean branch office. Cisco UCS Express, available through , isbest suited for multisite organizations with centralized IT infrastructure that need to host applicationslocally in the branch office because of performance, availability, or compliance reasons. It enablesmultiple virtual instances of Microsoft Windows Server and Linux to run on dedicated general-purposex86 blades directly in the Cisco ISR G2 chassis, provided by . With Cisco UCSExpress, available through , multisite organizations can increase IT agility, lowerTCO, and get more value out of their branch-office infrastructure.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/contnetw/ps5719/ps11273/data_sheet_c78-625000.pdf

1.8.10 Cisco Management

1.8.10.1 Cisco Security Manager

Cisco Security Manager, offered by , enables enterprises to manage and scalesecurity operations efficiently and accurately. Cisco Security Manager, provided by, integrates a powerful suite of capabilities, including policy and objectmanagement, event management, reporting, and troubleshooting, which are essential to maintainingsecurity posture in todays ever changing threat environment. Cisco Security Manager, offered by, supports a range of security solutions including Cisco ASA 5500 Series AdaptiveSecurity Appliances, Cisco IPS 4200 Series Sensor Appliances, Cisco Secure Routers, and the Cisco

AnyConnect Secure Mobility Client, all available through .


http://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6498/data_sheet_c78-647451.pdf

1.8.10.2 Cisco WCS

Cisco WCS, available through , is the industrys most comprehensive managementplatform for lifecycle management of 802.11n and 802.11a/b/g, enterprise-class wireless networks.This robust management platform delivers a cost-effective management solution that enables ITadministrators to successfully plan, deploy, monitor, troubleshoot, and report on indoor and outdoorwireless networks.

As the management platform for the Cisco Unified Wireless Network, Cisco WCS, offered by, supports the delivery of high performance applications and mission-criticalsolutions that simplify business operations and improve productivity. It also supports Cisco CleanAirtechnology, a system-wide capability of the Cisco Unified Wireless Network, provided by

, which uses silicon-level intelligence to create a self-healing, self-optimizingwireless network. Delivering performance protection for 802.11n networks, Cisco CleanAirtechnology, provided by , increases the reliability of wireless networks to supportmission critical applications by automatically mitigating the impact of RF interference.

Cisco WCS, offered by , is a comprehensive platform that scales to meet theneeds of small, midsize, and large-scale wireless LANs across local, remote, national, andinternational locations. This award-winning solution gives IT managers immediate access to the toolsthey need, when they need them, to more efficiently implement and maintain secure wireless LANs,


http://www.cisco.com/en/US/prod/collateral/contnetw/ps5719/ps11273/data_sheet_c78-625000.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6498/data_sheet_c78-647451.pdfhttp://www.cisco.com/en/US/prod/collateral/contnetw/ps5719/ps11273/data_sheet_c78-625000.pdfhttp://www.cisco.com/en/US/prod/collateral/vpndevc/ps5739/ps6498/data_sheet_c78-647451.pdf


26/40

all from a centralized location requiring minimal IT staffing.


Fast secure scalable roaming in 802.11i environments

A built-in client troubleshooting tool allows network administrators to quickly and easilytroubleshoot problems with a client

Real-time capacity management with load balancing

Support for deployment of several, hundreds, or thousands of central or remotely locatedaccess points

For more information, please see:http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps6301/ps6305/product_data_sheet0900aecd802570d0.html

1.8.10.3 CiscoWorks LMS

CiscoWorks LMS, offered by , is an integrated suite of management functions thatsimplify the configuration, administration, monitoring, and troubleshooting of Cisco networks.CiscoWorks LMS, available through , allows network operators to manage thenetwork through a browser-based interface that can be accessed anytime from anywhere within thenetwork. CiscoWorks LMS 4.0, offered by , is a major new release that improvesthe overall user experience, providing new workflows built on functional partitioning that align theproduct with the way network operators do their jobs.

Once installed, out-of-the-box monitoring and troubleshooting dashboards provide actionableinformation to quickly isolate and fix network problems before they impact services. Configuring anddeploying updates to the network has never been easier with the new Template Center which

incorporates Validated Designs and links to download the latest configuration templates, simplifyingplatform and technology rollout and reducing the chance for errors. New Work Centers provide asingle area where guided workflows give step-by-step instructions to help operators quickly provision,monitor, and manage new value-added technologies and solutions, such as EnergyWise,TrustSec/Identity, Auto Smartports, and Smart Install, all offered by .

For more information, please see:http://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6504/ps6528/ps11200/ps11202/data_sheet_c78-610760.pdf

1.8.11 Cisco Voice

1.8.11.1 Cisco UCS Manager

Cisco UCS Manager, available through , provides unified, centralized, embeddedmanagement of all software and hardware components of Cisco UCS across multiple chassis andthousands of virtual machines. Cisco UCS Manager, offered by , manages theentire Cisco UCS as a single logical entity through an intuitive GUI, a CLI, or an XML API.

By enabling better automation of processes, Cisco UCS Manager, offered by ,allows data center managers to achieve greater agility and scale in their server operations whilereducing complexity and risk. Cisco UCS Manager, available through , providesflexible role- and policy-based management using service profiles and templates and facilitates


http://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps6301/ps6305/product_data_sheet0900aecd802570d0.htmlhttp://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps6301/ps6305/product_data_sheet0900aecd802570d0.htmlhttp://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6504/ps6528/ps11200/ps11202/data_sheet_c78-610760.pdfhttp://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6504/ps6528/ps11200/ps11202/data_sheet_c78-610760.pdfhttp://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps6301/ps6305/product_data_sheet0900aecd802570d0.htmlhttp://www.cisco.com/en/US/prod/collateral/wireless/ps5755/ps6301/ps6305/product_data_sheet0900aecd802570d0.htmlhttp://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6504/ps6528/ps11200/ps11202/data_sheet_c78-610760.pdfhttp://www.cisco.com/en/US/prod/collateral/netmgtsw/ps6504/ps6528/ps11200/ps11202/data_sheet_c78-610760.pdf


27/40

processes based on IT Infrastructure Library concepts.

The crucial feature of Cisco UCS Manager, offered by , is its use of service profilesto provision Cisco UCS resources. The service profile concept improves IT productivity and businessagility. Now infrastructure can be provisioned in minutes instead of days, shifting ITs focus frommaintenance to strategic initiatives.

For more information, please see:http://www.cisco.com/en/US/prod/collateral/ps10265/ps10281/data_sheet_c78-520522.pdf

1.8.11.2 Cisco Unified IP Phones

With a comprehensive portfolio of industry-leading endpoint IP phone solutions, ,through Cisco technology, offers an endpoint for every organizational need, from the lobby to theexecutive suite, and for organizations of all sizes. Cisco Unified IP Phones, available through, can help your business obtain the productivity-building capabilities of next-

generation communications and collaboration, taking advantage of Cisco Unified Communicationsmedia servers, offered by , to deliver an exceptional communications experiencethroughout your organization.


Single- and multiline endpoints, supporting a range of communication needs from low tomoderate to the most active environments

A range of endpoints from basic to fully featured, enabling your organization to takeadvantage of robust Cisco Collaboration Solutions to meet your corporate objectives whileremaining within your budget

Support for video communications, on selected models, to reduce your travel costs and

accelerate the speed of decision making in your organization Endpoints that support value-added services such as HD voice, high-resolution color display

presentation, USB peripherals, Bluetooth, and a wide array of productivity-buildingapplications

PC-based multimedia applications that make it possible to obtain up to two hours of moreproductive work from every employee every day by bringing advanced unifiedcommunications capabilities to the desktop

For more information, please see:http://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/phones/ps379/prod_brochure0900aecd800f6d4a.pdf

1.8.12 Cisco WAN Optimization1.8.12.1 Cisco WAE

The Cisco WAE platform, available through , carries a portfolio of powerful,scalable network appliances that host Cisco WAN optimization and application acceleration solutions,also available through . These solutions enable branch-office server consolidationand performance improvements for centralized applications and provide remote users with LAN-likeaccess to applications, storage, and content across the WAN.


http://www.cisco.com/en/US/prod/collateral/ps10265/ps10281/data_sheet_c78-520522.pdfhttp://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/phones/ps379/prod_brochure0900aecd800f6d4a.pdfhttp://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/phones/ps379/prod_brochure0900aecd800f6d4a.pdfhttp://www.cisco.com/en/US/prod/collateral/ps10265/ps10281/data_sheet_c78-520522.pdfhttp://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/phones/ps379/prod_brochure0900aecd800f6d4a.pdfhttp://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/phones/ps379/prod_brochure0900aecd800f6d4a.pdf


28/40

Cisco WAE appliances, available through , provide a unified platform for hostingCisco application acceleration and WAN optimization solutions, including Cisco WAAS Software,

available through .


Improve employee productivity by enhancing the user experience for important businessapplications delivered over the WAN

Reduce the cost of branch-office operations by centralizing IT resources in the data centerand lowering the cost of WAN bandwidth

Increase IT agility by reducing the time and resources required to deliver new IT services tothe branch office

Simplify branch-office data protection for regulatory compliance purposes

For more information, please see:http://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6474/product_data_sheet0900aecd80329e39.pdf

1.8.12.2 Cisco WAAS

Cisco WAAS, offered by , is a powerful application acceleration and WANoptimization solution that optimizes the performance of any TCP-based application operating in aWAN environment. This optimization allows IT organizations to consolidate costly branch-officeservers and storage in centrally managed data centers, and to deploy new applications directly fromthe data center, while still offering LAN-like application performance for remote users.


Deliver centralized applications with LAN-like speed to remote users, while preservingvisibility and branch security

Consolidate costly branch-office servers, storage, and backup infrastructure in data centerswhile optimizing WAN bandwidth utilization

Maximize regulatory compliance and data protection through consolidation of branch storageand acceleration of branch-office backup applications

For more information, please see:http://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/prod_brochure0900aecd80692f70.pdf


http://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6474/product_data_sheet0900aecd80329e39.pdfhttp://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6474/product_data_sheet0900aecd80329e39.pdfhttp://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/prod_brochure0900aecd80692f70.pdfhttp://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/prod_brochure0900aecd80692f70.pdfhttp://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6474/product_data_sheet0900aecd80329e39.pdfhttp://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6474/product_data_sheet0900aecd80329e39.pdfhttp://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/prod_brochure0900aecd80692f70.pdfhttp://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/prod_brochure0900aecd80692f70.pdf


29/40

3 Services & Support Overview

1.9 Services Overview

Using a Lifecycle Services approach, Cisco PCI Professional Services, offered by ,provide planning, design, and optimization services to help increase business value and return oninvestment. Several ofs proposed services can also help you address PCIcompliance concerns.

In addition, Cisco Technical Services, offered by , can cost-effectively maintainsecure payment systems for customer-sensitive information while also improving operationalefficiency. Based on best practices, Cisco Technical Services, offered by , are

designed to help accelerate the transition to an advanced payment architecture that optimizesperformance, reliability, and security, and scales easily with growth.

1.10 Services Options

1.10.1 Cisco PCI Compliance Professional Services

1.10.1.1 Cisco IT GRC Security Assessment Service

Cisco IT GRC Security Assessment Service, offered by , works with customers toassess effectiveness of their security programs and processes, establish benchmark metrics, andmap security technical controls to PCI requirements and other standards.

For more information, please see:http://www.cisco.com/en/US/services/ps2961/ps2952/cisco_it_grc_ds.pdf

1.10.1.2 Cisco IT GRC Strategy Planning Service

Cisco IT GRC Strategy Planning Service, offered by , helps benchmark security


http://www.cisco.com/en/US/services/ps2961/ps2952/cisco_it_grc_ds.pdfhttp://www.cisco.com/en/US/services/ps2961/ps2952/cisco_it_grc_ds.pdf


30/40

programs against industry standards and best practices. They also identify organizationalinefficiencies, misalignments, and redundancies that may be undermining success.

For more information, please see:http://www.cisco.com/en/US/services/ps2961/ps2952/ps10372/grc_general.pdf

1.10.1.3 Cisco Security Posture Assessment Service (Internal andPerimeter)

To directly address PCI Requirement 11 for penetration testing, the Cisco Security PostureAssessment Service, offered by , performs vulnerability and penetration tests onthe customers perimeter and internal networks. The service discovers security weaknesses in theexisting network by successfully gaining unauthorized access to the cardholder data environment andcredit card information.


http://www.cisco.com/en/US/services/ps2961/ps2952/services_data_sheet0900aecd804277b1.pdf

1.10.1.4 Cisco Security Design and Implementation Service

Cisco Security Design and Implementation Service, offered by , develops orrefines the security architecture so that it adheres to compliance regulations and industry-leadingpractices and can provide implementation engineering consulting and support.

For more information, please see:http://www.cisco.com/en/US/services/ps2961/ps2952/services_datasheet_securitypd.pdf

1.10.2 Cisco PCI Technical Services

1.10.2.1 Cisco SMARTnet ServiceYour IT staff gains direct, anytime access to engineers and extensive resources to accelerateproblem resolution, facilitate 24-hour business continuity, and improve operational efficiency.

For more information, please see:http://www.cisco.com/en/US/services/ps2827/ps2978/services_data_sheet0900aecd8042571e.pdf

1.10.2.2 Cisco Smart Care Service

Partners can build a PCI offering based on Cisco Smart Care Service, offered by ,which enables businesses to proactively verify that networks are secure, reliable, and functioningoptimally.

For more information, please see:http://www.cisco.com/en/US/services/ps2827/ps7343/services_overview0900aecd80612791.pdf

1.10.2.3 Cisco Services for IPS

Cisco Services for IPS, offered by , protects your intrusion prevention system withthe most up-to-date information to defend against attacks from local and global threats. CiscoServices for IPS, available through , not only helps reduce risk exposure, but alsohelps support the productivity of internal staff who are charged with maintaining security systems.


http://www.cisco.com/en/US/services/ps2961/ps2952/ps10372/grc_general.pdfhttp://www.cisco.com/en/US/services/ps2961/ps2952/services_data_sheet0900aecd804277b1.pdfhttp://www.cisco.com/en/US/services/ps2961/ps2952/services_datasheet_securitypd.pdfhttp://www.cisco.com/en/US/services/ps2827/ps2978/services_data_sheet0900aecd8042571e.pdfhttp://www.cisco.com/en/US/services/ps2827/ps7343/services_overview0900aecd80612791.pdfhttp://www.cisco.com/en/US/services/ps2961/ps2952/ps10372/grc_general.pdfhttp://www.cisco.com/en/US/services/ps2961/ps2952/services_data_sheet0900aecd804277b1.pdfhttp://www.cisco.com/en/US/services/ps2961/ps2952/services_datasheet_securitypd.pdfhttp://www.cisco.com/en/US/services/ps2827/ps2978/services_data_sheet0900aecd8042571e.pdfhttp://www.cisco.com/en/US/services/ps2827/ps7343/services_overview0900aecd80612791.pdf


31/40

For more information, please see:http://www.cisco.com/en/US/services/ps2827/ps6076/services_data_sheet0900aecd8022e901.pdf

1.10.2.4 Cisco Remote Management Services for Security

Cisco RMS for Security, offered by , provides 24/7/365 remote management,surveillance, monitoring, and remediation for networks to help protect against sophisticated attacksand new vulnerabilities.

For more information, please see:http://www.cisco.com/en/US/services/ps6192/one_cisco_rms_security.pdf

1.11 Financial Options


http://www.cisco.com/en/US/services/ps2827/ps6076/services_data_sheet0900aecd8022e901.pdfhttp://www.cisco.com/en/US/services/ps6192/one_cisco_rms_security.pdfhttp://www.cisco.com/en/US/services/ps2827/ps6076/services_data_sheet0900aecd8022e901.pdfhttp://www.cisco.com/en/US/services/ps6192/one_cisco_rms_securi

Documents

Pci Dss Partner Ec Tdm Proposal