Avatar

Recently the widespread fire of data breaches impacting privacy of millions of hapless people across the globe has become the stirring news. This spree of cyber attacks unveiling the fact that information security industry, organizations and even governments are vulnerable to today’s persistent, well-organized and sophisticated cyber threats.

There was a common theme among all the recent data breaches shown below and that is the amount of time for initial detection, which is in weeks and months.

Cisco Cloud Security

According to Verizon data breach report, 85% of cyber attacks compromised the network within minutes where as the detection of such attacks may take months and 59% attacks may not be able to contained for weeks or months even after detection.

Next Generation Cisco Cloud Security 1.0 architecture answers the challenges service provider is facing today by bringing a continuous security model with next generation cyber threat management, complete end-to-end visibility, and guidance on industry regulatory compliances Payment Card Industry (PCI), Health Insurance Portability and Accountability Act (HIPAA) and Federal Information Security Management Act (FISMA).

 

A Secure Cloud Data Center

Today, secure corporate networks require multiple layers of protection and implementation of a unified, system-wide, security strategy. Establishing a secure end-to-end data center requires multiple layers of security, inspection, visibility, monitoring and logging in order to complete the attack continuum as shown below:

Threat-Centric Attack Continuum

The above layered approach provides continuous end-to-end patrolling of the entire data center to detect, monitor and remediate any cyber threat in a very timely and efficient manner.

Cisco Cloud Security Architecture is built upon a robust well-proven virtualized multi-services data center (VMDC) infrastructure that on its own mitigates a lot of base security challenges, such as data and tenant segmentation, access control, and high availability.

The Cloud Security 1.0 solution enables customers to:

  • Detect, analyze, and stop advanced malware and persistent threats across the attack continuum.
  • Consistently enforce policies across networks and accelerate threat detection and response.
  • Access global intelligence using the right context to make informed decisions and take fast, appropriate action.
  • Comply with security requirements for regulatory requisites such as FISMA, HIPAA, and PCI.

Cloud providers in a multi-tenant data center environments facing a huge challenge in terms of containing and remediation of a cyber threat even when they have end-to-end visibility. This is due to the fact that, they don’t have the context around the threat they detect. Without any contextual information, it is very complex and difficult, if not impossible to detect, contain and mitigate any cyber threat within a short amount of time before it contaminates and paralyzes the entire data center.

Cisco Cloud Security is a validated and tested end-to-end environment with key components such as, next generation firewall, Intrusion prevention system (IPS), Cyber Threat defense (CTD), centralized access control system (ACS) and Security Information and event monitoring (SIEM) system (Splunk). This will provide step-by-step guidance on how to protect, detect, monitor, remediate, and contain any cyber threat in a timely manner without affecting the services of other tenants.

To prove this security architecture is the best of its breed, Cisco consult independent 3rd party auditor SecureState, to audit the deployment using combination of proven techniques and best practices and assess it against industry standard regulations, PCI 3.0, HIPAA and FISMA version 4.

I would highly recommend you to please take a look at the design guide that will provide complete architectural details, as well as a step-by-step guide on how to achieve different compliances in the most efficient manner.

Please find below link to the design guide and Compliance White papers:

For additional information take a look at the PCI, HIPAA, and FISMA Compliance White Papers:

Tweet us @CiscoSP360 if you would like to learn more about Cisco Cloud Security.



Authors

Villayat Muhammad

Technical Leader, Engineering