In an earlier blog, we discussed the importance of a visibility-driven approach to Next-Generation Firewalls (NGFWs) and the need for capabilities that offer full visibility and contextual awareness into everything on networks since we know you can’t protect what you can’t see.
In addition to offering an unprecedented network visibility foundation, a NGFW must also be threat-centric to stop advanced, multi-vector threats, both known and unknown.
This means offering integrated threat defense for better control to combat these attacks across the attack continuum—before, during, and after an attack.
In complex environments, delivering integrated threat defense means ensuring that best-in-class capabilities, such as third-party tested and market-leading Intrusion Prevention Systems (IPS), Advanced Malware Protection (AMP), and URL filtering work together to protect against threats coming from multiple vectors.
Other NGFWs have not offered best-in-class network security capabilities in their devices, but rather, rudimentary versions of them. In addition, these solutions are poorly integrated and cannot share intelligence between security layers, making advanced threat detection and remediation difficult, if not impossible. Read More »
Tags: ASA, Cisco ASA with FirePOWER Services, FirePOWER, firewalls, next generation firewall, NGFW, security
Cisco ASA with FirePOWER Services has redefined the next-generation firewall (NGFW) as an adaptive, threat-focused platform, delivering superior, multi-layered protection, unparalleled visibility, and reduced security costs and complexity.
This innovative new solution addresses three strategic imperatives—being visibility-driven, threat focused, and platform-based. In this post, we will examine the necessity of a foundation of full contextual awareness and visibility—to see everything in an environment, detect multi-vector threats and eliminate the visibility gaps in traditional defenses comprised of disparate point technologies that sophisticated attackers exploit.
In an aptly titled recent post from Joseph O’Laughlin, “You Cannot Protect What You Can’t See,” he discusses why visibility (and subsequent control) into only applications and users is no longer enough to protect today’s dynamic environments and outlines how visibility into the network enables better network protection. This core concept of visibility into the network is at the heart of Cisco ASA with FirePOWER Services (and our Next-Generation Intrusion Prevention Systems too) that sets it apart from all other network security competitors. Read More »
Tags: ASA, FirePOWER, firewall, indicators of compromise, next generation firewall, NGFW, security
Data traffic has grown dramatically in the recent years, leading to increased deployment of network service appliances and servers in enterprise, data center, and cloud environments. To address the corresponding business needs, network switch and router architecture has evolved to support multi-terabit capacity. However, service appliance and server capacity remained limited to a few gigabits, far below switch capacity.
Cisco Intelligent Traffic Director (ITD) is an innovative solution to bridge the performance gap between a multi-terabit switch and gigabit servers and appliances. It is an hardware based multi-terabit layer 4 load-balancing, traffic steering and clustering solution on the Nexus 7000 and 7700 series of switches.
Read More »
Tags: ACE, ASA, ASA 1000V Cloud Firewall, cache engines, Cisco Prime NAM, Cisco WAAS, citrix, F5, Imperva, Imperva SecureSphere WAF, IPS, ITD, load balancer, Load Balancing, server load balancer, Web Application Firewall
Cisco is a strong proponent for shifting the mindset regarding the capabilities a Next-Generation Firewall (NGFW) must provide to stay relevant in a world that is dealing with dynamic threats. While nothing is technically wrong with legacy NGFWs, much is wrong with their approach.
To meet current and future needs, a NGFW must now provide full visibility and contextual awareness across applications, hosts, and the network, address dynamic threats, quickly correlate and identify multi-vector threats and deliver the dynamic controls organizations now require to combat advanced threats. It must do all of this while reducing complexity. These capabilities are crucial for enabling continuous protection across the attack continuum—before, during and after an attack.
Read More »
Tags: ASA, elektra, firewall, next generation firewall, NGFW, security
Security has emerged as a leading pain point for CIOs, executives, and even in the boardroom due to changing business models and growing attack surfaces, a threat landscape that is more dynamic by the day and the increasing complexity of IT environments.
With these challenges as a backdrop, attendees of our 25th annual Cisco Live! event last week in San Francisco absorbed over 170 hours of security-focused material, including hands-on labs, seminars, technical breakouts, panel discussions, and keynotes. This overwhelming amount of time and effort is a testament to Cisco’s commitment to protecting our customers against the latest threats across the full attack continuum—before, during, and after an attack.
In case you could not attend or make a session, particular highlights from the week included Chris Young and Bryan Palma’s keynote (must create Cisco Live account to view) examining the security challenges brought about by the Internet of Everything. Chief architect Martin Roesch also led a session exploring threat-centric security, examining the modern threat landscape, and how threat-centric security increases the effectiveness of threat prevention.
From a product perspective, momentum continued as we announced major updates and new products during Cisco Live! to help our customers address their security needs across the attack continuum with protection from the network to the data center to the endpoint to the cloud.
Tags: #CLUS14, Advanced Malware Protection, AMP, ASA, cisco live, cloud, cybersecurity, data center, ThreatGRID