Cisco Blogs


Cisco Blog > Security

New Cisco Rapid Threat Containment Solution Detects and Automatically Contains Threats

Integration of Cisco FireSIGHT Management Center and Identity Services Engine (ISE) Now Available

As explained in our 2015 Cisco Midyear Security Report, attackers are using innovative tactics like exploit kits, ransomware, and advanced malware to evade detection. Organizations are using as many as 40 to 60+ disparate security solutions that typically don’t – and can’t – work together. These point solutions have limited impact against well-funded cybercriminals and typically generate vast numbers of alerts, many of which may not be relevant. On average, large organizations have to sift through nearly 17,000 alerts each week to find the 19 percent that are considered reliable, and security professionals only have time to investigate 4 percent of warnings.

It’s no wonder that, based on various reports, the current industry average for time to detection is 200 days. That’s far too long. The longer the threat goes undetected, the greater potential for damage. By the time a breach is discovered the damage has been done.

The new Cisco Rapid Threat Containment solution with Cisco FireSIGHT Management Center and Cisco ISE lets you get to the heart of what matters – providing deep network detection and automatic containment of critical threats so you can mitigate your security risk quickly and efficiently without overburdening your security team.

Read More »

Tags: , , ,

Extending Security Everywhere

Just a few months ago at Cisco Live U.S., we announced both our strategy and several new offerings for Security Everywhere Across the Extended Network. We believe that our vision of delivering Security Everywhere – from the cloud to the network to the endpoint – is essential to reduce risk, gain competitive advantage and make security a growth engine for organizations. Today we are extending Security Everywhere with new capabilities and services that deliver greater visibility, context and control from the cloud to the network to the endpoint, for organizations of all sizes.

Extending Security Deeper into the Network and Endpoints

Employees need access to more enterprise resources from more devices than ever and attacker ingenuity and persistence has reached new heights. As a result, organizations are losing sight of who and what is accessing the network – and the threats that may take hold. Controlling and detecting lateral movement of these threats inside a network is a major challenge most organizations face. Cisco is further improving its market leading capabilities to meet this challenge by simplifying the deployment of software based segmentation, leveraging more of the network’s intelligence, and extending flow based visibility for detecting insider and advanced persistent threats beyond the network to one of the most commonly deployed endpoint agents in the world.

  • Cisco Identity Service Engine (“ISE”) 2.0 provides several new capabilities that extend the visibility and control of the network for security. The new integration with the Cisco Mobility Services Engine (MSE) provides geo-location for access control. For example, it can grant specific access to top secret resources required for confidential conversations in the boardroom, but then change that level of access as soon as participants leave the meeting to prevent ongoing access. A new work center for TrustSEC deployments dramatically simplifies the deployment of software based segmentation across the network along with new expanded support for third party network access devices. ISE is also an amazingly valuable source of contextual information for security systems that can help any system execute its role better. With ISE 2.0, we are further expanding our industry leading partner community to include several new vendors including Check Point, Infoblox, and Invincea while expanding partners ability to take real time action in the network with new adaptive network control capabilities to augment the rapid threat containment integrations with Lancope Stealthwatch and FireSIGHT Management Center.
  • Cisco AnyConnect, our world-class VPN for secure mobility that is deployed by organizations across the globe, now delivers deep endpoint visibility into application flows, allowing security administrators to extend visibility down to the device and track behavior off and on premise and quickly spot and scope internal threats arising from compromised systems or inappropriate insider behavior.

Extending Security Further with the Cloud

Enterprises of all sizes are adopting the cloud. From productivity to line-of-business to vertical applications, SaaS and public cloud are enabling the Digital Economy. At the same, more than half the employees in the enterprise today are working outside of the network perimeter. To accelerate this transformation, Cisco is extending security further into the cloud with the following new offerings:

Read More »

Tags: , , , , , , , ,

Converged Access Drives Cisco Live Cancun

Cisco Live Cancun took place in the beautiful Moon Palace Golf & Spa Resort from November 3rd – 6th 2014.   The event provided a great opportunity for customers and partners to discuss Cisco’s Products and Solution’s vision.   And what better way to showcase these latest innovative solutions than with running the event itself with its very own innovation.  That is exactly what had been done, as Converged Access supported Cisco Live from beginning to end.

Converged Access enables one common set of network capabilities and context-aware intelligence as it brings IOS excellence to wireless by extending wired infrastructure features like, resiliency, granular QoS and scalability to wireless clients.  Converged Access was deployed at Cisco Live Cancun with 5 Catalyst 3850 Switches and 34 APs to support a peak of 450 concurrent users and a total of over 2,000 unique wired-wireless users.  Read More »

Tags: , , , , ,

Extending control and advanced threat protection for web security

Today the web is a favorite vector for threat actors to launch their attacks. According to the Cisco 2014 Midyear Security Report, More than 90 percent of customer networks observed in the first half of 2014 were identified as having traffic going to websites that host malware. More recently, Talos uncovered a massive malvertising network known as Kyle and Stan. Some 31,151 connections were observed to the network’s 6,491 domains.

In an effort to continue offering the most comprehensive protection to our customers, today we are announcing several important new features and expanded threat protection for the Cisco Web Security Appliance (WSA).

Read More »

Tags: , , , , , , , , ,

New White Paper from Enterprise Strategy Group on the Evolution of and Need for Secure Network Access

Mention Network Access Control (NAC) to some security or network operations engineers, and they just might grimace.  Why?  Most people still associate NAC with a set of technologies that were complicated to deploy and implement effectively.

Today, however, those nightmare assumptions are far removed from the reality.  In this newly released white paper, Jon Oltsik, Senior Principal Analyst for the Enterprise Strategy Group, discusses how NAC is transforming into something more—a technology he calls Endpoint Visibility, Access, and Security or EVAS. Mr. Oltsik discusses how the NAC market has changed to reduce complexity in both deployment and usage. Through this advancement, this evolved technology has become an increasingly more critical component in securing enterprise networks.  In addition, Mr. Oltsik discusses how Cisco and the Cisco Identity Services Engine (ISE) are in the best position to meet IT security challenges in terms of what EVAS should be and how it helps.

Download the white paper on Cisco.com:
http://www.cisco.com/c/dam/en/us/products/collateral/security/cisco-evas-white-paper.pdf

Tags: , , , ,