We’ve been talking for a while about Cisco ACI’s leadership in SDN security features (like here), and in the design of our fine-grained security policy enforcement between individual workloads, sometimes called microsegmentation. Today, here at Interop, Las Vegas, Cisco is reaffirming its thought leadership in data center security and SDN automation with a couple of announcements, including the integration of Cisco FirePOWER next generation intrusion prevention system (NGIPS) into the ACI security framework. In other news, another ACI ecosystem security partner was announced last week at the RSA Security Conference: Fortinet, who will be integrating their Fortigate firewall platform with ACI.
The Cisco ACI + FirePOWER solution enables real-time detection, mitigation and remediation for advanced security threats inside the data center by combining granular application visibility and control, threat detection, advanced malware protection (AMP) capabilities of FirePOWER NGIPS with ACI microsegmentation, advanced security service insertion, and L4-7 policy automation. To quickly summarize how this all comes together and a sample use case for ACI security, we created the following video:
Available in June, 2015, new ACI advanced security works to protect data centers before, during, and after attacks, dynamically detecting threats and automating incident responses. The Cisco FirePOWER family of security appliances consists of industry-leading NGFW, NGIPS appliances offering best-in-class threat effectiveness, superior visibility and global threat intelligence.
FirePOWER + ACI = Automated Security with Advanced Protection Across Attack Continuum for Physical and Virtual
Read More »
Tags: ACI, Advanced Malware Protection, FirePOWER, Fortinet, interop, pci, security
Security concerns around cloud adoption can keep many IT and business leaders up at night. This blog series examines how organizations can take control of their cloud strategies. The first blog of this series discussing the role of data security in the cloud can be found here. The second blog of this series highlighting drivers for managed security and what to look for in a cloud provider can be found here.
In today’s workplace, employees are encouraged to find the most agile ways to accomplish business: this extends beyond using their own devices to work on from anywhere, anytime and at any place to now choosing which cloud services to use.
Why Bring Your Own Service Needs to be on Infosec’s Radar
In many instances, most of this happens with little IT engagement. In fact, according to a 2013 Fortinet Survey, Generation Y users are increasingly willing to skirt such policies to use their own devices and cloud services. Couple this user behavior with estimates from Cisco’s Global Cloud Index that by the year 2017, over two thirds of all data center traffic will be based in the cloud proves that cloud computing is undeniable and unstoppable.
With this information in mind, how should IT and InfoSec teams manage their company’s data when hundreds of instances of new cloud deployments happen each month without their knowledge?
Additionally, what provisions need to be in place to limit risks from data being stored, processed and managed by third parties?
Here are a few considerations for IT and InfoSec teams as they try to secure our world of many clouds:
Read More »
Tags: 2014 annual security report, CIO, Cisco Security, CiscoCloud, cloud, cloud security, data security, Fortinet, Hadoop, infosec, ITaaS, OLAP, security, Service Provider, wired