Cisco Blogs

Cisco Blog > Perspectives

Cisco ASA with FirePOWER Services – How to get infected

On October 7, 2013 Cisco completed the acquisition of Sourcefire. At that time, I recognized this via Twitter and checked out the products on their website. I was excited to see the FirePOWER in action together with a Cisco ASA.

I had a good possibility to join the “ASA with FirePower Services” Workshop in Munich directly at Cisco. A big part of this Training was a Hands-on Lab, where the FirePOWER “Virus” infected me. I was thrilled, about the Cisco ASA with FirePOWER Services and the FireSIGHT Management Center.

This intelligent cyber security solution covers gaps in traditional security solutions. The threat-focused next-generation firewall provides next-generation security capabilities:

Application Visibility and Control (AVC)

Over 3000 Application-Layer and Riskbased controls, that works closely with the IPS to optimize the security.

Next-Generation IPS (NGIPS)

Visibility to detect multivector threats to streamline and automate defense response, Superior threat prevention and mitigation for both known and unknown threats

URL Filtering, and Advanced Malware Protection (AMP)

The comprehensive malware-defeating solution can enable malware detection and blocking, continuous analysis, and retrospective alerting.

Cisco ASA1 Read More »

Tags: , , , , , , , , , , , ,

Cisco Adds Check Point Next-Gen Security Gateway to Growing List of Strategic ACI Partners

Cisco is announcing another important strategic partner to its list of ACI-compliant vendors with the addition of the Check Point Next Generation Security Gateway to the ecosystem. A couple months ago I wrote about the inherent security architecture in ACI (Security for an Application Centric World), and now the Check Point solutions fit right into that framework as an alternative to Cisco security solutions. Essentially, this means that the ACI controller, APIC, can now configure the application network to include the insertion and provisioning of Check Point virtual and physical security gateways as it does other Layer 4-7 application services and security appliances. The availability of the Check Point solutions will offer customers greater choice and flexibility while underscoring the open, multi-vendor approach of ACI.

[Note: Check Point will be participating in our upcoming ACI Webcast event: “Is Your Data Center Ready for the Application Economy”, January 13, 2015, 9 AM PT, Noon ET, featuring ACI customers and several other key ACI technology partners. Register here.]

In scalable, multitenant cloud environments with flexible resource placement, almost every workload must be secured from every other workload, with detailed security policies enabled between workloads in an application network: a concept called micro-segmentation. This level of security policy detail can become tedious to manage on an application-by-application basis. It also can potentially restrict workload mobility and the ways that applications can be deployed in the cloud.

Cisco ACI policies abstract the network, devices, and services into a hierarchical, logical object model. In this model, administrators specify the Layer 4 through Layer 7 services (firewalls, load balancers, etc.) that are applied, the kind of traffic to which they are applied, and the traffic that is permitted. These services can be chained together and are presented to application developers as a single object with simple input and output. Connection of application-tier objects and server objects creates an application network profile (ANP). When this ANP is applied to the network, the devices are told to configure themselves to support it. Tier objects can be groups of hundreds of servers, or just one device; the same policies are applied to all the objects in a single configuration step (see below).

Check Point Integration

The Application Profile Defines Security and Application Policies for Application Networks, and Cisco APIC Manages and Provisions Security Resources in the Fabric, Such as a Check Point Firewall, with the Right Policies for Each Application, at the Right Location

The integration with Check Point Next Generation Security Gateway provides automated security provisioning and a full range of security protections and threat-prevention capabilities in a highly dynamic and agile Cisco ACI environment. Check Point Security Gateways can be deployed as physical or virtual solutions and address today’s ever-changing threat landscape with a modular and dynamic security architecture.

Read More »

Tags: , , , , , ,

ITD: Load Balancing, Traffic Steering & Clustering using Nexus 5k/6k/7k


Data traffic has grown dramatically in the recent years, leading to increased deployment of network service appliances and servers in enterprise, data center, and cloud environments. To address the corresponding business needs, network switch and router architecture has evolved to support multi-terabit capacity. However, service appliance and server capacity remained limited to a few gigabits, far below switch capacity.

Cisco Intelligent Traffic Director (ITD) is an innovative solution to bridge the performance gap between a multi-terabit switch and gigabit servers and appliances. It is an hardware based multi-terabit layer 4 load-balancing, traffic steering and clustering solution on the Nexus 7000 and 7700 series of switches.

Read More »

Tags: , , , , , , , , , , , , , , ,

Old and Persistent Malware

TRAC logo
Malware can find its way into the most unexpected of places. Certainly, no website can be assumed to be always completely free of malware. Typically, there are many ways that websites can be compromised to serve malware:
Read More »

Tags: , , , , ,

You Can’t Protect What You Can’t See

The title seems like a simple enough concept, but when it comes to advanced threat protection, truer words were never written. This concept of visibility into your network, which in turn enables better protection and control of your network, is at the heart of Cisco’s Next-Generation Intrusion Prevention System (NGIPS). Visibility is what feeds critical capabilities in the solution and it’s also what sets our NGIPS apart from other IPS products.

In the coming weeks, we’ll focus on different aspects of our market-leading NGIPS solution, as recognized by third-party groups such as Gartner and NSS Labs, but since NGIPS is all about threat protection – and you can’t protect what you can’t see – let’s start with visibility.

Historically, IPS products have provided visibility into network packets to be able to identify and block network attacks. The last couple of years have seen next-generation firewalls get a lot of industry buzz by providing visibility (and subsequent control) into applications and users.

Read More »

Tags: , ,