Cisco Defense Orchestrator adds support for new platforms, cloud logging and advanced analytics
Organizations today are faced with securing their business everywhere across their hybrid networks – from the campus network, to remote sites, to public clouds and remote employees. This explosion of perimeters means that network security functions need to be present on physical appliances, in the cloud, in the branches and delivered from the cloud.
The result is operational complexity, compounded by the fact that most organizations are still using inefficient, manual processes to manage their network security solutions.
Over time, rulesets can become bloated and inconsistent, leaving organizations increasingly at risk. A recent survey of IT and infosec professionals by Enterprise Strategy Group found that 94% were concerned that this increased network complexity makes them more vulnerable. And 88% want to make network security policy changes more agile.
How do we ensure that our security controls are enforced consistently everywhere?
A new approach is needed that can scale with your growing network while also helping you seamlessly manage policies across your environment – powered by intelligence and insights.
Over the last few years, hundreds of Cisco ASA customers have adopted Cisco Defense Orchestrator to simplify and unify policy and device management. Today, we’re announcing new platform support and cloud-based logging with advanced analytics.
Cisco Defense Orchestrator support for Firepower Threat Defense (FTD) and Meraki MX
Now organizations can seamlessly harmonize security policies across tens or thousands of devices – including ASA, and in the very near future, FTD and Meraki MX. For example, a mid-sized enterprise may have FTD devices in their corporate office, ASAs in their data center, and Meraki MX devices in remote and home offices. Rather than maintain three separate sets of policies, the customer can use Cisco Defense Orchestrator to streamline and unify common access policies.
Besides realizing significant time savings, Cisco Defense Orchestrator provides the organization with visibility and confidence into the policies that govern these disparate devices from one central manager.
Introducing Cisco Security Analytics and Logging
Available soon through Cisco Defense Orchestrator, the Security Analytics and Logging service helps you make better security policy management decisions by providing greater visibility and threat detection capabilities across your firewall and network. It allows you to correlate the static events on a firewall with behavioral analytics and private network monitoring enabled by Stealthwatch Cloud.
First, it aggregates and centralizes intelligence from NGFW logs and network logs securely in the cloud, accessible and searchable from Cisco Defense Orchestrator.
Then, it enriches and correlates threat intelligence in the context of specific events and alerts within an organization’s systems to baseline normal behavior. Lastly, it uses this intelligence to speed investigations and provide insights for corrective security policy actions.
To learn more, read our new At-a-glance and blog post Security Analytics and Logging: Supercharging FirePower with Stealthwatch.
Cisco Defense Orchestrator: Your bridge to the future of network security
We want to bring customers on a journey to the future of firewalling by solving the biggest network security challenges they’re facing today.
“Managing the firewalls and VPN endpoints for our clients with Cisco Defense Orchestrator saves us a lot of time and streamlines upgrading those devices. Its ease of use gives us the instant visibility and management we need while helping us reduce configuration errors.”
– Stuart Nelson, Senior Network Engineer, DHI Computing Service
Attend my Innovation Talk “What is the Future of the Firewall?” online or live at Cisco Live US on Wednesday, June 12th to hear more of our vision for the future of the firewall. [Update: Watch on-demand here – login required]