Organizations are under relentless attack, and security breaches happen every day. A global community of attackers creates advanced malware and launches it via multi-faceted attacks and through multiple attack vectors into organizations of all sizes.

These increasingly costly attacks against organizations of all sizes place customer data, corporate secrets, and intellectual property at risk. Smaller organizations that form part of the supply chain are targeted not only for their own assets but as an entry point for attacks against larger organizations that they partner with.

We believe the most effective way to address these real-world challenges is with continuous threat protection that is both pervasive and integrated. This goes beyond traditional point-in-time detection and taps into context-rich threat intelligence, dynamic malware analysis, and retrospective security to allow continuous breach detection, response, and remediation across the full attack continuum.

For this reason, we are unveiling new models of Cisco ASA with FirePOWER Services for SMB, midsize organizations, and branch offices. These next-generation firewall (NGFW) models bring integrated threat defense, low total cost of ownership, and simplified security management to smaller and distributed organizations.

Smaller companies have often been underserved by the network security tools available to them. Until now, they have typically had to choose between less effective Unified Threat Management (UTM) solutions, or multiple point solutions for stateful firewalling, application control, IPS, and advanced malware mitigation. Legacy NGFWs, to date, have delivered poor security efficacy, providing neither Next-Generation IPS (NGIPS) functionality nor advanced malware protection.

However, Cisco ASA with FirePOWER Services delivers threat-centric security with its newest NGFW models tailored for smaller organizations.

Integrated Threat Defense

Our newest NGFWs combine precise application visibility and control (AVC) with leading Advanced Malware Protection (AMP) and Next-Generation Intrusion Prevention capabilities (NGIPS) in a single device. AMP leverages Cisco Collective Security Intelligence (CSI) to detect and control advanced malware outbreaks, advanced persistent threats (APTs), and targeted attacks. AMP is complemented by Cisco NGIPS, which passively discovers network, host, VM, mobile device, application, and user information, creating contextual awareness for actionable response. These threat defenses complement the class-leading stateful firewall, VPN, and URL filtering technologies.

Low Total Cost of Ownership  

With such tightly integrated threat-defense, AVC, AMP, NGIPS, and URL filtering, plus Cisco AnyConnect VPN, ASA with FirePOWER Services lowers total cost of ownership with security that is superior to UTM and legacy firewall solutions. When using the new security appliances as pervasive threat sensors across the network, automated tuning and correlation reduce false-positive alerts that would otherwise devour staff time. Cisco ASA with FirePOWER Services flags previously unknown malware, with customers reporting drastically reduced remediation time, sometimes from weeks to hours.

Simplified Management

What’s more, Cisco ASA with FirePOWER Services delivers management flexibility. Streamlined on-box management is standard, combining control over access policies and advanced threat defense functions. The user interface provides quick views on trends and the ability to drill-down for details. Additionally, optional centralized management maximizes threat visibility, contextual information, and analytics across the distributed enterprise. This threat correlation highlights risks and assists prioritization of monitoring and remediation.

ASA with FirePOWER Services is also being made available for industrial networks and rugged environments. A version of the appliance comes with a ruggedized chassis along with market-leading cybersecurity protection for deployment in substations, the factory floor, the assembly line, and wherever market-leading cybersecurity in a harsh environment is required.

We want to be clear: this is a new way forward for security in smaller organizations, distributed offices, and ruggedized environments. More about our five new NGFW models is available here: cisco.com/go/ngfw and also the Cisco Security launch page (now live).


Bill Mabon

Senior Manager, Security Products

Cisco Security