Stop threats faster, empower NetOps, SecOps, ITOps and DevOps collaboration, and enable consistent security across your on-premises, hybrid, and multicloud environments. Cisco Secure Firewall enables this efficiency at scale, maximizing productivity with included entitlement for Cisco SecureX, our open XDR and orchestration platform.
Simple playbooks save time and allow you to focus. Automate identification of new Microsoft Office IPs and tailor security policies to that traffic. Reduce threat dwell time with deep contextual awareness, automated workflows, and one-click response actions.
And with the Secure Firewall 7.0 release, the SecureX ribbon is on every page of Secure Firewall Management Center (FMC) so you can rapidly pivot to SecureX for deep investigation.
SecureX is now a year old, with numerous releases delivered, dozens of integrations, and thousands of active customers that rely on it to simplify security and investigate threats faster. Cisco Secure Firewall protects hundreds of thousands of networks and Snort IPS has over a million deployments around the world. Together the breadth, variety, and capability of Cisco Security’s platform approach means you can depend on these solutions to protect you and deliver more value with your security investment.
With the Firewall Threat Defense 7.0 release, the Cisco Secure Firewall and SecureX integration has three significant new enhancements that drive security efficiency:
- The power of SecureX Most apparent, the SecureX ribbon is incorporated into the Firewall Management Center (FMC) user interface. When you’re in FMC, you get a summary view, and you can instantly pivot in SecureX for deeper investigation as necessary.
- SecureX orchestration of FMC, The SecureX integration now adds orchestration to what had previously been a data exchange mechanism, empowering you to automate FMC activities. Now, the SecureX Security Services Exchange (SSE) acts as an API gateway, enabling SecureX Orchestrator to invoke FMC API calls.
- Four new workflow playbooks. Download them today and address common use cases for observable actions, remediations, and incident endpoint enrichment. Find these new workflows, and more, at ciscosecurity.github.io/sxo-05-security-workflows/workflows/secure-firewall/
Find out why SecureX and Secure Firewall are better together:
Let’s talk details
FMC is much more than a “manager” — it enhances security visibility and response. Traffic of interest generates events and intelligence for further investigation. Additionally, it’s a full-featured and scalable tool driving network security policy, eventing, and systems management.
Why does this matter? For example, perhaps the movement of Cybersecurity Maturity Model Certification (CMMC)-relevant files with Controlled Unclassified Information (CUI) content needs to be tracked, or some suspiciously obfuscated communications are discovered. With the new SecureX ribbon, relevant IOCs and other data points can be captured and correlated with sightings from home grown, open-sourced, and partner-found equivalents.
SecureX’s value-add within FMC is pervasive. Every screen now has the ribbon option. The ribbon sits unobtrusively at the ready for your use. Just imagine…
- Reviewing hits from your TAXII delivered OSINT feeds within FMC. Capture those matches, and identify additional corresponding hits from other tools using a diversity of threat feeds.
- Wondering about a file that is propagating throughout your remote branch office? Capture that hash and see if other tools have seen the same file elsewhere.
- Is something in your guest network probing your Active Directory admin port? Has it reached out to suspicious sites?
These questions, and more, can be answered with the communal power of the Cisco security portfolio and partners, brought together by the SecureX platform – and shown live in your FMC interface.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels