For those who are not familiar with the Cisco Prime Security Manager, it is a management application that was introduced in 2012 to manage Cisco ASA 5500-X Series Next-Generation Firewalls. It is built on Web 2.0 technologies and supports both single-device and multi-device manager form factors to help manage various features such as Application Visibility and Control (AVC), along with web security in a simple, light-weight, and scalable manner. The AVC capability helps to block around 1200+ applications and 150,000+ micro-applications, in addition to specific users, behaviors, micro-applications, and devices. The web security service also provides URL filtering and Web reputation features to proactively restrict web application usage based on reputation of the site. Through Cisco Security Intelligence Operations (SIO), these services provide a comprehensive view of the local and global threat intelligence landscape. This is eventually translated to actionable items such as security polices and information feeds that protect your business from near real-time zero-day threats.
The new release of Cisco Prime Security Manager provides various new features and updates to the existing application, which make it more efficient and simple to manage your Cisco Next-Generation Firewalls (NGFW).
- Intrusion Prevention (IPS) on the Cisco ASA 5500-X Series Next-Generation Firewalls: This feature provides critical and enhanced threat protection from internet edge related attacks on your personal use computing systems. It proactively mitigates attacks and reduces the operational downtime that can slow your business, stall your critical processes, and lead to data or revenue losses.
- Control and Manage ASA-X NGFW environment settings: Access control rules for core ASA-X firewalls and Network Address Translation (NAT) can now be centrally configured using Prime Security Manager. Workflows from ASA deployments can be imported to provide better integration between ASA 5500-X Series devices and other devices running ASA Next-Generation Firewall Services such as AVC, Web Security Essentials (WSE), and Intrusion Prevention (IPS).
- Ease of use and reduced complexity: The Web 2.0 architecture and user-centric design provides an intuitive and simple interface that helps you to perform various tasks more efficiently and in a straightforward manner. Since this application has been designed with the user in mind, it improves operational efficiency because now you spend less time on navigating through the application and more time on defining security policies and performing your tasks.
- Greater visibility and control: Prime Security Manager provides detailed reports on events, threats, user activity, list of applications that have been accessed, etc. This data helps you to create granular policies and protect your environment from potential threats and malware. This visibility also helps to lower the time-to-resolution and eventually reduces costs by proactively monitoring security threats.
Here are some screenshots from the latest version of the Cisco Prime Security Manager:
1. Cisco Prime Security Manager Health Monitor
The Health Monitor screen provides detailed information on the NGFW devices, malicious transactions, and top sources and destinations of traffic, along with the security policies and threats that have been hit. It also provides a granular view on the total number of transactions along with those that have been blocked. The hit count of each policy is dynamically presented, clearly displaying the actual usage of each policy in the table. By providing health, performance, and license expiration information, Cisco Prime Security Manager enables the security team to proactively manage any issues that can adversely affect business operations.
2. Manage core ASA 5500-X, Application Visibility and Control, Web Security and Intrusion Prevention using a single User Interface
Prime Security Manager now allows you to manage security policies and configurations on the ASA 5500-X appliance along with AVC, WSE, and IPS on the NGFW. It helps you to streamline your tasks, receive end-to-end reports and makes it easier to configure Cisco Next-Generation Firewalls using a single management console[1].
3. Granular Application, User, and Device Control
Common access policy parameters such as source, destination, and service can be extended to include contextual elements such as user, user group, website and web category, application and application category, and device type. In addition, behaviors within an application or micro-application can also be controlled. For example, administrators may want to allow marketing and sales access to the Facebook Messages micro-application, but disable downloads while they want to prevent the entire IT team to not be able to access Facebook.
4. Cisco Prime Security Manager Event Analysis and Proactive Monitoring
The event monitor supports real-time and historical event analysis, as well as intuitive filtering capabilities. Using this information, you can perform more analysis on the activities in your network and create effective, robust, and granular polices that can be easily deployed on all the devices in your environment. This also reduces the time needed to deploy policies, minimizes the scope for potential errors, adds consistency during the upgrades, and highly improves scalability.
Want to try out the new version for free? Get your 90-day evaluation version of the Prime Security Manager at http://www.cisco.com/go/prsm, by clicking the Download Software link.
To learn more, visit http://www.cisco.com/go/prsm for the most recent information on Cisco Prime Security Manager. Visit Cisco Security for information on the Cisco security portfolio.
[1] In particular, customers looking to manage core firewall capabilities such as Network Address Translation (NAT), firewall, and events are encouraged to deploy this management tool.
CONNECT WITH US