Introduction to Cisco Secure Firewall 7.3
Cisco’s latest release of the Secure Firewall operating system, Secure Firewall Threat Defense Version 7.3, addresses key concerns for today’s firewall customers. The 7.3 release delivers more features to the three key outcomes: see and detect more threats faster in an increasingly encrypted environment, simplify operations, and lower the TCO of our security solution.
See More – Detect Faster
The QUIC protocol is seeing significant adoption but seeing within QUIC is highly challenging. It is the default protocol for popular sites such as Google and Facebook, almost 10% of sites today now support transport over the QUIC protocol. Further enhancements to Cisco’s Encrypted Visibility Engine (EVE), first launched a year ago in 7.1, allows for the fingerprinting of traffic that is using the QUIC Protocol in Secure Firewall 7.3. This allows for enhanced visibility of this traffic for use in policy decisions to help determine the nature of the traffic and identify potential malicious traffic hiding in the QUIC Protocol.
MITRE Rule Groups
The Intrusion Prevention System (IPS) in Secure Firewall 7.3 now includes groups of rules mapped to the MITRE framework so that customers can both deploy explicit protections and see events mapped to those known attackers’ tactics and techniques. Additionally, the reporting and eventing capabilities have been enhanced to show any events that map to specific tactics as described by MITRE.
Remote Access VPN Dashboard
Remote work is here to stay. Hybrid work is the new normal, to complement our best-in-class Remote Access VPN Capabilities inside Cisco Secure Firewall, release 7.3 delivers a consolidated dashboard for monitoring the Remote Access infrastructure. The new dashboard capabilities consolidate existing and new information into a single location so that customers can track logged in users, failed attempts to connect, location that users are connecting from as well as insights on throughput and bandwidth usage, providing customers with the security and business visibility they need to manage Remote Access VPN capabilities regardless of scale.
Enhanced Cluster Capabilities
Clustering capabilities within Secure Firewall offer a powerful way to scale out for performance and resiliency. With the release of Secure Firewall 7.3, operational enhancements to the clustering solution have been added so that customers can now monitor the full suite of metrics relating to the health of their cluster directly from the Secure Firewall Management Center as well as the capability to perform backup and restore actions on cluster nodes for a significantly reduced time-to-recovery in the event of a failure
Additional Site-To-Site VPN Capabilities
The Virtual Tunnel Interface (VTI) Capabilities have been further enhanced with Dynamic Virtual Tunnel Interface (DVTI) capabilities allowing for simplified connectivity between branch and hub sites. Support has also been added for OSPF and EIGRP routing protocols in conjunction with Virtual Tunnel Interfaces for added flexibility with route-based VPNs as well as Loopback Interface configuration to aid with management services in a dynamic environment.
Secure Firewall 3105 Hardware
Alongside the new Software and further extending Cisco’s powerful Secure Firewall 3100 series hardware platforms launched earlier this year, the new Secure Firewall 3105 bridges the gap on both price and performance between the small and mid-range hardware platforms. Delivering all the key capabilities of the other appliances in the 3100 series such as Clustering, Dual Power Supplies and Network Module support, as well as impressive performance from Firewall, VPN and TLS decryption thanks to the new architecture, the 3105 model targets the lower end of the mid-range with 10Gbps throughput.
Expanded support in Microsoft Azure Cloud
As organisations continue to adopt services from public cloud providers, Cisco Security recognises the need to enable our customers the flexibility to deploy more form factors in more locations as well as the ability to scale to meet modern cloud network demands.
- FMCv300 now in Microsoft Azure – Cisco’s largest virtual platform for managing Secure Firewall devices is now available for customers to deploy in Azure, allowing for the management of up to 300 devices from a single virtual platform with license portability from other virtual editions of Secure Firewall Management Center.
- Clustering Support – Extending the clustering capabilities of Secure Firewall into the Microsoft Azure Cloud allowing for up to 16 virtual Firewalls to be clustered in order to scale out rapidly to meet the demand of our customers’ cloud applications
- Support for Gateway Load Balancer – With Microsoft recently announcing General Availability of their Gateway Load Balancer implantation, Cisco Secure Firewall is now able to be used as the Network Virtual Appliance (NVA) allowing for easy insertion of security controls into the Microsoft Azure cloud without the need to re-architect an existing deployment.
Automated integration to Cisco Umbrella
Building on the DNS Integration capabilities delivered in Secure Firewall 7.2, customers leveraging the advanced capabilities of Cisco Umbrella can now significantly reduce the configuration overhead required to direct traffic to the Cisco Umbrella Cloud by making use of the SASE Topology capabilities in Secure Firewall 7.3. Customers can now automatically configure and manage IPSec Tunnels between Secure Firewall devices across their environment and the Umbrella Cloud as well as having a single view of the tunnel status directly within Secure Firewall Management Center.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels