Digital transformation and the cloud are driving unprecedented innovation and growth. However, the move to the cloud is expanding threat surfaces out beyond the perimeter – often on endpoints, applications, and cloud services that fall beyond the visibility and control of the organization’s security team. The lack of visibility and control across multiple clouds, regions, and accounts has created a major security gap for organizations looking to continue to innovate and grow through the scale and power of the cloud.

Ingress security has always been key to protecting enterprise networks from inbound malicious threats – but the role of ingress security has grown even more important in the multicloud world. Organizations need a more robust ingress security solution that not only provides deep visibility and control to protect against evolving threats, but also applies these controls quickly and evenly across clouds, regions, and accounts as infrastructure scales.

The importance of ingress security in today’s multicloud world

The attack chain starts with a threat actor over the internet looking for a way to gain access to the network by various attack techniques. Some of these techniques are evasive enough to get around traditional security controls. Hiding in plain sight, they disguise themselves as legitimate traffic or shroud themselves within encrypted traffic to gain initial access on a vulnerable ingress point. From there, attackers can lie in wait, collecting insights on the now-compromised network while looking for a valuable target. Then, when the timing is right, they can act quickly and execute their attack on the network under the radar.

Organizations need strong security capabilities across the entire attack chain, but it’s here, at this initial access point, where ingress security can stop these attacks before they enter the network. Unfortunately, traditional security tools are not designed for today’s agile multicloud world. As attack surfaces continue to expand, the number of tools required to protect an organization’s infrastructure grows as well. Suddenly, teams are juggling dozens of management tools – each with their own dashboard and nuances. This multi-tool approach creates complexity for organizations, leading to misconfigurations, wide open threat policies, and other security and networking gaps. Some organizations use homegrown solutions to consolidate tool sprawl, but these require manual configuration and updates every time a new cloud provider is added to an environment – contributing to uncontrollable tech debt and additional vulnerabilities.

Cisco Multicloud Defense simplifies ingress security

Organizations need strong ingress security that gives them visibility into their expanding attack surfaces and the ability to consistently control traffic entering their environments. Cisco Multicloud Defense provides this consistent visibility and control – helping organizations gain multidirectional protection across their clouds, regions, accounts, and workloads. It can block inbound attacks, prevent lateral movement, and stop data exfiltration by leveraging IDS/IPS, web application firewall, URL filtering, FQDN filtering, data loss prevention (DLP), and antivirus capabilities all baked into a single SaaS solution.

Multicloud Defense alleviates security complexity across clouds, regions, and accounts with consistent policy controls and deep visibility into workloads – including potentially malicious traffic and unauthorized entities trying to gain access to the cloud infrastructure. Just as critical, security teams can be assured that policies are being applied appropriately and consistently across multiple cloud environments.

For ingress protection, Multicloud Defense acts as an integrated Web Application Firewall (WAF) and IDS/IPS solution to block threats targeting applications and infrastructure. It also leverages geographic IP and known malicious IP blocking capabilities to identify entities attempting to connect, making an “allow” or “block” decision in real time. And for encrypted traffic flows, Multicloud Defense uses TLS decrypt and reverse proxy capabilities enabling organizations to decrypt and inspect traffic before it enters the cloud infrastructure.

Building powerful multicloud network security across the entire attack chain

Cisco Multicloud Defense provides security throughout the entire attack chain. Ingress security gives organizations the ability to identify suspicious or abnormal behavior that is trying to gain unauthorized access to the cloud. However, expanding attack surfaces, infrastructure complexity, and increasingly sophisticated threats make it hard to detect, analyze, and stop threat actors with traditional security tools. Cisco Multicloud Defense simplifies security across complex environments while giving organizations the ingress protection they need to stop incoming threats that target their distributed applications and infrastructure. With consistent, unified ingress protection across environments, Multicloud Defense reduces risk for organizations and enables them to remain agile in today’s multicloud world.

To learn more about Cisco Multicloud Defense:

We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Security on social!

Cisco Security Social Channels



Anubhav Swami

Principal Architect

Security Business Group