Manage a consistent posture from your physical network to the cloud all from a single pane of glass 

Our Applications are rapidly changing, driven in large part by the rapid adoption of public cloud services. As such, public clouds have become critical extensions of our physical environments. They provide a level of flexibility and scalability that wasn’t possible previously. But how can we embrace and effectively manage the public cloud’s adoption without risking the increased security exposure? While the major cloud providers offer native security controls, managing this additional control point introduces an extra layer of complexity. It can expose our networks to a host of new risks.

Our People are working from new locations, and our applications are migrating to cloud services. To secure the business, organizations today have added more controls in more places and on more devices than ever before. Complexity creates security management challenges, as you try to maintain consistent security policies across many different solutions. Diligently

The ability to proactively monitor and maintain these hybrid networks requires visibility into and consistent management of security policies across on-premises data centers and multiple public cloud instances. That’s why we’re introducing AWS VPC Security Group Management with Cisco Defense Orchestrator (CDO). Unify visibility, enable automation, and strengthen security with CDO.

Extend consistent security policy, visibility, and management into AWS

Cisco Defense Orchestrator customers are already seeing the benefits of unifying security management across Cisco ASA, Firepower, and Meraki MX devices. We have recently expanded that scope to include the ability to orchestrate Amazon Web Services (AWS) Security Group rules to filter traffic coming into and out of your instances across all of your Virtual Private Clouds (VPCs). Support for AWS Security Group rules gives you a bird’s eye view of your security posture across on-premises and AWS environments. Cisco Defense Orchestrator can leverage common security objects, identifies policy errors and inconsistencies, and corrects them in seconds.

Topping this off, CDO assists in change management and workflow visibility of the supported controls. Organizations can achieve consistent security across their hybrid environment from a single pane of glass, while also getting access to other great Cisco Defense Orchestrator features like streamlined device management, a universal change log, out of band change notifications, and more.

Improve collaboration between security teams and cloud architects

Bringing together security management into a central console speeds up administrative tasks, and reduces the potential of misconfigurations. This consolidation enables security teams to be more agile and responsive, improving collaboration with cloud architects tasked with expanding and optimizing AWS environments.

Additionally, Cisco Defense Orchestrator can help reduce the shadow IT risks by providing visibility into VPN tunnels from your data center into AWS. Any new or unsanctioned applications can be promptly discovered and addressed.

Learn more about managing AWS with Cisco Defense Orchestrator here.

Driving the future of security management

We know that our customers often rely on multiple cloud providers. That’s why we will continue building out capabilities and improving Cisco Defense Orchestrator to be your single source of truth for harmonizing security policies across your hybrid environment.

See for yourself how Cisco Defense Orchestrator can simplify and unify security management. Register for a free trial today.


Scott Bower

Technical Marketing Engineering and Business Development Manager

Security Business Group