ITU new generation Cisco Firepower 4100 series close-up
The digital revolution that the modern world is experiencing leads to an unprecedented increase in the number of connections. For consumers, companies, government authorities, digitization is the engine of innovation. But with the increase in the number of connections, cybercriminals are getting more opportunities. Therefore, enterprises should make more efforts to ensure information security (IS).
')
IT departments are tasked with tackling IS problems with a set of selected specialized products, in particular, conventional firewalls (ITU) of a new generation, whose protection against complex threats is just an option. Such ITUs cannot provide enterprises with the level of automation, ranking, context awareness that is necessary to cope with modern threats.
The use of conventional ITU of a new generation does not allow service organizations to fulfill obligations to consolidate platforms and reduce complexity. Moreover, they have to either deploy special security platforms, or receive telemetry data from conventional ITUs of the new generation and transmit to other systems that analyze this data and provide information about the context, but not in real time. This structure is reminiscent of Frankenstein (a monster created from different parts of the body): a mass of disparate technologies, put together, to control which you need to switch between multiple consoles. Such an approach to security is unreasonably expensive, complex and ineffective.
To cope with these problems, created from scratch and recently introduced by Cisco ITU, a new generation of Cisco Firepower series 4100 - the first fully integrated, threat-oriented ITU of a new generation to protect organizations. Unlike conventional ITU of a new generation, it is simpler and more economical, provides a holistic approach to security, and it is much more convenient to manage it thanks to a single interface. It should be emphasized that Cisco does not want to increase the number of devices and consoles in the already cumbersome stack of security technologies that companies usually have to deal with.
The new generation of ITU Cisco Firepower is optimized for high performance, has best-in-class bandwidth (up to 80 Gbps) and compactness: the height of the case is just one rack-mount place, and the computing power density is higher than that of any conventional new-generation ITU. One of the essential requirements for a new generation of ITU threats, high performance. In ITU Firepower, it is sufficient for operation at the network perimeter and in other high-load environments.
The threat landscape is very dynamic, so ITU of a new generation should work so that organizations in real time can recognize, rank, repel, and automate threats to threats. Distinctive features of the new generation ITU Firepower:
- focus on threats;
- network monitoring;
- industry leading threat analytics;
- highly effective neutralization of known and unknown threats.
Thanks to Advanced Malware Protection, the new generation ITU Firepower has a retrospective protection feature. It allows you to rewind time, as it were, to quickly detect and eliminate the effects of sophisticated attacks that could circumvent the defense. As a result, the time spent in detecting an incident is significantly less for Cisco customers than the industry average.
Cisco has created a new generation of ITU Firepower based on the industry's leading security platform, which has been owned by her since Sourcefire was acquired two years ago. Cisco organically combined this platform with the best features of the most proven ITU ASA to get a device with a single interface and a single management console. ITU Firepower is a best-in-class ITU with connectivity monitoring and the following services to detect threats:
• a new generation of intrusion prevention system;
• Advanced Malware Protection (AMP);
• filtering URLs based on reputation;
• Radware solutions to protect against DDoS attacks.
Among the advantages of the new generation ITU Firepower, we also note the possibility of unified monitoring of the network and setting policies in the Cisco Firepower Control Center. This provides a focus on threats and automation, which is not the case for conventional ITU of a new generation, in which protection against threats of increased complexity is only an option.
The solution gives customers the opportunity to protect against modern threats not only the network, but also the end devices. AMP for Endpoint , AMP Threat Grid and Cisco Identity Services Engine are organically built into the platform. They enable ITU of a new generation of Firepower to improve efficiency and improve monitoring of the entire network and on end devices. AMP for Endpoint is the industry's best endpoint protection technology against modern malicious code that allows you to send your monitoring results directly to the new generation of ITU, Firepower. The Cisco Identity Services Engine (Cisco ISE) also sends context information directly to the ITU, which in turn can instruct Cisco ISE to automatically take network actions on its own behalf.
The threat-centered ITU of a new generation should be able to monitor and control access across the entire distributed network and at the end devices. Hardware security alone is no longer enough. Modern threats are so complex that they easily bypass systems that provide protection only at a certain point in time.
Speaking of threats, one should not forget that the creation and analysis of a truly high-quality product is the study and analysis of threats. A significant contribution to the development of ITU protection tools of a new generation of Cisco Firepower and other Cisco information security solutions is made by the division of Cisco Talos - the world's leading organization engaged in research and analysis of threats. It is thanks to Talos achievements that the effectiveness of Cisco security tools gets the highest score from independent testing. The new generation ITU, the new generation intrusion prevention system and the AMP system have successfully passed the tests of the NSS laboratory, which confirmed that the Cisco solution reflects more threats than any other such protective platform.
')
IT departments are tasked with tackling IS problems with a set of selected specialized products, in particular, conventional firewalls (ITU) of a new generation, whose protection against complex threats is just an option. Such ITUs cannot provide enterprises with the level of automation, ranking, context awareness that is necessary to cope with modern threats.
The use of conventional ITU of a new generation does not allow service organizations to fulfill obligations to consolidate platforms and reduce complexity. Moreover, they have to either deploy special security platforms, or receive telemetry data from conventional ITUs of the new generation and transmit to other systems that analyze this data and provide information about the context, but not in real time. This structure is reminiscent of Frankenstein (a monster created from different parts of the body): a mass of disparate technologies, put together, to control which you need to switch between multiple consoles. Such an approach to security is unreasonably expensive, complex and ineffective.
To cope with these problems, created from scratch and recently introduced by Cisco ITU, a new generation of Cisco Firepower series 4100 - the first fully integrated, threat-oriented ITU of a new generation to protect organizations. Unlike conventional ITU of a new generation, it is simpler and more economical, provides a holistic approach to security, and it is much more convenient to manage it thanks to a single interface. It should be emphasized that Cisco does not want to increase the number of devices and consoles in the already cumbersome stack of security technologies that companies usually have to deal with.
The new generation of ITU Cisco Firepower is optimized for high performance, has best-in-class bandwidth (up to 80 Gbps) and compactness: the height of the case is just one rack-mount place, and the computing power density is higher than that of any conventional new-generation ITU. One of the essential requirements for a new generation of ITU threats, high performance. In ITU Firepower, it is sufficient for operation at the network perimeter and in other high-load environments.
The threat landscape is very dynamic, so ITU of a new generation should work so that organizations in real time can recognize, rank, repel, and automate threats to threats. Distinctive features of the new generation ITU Firepower:
- focus on threats;
- network monitoring;
- industry leading threat analytics;
- highly effective neutralization of known and unknown threats.
Thanks to Advanced Malware Protection, the new generation ITU Firepower has a retrospective protection feature. It allows you to rewind time, as it were, to quickly detect and eliminate the effects of sophisticated attacks that could circumvent the defense. As a result, the time spent in detecting an incident is significantly less for Cisco customers than the industry average.
Cisco has created a new generation of ITU Firepower based on the industry's leading security platform, which has been owned by her since Sourcefire was acquired two years ago. Cisco organically combined this platform with the best features of the most proven ITU ASA to get a device with a single interface and a single management console. ITU Firepower is a best-in-class ITU with connectivity monitoring and the following services to detect threats:
• a new generation of intrusion prevention system;
• Advanced Malware Protection (AMP);
• filtering URLs based on reputation;
• Radware solutions to protect against DDoS attacks.
Among the advantages of the new generation ITU Firepower, we also note the possibility of unified monitoring of the network and setting policies in the Cisco Firepower Control Center. This provides a focus on threats and automation, which is not the case for conventional ITU of a new generation, in which protection against threats of increased complexity is only an option.
The solution gives customers the opportunity to protect against modern threats not only the network, but also the end devices. AMP for Endpoint , AMP Threat Grid and Cisco Identity Services Engine are organically built into the platform. They enable ITU of a new generation of Firepower to improve efficiency and improve monitoring of the entire network and on end devices. AMP for Endpoint is the industry's best endpoint protection technology against modern malicious code that allows you to send your monitoring results directly to the new generation of ITU, Firepower. The Cisco Identity Services Engine (Cisco ISE) also sends context information directly to the ITU, which in turn can instruct Cisco ISE to automatically take network actions on its own behalf.
The threat-centered ITU of a new generation should be able to monitor and control access across the entire distributed network and at the end devices. Hardware security alone is no longer enough. Modern threats are so complex that they easily bypass systems that provide protection only at a certain point in time.
Speaking of threats, one should not forget that the creation and analysis of a truly high-quality product is the study and analysis of threats. A significant contribution to the development of ITU protection tools of a new generation of Cisco Firepower and other Cisco information security solutions is made by the division of Cisco Talos - the world's leading organization engaged in research and analysis of threats. It is thanks to Talos achievements that the effectiveness of Cisco security tools gets the highest score from independent testing. The new generation ITU, the new generation intrusion prevention system and the AMP system have successfully passed the tests of the NSS laboratory, which confirmed that the Cisco solution reflects more threats than any other such protective platform.
Source: https://habr.com/ru/post/306598/
All Articles