Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Application Security

2/16/2016
04:00 PM
Dark Reading
Dark Reading
Products and Releases
100%
0%

Fully Integrated, Threat-Focused Next-Generation Firewall from Cisco Enhances Protection from the Endpoints and Network to the Cloud

Innovations in Next-Generation Firewall Platform and New Security Segmentation Service Empower Customers to Better Defend Against Advanced Threats

SAN JOSE, CA, Feb. 16, 2016 – As global companies embrace new digital business opportunities, cybersecurity is regularly cited as a top concern impeding growth and innovation. To give businesses the confidence to pursue digital opportunities to enable growth, Cisco has made security a top priority and is today announcing innovations to its flagship Next-Generation Firewall. The goal: to deliver leading protection to keep organizations safer.

Cisco’s first fully integrated, threat-focused Cisco Firepower™ Next-Generation Firewall (NGFW) marks a significant departure from the focus of legacy NGFWs on application control. By focusing instead on threat defense, Cisco will help organizations better manage and minimize risk. Think of it as legacy NGFWs protecting “homes” by securing windows and doors, whereas Cisco’s approach is to identify, detect and protect against would-be burglars no matter how they try to gain access to a property.

Cisco is also introducing the Cisco Security Segmentation Service, an advisory service that helps organizations create security controls that enhance compliance, breach containment, threat detection, content security and data loss prevention across their IT infrastructure.

Both offerings are aimed at protecting against bold and resilient threats from increasingly sophisticated cyberattacks.

Firepower NGFW’s Threat-Focused Capabilities Set It Apart

Traditional NGFWs continue to focus on application enablement and control, which limit the ability to protect against the breadth of threats in today’s business environment. Cisco’s approach is different. Cisco empowers customers to easily manage and dynamically update protection from the endpoint to the network, and out to the cloud, by going beyond applications and identifying and stopping threats, both known and unknown.

Cisco’s Firepower NGFW is the industry’s first to link contextual information about how users are connecting to applications, with threat intelligence and policy enforcement. Gaining this level of visibility across a business environment accelerates threat detection and response, and enhances protection.

Cisco’s NGFW can also automate and fine-tune security measures to rapidly harden defenses, based on its ability to see vulnerabilities, assets and threats. The consistent and pervasive advanced security capabilities provide protection that point solutions cannot deliver.

Firepower NGFW Integrates Controls and Attack Detection and Response to Enable Business Growth

The new Cisco Firepower™ NGFW significantly improves the speed, simplicity and effectiveness of attack detection and response. It combines Cisco’s stateful firewalling technology and industry-leading threat services in a single solution. The threat services take protection to a new level, beyond application visibility and control, and include Next-Generation Intrusion Prevention System, Advanced Malware Protection and reputation-based URL filtering. 

Cisco’s integrated NGFW incorporates Cisco and complementary third-party solutions and uniquely enables intelligence and context to be shared between solutions. Now businesses can effectively correlate previously disparate pieces of information to identify and stop advanced attacks more rapidly wherever they may be. This has competitive implications for organizations looking to deploy cloud, virtual environment, new Internet of Things (IoT) solutions and mobile endpoints to securely drive new business opportunities.

New Firepower Appliances Launched for High-Performance Applications

Cisco is releasing new Cisco Firepower 4100 Series appliances for high-performance applications within mid- to large-sized organizations. They are the highest performing, density-optimized appliances in their class, capable of high-throughput and low latency threat inspection, sufficient for high-frequency trading and data center deployments. They are among the first with 40GbE network connectivity in a compact, one rack-unit space.

Firepower Management Center Integrates Security Solutions in Single Nerve Center

The new Cisco Firepower Management Center serves as the nerve center for the Firepower NGFW, providing a rich, unified management console. It features shared intelligence, shared contextual awareness, and consistent policy enforcement for the Cisco Firepower NGFW plus other Cisco security and network solutions.

Complementary third-party solutions, beginning with Radware for Distributed Denial of Service (DDoS), also are integrated through the Cisco Firepower Management Center. The management center provides rich, comprehensive management, delivering information and insight in a single console. Other NGFWs often require users to switch between three or more consoles to gain the same detail.

Security Segmentation Service Customizes Design to Manage Risk

The Cisco Security Segmentation Service is an advisory service that designs a custom-tailored framework that reduces risk, simplifies audit profiles, secures data and helps businesses comply with board-level requirements.  

Cisco Services has developed the Security Segmentation Service to help organizations create a strategic infrastructure segment strategy. Cisco’s approach is customer-specific, extends beyond the network, and incorporates reusable design patterns to apply security controls across compliance, breach containment, threat detection, content security, data loss prevention, and other distinct security disciplines.

Opportunities for Channel Partners

These new security offers provide Cisco channel partners with an expanded end-to-end portfolio and represent additional profitability opportunities. When combined with Cisco’s threat-centric security approach, channel partners are able to simplify and reduce costs of managing their customers’ security environments through a unified management platform. They also can increase cross-sell opportunities enabled by strong network integration, and drive new revenue streams through new services and licensing options.

In addition, Cisco is investing in developing security practice acceleration programs, training and enablement for both products and services so channel partners can fuel growth and increase profitability.

Supporting Quotes

“Attackers are getting bolder and coordinating their efforts. The industrialization of hacking is putting businesses on the defensive against a growing group of adversaries that steal information for profit. In the last three years, Cisco has spent billions in strategic cybersecurity acquisitions and internal innovations to help stay ahead of the world’s most malicious attacks that threaten organizations. For businesses to get real value and manage risk as they implement digital operational models, their security platforms need to integrate into the business and support growth opportunities. This means taking a threat-centric approach, with protection from the mobile endpoint to the cloud.”

“The Cisco Firepower NGFW acts as a unifying platform, integrating Cisco and third-party security solutions for increased correlation and context. The result is better protection, and faster detection and response to advanced threats. The Cisco Segmentation Service will help our customers build a dynamic, resilient secure infrastructure to combat threats in real-time.”

-- David Goeckeler, Senior Vice President and General Manager, Security Business Group, Cisco

 

 

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
US Formally Attributes SolarWinds Attack to Russian Intelligence Agency
Jai Vijayan, Contributing Writer,  4/15/2021
News
Dependency Problems Increase for Open Source Components
Robert Lemos, Contributing Writer,  4/14/2021
News
FBI Operation Remotely Removes Web Shells From Exchange Servers
Kelly Sheridan, Staff Editor, Dark Reading,  4/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Tell him only Kevin Mitnick and the President know the launch codes.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31607
PUBLISHED: 2021-04-23
In SaltStack Salt 2016.9 through 3002.6, a command injection vulnerability exists in the snapper module that allows for local privilege escalation on a minion. The attack requires that a file is created with a pathname that is backed up by snapper, and that the master calls the snapper.diff function...
CVE-2021-31597
PUBLISHED: 2021-04-23
The xmlhttprequest-ssl package before 1.6.1 for Node.js disables SSL certificate validation by default, because rejectUnauthorized (when the property exists but is undefined) is considered to be false within the https.request function of Node.js. In other words, no certificate is ever rejected.
CVE-2021-2296
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2297
PUBLISHED: 2021-04-22
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromi...
CVE-2021-2298
PUBLISHED: 2021-04-22
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.23 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attac...