Cisco is changing the way in which organisations protect themselves against sophisticated threats with the introduction of the industry’s first threat-focused next generation firewall. Cisco ASA with FirePOWER Services provides the full contextual awareness and dynamic controls needed to automatically assess threats, correlate intelligence and optimise defences to protect all networks.
By integrating the proven Cisco ASA 5500 Series firewall with application control, and the industry-leading Next Generation Intrusion Prevention Systems (NGIPS) and Advanced Malware Protection (AMP) from Sourcefire, Cisco is providing integrated threat defence across the entire attack continuum – before, during and after an attack.
Cisco ASA with FirePOWER Services is an adaptive, threat-focused next generation firewall that delivers superior multi-layered protection, extending its capabilities far beyond legacy solutions.
Until now, next generation firewalls have focused on policy and application control, and have been unable to address advanced and zero-day attacks. Cisco ASA with FirePOWER Services changes this dynamic, adopting a visibility-driven, threat-focused and platform-based approach.
• Visibility-driven: Delivering full contextual awareness of users, mobile devices, client-side apps, virtual machine‐to-machine communications, vulnerabilities, threats, URLs and other important telemetry. The enterprise-class management capabilities provide users with dashboards and drill-down reports of discovered hosts, suspect applications, threats and Indicators of Compromise (IoCs) for comprehensive visibility
• Threat-focused: Incorporating leading NGIPS for comprehensive protection from known and advanced threats, as well as AMP to combat zero-day and persistent attacks. Big data analytics, continuous analysis and Cisco Collective Security Intelligence (CSI) work together to provide detection, blocking, tracking, analysis and remediation capabilities protecting against the full spectrum of attacks – known and unknown
• Platform‐based: Cisco ASA with FirePOWER Services combines proven firewall functionality and application control, leading NGIPS capability and advanced breach detection and remediation in a single device. The integration provides organisations with better protection while also reducing operating costs and complexity. This new solution simplifies an organisation’s security architecture and reduces its network footprint with fewer security devices needed to manage and deploy and an ability to license subscriptions as well as extend functionality
Reducing times from breach to recovery
Given shifting business models and the fast-changing threat landscape, an organisation’s approach to reducing the time from breach to recovery needs to be truly integrated and threat-focused.
With mounting concern at the executive level regarding the threat of lost intellectual property and compromised customer information and confidence, organisations require broad coverage across all potential attack vectors that can rapidly adjust and learn from new attack methods and then implement that intelligence for protection.
Cisco ASA with FirePOWER Services provides that integrated threat defence to truly help businesses address their biggest security risks — advanced and zero-day threats.
Cisco ASA with FirePOWER Services provides superior visibility and continuous analysis to detect advanced, multi-vector threats and streamlines and automates responses for both known and unknown malware. It also offers holistic, actionable IoCs that speed threat investigation and retrospective remediation, along with integrated incident response scoping and automated detection policy updates.
All of these innovations are supported by an enterprise-class firewall, VPN, advanced clustering and granular application layer and risk-based controls that evoke tailored NGIPS threat detection policies to optimise security effectiveness.
Open source security integration with Snort, OpenAppID and ClamAV further allows end users to easily customise security and address new or specific threats and applications as quickly as possible.
Customers can gain the benefits of the solutions in two ways:
• Cisco ASA with FirePOWER Services (customers can purchase ASA 5500-X Series and ASA 5585-X Series firewall products with a bundled FirePOWER Services license)
• FirePOWER Services for Cisco ASA (customers can enable FirePOWER Services on existing ASA 5500-X Series and ASA 5585-X Series firewall products)
Along with its partners, Cisco also provides professional and technical security services to help accelerate migration from customers’ current security environments to the integrated threat defence of Cisco ASA with FirePOWER Services. With deep expertise, proven processes and tools and global resource availability, Cisco’s security services help organisations migrate quickly and with minimal disruption.
Industrialised hacking and sophisticated cyber crime
“In today’s climate of industrialised hacking and sophisticated cyber crime, we’ve entered an era in which legacy next generation firewall solutions are simply not enough to thwart attackers,” said Christopher Young, senior vice-president for the Security Business Group at Cisco.
“Now more than ever, organisations need to be able to implement dynamic controls to manage the pace of change of their environments and address security incidents. Cisco ASA with FirePOWER Services is a major step forward for the next generation firewall market, empowering customers to deepen their protection from the data centre through the network to the endpoint with the agility to identify, understand and stop advanced threats both in real-time and retrospectively.”
Kevin Kerr – CISO at Oak Ridge National Laboratory – added: “Like any high profile organisation, Oak Ridge National Laboratory must be diligent about its security strategy because the sad reality is that every organisation is the target of an attack. We saw this at first hand in 2011. We cannot afford another surprise malware attack to disrupt our operations, which is why we’re looking at the next generation of protective tools. Cisco ASA with FirePOWER Services is among some of the tools we are considering to help us defend the Lab.”
Further information about Cisco ASA with FirePOWER Services is available at: http://www.cisco.com/go/asafps