Cisco’s first fully integrated, threat-focused Cisco Firepower Next-Generation Firewall (NGFW) marks a significant departure from the focus of legacy NGFWs on application control.
By focusing instead on threat defense, Cisco says the new firewall will help organizations better manage and minimize risk. Think of it as legacy NGFWs protecting “homes” by securing windows and doors, whereas Cisco’s approach is to identify, detect and protect against would-be burglars no matter how they try to gain access to a property.
Cisco is also introducing the Cisco Security Segmentation Service, an advisory service that helps organizations create security controls that enhance compliance, breach containment, threat detection, content security and data loss prevention across their IT infrastructure.
Both offerings are aimed at protecting against bold and resilient threats from increasingly sophisticated cyberattacks.
Firepower NGFW’s Threat-Focused Capabilities Set It Apart
Traditional NGFWs continue to focus on application enablement and control, which limit the ability to protect against the breadth of threats in today’s business environment. Cisco’s approach is different. Cisco empowers customers to easily manage and dynamically update protection from the endpoint to the network, and out to the cloud, by going beyond applications and identifying and stopping threats, both known and unknown.
Cisco’s Firepower NGFW is the industry’s first to link contextual information about how users are connecting to applications, with threat intelligence and policy enforcement. Gaining this level of visibility across a business environment accelerates threat detection and response, and enhances protection.
Cisco’s NGFW can also automate and fine-tune security measures to rapidly harden defenses, based on its ability to see vulnerabilities, assets and threats. The consistent and pervasive advanced security capabilities provide protection that point solutions cannot deliver.
Firepower NGFW Integrates Controls and Attack Detection and Response to Enable Business Growth
The new Cisco Firepower NGFW significantly improves the speed, simplicity and effectiveness of attack detection and response. It combines Cisco’s stateful firewalling technology and industry-leading threat services in a single solution. The threat services take protection to a new level, beyond application visibility and control, and include Next-Generation Intrusion Prevention System, Advanced Malware Protection and reputation-based URL filtering.
Cisco’s integrated NGFW incorporates Cisco and complementary third-party solutions and uniquely enables intelligence and context to be shared between solutions. Now businesses can effectively correlate previously disparate pieces of information to identify and stop advanced attacks more rapidly wherever they may be. This has competitive implications for organizations looking to deploy cloud, virtual environment, new Internet of Things (IoT) solutions and mobile endpoints to securely drive new business opportunities.
New Firepower Appliances Launched for High-Performance Applications
Cisco is releasing new Cisco Firepower 4100 Series appliances for high-performance applications within mid- to large-sized organizations. They are the highest performing, density-optimized appliances in their class, capable of high-throughput and low latency threat inspection, sufficient for high-frequency trading and data center deployments. They are among the first with 40GbE network connectivity in a compact, one rack-unit space.
Firepower Management Center Integrates Security Solutions in Single Nerve Center
The new Cisco Firepower Management Center serves as the nerve center for the Firepower NGFW, providing a rich, unified management console. It features shared intelligence, shared contextual awareness, and consistent policy enforcement for the Cisco Firepower NGFW plus other Cisco security and network solutions.
Complementary third-party solutions, beginning with Radware for Distributed Denial of Service (DDoS), also are integrated through the Cisco Firepower Management Center. The management center provides rich, comprehensive management, delivering information and insight in a single console. Other NGFWs often require users to switch between three or more consoles to gain the same detail.
Security Segmentation Service Customizes Design to Manage Risk
The Cisco Security Segmentation Service is an advisory service that designs a custom-tailored framework that reduces risk, simplifies audit profiles, secures data and helps businesses comply with board-level requirements.
Cisco Services has developed the Security Segmentation Service to help organizations create a strategic infrastructure segment strategy. Cisco’s approach is customer-specific, extends beyond the network, and incorporates reusable design patterns to apply security controls across compliance, breach containment, threat detection, content security, data loss prevention, and other distinct security disciplines.