SlideShare una empresa de Scribd logo

Requirements When Considering a Next Generation Firewall

Cisco Security
Cisco Security

The checklist provided in this document details six must-have capabilities to look for when evaluating a next generation firewall (NGFW) to determine whether the solution can provide comprehensive protection for your entire enterprise. Download a copy here >> http://cs.co/9002xTG0

Tecnología
1 de 7
Descargar para leer sin conexión
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 7 White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a next- generation firewall (NGFW) to determine whether the solution can provide comprehensive protection for your entire enterprise. An NGFW must be able to: ● Integrate security functions tightly to provide highly effective threat and advanced malware protection ● Provide actionable indications of compromise to identify malware activity ● Offer comprehensive network visibility ● Help reduce complexity and costs ● Integrate and interface smoothly and transparently with third-party security solutions ● Provide investment protection Background Cybersecurity systems that rely exclusively on point-in-time defenses and techniques simply cannot keep pace with today’s sophisticated and ever-evolving multi-vector attack methods. In fact, according to the Cisco 2014 Annual Security Report, every organization should assume it has been hacked. 1 Cisco threat researchers found that malicious traffic was visible on 100 percent of the corporate networks that they observed, meaning there was evidence that adversaries had penetrated those networks and were probably operating undetected over a long period. 2 Today’s multi-vector and persistent threats, fluid IT environments, and increasing network speeds are prompting more organizations to seek an NGFW solution that can also provide layered threat protection and integrated threat defense with best-in-class security technologies that work together transparently. However, while a range of solutions have emerged to try to meet this need, the NGFW just described is rare. This checklist, and other purchase considerations outlined in this document, can help you confirm that you are investing in a truly effective NGFW solution. The firewall should provide a holistic view of the network, analyze real- time threats and network traffic effectively with scale, and help your organization defend against targeted and persistent malware attacks, including emerging threats. The Foundation As a first step in evaluating solutions, consider the foundation of the NGFW. This will be the starting point for your purchasing decision. To provide an integrated threat defense and multi-layered threat protection, the NGFW must 1 Cisco 2014 Annual Security Report: http://www.cisco.com/web/offers/lp/2014-annual-security-report/index.html. 2 Ibid.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 7 be built on a comprehensive stateful firewall foundation. Look also for a solution with a pedigree of proven performance. The NGFW foundation should feature an extensive stateful inspection engine that helps protect critical assets by providing comprehensive visibility into underlying threats. The NGFW also should be robust enough to deliver highly effective threat protection at scale, even when multiple services are enabled. In addition, it should be able to identify not only threats but also users and devices that are connected to the network, and monitor their activities to determine anomalies. The NGFW Checklist Consult this checklist to confirm that the NGFW solution you are considering can provide protection, enforce policy, achieve consistency, and capture and share context all at once, and at wire speed: ● The solution integrates security functions tightly to provide highly effective threat and advanced malware protection. An NGFW should have tightly integrated security layers that communicate with each other. New ways of working, such as cloud computing and mobility, are expanding the attack surface area; correlation of threat intelligence among all security layers can identify attacks that slip through typical gaps in protection and evade detection. This level of protection requires ongoing coordination between defenses on the network, endpoints, and the central management console to help security teams track threats and initiate remediation activities rapidly. Look for a threat-focused NGFW that offers comprehensive threat and advanced malware protection to identify and protect against threats. Threat detection capabilities in the NGFW solution should help security teams not only to discover and stop malware, but also to understand it. ● The NGFW provides actionable indications of compromise to identify malware activity. Indications of compromise, or IoCs, are “tags” on a host that indicate that an infection has probably occurred. IoCs correlate network and endpoint security intelligence. They can identify malware activity on hosts and endpoints and provide highly accurate visibility into suspect and malicious behavior. An NGFW solution with these capabilities leads to faster identification, containment, and remediation. ● The NGFW offers comprehensive network visibility. An NGFW should provide full contextual awareness with a clear, holistic view of what is happening on the network at all times: users and devices, communications between virtual machines, threats and vulnerabilities, applications and website accesses, file transfers, and more. Comprehensive network visibility should entail a continuous and passive monitoring of all the assets in your network. This information can be used, through automation, to optimize security effectiveness with dynamic controls that respond in real time to changes in the IT environment or threat landscape. The solution should provide real-time insight that helps security teams to identify and address security gaps, fine-tune security policy, and ultimately, reduce the number of significant events. The NGFW also should be capable of automating the defense response after an attack, including infection scoping and containment, further reducing the burden on security teams. ● The NGFW helps reduce complexity and costs.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 7 An NGFW that is effective against advanced threats unifies security across defense layers. An integrated, multi-layered approach can provide greater visibility into threats and consequently, better protection. Consolidating multiple boxes onto a single platform also eliminates the complexity and cost of purchasing and managing multiple solutions. Look for an NGFW that also provides: ● High scalability: An NGFW with multi-layered threat protection will allow security administrators to deliver consistent and robust security at scale to small branch offices, Internet edge sites, and even large data centers in both physical and virtual environments. ● Automation of routine security tasks: The NGFW solution should automate these activities: ◦ Impact assessment: The automatic correlation of threats against host vulnerability intelligence, network topology, and attack context helps security analysts focus their attention on only those intrusion events that warrant monitoring and a swift response. ◦ Policy tuning: The automation of provisioning, tuning, and consistent enforcement of security policies throughout the enterprise helps security teams optimize security effectiveness and respond in real time to changing conditions and new attacks. The automation of security policy management is especially critical for resource-strapped IT departments. ◦ User identification: The NGFW should be able to easily attribute user identities to security events. This saves security analysts time, helping them to contain and remediate threats more quickly. ● The NGFW integrates and interfaces smoothly and transparently with third-party security solutions. An NGFW solution can help improve your total cost of ownership (TCO) and reduce the complexity of maintaining effective security for your environment in another way: by easily integrating and interfacing with third-party technologies. These include vulnerability scanners, software management solutions, trouble-ticketing systems, and security information and event management (SIEM) platforms that you have already deployed or need to implement. Integration with third-party solutions deepens the multi-layered protection an NGFW solution provides by combining essential security layers into one platform. This approach simplifies security deployment and ongoing operational activities by supporting existing security technologies and sharing intelligence to coordinate and streamline responses. Look for an NGFW that supports a rich solution “ecosystem” through open APIs for third-party technologies including: ● Vulnerability management systems ● Network visualization and SIEM systems ● Network access control (NAC) ● Network forensics ● Event response workflow
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 7 OTHER PURCHASE CONSIDERATIONS: MIGRATION SERVICES AND TECHNICAL SUPPORT Migrating to an NGFW is a major undertaking. When moving to an NGFW, and away from third-party or traditional firewalls, look for a vendor that provides services to assist the migration. Onsite and remotely delivered professional migration services can help to simplify and speed the process. Any NGFW vendor, or its certified partners, should be able to provide deep experience, knowledge, leading practices, and tools to reduce disruption and support business continuity during the migration—and do so cost-effectively. The level and quality of technical support an NGFW vendor will provide to your organization during and after migration should also be included in your technology evaluation. Remote management services, for example, can help to reduce TCO by continuously monitoring and managing network security and freeing your IT talent to concentrate on key business priorities. In addition, services that provide an ongoing examination of security posture, policies, and the effectiveness of your security infrastructure help you to evolve and improve your security program. Technical assistance after installation of the NGFW solution is also an important consideration. Will the security vendor provide your IT personnel with anytime access (24 hours, 365 days a year) to specialized engineers? Will it provide flexible hardware coverage and proactive device diagnostics, self-support resources, tools, or online training? Are services and support available globally? Great technical support helps reduce network downtime and keeps your organization up and running. ● The NGFW solution provides investment protection. When preparing to invest in a next-generation security solution that can provide comprehensive protection for your whole enterprise, you may want to consider alternatives beyond a direct purchase. Look for an NGFW vendor that provides different purchasing options and gives your organization the opportunity to: ● Lower costs and improve productivity through shorter IT lifecycles and proactive management ● Renew technology assets in line with both your current business strategy and your future vision, and maintain predictable budgets ● Access end-to-end and affordable financing solutions that include hardware, software, and complementary third-party equipment An NGFW That Meets the Checklist: Cisco ASA with FirePOWER Services Cisco ASA with FirePOWER Services meets the criteria outlined in the checklist above. In fact, it is the only enterprise-class NGFW solution that delivers integrated threat defense across the entire attack continuum: before, during, and after an attack (see Figure 1). Figure 1. Integrated Threat Defense Across the Attack Continuum Cisco ASA with FirePOWER Services is the first adaptive, threat-focused NGFW designed for a new era of threat and advanced malware protection. Its dynamic controls provide unprecedented visibility and protection against threats in real time. The NGFW solution combines the proven security capabilities of: ● Cisco Adaptive Security Appliance (ASA), the world’s most widely deployed, enterprise-class stateful firewall with remote access VPN and advanced clustering for highly secure, high-performance access and high availability to help ensure business continuity.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 7 ● FirePOWER Services, the industry-leading threat and advanced malware protection from Sourcefire ® that delivers top-ranked threat effectiveness as measured in independent testing by NSS Labs. 3 Cisco ASA with FirePOWER Services: Multi-layered Threat Protection and Integrated Threat Defense in a Single Platform As shown in Figure 2, Cisco ASA with FirePOWER Services delivers the following features in one platform: ● Superior multi-layered threat protection from both known and unknown threats, including targeted and persistent malware attacks. ● Advanced Malware Protection (AMP) that provides industry-leading breach detection effectiveness, a low TCO, and superior protection value. It uses big data to detect, understand, and block advanced malware outbreaks. AMP provides the visibility and control needed to stop threats missed by other security layers. ● Actionable IOCs: Cisco ASA with FirePOWER Services provides holistic, actionable IoCs that correlate detailed network and endpoint event information, providing security teams with even deeper visibility into malware infections. The NGFW solution can also correlate all intrusion events and automatically conduct an impact assessment of an attack against the target. ● Comprehensive network visibility and control: Cisco ASA with FirePOWER Services is centrally managed by the Cisco FireSIGHT™ Management Center. It provides unprecedented network visibility and automation required to respond to changing conditions and new attacks. With the FireSIGHT Management Center, security teams can see what is happening on the network at all times: users, devices, communications between virtual machines, vulnerabilities, threats, client-side applications, files, and websites. The industry-leading Cisco ASA with FirePOWER Services next-generation intrusion prevention system (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multi-vector threats and automate defense response. Content awareness with malware file trajectory aids infection scoping and root cause determination to speed time to remediation. Administrators can manage hundreds of appliances centrally using the FireSIGHT Management Center. And with the granular Application Visibility and Control (AVC) that Cisco ASA with FirePOWER Services provides, they can optimize security effectiveness with 3000 application-layer and risk-based controls that can invoke tailored IPS threat detection policies. ● Automation—to reduce cost and complexity: The Cisco FireSIGHT Management Center also helps administrators streamline operations to correlate threats, assess their impact, automatically tune security policy, and easily attribute user identities to security events. It continually monitors how the network changes over time, automatically assessing threats to determine which require immediate attention. With this insight, security teams can focus response efforts on remediation and adapt network defenses. 3 “NSS Labs Security Value Map for Breach Detection Systems: Sourcefire Advanced Malware Protection Is a Leader in Security Effectiveness and TCO,” Sourcefire.com: https://info.sourcefire.com/NSSBreachDetectionReportSEM.html?gclid=Cj0KEQjw7b- gBRC45uLY_avSrdgBEiQAD3Olx8BtffrsQkNYs3AtCojRqyy42V1yLfGyh78OMov3iUAaAlNc8P8HAQ.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 6 of 7 ● Third-party integration: Cisco ASA with FirePOWER Services can interface smoothly and transparently with third-party security solutions, including vulnerability management scanners, software management, and trouble-ticketing systems, to improve TCO. You get the benefits of an open system that interfaces with Cisco OpenSource capabilities. OpenAppID, an open, application-focused detection language and processing module for Snort ® , the IPS and intrusion detection system (IPS/IDS) developed by Sourcefire, lets IT teams create, share, and implement application detection. Figure 2. Cisco ASA with FirePOWER Services Cisco ASA with FirePOWER Services: Additional Purchase Considerations When you select Cisco ASA with FirePOWER Services as your NGFW solution, you will have access to: ● Investment protection: Cisco Capital ® financing is available with terms that meet your business and budgetary requirements. With a fair-market-value lease from Cisco Capital, you can pay for the use of the equipment, not its ownership. You have the flexibility to upgrade or refresh your equipment as needed while eliminating technology obsolescence. ● Services and technical support: Cisco has achieved certification under the J.D. Power Certified Technology Service and Support Program for five consecutive years and eight years overall. 4 Cisco services and support offerings for Cisco ASA with FirePOWER Services include: ◦ Cisco Migration Services for Firewalls, delivered by Cisco security engineers or Cisco Security Specialized Partners, help organizations migrate smoothly to Cisco ASA with FirePOWER Services. Cisco provides expert guidance and support to help maintain security during a migration and to improve the accuracy and completeness of the process. ◦ Cisco Remote Management Services help reduce TCO further by continuously managing security networks and freeing your IT resources to concentrate on other value-adding business priorities. ◦ Cisco Network Optimization Services feature smart analytic tools with an intuitive graphics interface to deliver unmatched insight into network performance, so customers can reduce network complexity, improve operational excellence, monitor policy compliance, mitigate risks, and proactively detect and preempt potential network disruptions. The service dramatically improves return on investment, exceeding 120 percent in a study by Forrester Research. 5 4 “Cisco Recognized for Excellence in Certified Technology Service and Support Program for a Fifth Consecutive Year and Eighth Year Overall,” J.D. Power media release, July 21, 2014: http://www.jdpower.com/press-releases/certified-technology-service-and- support-program#sthash.7oyGxBUo.dpuf. 5 The Total Economic Impact™ of Cisco SP Network Optimization Service and Focused Technical Support, report prepared for Cisco by Forrester Research, November 2009: http://www.cisco.com/en/US/services/ps6889/TEI_of_SP_NOS_FTS_Forrester.pdf.
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 7 of 7 ◦ Cisco SMARTnet ® Service helps to reduce network downtime and other critical network issues with access to expert technical support 24 hours, 365 days a year, as well as flexible hardware coverage and proactive device diagnostics. To Download the Software Visit the Cisco Software Center to download Cisco ASA with FirePOWER Services software. For More Information To learn more, visit: ● www.cisco.com/go/asafps for more about Cisco ASA with FirePOWER Services ● www.cisco.com/go/asa for more about Cisco ASA 5500-X Series Next-Generation Firewalls ● www.cisco.com/go/services/security for more about Cisco Migration Services for Firewalls ● www.cisco.com/go/smartnet for more about Cisco SMARTnet Service ● www.ciscocapital.com for additional information and links to local Cisco Capital representatives Printed in USA C11-733098-00 10/14

Recomendados

Midsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityMidsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityCisco Security
 
Integrated Network Security Strategies
Integrated Network Security StrategiesIntegrated Network Security Strategies
Integrated Network Security StrategiesCisco Security
 
Balance Data Center Security and Performance
Balance Data Center Security and PerformanceBalance Data Center Security and Performance
Balance Data Center Security and PerformanceCisco Security
 
Data Center Security Challenges
Data Center Security ChallengesData Center Security Challenges
Data Center Security ChallengesCisco Security
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersCisco Security
 
A Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityA Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityCisco Security
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Cisco Security
 
Cisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco Security
 

Recomendados

Midsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityMidsize Business Solutions: Cybersecurity
Midsize Business Solutions: CybersecurityCisco Security
 
Integrated Network Security Strategies
Integrated Network Security StrategiesIntegrated Network Security Strategies
Integrated Network Security StrategiesCisco Security
 
Balance Data Center Security and Performance
Balance Data Center Security and PerformanceBalance Data Center Security and Performance
Balance Data Center Security and PerformanceCisco Security
 
Data Center Security Challenges
Data Center Security ChallengesData Center Security Challenges
Data Center Security ChallengesCisco Security
 
Infographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersInfographic: Security for Mobile Service Providers
Infographic: Security for Mobile Service ProvidersCisco Security
 
A Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityA Reality Check on the State of Cybersecurity
A Reality Check on the State of CybersecurityCisco Security
 
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...
Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...Cisco Security
 
Cisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco ISE Reduces the Attack Surface by Controlling Access
Cisco ISE Reduces the Attack Surface by Controlling AccessCisco Security
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of InactivityCisco Security
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation FirewallCisco Security
 
The Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicThe Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicCisco Security
 
AMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsAMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsCisco Security
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsCisco Security
 
มอสซี่ บัสเตอร์
มอสซี่ บัสเตอร์มอสซี่ บัสเตอร์
มอสซี่ บัสเตอร์Neannapa Khajornmot
 
Republika wawancara
Republika wawancaraRepublika wawancara
Republika wawancaraArya Ningrat
 
Daftar usul zainab 1
Daftar usul zainab 1Daftar usul zainab 1
Daftar usul zainab 1Arya Ningrat
 
Fathers day
Fathers dayFathers day
Fathers dayamartaindale
 
Bab 1 nifas 2
Bab 1 nifas 2Bab 1 nifas 2
Bab 1 nifas 2Arya Ningrat
 
Privacy & Analytics: Yeti or Snow Fairy?
Privacy & Analytics: Yeti or Snow Fairy?Privacy & Analytics: Yeti or Snow Fairy?
Privacy & Analytics: Yeti or Snow Fairy?FLUZO
 
Incident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityIncident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityCisco Security
 
Cisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco Security
 
Enterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyEnterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyCisco Security
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardCisco Security
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 
The Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessThe Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessCisco Security
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco Security
 
String of Paerls Infographic
String of Paerls InfographicString of Paerls Infographic
String of Paerls InfographicCisco Security
 

Más contenido relacionado

Destacado

Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkCisco Security
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of InactivityCisco Security
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation FirewallCisco Security
 
The Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicThe Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicCisco Security
 
AMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsAMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsCisco Security
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsCisco Security
 
มอสซี่ บัสเตอร์
มอสซี่ บัสเตอร์มอสซี่ บัสเตอร์
มอสซี่ บัสเตอร์Neannapa Khajornmot
 
Republika wawancara
Republika wawancaraRepublika wawancara
Republika wawancaraArya Ningrat
 
Daftar usul zainab 1
Daftar usul zainab 1Daftar usul zainab 1
Daftar usul zainab 1Arya Ningrat
 
Privacy & Analytics: Yeti or Snow Fairy?
Privacy & Analytics: Yeti or Snow Fairy?Privacy & Analytics: Yeti or Snow Fairy?
Privacy & Analytics: Yeti or Snow Fairy?FLUZO
 

Destacado (13)

Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
Pervasive Security Across Your Extended Network
Pervasive Security Across Your Extended NetworkPervasive Security Across Your Extended Network
Pervasive Security Across Your Extended Network
 
Malware and the Cost of Inactivity
Malware and the Cost of InactivityMalware and the Cost of Inactivity
Malware and the Cost of Inactivity
 
3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall3 Tips for Choosing a Next Generation Firewall
3 Tips for Choosing a Next Generation Firewall
 
The Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware InfographicThe Cost of Inactivity: Malware Infographic
The Cost of Inactivity: Malware Infographic
 
AMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threatsAMP Helps Cisco IT Catch 50% More Malware threats
AMP Helps Cisco IT Catch 50% More Malware threats
 
Laser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect AssetsLaser Pioneer Secures Network End-to-End to Protect Assets
Laser Pioneer Secures Network End-to-End to Protect Assets
 
มอสซี่ บัสเตอร์
มอสซี่ บัสเตอร์มอสซี่ บัสเตอร์
มอสซี่ บัสเตอร์
 
Republika wawancara
Republika wawancaraRepublika wawancara
Republika wawancara
 
Daftar usul zainab 1
Daftar usul zainab 1Daftar usul zainab 1
Daftar usul zainab 1
 
Fathers day
Fathers dayFathers day
Fathers day
 
Bab 1 nifas 2
Bab 1 nifas 2Bab 1 nifas 2
Bab 1 nifas 2
 
Privacy & Analytics: Yeti or Snow Fairy?
Privacy & Analytics: Yeti or Snow Fairy?Privacy & Analytics: Yeti or Snow Fairy?
Privacy & Analytics: Yeti or Snow Fairy?
 

Más de Cisco Security

Incident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityIncident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityCisco Security
 
Cisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco Security
 
Enterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyEnterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyCisco Security
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Security
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardCisco Security
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Cisco Security
 
The Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessThe Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessCisco Security
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco Security
 
String of Paerls Infographic
String of Paerls InfographicString of Paerls Infographic
String of Paerls InfographicCisco Security
 
Midyear Security Report Infographic
Midyear Security Report InfographicMidyear Security Report Infographic
Midyear Security Report InfographicCisco Security
 
Cisco Annual Security Report Infographic
Cisco Annual Security Report InfographicCisco Annual Security Report Infographic
Cisco Annual Security Report InfographicCisco Security
 
City of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation SecurityCity of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation SecurityCisco Security
 
McAllen Intermediate School District
McAllen Intermediate School DistrictMcAllen Intermediate School District
McAllen Intermediate School DistrictCisco Security
 
Leveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient DataLeveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient DataCisco Security
 
William Paterson University
William Paterson UniversityWilliam Paterson University
William Paterson UniversityCisco Security
 

Más de Cisco Security (15)

Incident Response Services Template - Cisco Security
Incident Response Services Template - Cisco SecurityIncident Response Services Template - Cisco Security
Incident Response Services Template - Cisco Security
 
Cisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide DeckCisco 2015 Midyear Security Report Slide Deck
Cisco 2015 Midyear Security Report Slide Deck
 
Enterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security SurveyEnterprise Strategy Group: Security Survey
Enterprise Strategy Group: Security Survey
 
Cisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack ContinuumCisco Addresses the Full Attack Continuum
Cisco Addresses the Full Attack Continuum
 
Infonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor ScorecardInfonetics Network and Content Security Vendor Scorecard
Infonetics Network and Content Security Vendor Scorecard
 
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
Gartner Newsletter: Cisco TrustSec Deployed Across Enterprise Campus, Branch ...
 
The Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network AccessThe Evolution of and Need for Secure Network Access
The Evolution of and Need for Secure Network Access
 
Cisco 2014 Midyear Security Report
Cisco 2014 Midyear Security ReportCisco 2014 Midyear Security Report
Cisco 2014 Midyear Security Report
 
String of Paerls Infographic
String of Paerls InfographicString of Paerls Infographic
String of Paerls Infographic
 
Midyear Security Report Infographic
Midyear Security Report InfographicMidyear Security Report Infographic
Midyear Security Report Infographic
 
Cisco Annual Security Report Infographic
Cisco Annual Security Report InfographicCisco Annual Security Report Infographic
Cisco Annual Security Report Infographic
 
City of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation SecurityCity of Tomorrow Builds in Next-Generation Security
City of Tomorrow Builds in Next-Generation Security
 
McAllen Intermediate School District
McAllen Intermediate School DistrictMcAllen Intermediate School District
McAllen Intermediate School District
 
Leveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient DataLeveraging Context-Aware Security to Safeguard Patient Data
Leveraging Context-Aware Security to Safeguard Patient Data
 
William Paterson University
William Paterson UniversityWilliam Paterson University
William Paterson University
 

Último

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 

Último (20)

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 

Requirements When Considering a Next Generation Firewall

  • 1. © 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 1 of 7 White Paper Requirements When Considering a Next- Generation Firewall What You Will Learn The checklist provided in this document details six must-have capabilities to look for when evaluating a next- generation firewall (NGFW) to determine whether the solution can provide comprehensive protection for your entire enterprise. An NGFW must be able to: ● Integrate security functions tightly to provide highly effective threat and advanced malware protection ● Provide actionable indications of compromise to identify malware activity ● Offer comprehensive network visibility ● Help reduce complexity and costs ● Integrate and interface smoothly and transparently with third-party security solutions ● Provide investment protection Background Cybersecurity systems that rely exclusively on point-in-time defenses and techniques simply cannot keep pace with today’s sophisticated and ever-evolving multi-vector attack methods. In fact, according to the Cisco 2014 Annual Security Report, every organization should assume it has been hacked. 1 Cisco threat researchers found that malicious traffic was visible on 100 percent of the corporate networks that they observed, meaning there was evidence that adversaries had penetrated those networks and were probably operating undetected over a long period. 2 Today’s multi-vector and persistent threats, fluid IT environments, and increasing network speeds are prompting more organizations to seek an NGFW solution that can also provide layered threat protection and integrated threat defense with best-in-class security technologies that work together transparently. However, while a range of solutions have emerged to try to meet this need, the NGFW just described is rare. This checklist, and other purchase considerations outlined in this document, can help you confirm that you are investing in a truly effective NGFW solution. The firewall should provide a holistic view of the network, analyze real- time threats and network traffic effectively with scale, and help your organization defend against targeted and persistent malware attacks, including emerging threats. The Foundation As a first step in evaluating solutions, consider the foundation of the NGFW. This will be the starting point for your purchasing decision. To provide an integrated threat defense and multi-layered threat protection, the NGFW must 1 Cisco 2014 Annual Security Report: http://www.cisco.com/web/offers/lp/2014-annual-security-report/index.html. 2 Ibid.
  • 2. © 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 2 of 7 be built on a comprehensive stateful firewall foundation. Look also for a solution with a pedigree of proven performance. The NGFW foundation should feature an extensive stateful inspection engine that helps protect critical assets by providing comprehensive visibility into underlying threats. The NGFW also should be robust enough to deliver highly effective threat protection at scale, even when multiple services are enabled. In addition, it should be able to identify not only threats but also users and devices that are connected to the network, and monitor their activities to determine anomalies. The NGFW Checklist Consult this checklist to confirm that the NGFW solution you are considering can provide protection, enforce policy, achieve consistency, and capture and share context all at once, and at wire speed: ● The solution integrates security functions tightly to provide highly effective threat and advanced malware protection. An NGFW should have tightly integrated security layers that communicate with each other. New ways of working, such as cloud computing and mobility, are expanding the attack surface area; correlation of threat intelligence among all security layers can identify attacks that slip through typical gaps in protection and evade detection. This level of protection requires ongoing coordination between defenses on the network, endpoints, and the central management console to help security teams track threats and initiate remediation activities rapidly. Look for a threat-focused NGFW that offers comprehensive threat and advanced malware protection to identify and protect against threats. Threat detection capabilities in the NGFW solution should help security teams not only to discover and stop malware, but also to understand it. ● The NGFW provides actionable indications of compromise to identify malware activity. Indications of compromise, or IoCs, are “tags” on a host that indicate that an infection has probably occurred. IoCs correlate network and endpoint security intelligence. They can identify malware activity on hosts and endpoints and provide highly accurate visibility into suspect and malicious behavior. An NGFW solution with these capabilities leads to faster identification, containment, and remediation. ● The NGFW offers comprehensive network visibility. An NGFW should provide full contextual awareness with a clear, holistic view of what is happening on the network at all times: users and devices, communications between virtual machines, threats and vulnerabilities, applications and website accesses, file transfers, and more. Comprehensive network visibility should entail a continuous and passive monitoring of all the assets in your network. This information can be used, through automation, to optimize security effectiveness with dynamic controls that respond in real time to changes in the IT environment or threat landscape. The solution should provide real-time insight that helps security teams to identify and address security gaps, fine-tune security policy, and ultimately, reduce the number of significant events. The NGFW also should be capable of automating the defense response after an attack, including infection scoping and containment, further reducing the burden on security teams. ● The NGFW helps reduce complexity and costs.
  • 3. © 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 3 of 7 An NGFW that is effective against advanced threats unifies security across defense layers. An integrated, multi-layered approach can provide greater visibility into threats and consequently, better protection. Consolidating multiple boxes onto a single platform also eliminates the complexity and cost of purchasing and managing multiple solutions. Look for an NGFW that also provides: ● High scalability: An NGFW with multi-layered threat protection will allow security administrators to deliver consistent and robust security at scale to small branch offices, Internet edge sites, and even large data centers in both physical and virtual environments. ● Automation of routine security tasks: The NGFW solution should automate these activities: ◦ Impact assessment: The automatic correlation of threats against host vulnerability intelligence, network topology, and attack context helps security analysts focus their attention on only those intrusion events that warrant monitoring and a swift response. ◦ Policy tuning: The automation of provisioning, tuning, and consistent enforcement of security policies throughout the enterprise helps security teams optimize security effectiveness and respond in real time to changing conditions and new attacks. The automation of security policy management is especially critical for resource-strapped IT departments. ◦ User identification: The NGFW should be able to easily attribute user identities to security events. This saves security analysts time, helping them to contain and remediate threats more quickly. ● The NGFW integrates and interfaces smoothly and transparently with third-party security solutions. An NGFW solution can help improve your total cost of ownership (TCO) and reduce the complexity of maintaining effective security for your environment in another way: by easily integrating and interfacing with third-party technologies. These include vulnerability scanners, software management solutions, trouble-ticketing systems, and security information and event management (SIEM) platforms that you have already deployed or need to implement. Integration with third-party solutions deepens the multi-layered protection an NGFW solution provides by combining essential security layers into one platform. This approach simplifies security deployment and ongoing operational activities by supporting existing security technologies and sharing intelligence to coordinate and streamline responses. Look for an NGFW that supports a rich solution “ecosystem” through open APIs for third-party technologies including: ● Vulnerability management systems ● Network visualization and SIEM systems ● Network access control (NAC) ● Network forensics ● Event response workflow
  • 4. © 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 4 of 7 OTHER PURCHASE CONSIDERATIONS: MIGRATION SERVICES AND TECHNICAL SUPPORT Migrating to an NGFW is a major undertaking. When moving to an NGFW, and away from third-party or traditional firewalls, look for a vendor that provides services to assist the migration. Onsite and remotely delivered professional migration services can help to simplify and speed the process. Any NGFW vendor, or its certified partners, should be able to provide deep experience, knowledge, leading practices, and tools to reduce disruption and support business continuity during the migration—and do so cost-effectively. The level and quality of technical support an NGFW vendor will provide to your organization during and after migration should also be included in your technology evaluation. Remote management services, for example, can help to reduce TCO by continuously monitoring and managing network security and freeing your IT talent to concentrate on key business priorities. In addition, services that provide an ongoing examination of security posture, policies, and the effectiveness of your security infrastructure help you to evolve and improve your security program. Technical assistance after installation of the NGFW solution is also an important consideration. Will the security vendor provide your IT personnel with anytime access (24 hours, 365 days a year) to specialized engineers? Will it provide flexible hardware coverage and proactive device diagnostics, self-support resources, tools, or online training? Are services and support available globally? Great technical support helps reduce network downtime and keeps your organization up and running. ● The NGFW solution provides investment protection. When preparing to invest in a next-generation security solution that can provide comprehensive protection for your whole enterprise, you may want to consider alternatives beyond a direct purchase. Look for an NGFW vendor that provides different purchasing options and gives your organization the opportunity to: ● Lower costs and improve productivity through shorter IT lifecycles and proactive management ● Renew technology assets in line with both your current business strategy and your future vision, and maintain predictable budgets ● Access end-to-end and affordable financing solutions that include hardware, software, and complementary third-party equipment An NGFW That Meets the Checklist: Cisco ASA with FirePOWER Services Cisco ASA with FirePOWER Services meets the criteria outlined in the checklist above. In fact, it is the only enterprise-class NGFW solution that delivers integrated threat defense across the entire attack continuum: before, during, and after an attack (see Figure 1). Figure 1. Integrated Threat Defense Across the Attack Continuum Cisco ASA with FirePOWER Services is the first adaptive, threat-focused NGFW designed for a new era of threat and advanced malware protection. Its dynamic controls provide unprecedented visibility and protection against threats in real time. The NGFW solution combines the proven security capabilities of: ● Cisco Adaptive Security Appliance (ASA), the world’s most widely deployed, enterprise-class stateful firewall with remote access VPN and advanced clustering for highly secure, high-performance access and high availability to help ensure business continuity.
  • 5. © 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 5 of 7 ● FirePOWER Services, the industry-leading threat and advanced malware protection from Sourcefire ® that delivers top-ranked threat effectiveness as measured in independent testing by NSS Labs. 3 Cisco ASA with FirePOWER Services: Multi-layered Threat Protection and Integrated Threat Defense in a Single Platform As shown in Figure 2, Cisco ASA with FirePOWER Services delivers the following features in one platform: ● Superior multi-layered threat protection from both known and unknown threats, including targeted and persistent malware attacks. ● Advanced Malware Protection (AMP) that provides industry-leading breach detection effectiveness, a low TCO, and superior protection value. It uses big data to detect, understand, and block advanced malware outbreaks. AMP provides the visibility and control needed to stop threats missed by other security layers. ● Actionable IOCs: Cisco ASA with FirePOWER Services provides holistic, actionable IoCs that correlate detailed network and endpoint event information, providing security teams with even deeper visibility into malware infections. The NGFW solution can also correlate all intrusion events and automatically conduct an impact assessment of an attack against the target. ● Comprehensive network visibility and control: Cisco ASA with FirePOWER Services is centrally managed by the Cisco FireSIGHT™ Management Center. It provides unprecedented network visibility and automation required to respond to changing conditions and new attacks. With the FireSIGHT Management Center, security teams can see what is happening on the network at all times: users, devices, communications between virtual machines, vulnerabilities, threats, client-side applications, files, and websites. The industry-leading Cisco ASA with FirePOWER Services next-generation intrusion prevention system (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multi-vector threats and automate defense response. Content awareness with malware file trajectory aids infection scoping and root cause determination to speed time to remediation. Administrators can manage hundreds of appliances centrally using the FireSIGHT Management Center. And with the granular Application Visibility and Control (AVC) that Cisco ASA with FirePOWER Services provides, they can optimize security effectiveness with 3000 application-layer and risk-based controls that can invoke tailored IPS threat detection policies. ● Automation—to reduce cost and complexity: The Cisco FireSIGHT Management Center also helps administrators streamline operations to correlate threats, assess their impact, automatically tune security policy, and easily attribute user identities to security events. It continually monitors how the network changes over time, automatically assessing threats to determine which require immediate attention. With this insight, security teams can focus response efforts on remediation and adapt network defenses. 3 “NSS Labs Security Value Map for Breach Detection Systems: Sourcefire Advanced Malware Protection Is a Leader in Security Effectiveness and TCO,” Sourcefire.com: https://info.sourcefire.com/NSSBreachDetectionReportSEM.html?gclid=Cj0KEQjw7b- gBRC45uLY_avSrdgBEiQAD3Olx8BtffrsQkNYs3AtCojRqyy42V1yLfGyh78OMov3iUAaAlNc8P8HAQ.
  • 6. © 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 6 of 7 ● Third-party integration: Cisco ASA with FirePOWER Services can interface smoothly and transparently with third-party security solutions, including vulnerability management scanners, software management, and trouble-ticketing systems, to improve TCO. You get the benefits of an open system that interfaces with Cisco OpenSource capabilities. OpenAppID, an open, application-focused detection language and processing module for Snort ® , the IPS and intrusion detection system (IPS/IDS) developed by Sourcefire, lets IT teams create, share, and implement application detection. Figure 2. Cisco ASA with FirePOWER Services Cisco ASA with FirePOWER Services: Additional Purchase Considerations When you select Cisco ASA with FirePOWER Services as your NGFW solution, you will have access to: ● Investment protection: Cisco Capital ® financing is available with terms that meet your business and budgetary requirements. With a fair-market-value lease from Cisco Capital, you can pay for the use of the equipment, not its ownership. You have the flexibility to upgrade or refresh your equipment as needed while eliminating technology obsolescence. ● Services and technical support: Cisco has achieved certification under the J.D. Power Certified Technology Service and Support Program for five consecutive years and eight years overall. 4 Cisco services and support offerings for Cisco ASA with FirePOWER Services include: ◦ Cisco Migration Services for Firewalls, delivered by Cisco security engineers or Cisco Security Specialized Partners, help organizations migrate smoothly to Cisco ASA with FirePOWER Services. Cisco provides expert guidance and support to help maintain security during a migration and to improve the accuracy and completeness of the process. ◦ Cisco Remote Management Services help reduce TCO further by continuously managing security networks and freeing your IT resources to concentrate on other value-adding business priorities. ◦ Cisco Network Optimization Services feature smart analytic tools with an intuitive graphics interface to deliver unmatched insight into network performance, so customers can reduce network complexity, improve operational excellence, monitor policy compliance, mitigate risks, and proactively detect and preempt potential network disruptions. The service dramatically improves return on investment, exceeding 120 percent in a study by Forrester Research. 5 4 “Cisco Recognized for Excellence in Certified Technology Service and Support Program for a Fifth Consecutive Year and Eighth Year Overall,” J.D. Power media release, July 21, 2014: http://www.jdpower.com/press-releases/certified-technology-service-and- support-program#sthash.7oyGxBUo.dpuf. 5 The Total Economic Impact™ of Cisco SP Network Optimization Service and Focused Technical Support, report prepared for Cisco by Forrester Research, November 2009: http://www.cisco.com/en/US/services/ps6889/TEI_of_SP_NOS_FTS_Forrester.pdf.
  • 7. © 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public. Page 7 of 7 ◦ Cisco SMARTnet ® Service helps to reduce network downtime and other critical network issues with access to expert technical support 24 hours, 365 days a year, as well as flexible hardware coverage and proactive device diagnostics. To Download the Software Visit the Cisco Software Center to download Cisco ASA with FirePOWER Services software. For More Information To learn more, visit: ● www.cisco.com/go/asafps for more about Cisco ASA with FirePOWER Services ● www.cisco.com/go/asa for more about Cisco ASA 5500-X Series Next-Generation Firewalls ● www.cisco.com/go/services/security for more about Cisco Migration Services for Firewalls ● www.cisco.com/go/smartnet for more about Cisco SMARTnet Service ● www.ciscocapital.com for additional information and links to local Cisco Capital representatives Printed in USA C11-733098-00 10/14