IT Teams gain insight and focus with the industry’s most comprehensive NGFW management – before, during and after attacks.
As we discussed in our last two posts, most organizations today secure their networks using disparate technologies that are unable to work together. Legacy NGFWs are not threat-focused but rather focused rather on controlling applications. Nor are they fully integrated from a security perspective (which we covered in our last post) or from a management perspective, which we’ll tackle in this post.
In order to address their shortcomings in threat defense, today’s legacy NGFW will often have to introduce three or more additional security products, with three or more consoles to manage those siloed functions. The end result is a complex assortment of consoles to manage and thousands of unintegrated alerts to sift through, making security even more complex than it needs to be.
It is no secret that security teams are often understaffed or have too broad a mandate far beyond security to let them dive as deep on security as they’d like. Add three or more new security products and this situation will only get worse. Not to mention the difficulty in correlating all these views into something more useful. The legacy NGFW approach creates a management headache that we aimed to solve.
Enter the Cisco Firepower NGFW with its comprehensive management console, the Firepower Management Center. It is the nerve center of Cisco’s fully-integrated, threat-focused Firepower NGFW. The Firepower Management Center combines unparalleled visibility, intelligent automation, and deeply integrated security functionality that enables you to go from managing the firewall to controlling application use to investigating and remediating malware outbreaks with ease.
Let’s start with visibility. As we all recall, you can’t protect what you can’t see. Network and security operators need full visibility into users, access policies, mobile devices, client-side applications, operating systems, virtual machine-to-machine communications, vulnerabilities, threats and URLs — the visibility needed to protect today’s dynamic computing environments. Without this, it is near impossible to implement threat-centric security.
Firepower Management Center reduces the complexity of security operations by providing this visibility out-of-the-box, along with complete and unified management of firewalls, applications (over 4,000), intrusion prevention, URL filtering, and advanced malware protection.
What is unique is not just the unified management or the robust visibility, but how the Firepower Management Center combines the two with intelligent automation, resulting in better threat protection and contextual awareness. This also takes the burden off of IT teams so they can focus on what matters, enabling companies to gain more from their teams and resources. Some examples of this are:
- Automatically correlating new attack events with your network’s vulnerabilities in order to alert you to attacks that may have been successful. Your security team can focus on those events that matter the most. (See Figure 1)
- Analyzing your network’s vulnerabilities and automatically recommending the appropriate security policies to put in place. You can adapt your defenses to changing conditions and implement security measures tailored specifically to your network.
- Correlating specific events from network, endpoint, intrusion, and security intelligence sources. You’re alerted if individual hosts show signs of compromise from unknown attacks.
- Applying file policy criteria. If those are met, it automatically analyzes the file to identify known malware and/or sends the file to an integrated sandbox to identify unknown malware.
As mentioned above, Cisco Firepower NGFW also integrates Advanced Malware Protection (AMP) to allow for quick detection and mitigation of zero-day and targeted threats – even after an attack has taken place. Firepower Management Center contains features that give you the ability to track everywhere that malware has gone, scoping the extent of your infection. And a digital fingerprint of the malicious file can be placed in a custom rule, thereby stopping that malware from propagating elsewhere.
All of these capabilities are why reasons why Firepower NGFW moves the median time to detection from an industry average of 100 days down to less than one day.
Firepower Management Center uniquely makes life easier for stretched teams so they can direct their limited resources on the priority issues, while automating others – improving security while taking the stress off.
With Cisco Firepower NGFW, organizations are safer, more focused, and able to optimize resources so they can focus on what they do best.
For more information on our new Firepower NGFW, watch our launch webcast or visit Cisco.com/go/ngfw.
CONNECT WITH CISCO
LET US HELP
Call us: 1.800.553.6387 - Ext 118
US/Can | 5am-5pm Pacific Other Countries