Cisco Secure Firewalls
Anchor your data center networking strategy. Ultra-reliable performance. Scalable infrastructure. Put a data center switching powerhouse at the heart of your network and be amazed at what's possible.
Turn your entire network into an extension of your security architecture
As our business-critical applications are a blend of cloud and on-premise based and users need secure access to resources from everywhere, the traditional firewall approach no longer works. Our single network perimeter has evolved to multiple micro-perimeters. For many organisations the application is the new perimeter, and traditional firewall deployments have evolved to a mixture of physical, virtual and cloud-native appliances. As a result, organisations are struggling to operationalise support for modern application environments. The challenges of how to maintain consistent visibility, policy enforcement and uniform threat visibility without opening vulnerabilities that expose the organisation to risk.
At Cisco, we’re building a network security vision, NetWORK, that enables a more agile, automated and integrated approach for harmonising policies and enforcement across modern dynamic applications and increasingly heterogenous networks. Secure Firewall gives you the deepest set of integrations between core networking functions and network security, delivering the most secure architecture ever. The result is a complete security portfolio that protects your applications and users everywhere.
Benefits
● Real-time, unified, workload and network security for integrated control across dynamic application environments
● Platform approach to network security, leveraging and sharing intelligence from key sources for faster detection, response and remediation Safeguard remote workers with highly secure enterprise access anytime, anywhere, from any device, with powerful threat prevention capabilities that protect the organisation, users and critical applications
● SecureX™ entitlement included with every Cisco® Secure Firewall, for a tightly integrated approach to security that enables threat correlation across the Cisco Secure portfolio and accelerates incident response
Why Cisco?
The Cisco Secure Firewall portfolio delivers greater protections for your network against an increasingly evolving and complex set of threats. With Cisco, you’re investing in a foundation for security that is both agile and integrated, leading to the strongest security posture available today and tomorrow.
From your data centre, branch offices, cloud environments and everywhere in between, you can leverage the power of Cisco to turn your existing network infrastructure into an extension of your firewall solution, resulting in world-class security controls everywhere you need them.
Investing in a Secure Firewall appliance today gives you robust protections against even the most sophisticated threats without compromising performance when inspecting encrypted traffic. Further, integrations with other Cisco and 3rd party solutions provides you with a broad and deep portfolio of security products, all working together to correlate previously disconnected events, eliminate noise and stop threats faster.
Superior visibility and control
Threats have become more sophisticated, and networks have become more complex. Very few, if any, organisations have the resources to dedicate to staying up to date and successfully fend off all these constantly emerging and evolving threats.
As threats and networks become more complex, it is imperative to have the right tools to protect your data, applications and networks. Cisco Secure Firewalls have the power and flexibility that you need to stay one step ahead of threats. They offer a dramatic 3x performance boost over the previous generation of appliances, in addition to unique hardware-based capabilities for inspecting encrypted traffic at scale. In addition, the human-readable rules of Snort 3 IPS help simplify security. eDynamic application visibility and control is available through the Cisco Secure Workload integration, for consistent protection for today’s modern applications across the network and workload.
Simplified and consistent policy management
With the Secure Firewall portfolio, you gain a stronger security posture, equipped with future-ready, flexible management. Cisco offers a variety of management options tailored to meet your business needs:
● Cisco Secure Firewall Device Manager: Manages a single firewall locally; on-device management solution to the Firewall Threat Defense
● Cisco Secure Firewall Management Center: Manages a large-scale firewall deployment; available in all form factors, such as on-premises, private cloud, public cloud and Software as a Service (SaaS)
● Cisco Defense Orchestrator: A cloud-based manager that streamlines security policies and device management across multiple Cisco products, such as Cisco Secure Firewall, Meraki MX and Cisco IOS® devices
Cisco also offers Cisco Security Analytics and Logging for scalable log management. It enhances threat detection and meets compliance mandates across the organisation with longer retention and behavioural analysis capabilities.
Cisco Secure Firewall advanced capabilities
Advanced Capability | Details |
|---|---|
Cisco Secure Workload integration | ● Cisco Secure Workload (Tetration) integration enables comprehensive visibility and policy enforcement for modern distributed and dynamic applications across the network and workload for consistent enforcement in a scalable manner |
Cisco Secure Firewall Cloud Native | ● Built with Kubernetes and first available in AWS, Secure Firewall Native Cloud is a developer-friendly application access solution for building highly elastic, cloud-native infrastructure |
Dynamic policies support | ● Dynamic attributes support VMware, AWS, Azure tags for situations where static IP addresses are not available ● Cisco has been a pioneer in tag-based policies with Security Group Tags (SGTs) and Cisco Identity Services Engine (ISE) attribute support |
Snort 3 Intrusion Prevention System | ● The next step in threat protection with industry leading open-source Snort 3 helps improve detection, simplify customisation and enhance performance |
Transport Layer Security (TLS) Server Identity and Discovery | ● Enables you to maintain Layer 7 policies on encrypted TLS 1.3 traffic. Maintain visibility and control in an encrypted world where it’s not realistic to decrypt and inspect every single traffic flow. Competing firewalls break your Layer 7 policies with encrypted TLS 1.3 traffic |
Cisco Secure Firewall Management Center | ● Provides unified management of firewalls, application control, intrusion prevention, URL filtering and malware defence policies ● Integration with Cisco Secure Workload (formerly Tetration) enables consistent visibility and policy enforcement for dynamic applications across the network and workload |
Cisco Defense Orchestrator | ● Cloud-based firewall management that helps you consistently and easily manage policies across your Cisco Secure firewalls |
Cisco Security Analytics and Logging | ● Highly scalable on-premise and cloud based firewall log management with behavioural analysis for real-time threat detection, for faster response times. Plus continuous analysis to further refine your security posture to better defend against future attempts ● Meet your compliance needs with log aggregation across all Cisco Secure Firewalls ● Tight integration with firewall managers for extended logging and analysis, as well as aggregating firewall log data in a single intuitive view |
Cisco SecureX | ● Leverage the SecureX platform to accelerate threat detection and remediation. Every Secure Firewall includes entitlement for Cisco SecureX. The new SecureX ribbon in Firewall Management Center enables SecOps to instantly pivot to SecureX’s open platform, speeding incident response |
Cisco Talos® threat intelligence | ● Cisco Talos Intelligence Group is one of the largest commercial threat intelligence teams in the world. They create accurate, rapid and actionable threat intelligence for Cisco customers, products and services. Talos maintains the official rulesets of Snort.org, ClamAV and SpamCop |
