Turn your entire network into an extension of your security architecture
As our business-critical applications are a blend of cloud and on-premise based and users need secure access to resources from everywhere, the traditional firewall approach no longer works. Our single network perimeter has evolved to multiple micro-perimeters. For many organizations the application is the new perimeter, and traditional firewall deployments have evolved to a mixture of physical, virtual, and cloud-native appliances. As a result, organizations are struggling to operationalize support for modern application environments. The challenges of how to maintain consistent visibility, policy enforcement, and uniform threat visibility without opening vulnerabilities that expose the organization to risk.
At Cisco, we’re building a network security vision, Network, that enables a more agile, automated, and integrated approach for harmonizing policies and enforcement across modern dynamic applications and increasingly heterogenous networks. Secure Firewall gives you the deepest set of integrations between core networking functions and network security, delivering the most secure architecture ever. The result is a complete security portfolio that protects your applications and users everywhere.
Benefits
Real-time, unified, workload and network security for integrated control across dynamic application environments
Platform approach to network security, leveraging and sharing intelligence from key sources for faster detection, response, and remediation Safeguard remote workers with highly secure enterprise access anytime, anywhere, from any device, with powerful threat prevention capabilities that protect the organization, users and critical applications
SecureX entitlement included with every Cisco Secure Firewall, for a tightly integrated approach to security that enables threat correlation across the Cisco Secure portfolio and accelerates incident response
Why Cisco?
The Cisco Secure Firewall lineup offers enhanced defense for your network against a growing and intricate array of dangers. By choosing Cisco, you’re putting your money into a security base that’s both flexible and comprehensive, leading to the most formidable security stance available now and in the future.
Whether it’s your data center, regional offices, cloud setups, or any other location in between, you can harness Cisco’s capabilities to transform your current network framework into an integral part of your firewall solution, ensuring top-notch security measures wherever they’re needed.
Purchasing a Secure Firewall device today provides you with strong defenses against even the most advanced threats without sacrificing speed when examining encrypted data. Moreover, the ability to integrate with other Cisco and third-party solutions offers you a wide and deep selection of security offerings, all collaborating to link previously unrelated events, reduce distractions, and halt threats more quickly.
World-class security controls
Threats have become more sophisticated, and networks have become more complex. Very few, if any, organizations have the resources to dedicate to staying up to date and successfully fend off all these constantly emerging and evolving threats.
As threats and networks become more complex, it is imperative to have the right tools to protect your data, applications, and networks. Cisco Secure Firewalls have the power and flexibility that you need to stay one step ahead of threats. They offer a dramatic 3x performance boost over the previous generation of appliances, in addition to unique hardware-based capabilities for inspecting encrypted traffic at scale. As well, the human-readable rules of Snort 3 IPS help simplify security. eDynamic application visibility and control is available through the Cisco Secure Workload integration, for consistent protection for today’s modern applications across the network and workload
Consistent policy and visibility
With the Secure Firewall portfolio, you gain a stronger security posture, equipped with future-ready, flexible management. Cisco offers a variety of management options tailored to meet your technology and business needs including: Firewall Device Manager (FDM), Cisco Secure Firewall Management Center (FMC), Cisco Defense Orchestrator (CDO), and Cisco Security Analytics and Logging.
Cisco FDM is an on-device management solution for locally managing small-scale deployments. Cisco Secure FMC is an on-premises solution for large deployments to centrally manage security events and policies with rich reporting and local logging. CDO is a cloud-based security manager that streamlines security policies and device management across your extended network. Cisco Security Analytics and Logging provides scalable log management with behavioral analysis.
Cisco Secure Firewall advanced capabilities:
Advanced Capability | Details |
Cisco Secure Workload integration | Cisco Secure Workload (Tetration) integration enables comprehensive visibility and policy enforcement for modern distributed and dynamic applications across the network and workload for consistent enforcement in a scalable manner. |
Cisco Secure Firewall Cloud Native | Built with Kubernetes and first available in AWS, Secure Firewall Native Cloud is a developer-friendly application access solution for building highly elastic, cloud-native infrastructure. |
Dynamic policies support | Dynamic attributes support VMware, AWS, Azure tags for situations where static IP addresses are not available. Cisco has been a pioneer in tag-based policies with Security Group Tags (SGTs) and Cisco Identity Services Engine (ISE) attribute support. |
Snort 3 Next-Generation Intrusion Prevention System | The next step in threat protection with industry leading open-source Snort 3 helps improve detection, simplify customization, and enhance performance |
Transport Layer Security (TLS) Server Identity and Discovery | Enables you to maintain Layer 7 policies on encrypted TLS 1.3 traffic. Main visibility and control in an encrypted world where it’s not realistic that you can decrypt and inspect every single traffic flow. Competing firewalls break your Layer 7 policies with encrypted TLS 1.3 traffic. |
Secure Firewall Management Center (FMC) | Provides unified management of firewalls, application control, intrusion prevention, URL filtering, and malware defense policies. Integration with Cisco Secure Workload (formerly Tetration) enables consistent visibility and policy enforcement for dynamic applications across the network and workload. |
Cisco Defense Orchestrator CDO | Cloud-based firewall management that helps you consistently and easily manage policies across your Cisco Secure firewalls. |
Cisco Security Analytics and Logging (SAL) | Highly scalable on-premise and cloud based firewall log management with behavioral analysis for real-time threat detection, for faster response times. Plus continuous analysis to further refine your security posture to better defend against future attempts. Meet your compliance needs with log aggregation across all Cisco Secure Firewalls. Tight integration with firewall managers for extended logging and analysis, as well as aggregating firewall log data in a single intuitive view |
SecureX platform | Leverage the SecureX platform to accelerate threat detection and remediation. Every Secure Firewall includes entitlement for Cisco SecureX. The new SecureX ribbon in Firewall Management Center enables SecOps to instantly pivot to SecureX’s open platform, speeding incident response. |
Advanced threat intelligence (Talos) | Cisco Talos Intelligence Group is one of the largest commercial threat intelligence teams in the world. They create accurate, rapid and actionable threat intelligence for Cisco customers, products and services. Talos maintains the official rulesets of Snort.org, ClamAV, and SpamCop |