Cisco unveils 'industry's first' threat-focused next-generation firewall

Cisco ASA with FirePOWER Services provides the full contextual awareness and dynamic controls needed to automatically assess threats, correlate intelligence, and optimize defenses to protect all networks, it said in a press statement.

By integrating the proven Cisco ASA 5500 Series firewall with application control, and the industry-leading Next-Generation Intrusion Prevention Systems (NGIPS) and Advanced Malware Protection (AMP) from Sourcefire, Cisco is providing integrated threat defense across the entire attack continuum – before, during and after an attack, the statement said.

Sutee Assawasoontarangkoon, Sales Manager, Cisco Security said Cisco ASA with FirePOWER Services is an adaptive, threat-focused NGFW that delivers superior, multi-layered protection, extending its capabilities far beyond legacy NGFW solutions. 

Until now, NGFWs have focused on policy and application control and have been unable to address advanced and zero-day attacks. He said Cisco ASA with FirePOWER Services changes this, taking a visibility-driven, threat-focused and platform-based approach:

 

- Visibility-Driven– Delivering full contextual awareness of users, mobile devices, client-side apps, virtual machine-to-machine communications, vulnerabilities, threats, URLs, and other important telemetry. Its enterprise-class management capabilities provide users with dashboards and drill-down reports of discovered hosts, suspect applications, threats, and Indicators of Compromise (IoCs) for comprehensive visibility. 

- Threat-Focused– Incorporating leading NGIPS for comprehensive protection from known and advanced threats, as well as AMPto combat against zero-day and persistent attacks. Big data analytics, continuous analysis and Cisco Collective Security Intelligence (CSI) work together to provide detection, blocking, tracking, analysis, and remediation capabilities to protect against the full spectrum of attacks, known and unknown.  

- Platform-Based –Cisco ASA with FirePOWER Services combines proven firewall functionality and application control, leading NGIPS capability, and advanced breach detection and remediation in a single device. The integration provides organizations with better protection, while also reducing operating costs and complexity. This new solution simplifies an organization’s security architecture and reduces its network footprint with fewer security devices to manage and deploy and ability to license subscriptions to extend functionality. 

Given shifting business models and the fast-changing threat landscape, an organization’s approach to reducing the time from breach to recovery needs to be truly integrated and threat-focused. With mounting concern at the executive level regarding the threat of lost intellectual property and compromised customer information and confidence, organizations require broad coverage across all potential attack vectors that can rapidly adjust and learn from new attack methods, and then implement that intelligence to protect them. 

Cisco ASA with FirePOWER Services provides that integrated threat defense to truly help businesses address their biggest security risks — advanced and zero-day threats, according to the press statement.

Cisco ASA with FirePOWER Services provides superior visibility and continuous analysis to detect advanced, multi-vector threats and streamlines and automates response for both known and unknown malware. It also offers holistic, actionable IoCs that speed threat investigation and retrospective remediation, along with integrated incident response scoping and automated detection policy updates. 

All of these innovations are supported by an enterprise-class stateful firewall, VPN, advanced clustering and granular application-layer and risk-based controls that evoke tailored NGIPS threat detection policies to optimize security effectiveness. Open source security integration with Snort, OpenAppID and ClamAV further allows customers to easily customize security to address new or specific threats and applications as quickly as possible.

Customers can gain the benefits of the solutions in two ways:

- Cisco ASA with FirePOWER Services (customers can purchase ASA 5500-X Series and ASA 5585-X Series firewall products with a bundled FirePOWER Services license) 

- FirePOWER Services for Cisco ASA (customers can enable FirePOWER Services on existing ASA 5500-X Series and ASA 5585-X Series firewall products)

Cisco said it and its partners also provides professional and technical security services to help accelerate migration from customers’ current security environments to the integrated threat defense of Cisco ASA with FirePOWER Services. Cisco said its security services help organizations migrate quickly and with minimal disruption.