why cisco ngfw? - tech data
TRANSCRIPT
www.techdata.eu
Why Cisco NGFW?Cisco NGFW appliances combine proven network firewall with the industry’s most effective next-gen IPS and advanced malware protection. All so your customers get more visibility, be more flexible, save more, and protect better.
Cisco NGFWs are delivered as physical and virtual appliances, in two families: ASA with FirePOWER Services and Firepower NGFW. Third parties have validated that Cisco NGFWs feature superior threat defense, and meet use cases for SMB, Commercial, Enterprise, Data Center, and Service Provider segments. All Cisco NGFWs include Application Visibility & Control (AVC). They are available with tightly integrated Firepower Next-Gen IPS, Cisco Advanced Malware Protection for Networks (AMP), comprehensive DDoS mitigation, and URL Filtering.
NSS Labs: https://www.cisco.com/c/m/en_us/offers/sc07/amp-analyst-report/index.html
Security report: https://engage2demand.cisco.com/cisco_2017_midyear_cybersecurity_report?CAMPAIGN=SC-04&COUNTRY_SITE=US&POSITION=banner&REFERRING_SITE=cisco.com+homepage&CREATIVE=Cisco.com+banner+ad+MCR&CCID=cc000153&DTID=odicdc000016&OID=tlpsc000841&PLACEMENT=cdcbanner
SANS: http://www.sans.org/reading-room/whitepapers/analyst/calculating-total-cost-ownership-intrusion-prevention-technology-34745
100%Cisco
– 3.5 hours
INDUSTRY – 100 DAYS
FIRST YEAR $ 184K
Leading breach detectionSource: NSS Labs
Time to DetectionSource: 2017 Midyear Cybersecurity Report
Saving from Security AutomationSource: SANS Institute
www.techdata.eu
Why moving from Legacy Firewall to NGFW?
Legacy Firewalls do not address modern challenges
Classic Firewall (ASA) NGFW (ASA with FPWR)
No central management or reporting, only possible to use SNMP trapping to send details to RMM /SIEM
Fully integrates with all the security services and event information into a single view and management plattform (FirePower Management Center)
Limited level of granularity when setting up policies i.e.
• allow/disallow port 80 (http traffic)
• no ability to identify the OS versions (that might be vulnerable and need upgrade or patching)
• cannot block based upon geolocation
Visibility to users, hosts, applications, mobile devices, virtual environments
• allow/disallow Applications within port 80 (Facebook, Salesforce, BitTorrent)
• NGIPS displays all users with Windows 7/XP versions to help with updating to new software
• can block traffic from China by setting optional geolocation policy
No knowledge of the attack or malware NGIPS blocks the known attacks and AMP blocks any malicious files
No remediation, no threat scores
Effective monitoring prioritization (highlights risks) and attack remediation capabilities. The NGFW automatically correlates threats and your network‘s vulnerabilities, so your security team can prioritize threats and focus on what matters most.
Cisco NGFW Family for Small to Midrange businesses
Our experts help you find the right next-gen firewall for your customers
Small and Midsized Business Midrange
ASA 5506-X / 5506W-X / 5506H-X / 5508-X / 5516-X
ASA 5525-X / ASA 5545-X / ASA 5555-X
Firepower 2110/2120 Firepower 2130/2140
NGFWs for SMBs and distributed enterprises with intergrated threat defense, a low TCO and simplified
security management
Enterprise-class security for the internet edge, with superior threat defense, sustained performance and simple
management
*all of these devices are available for a Threat Scan Loan, please contact us for assistance with sizeing
www.techdata.eu
Add FirePower Licenses to enable full capabilities of the NGFWHaving a NGFW provides you with the visibility you need to defend your network, simplified management to do it, but still without appropriate licenses you cannot act fast enough to stop the attackers from breaching your network, or to remediate once the breach has occurred.
URL Filtering (URL)Reputation-based URL filtering to accurately analyze URLs and associate a reputation score with each website.
Intrusion Prevention System (IPS)Next-generation intrusion prevention system (NGIPS) capabilities to efficiently detect threats with contextual awareness for an actionable response. Prevents breaches on ill-maintained applications and software. Helps against zero-day attacks. Protects against vulnerability exploits.
Advanced malware protection (AMP)AMP provides the visibility and control needed to stop threats missed by other security layers. It uses big data to detect, understand, and block advanced malware outbreaks. It’s better to avoid than remediate. Blocking a malware via packet scan is much easier than finding it and remediating once it’s on the network. Stop the unwanted guests at your front door.
Why offer your customers a NGFW POV / Threat Scan?
Now that security is becoming more strategic and critical your end users need to ask themselves:
• Do we know what is happening in our network?
• Do we know that our network is up to date?
• And… can we detect what we can’t see?
By taking advantage of this outstanding opportunity you can help your customers increase their security and visibility of the network at the same time boosting your Cisco Security.
The Threat Scan is a 2 week trial in which a Next Generation Cisco ASA Firewall monitors the entire network and detects all possible threats. After the two weeks you can complete and provide a security risk report. If your customer wants to stay secure after the trial then they can purchase the ASA to continue monitoring and protecting the network.
Contact us at www.azlan.com/security-trials-emea for a free NGFW appliance loan to carry out a Threat Scan or ask us for a Cloud Demo to deep-dive into NGFW features and management.
BEFORE DURING AFTER
Protection Across Attack Continuum
Bojana CukalevskiSolutions Design Specialist
Email: [email protected]