Cisco Next-Generation Firewalls
The Cisco ASA Firepower® NGFW (next-generation firewall) is the industry’s first fully integrated, threat-focused, next-gen firewall with unified management. It uniquely provides advanced threat protection before, during, and after attacks. ASA, or adaptive security appliance, is a device that includes an antivirus, firewall, VPN and intrusion prevention in one - proactively working to defend against attacks and stopping threats before they’re able to spread throughout the user’s network.
Here are some of the benefits:
Stop more threats
Contain known and unknown malware with leading Cisco® Advanced Malware Protection (AMP) and sandboxing.
Gain more insight
Gain superior visibility into your environment with Cisco Firepower next-gen IPS. Automated risk rankings and impact flags identify priorities for your team.
Detect earlier, act faster
The Cisco Annual Security Report identifies a 100-day median time from infection to detection, across enterprises. Reduce this time to less than a day.
Get unified management and automated threat correlation across tightly integrated security functions, including application firewalling, NGIPS, and AMP.
Get more from your network
Enhance security, and take advantage of your existing investments, with optional integration of other Cisco and third-party networking and security solutions.
Cisco Firewalls in-conjunction with their Talos team provide the required peace of mind to many Enterprises. The Talos team consists of over 250 researchers making it one of the largest threat intelligence organizations in the world.https://www.cisco.com/c/dam/m/en_us/offers/pdfs/talos-group-whitepaper.pdf
Did you know?
More than half of all attacks resulted in financial damages of more than US $500,000
- 2018 Cisco Annual Cybersecurity ReportSource
All Firepower models can provide Application Visibility, NGIPS, Advanced Malware protection (AMP), URL Filtering. More powerful models also DDos protection.
Cisco AMP for Networks
Features and Capabilities
Advanced malware protection must be as pervasive as the malware it is designed to combat. This requires an integrated set of controls and a continuous process to detect, confirm, track, analyze, and remediate these threats - before, during, and after an attack.
Before: Get the best global threat intelligence to strengthen network defences.
During: Use that intelligence, known file signatures, and dynamic file analysis technology to block known malware, policy-violating file types, and communications trying to infiltrate the network.
After: Continuously analyze files and network traffic for threats that evade your first lines of defence, get deep visibility into the activity and behaviour of the threat, and then rapidly respond to and contain an active attack with a few clicks.
Cisco AMP for Networks delivers protection along the entire attack continuum, with the following key features and capabilities:
Identify Stealthy Attacks
Continuous analysis tracks files after they've entered the network.
Retrospective security alerts you to take action during and after an attack.
Multi-source indications of compromise correlates discrete events for better detection.
Reduce the Amount of Actionable Malware Events
File and application control helps you limit policy-violating files and actions Known malware blocking offers real-time file dispositions to help detect and stop attacks.
Gain an Efficient Workflow for Investigations
File trajectory tracks file transmissions across the network.
File capture allows you to store and retrieve files for further analysis.
Integration of Threat Grid provides a safe, highly secure sandbox environment to analyze the behaviour of suspect files.
Automated prioritization of high-risk events assigns threat scores.
With Firepower Management Center, you can see more contextual data from your network and fine-tune your security. View applications, signs of compromise, host profiles, file trajectory, sandboxing, vulnerability information, and device-level OS visibility. Use these data inputs to optimize security through policy recommendations or Snort customizations
NGIPS receives new policy rules and signatures every two hours, so your security is always up to date. Cisco Talos leverages the world’s largest threat detection network to bring security effectiveness to every Cisco security product. This industry-leading threat intelligence works as an early-warning system that constantly updates with new threat
Use NGIPS automation to increase operational efficiency and reduce overhead by separating actionable events from noise. Prioritize threats for your staff and improve your security through policy recommendations based on network vulnerabilities. Stay informed on what rules to activate and deactivate, and filter events pertinent for the devices on your network.
Firepower NGIPS plugs into your network without major hardware changes or significant time to implement. Enable and manage several security applications from a single pane with Firepower Management Center. Seamlessly navigate between NGIPS, NGFW, and AMP to optimize your security and ingest third-party data through Cisco Threat Intelligence Director.
Hardware and ASA models
Firepower 1000 Series
Small to Medium businesses – Throughput from 650Mbps to 2.2Gbps.
Firepower 2100 Series
Internet Edge to Data Centre environments – Throughput from 2.3Gbps to 9Gbps.
Firepower 4100 Series:
Internet Edge to high performance environments – Throughput from 13Gbps to 53Gbps.
Firepower 9000 Series
Service provider & Data Centre – Throughput from 25Gbps to 168Gbps.
Cisco Next-generation Firewall Virtual(NGFWv)
Cloud & DC environments - Throughput up to 1.2Gbps fully loaded
Cisco Adaptive Security Virtual Appliance(ASAv)
Cloud & DC environments - Throughput from 100Mbps to 10Gbps.
ASA 5500-X with Firepower Services
Small to Medium businesses – Throughput from 256Mbps to 1.75Gbps.
Performance Networks Limited,
The Sir Colin Campbell Building,
Nottingham, NG7 2TU
Head Office: +44 (0) 115 822 1212
London Office: +44 (0) 207 148 1780