Cisco Next-Generation Firewalls

The Cisco ASA Firepower® NGFW (next-generation firewall) is the industry’s first fully integrated, threat-focused, next-gen firewall with unified management. It uniquely provides advanced threat protection before, during, and after attacks. ASA, or adaptive security appliance, is a device that includes an antivirus, firewall, VPN and intrusion prevention in one - proactively working to defend against attacks and stopping threats before they’re able to spread throughout the user’s network.

Here are some of the benefits:

Stop more threats

Contain known and unknown malware with leading Cisco® Advanced Malware Protection (AMP) and sandboxing.

Gain more insight

Gain superior visibility into your environment with Cisco Firepower next-gen IPS. Automated risk rankings and impact flags identify priorities for your team.

Detect earlier, act faster

The Cisco Annual Security Report identifies a 100-day median time from infection to detection, across enterprises. Reduce this time to less than a day.

Reduce complexity

Get unified management and automated threat correlation across tightly integrated security functions, including application firewalling, NGIPS, and AMP.

Get more from your network

Enhance security, and take advantage of your existing investments, with optional integration of other Cisco and third-party networking and security solutions.

Cisco Firewalls in-conjunction with their Talos team provide the required peace of mind to many Enterprises. The Talos team consists of over 250 researchers making it one of the largest threat intelligence organizations in the world.

https://www.cisco.com/c/dam/m/en_us/offers/pdfs/talos-group-whitepaper.pdf

Did you know?

More than half of all attacks resulted in financial damages of more than US $500,000

- 2018 Cisco Annual Cybersecurity Report

Source

All Firepower models can provide Application Visibility, NGIPS, Advanced Malware protection (AMP), URL Filtering. More powerful models also DDos protection.

Cisco AMP for Networks

Features and Capabilities

Advanced malware protection must be as pervasive as the malware it is designed to combat. This requires an integrated set of controls and a continuous process to detect, confirm, track, analyze, and remediate these threats - before, during, and after an attack.

Before: Get the best global threat intelligence to strengthen network defences.

During: Use that intelligence, known file signatures, and dynamic file analysis technology to block known malware, policy-violating file types, and communications trying to infiltrate the network.

After: Continuously analyze files and network traffic for threats that evade your first lines of defence, get deep visibility into the activity and behaviour of the threat, and then rapidly respond to and contain an active attack with a few clicks.

Cisco AMP for Networks delivers protection along the entire attack continuum, with the following key features and capabilities:

Identify Stealthy Attacks

Continuous analysis tracks files after they've entered the network.

Retrospective security alerts you to take action during and after an attack.

Multi-source indications of compromise correlates discrete events for better detection.

Reduce the Amount of Actionable Malware Events

File and application control helps you limit policy-violating files and actions Known malware blocking offers real-time file dispositions to help detect and stop attacks.

Gain an Efficient Workflow for Investigations

File trajectory tracks file transmissions across the network.

File capture allows you to store and retrieve files for further analysis.

Integration of Threat Grid provides a safe, highly secure sandbox environment to analyze the behaviour of suspect files.

Automated prioritization of high-risk events assigns threat scores.

Cisco NGIPS

Visibility

With Firepower Management Center, you can see more contextual data from your network and fine-tune your security. View applications, signs of compromise, host profiles, file trajectory, sandboxing, vulnerability information, and device-level OS visibility. Use these data inputs to optimize security through policy recommendations or Snort customizations

Efficacy

NGIPS receives new policy rules and signatures every two hours, so your security is always up to date. Cisco Talos leverages the world’s largest threat detection network to bring security effectiveness to every Cisco security product. This industry-leading threat intelligence works as an early-warning system that constantly updates with new threat

Operational cost

Use NGIPS automation to increase operational efficiency and reduce overhead by separating actionable events from noise. Prioritize threats for your staff and improve your security through policy recommendations based on network vulnerabilities. Stay informed on what rules to activate and deactivate, and filter events pertinent for the devices on your network.

Integration

Firepower NGIPS plugs into your network without major hardware changes or significant time to implement. Enable and manage several security applications from a single pane with Firepower Management Center. Seamlessly navigate between NGIPS, NGFW, and AMP to optimize your security and ingest third-party data through Cisco Threat Intelligence Director.

Hardware and ASA models

Firepower 1000 Series

Small to Medium businesses – Throughput from 650Mbps to 2.2Gbps.

Firepower 2100 Series

Internet Edge to Data Centre environments – Throughput from 2.3Gbps to 9Gbps.

Firepower 4100 Series:

Internet Edge to high performance environments – Throughput from 13Gbps to 53Gbps.

Firepower 9000 Series

Service provider & Data Centre – Throughput from 25Gbps to 168Gbps.

Cisco Next-generation Firewall Virtual(NGFWv)

Cloud & DC environments - Throughput up to 1.2Gbps fully loaded

Cisco Adaptive Security Virtual Appliance(ASAv)

Cloud & DC environments - Throughput from 100Mbps to 10Gbps.

ASA 5500-X with Firepower Services

Small to Medium businesses – Throughput from 256Mbps to 1.75Gbps.

Call and chat to our experts on +44 (0) 207 148 1780

Contact Us

Our Contacts

Our Building

Performance Networks Limited,
The Sir Colin Campbell Building,
Nottingham, NG7 2TU

Head Office: +44 (0) 115 822 1212
London Office: +44 (0) 207 148 1780