New Threat-Based Firewall

Monday, September 22, 2014 @ 09:09 AM gHale


There is now a threat-focused next-generation firewall (NGFW) hitting the industry.

The Cisco ASA with FirePOWER Services provides contextual awareness and dynamic controls needed to automatically assess threats, correlate intelligence, and optimize defenses to protect all networks.

RELATED STORIES
Oil & Gas Firm Attacked
Middle East Petrochem Firms Targeted
APT: In Action for Six Years
IoT Devices Vulnerable to Attacks: Report

Until now, NGFWs focused on policy and application control and have been unable to address advanced and Zero Day attacks. The new firewall uses a visibility-driven, threat-focused and platform-based approach.

The visibility approach strives to give contextual awareness for users, mobile devices, client-side apps, virtual machine‐to-machine communications, vulnerabilities, threats, URLs, and other telemetry. It has capabilities to provide users with dashboards and drill-down reports of discovered hosts, suspect applications, threats, and indicators of compromise for better visibility.

It also incorporates protection from known and advanced threats, as well as AMP to combat against Zero Day and persistent attacks. Big data analytics, continuous analysis and Cisco Collective Security Intelligence (CSI) work together to provide detection, blocking, tracking, analysis, and remediation capabilities to protect against the full spectrum of attacks, known and unknown.

The goal of the firewall is to combine firewall functionality and application control, advanced breach detection and remediation in a single device.

It provides visibility and continuous analysis to detect advanced, multi-vector threats and streamlines and automates response for known and unknown malware. It also offers holistic, actionable indicators of compromise that speed threat investigation and retrospective remediation, along with integrated incident response scoping and automated detection policy updates.

Open source security integration with Snort, OpenAppID and ClamAV allows users to customize security to address new or specific threats and applications as quickly as possible.



Leave a Reply

You must be logged in to post a comment.