Get a Security System, not a Security Smorgasbord
By John Dominguez If you’re still juggling a lot of cyber security tools, you’re not alone. Even as businesses make headway on trimming point-solutions, the recently released Cisco CISO Benchmark Report found that 14% of security leaders are managing more than 20 vendors. And 3% are dealing with over 50.
It’s easy for this to get out of hand. Customers tell us they acquired product A to solve problem A, product B to solve problem B, and so on. Before long, they’re overloaded with point-products that work independently and create tons of siloed data points. The products don’t draw connections between the data to help network administrators understand event context.
It’s almost like having alarm sensors from different security companies on every door to your home. It’s not better, simpler, or easier to manage.
Cisco is helping customers simplify their security ecosystems with powerful tools that work together to automatically thwart cyber attacks. The Cisco Integrated Security Portfolio includes Cisco Next-Generation Firewalls (NGFW) and Cisco Advanced Malware Protection (AMP) for Endpoints. These two tools automatically work together to provide comprehensive threat protection from the network edge to the endpoint. And using the Cisco Threat Response management console, you can take corrective action directly from a single interface.
The power of coordination
This powerful partnership starts with breach prevention. Stopping cyberattacks before they can embed themselves in your extended network is crucial. The Cisco NGFW and AMP for Endpoints both draw threat intelligence from the Cisco Talos Security Intelligence and Research Group to actively block threats in real time. Cisco NGFW monitors and blocks malicious traffic and files at the network perimeter, while Cisco AMP for Endpoints blocks malicious files at the endpoint point-of-inspection.
But what if an attacker or extremely sophisticated malware manages to creep inside? It can happen—cybercriminals are persistent, and malware gets smarter every day. This is where the coordination of Cisco NGFW and AMP can really make a difference. If NGFW sees a threat on the network, it’s contained there and blocked access to the endpoint. If AMP for Endpoints sees trouble on the endpoint, it is automatically quarantined there and blocked from traversing the network. Threat information and event data is shared amongst all Cisco security tools. The system works together so that if a threat is seen once, it is stopped everywhere. This provides continuous visibility across multiple attack vectors for rapid, automatic detection and response.
And the best part? This network and endpoint information is all aggregated in one place – the Cisco Threat Response management console. You can see all of this information in intuitive, configurable graphs for better situational awareness and quick conclusions. You can take corrective action and make decisions across your entire network from one management plane. You can block suspicious files, domains, and more—without having to log in to another product first. Want to see even more network or endpoint detail? One click and you’re inside Cisco AMP for Endpoints or the Cisco NGFW native console.
One proven, efficient system
We work with businesses every day to help them defend their networks and keep security management simple so their teams can be as efficient as possible. Cisco Next-Generation Firewalls and Cisco AMP for Endpoints, along with the Cisco Threat Response management console, offer breach prevention, continuous visibility, rapid detection, automated response, and efficient management from one console.
To learn more about Cisco NGFW and Cisco AMP for Endpoints, click here.
Source:: Cisco Security Notice