Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Threat-focused next-generation firewalls needed for smart cities: Cisco

Nurdianah Md Nur | Nov. 17, 2014
With Cisco ASA with FirePOWER Services, organisations will gain contextual awareness and dynamic controls needed to automatically assess threats, correlate intelligence, and optimise defences to protect all networks.

As countries move towards becoming smart cities, they should not neglect the security threats that an interconnected economy brings, advised Joshua Soh, Cisco's managing director for Singapore and Brunei, at a media briefing. This is because interconnectivity increases the points of entry for threats, he reasoned.

To protect themselves against threats that could enter from any system, governments and enterprises should rely on security solutions that cover the entire attack continuum, said Sugiarto Koh, Cisco's regional sales director for ASEAN, at the same briefing. "Security solutions today should enable you to see anything that connects to your network before an attack; stop as much attack as possible during an attack; and after which, determine the scope of the attack and understand the malware to prevent further spreading or re-infection," he explained.

With that in mind, Cisco launched the Cisco ASA with FirePOWER Services, a threat-focused Next Generation Firewall (NGFW).  Unlike legacy NGFWs that focused on policy and application control, the Cisco ASA with FirePOWER Services delivers multi-layered threat protection, provides network visibility, and integrates threat defence across the entire attack continuum, asserted Koh. For instance, the NGFW provides dashboards and drill-down reports of discovered hosts, suspect applications, threats and indicators of compromise (IoCs) for comprehensive visibility.  It also uses big data analytics, continuous analysis, and Cisco Collective Security Intelligence to provide detection, blocking, tracking, analysis and remediation capabilities to protect against the full spectrum of known and unknown attacks.

Koh added that the Cisco ASA with FirePOWER Services combines proven firewall functionality and application control, Next-Generation Intrusion Prevention Systems' (NGIPS) capability, and advanced breach detection and remediation in a single device. This integration simplifies an organisation's security architecture and reduces its network footprint since fewer devices are needed to be managed and deployed.

Cisco ASA with FirePOWER Services is supported by stateful firewall, virtual private network (VPN), advanced clustering ad granular application layer and risk-based controls that evoke tailored NGIPS threat detection policies to optimise security effectiveness. Open source security integration with Snort, OpenAppID and ClamAV further allows customers to easily customise security to address new or specific threats and apps as quickly as possible.

With mounting concern at the executive level regarding the threat of lost intellectual property and compromised customer information and confidence, organisations require broad coverage across all potential attack vectors that can rapidly adjust and learn from new attack methods, and then implement that intelligence to protect them, said Koh. "Cisco ASA with FirePOWER Services deepens customers' protection from the data centre, through the network, to the endpoint with agility to identify, understand, and stop advanced threats in real-time and retrospectively."


Sign up for Computerworld eNewsletters.