The firewall is usually the first line of defense for any network, but most offerings are focused on access policy and application control which makes it hard for them to respond to zero-day and more advanced attacks.
Now networking company Cisco is launching what it calls the first threat-focused Next-Generation Firewall (NGFW). Cisco ASA with FirePOWER Services provides the contextual awareness and dynamic controls needed to automatically assess threats, correlate intelligence, and optimize defenses in order to protect networks.
The new product integrates the proven Cisco ASA 5500 series firewall with application control, and the industry-leading Next-Generation Intrusion Prevention Systems (NGIPS) along with Advanced Malware Protection (AMP) from Sourcefire.
It offers greater visibility thanks to enterprise-class management which provides users with dashboards and reports into which they can drill down for details of discovered hosts, applications, threats, and indicators of compromise.
Protection against known and unknown threats is offered thanks to big data analytics, continuous analysis and Cisco Collective Security Intelligence (CSI) working together to provide detection, blocking, tracking, analysis, and remediation.
Being platform based it can combine firewall and application control with intrusion prevention and breach detection on a single device. This means it simplifies an organization's security architecture and reduces its network footprint with fewer security devices to manage and deploy and needing no extra license subscriptions to extend functionality.
"In today's climate of industrialized hacking and sophisticated cybercrime gangs, we've entered an era in which legacy NGFW solutions are not enough to thwart attackers," says Christopher Young, senior vice president, security business group at Cisco. "Now more than ever, organizations need to be able to implement dynamic controls to manage the pace of change of their environments and address security incidents. Cisco ASA with FirePOWER Services is a major step forward for the NGFW market, empowering customers to deepen their protection from the data center, through the network, to the endpoint with the agility to identify, understand, and stop advanced threats in real-time and retrospectively."
New Cisco ASA units can be bought with a bundled FirePOWER license or existing customers can add FirePOWER to their current ASA 5500-X and 5585-X series firewalls. More information is available on the Cisco site.