There are literally thousands of enterprise security solutions on the market. Yet, 82% of enterprises want an integrated security solution and 62% are considering consolidating their security vendors (ESG Research Report). There are many benefits to this approach, but only one company is building it: Cisco.
According to Enterprise Strategy Group, Cisco leads the pack in enterprise-class security across network, cloud, internet, email, and endpoints. But more than relying on a single anchor product surrounded by rudimentary products, Cisco is expanding and upgrading its leading products across the board and applying automation, machine learning, and threat intelligence to stop threats at the edge, protect users wherever they are, and stop threats faster.
Let’s breakdown this portfolio and see how powerful integrations provide “security in concert” across these products.
Identity Management: Cisco Identity Services Engine (ISE) – A new approach to managing and securing your network, Cisco ISE provides an unprecedented level of visibility into who and what is on your network – down to a mind-blowing level of granularity. From a single dashboard you can see contextual details about everyone and every device that logs onto your network. IT admins can then apply precise controls over who, what, when, where, and how endpoints are allowed on the network. if threats are detected, they’re immediately stopped by directing ISE to quarantine a user or device for rapid threat containment.
ISE is strongly integrated with Cisco Digital Network Architecture (DNA) Center. This means that you can quickly set up ISE services such as guest and BYOD quickly and easily throughout the network.
Endpoint Security: Cisco AMP for Endpoints – Cybersecurity teams are struggling with an overwhelming volume of alerts, a reliance on manual processes, and a plethora of poorly integrated tools. If you depend solely on traditional point-in-time technologies, such as antivirus, threats can go undetected for 200 days on average.
Cisco Advanced Malware Protection (AMP) for Endpoints can uncover the most advanced threats – including fileless malware and ransomware – in hours, not days or months. AMP prevents threats at point of entry, then continuously tracks every file it lets onto your endpoints. Unlike point solutions, AMP for Endpoints shares threat intelligence across your entire environment, unifying security across endpoints, networks, email, the cloud, and the web – stopping malware, eliminating blind spots, and discovering unknown threats.
Threat Defense: Cisco Umbrella – As the industry’s first Secure Internet Gateway in the cloud, Cisco Umbrella provides the first line of defense against threats and supports use cases such as off network coverage, app discovery and blocking, and guest Wi-Fi protection. Because Umbrella is delivered from the cloud, it is the easiest way to protect all your users in minutes. Umbrella uses the internet’s infrastructure (DNS and IP layer enforcement, intelligent proxy, and command and control callback blocking) to block malicious destinations before a connection is ever established. It also integrates with Cisco Meraki Network and can be deployed across your Meraki network with just a few clicks to protect users in minutes – no latency added, and no extra appliance needed.
Next-Generation Firewalls: Cisco Firepower Firewalls – A leader in the 2018 Gartner Magic Quadrant for Enterprise Network Firewalls, the Cisco Firepower NGFW (next-generation firewall) is the industry’s first fully integrated, threat-focused next-gen firewall with unified management. It uniquely provides advanced threat protection before, during, and after attacks. Its automated policy application and enforcement free up time so you can focus on high-priority tasks. Cisco firewalls work with the rest of Cisco's integrated security tools to see and stop threats faster.
Identity Verification: Cisco Duo – A recent addition to the Cisco family, Duo Security provides unified access security and multi-factor authentication delivered through the cloud. Duo’s solution verifies the identity of users and the health of their devices before granting them access to applications – whether on-premises or in the cloud. This helps prevent cybersecurity breaches without the friction and cost of legacy credential protection solutions. Today, Duo integrates with Cisco ASA VPN, Cisco Umbrella, and Cisco WebEx. These and further integration opportunities will bring Duo’s zero trust authentication and access products to more Cisco customers.
Cloud Access Security: Cisco Cloudlock – This cloud-native cloud access broker (CASB) accelerates your cloud migration initiatives by protecting cloud users, data, and apps. Using APIs to manage the risk in your cloud ecosystem, Cloudlock secures your identities, data, and apps, combating account compromises, data breaches, and cloud app ecosystem risks. It works with Cisco Umbrella to add an additional layer of security without introducing the complexity of proxy-based solutions.
Security Analytics: Cisco Stealthwatch – Stealthwatch is a comprehensive threat visibility and network traffic security analytics solution that provides scalable visibility across your growing network using enterprise telemetry from your existing network infrastructure. With Stealthwatch you can view every host, see every conversation, understand what is normal, and be alerted to change across your private network, public clouds, hybrid environments, and even encrypted traffic – giving visibility into things you would never even think to look for. Stealthwatch integrates multiple Cisco-developed analytical techniques including behavioral modeling, machine learning, and the global threat intelligence of Cisco Talos, to continuously analyze network activities, detect threats early, and help ensure that the eviction is complete. Read more.
Applying Machine Learning and Threat Intelligence to this Integrated Portfolio
Underpinning Cisco’s security portfolio to better block threats, drive faster responses, and deliver automation is machine learning (ML) and global threat intelligence.
For example, Cisco is also leading the pack by leveraging ML across many of its products. As the cyber threat landscape evolves and grows, it’s impossible to constantly track and correlate millions of data points. ML can recognize patterns and predict threats in massive data sets, at machine speed. Machine learning helps security in many ways and is integrated into Cisco Stealthwatch, Cisco Cloudlock, Cisco AMP for Endpoints, and Cisco Umbrella.
The backbone of Cisco’s integrated security portfolio is threat intelligence. “If you own a Cisco security product, you’re harnessing the power of Talos’s threat intelligence, which flows to each and every one of our products.” With more than 250 full-time threat researchers, 1100+ decoy systems and other threat traps, and millions of telemetry agents, Talos reinforces the entire Cisco security ecosystem. Talos also tops the list of the top five vendors that provide the best cybersecurity intelligence.
The Benefits of an Integrated Portfolio
Moving to a one-stop-shop enterprise-class security vendor approach doesn’t just eliminate vendor sprawl; it also results in operational efficiencies for security and IT teams. Many enterprises also believe it’s better from a long-term innovation perspective – 47% concur that well-resourced vendors can better fund R&D initiatives that will better address the evolving threat landscape.
Whatever your reason for consolidation, consider the many benefits of Cisco’s security in concert approach. Contact us to learn more.