Cisco aims to secure workloads across data centers and multi-cloud environments
Cisco announced it is combining Next Generation Firewall (NGFW), Tetration, Stealthwatch and Application Centric Infrastructure (ACI) technologies into an integrated solution to protect data center workloads.
Cisco noted security challenges are growing alongside sophisticated cyber threats. For example, according to the company’s annual state of cybersecurity report released in February, which consisted of feedback from 3,600 chief security officers (CSOs) and security operations (SecOps) managers, the volume of instances in which cybercriminals are employing encryption to hide malware has increased over 50%.
In addressing security threats, Gree Rittenhouse, senior vice president of Cisco’s Security Business Group, noted in a company blog post customers are using multi-layered segmentation, which limits the ability for threats to spread throughout data centers. This helps provides enhanced protection, along with agility and intelligence, as workloads travel across physical data centers and multi-cloud environments.
Cisco claims it is the only vendor that can protect workloads everywhere. The integrated solution includes various capabilities, including complete visibility. With Cisco Stealthwatch, for example, organizations can pinpoint breaches quickly using a mix of threat classifiers and machine learning. Additionly, Cisco Tetration, uses the common vulnerabilities and exposure (CVE) database to detect servers with known vulnerabilities.
“From an operations perspective, visibility allows you to better detect performance bottlenecks, and assists in capacity planning,” explained Sam Rastogi, senior manager of product and solutions of Cisco’s Security Business Group, in an email exchange with RCR Wireless News. “From a security perspective, visibility detects a wide range of issues, from malicious insiders attempting to steal sensitive data and speeds the time to respond and remediate after a breach, and perform post-incident response and forensics. Once a data center team has visibility across their data center, network, cloud, users and devices, then they can begin to apply security controls and policies for threat protection.”
Moreover, segmentation is enforced at multiple areas in the datacenter with the solution, which provides protection to workloads wherever they go. It enables policy enforcement of the company’s Next Generation Firewalls (NGFW), on the Nexus 9000 Series Switches on the ACI Fabric. The company’s threat intelligence team, Talos, also helps power multi-layered threat sensors from Stealthwatch, Firepower Next Generation IPS (NGIPS) and Advanced Malware Protection (AMP).
“Cisco offers complete visibility of users, hosts, networks, applications, and workloads in the cloud and for physical data centers,” said Rastogi. “The solution offers analytics and forensics for applications, workloads, as well as network traffic, and threats. Cisco uniquely understands the context of whether traffic is malicious or not, as applications and workloads travel across the physical data center and cloud.”