Armana view FirePOWER as an admirable combination of security protection technologies comprising the Cisco® ASA (Adaptive Security Appliance) firewall; the industry successful Threat and Advanced Malware Protection (AMP) from Sourcefire®; application control and URL filtering. This integrated family delivers superior multilayer security protection with the capability of a first-rate, centralised and unified Management Platform.
The Appliances that comprise the complete offering are:-
♦ Cisco® Next-Generation Firewall (NGFW)
♦ Cisco® ASA with FirePOWER Services (Sourcefire® technology)
♦ FirePOWER Management Center
The product family is deployed to protect Corporate Network Infrastructures, Data Centres and Internet Service Providers of all complexities and sizes: when used it provides Users with highly secure access to data and network resources - anytime, anywhere, using any device.
Our Next-Generation Firewall (NGFW) is a fully integrated, threat-focused next-generation firewall with unified management. It includes Application Visibility and Control (AVC), optional FirePOWER next-generation IPS (NGIPS), Cisco's Advanced Malware Protection (AMP), and URL Filtering. The FirePOWER NGFW enhancement provides advanced threat protection before, during, and after Attacks.
Used to gain total visibility into everything on your network. The technology comprises physical and virtual hosts, operating systems, applications, services, protocols, users, geolocation information, content, network behaviour, network attacks, and malware recognition. All viewed within a central, unified Management Console.
The "FirePOWER" Management Appliance is the central security management console (Figure 1) and delivers the centralised point of event and policy management for your Intrusion Prevention security operations. It provides the automatic aggregation and correlation of information generated by Cisco's next-generation firewall, ASA with FirePOWER™ Services and by the next-generation Intrusion Prevention System (NGIPS). Furthermore it manages network security and operational functions, including event monitoring, analysis, incident prioritization, and reporting, so that your Business is best protected.
Additionally it can reduce those costs associated with streamlining operations and automating many commonly recurring security analysis and management tasks.
to email for further assistance or to arrange an appointment.
Alternatively call our office number +44 (0)1344 780000.
The traditional firewall controlled traffic passing through it using the Layer 2 and 3 routing of the packets. Next Generation firewalls enhance that routing capability by introducing "Stateful inspection" (up to Layer 7 packet inspection) functionality to the firewall.
With the Adaptive Security Appliance (ASA) Cisco brings to the market its Next Generation Firewall. ASA implements the security screening of network traffic using sophisticated algorithms to analyse and understand what Applications are using which traffic protocols, or piggy-backing upon them, to better protect infrastructures from Internet Threats and Attacks. This is a vital modern requirement, because many legitimate Business Applications and the more refined Hacks for example, today use http port 80 protocol to exchange data and information to and from the Internet; amongst others.
Cisco ASA is available in 3 model families that are the 41xx, 55xx and 93xx (carrier) series Appliances. Appliances in the series have a range in throughput performance that are 10 to 60Gbps for 41xx models; 125Mbps to 4Gbps for 55xx models; and 20Gbps to a massive 225Gbps for the 93xx Carrier models. Performance differs between each Appliance depending upon the model that's selected and the features activated, network traffic protocols, and packet size characteristics.
The NGFW firewall enhancing features include Application Visibility Control (AVC), Advanced Malware Protection (AMP) and URL Filtering. Now the FirePOWER next-gen IPS can optionally be imaged onto the Appliances to deliver very advanced threat protection before, during and after Attacks.
CLICK Image to download the NGFW Datasheet.
Cisco Application Visibility and Control (AVC) uses deep packet inspection found in Layers 3 and 7 to recognize, analyse, and control over 1000 Applications that include voice and video, email, file sharing, gaming, peer-to-peer (P2P), and cloud-based Applications. AVC combines several Cisco IOS/IOS XE components, as well as communicating with external tools, to integrate the functions of Application Recognition; Metrics Collection and Exporting; Management and Reporting Systems; and Control, i.e. prioritization and management of application bandwidth, functionality into their firewall.
To learn more click the button
Cisco Advanced Malware Protection (AMP) uses global threat intelligence, advanced sandboxing, and real-time malware blocking to prevent breaches. It continuously analyses file activity across the network, so malware can be proactively defended against. The global threat intelligence is generated and correlated by Cisco Talos experts who analyse millions of malware samples and terabytes of data per day. That intelligence is pushed to AMP image on the ASA Appliance and then files, telemetry data, and file behaviour is compared against this context-rich knowledge base to proactively defend against known and emerging threats.
To learn more click the button
FirePOWER Services brings distinctive threat-focused next-generation security services to the Cisco Adaptive Security Appliance firewall products. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks (Figure 1).
Figure 1. Cisco ASA with FirePOWER Services: Key Security Features
Cisco ASA with FirePOWER Services features these comprehensive capabilities:-
☑ Site-to-site and remote access VPN and advanced clustering provide highly secure, high-performance access and high availability to help ensure business continuity.
☑ Granular Application Visibility and Control (AVC) supports more than 4,000 application-layer and risk-based controls that can launch tailored intrusion prevention system (IPS) threat detection policies to optimize security effectiveness.
☑ The industry-leading Cisco ASA with FirePOWER next-generation IPS (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multivector threats and automate defense response.
☑ Reputation- and category-based URL filtering offer comprehensive alerting and control over suspicious web traffic and enforce policies on hundreds of millions of URLs in more than 80 categories.
☑ AMP provides industry-leading breach detection effectiveness, sandboxing, a low total cost of ownership, and superior protection value that helps you discover, understand, and stop malware and emerging threats missed by other security layers.
CLICK Image to download the ASA FIREWALL WITH FIREPOWER Datasheet.
☑ Next-generation Firewall which is a threat-focused technology using deep packet inspection. It combines standard firewall traffic control with advanced application threat protection, breach detection and remediation in a single appliance device.
☑ An industrially proven, high performance Cisco ASA firewall that delivers rich routing capabilities, stateful inspection, Network Address Translation, dynamic clustering and Cisco's AnyConnect VPN services. Highly secure and reliable.
☑ Next-generation Intrusion Prevention technology (NGIPS) that detects and stops both unknown and known intrusion attacks for superior threat prevention and mitigation for better threat elimination.
☑ Advanced Malware Protection (AMP) that detects, blocks, tracks, and analyses those targeted and persistent malware attacks. Furthermore it provides remedial actions to combat infections that are perpetrated against all forms of network infrastructures.
☑ Full contextual awareness providing policy enforcement formulated from intelligence gathered from its visibility of users, mobile devices, client-side applications, communication between virtual machines, vulnerabilities, threats, and URL designations.
☑ Application control and URL filtering delivering Application control (over applications, geo-locations, users, websites) with the ability to enforce usage and tailor detection policies based on custom applications and URL designations.
☑ Enterprise-class management with Dashboards and Drill-down Reports detailing discovered hosts, applications and threats along with warnings of compromise for comprehensive security visibility.
☑ Highly scalable appliance architecture that is purpose-built with a wide performance range well into the hundreds of multigigabit spectrum. This enables consistent and robust security from the small and branch office up to the Internet edge and data centres within either the physical or virtual environment.
☑ On-device management that simplifies advanced threat defence management for the smaller scale deployments.
☑ Remote Access VPN that extends secure corporate network access beyond corporate laptops to personal mobile devices, regardless of their physical location. Support for Cisco AnyConnect Secure Mobility Solution included with its granular, application-level VPN capability as well as native Apple iOS and Android VPN client support.
☑ Site-to-site VPN that protects traffic, including VoIP and client-server application data, across the distributed enterprise and branch offices.
☑ Integrated wireless access available in the desktop form factor (ASA 5506W-X) for compact and simplified small office scale deployments.
☑ The ruggedized form factor A model (ASA 5506H-X) designed specifically for extreme environmental conditions is available for critical infrastructure and control network applications.
☑ Open API that enables the third-party technology ecosystem to integrate with existing customer work streams.
☑ Open source security integration with Snort and OpenAppID provided to easily customize security settings and responses to address new and specific threats and applications quickly.
☑ Collective Security intelligence (CSI) security and web reputation intelligence that provides real-time threat intelligence and security protection.
The Cisco FireSIGHT Management Center increases the effectiveness of the Cisco network security solutions by providing centralized, integrated, and streamlined management.
This Management Centre is the administrative nerve centre for a number of Cisco security products running on a number of different platforms. It provides complete and unified management of firewalls, application control, intrusion prevention, URL filtering, and advanced malware protection.
There are four Management Center options, three are Appliances and one a Virtual Image and their model specification highlights, in the order of increasing performance, are:-
Virtual Image This VM image manages up to 25 sensors, a maximum 10 million events, maps up to 50K hosts, and users with 250 GB of event storage.
FMC1000 Appliance This appliance manages up to 50 sensors, a maximum 60 million events, maps up to 50K hosts, and users with 900 GB of event storage.
FMC2500 Appliance This appliance manages up to 300 sensors, a maximum 60 million events, maps up to 150K hosts, and users with 1.8 TB of event storage.
FMC4500 Appliance This appliance manages up to 750 sensors, a maximum 300 million events, maps up to 600K hosts, and users with 3.2 TB of event storage.
These Management Centers provide the centralized point for event and policy management for the following:-
☑ Cisco Firepower Next-Generation Firewall (NGFW)
☑ Cisco ASA with FirePOWER Services
☑ Cisco FirePOWER Next-Generation IPS (NGIPS)
☑ Cisco FirePOWER Threat Defence for ISR
☑ Cisco Advanced Malware Protection (AMP)
FireSIGHT Management Centers provide extensive intelligence about Users, Applications, Devices, Threats, and Vulnerabilities that exist within the managed network. Furthermore it uses collected data to analyse Network vulnerabilities and to provide tailored recommendations on the security policies that should be put in place and what security events should be investigated.
All Management Centers provide easy-to-use policy screens to control access and guard against known attacks. They integrate with advanced malware protection and sandboxing technologies, and provides tools to track malware infections throughout the Network. They unify all those capabilities into a single management interface. Administrators can go from managing a firewall to controlling applications to investigating and remediating malware outbreaks with ease.
The Cisco FireSIGHT Management Center discovers real-time information about changing network resources and operations to provide a full contextual basis for making informed decisions. In addition to providing a wide breadth of intelligence, the Firepower Management Center delivers a fine level of detail, including:
(a) Trends and high-level statistics that help managers and executives understand their security posture at a given moment in time as well as how it's changing, for better or worse.
(b) Event detail, compliance, and forensics that provide an understanding of what happened during a security event to improve defences, support breach containment efforts, and aid in legal enforcement actions.
(c) Workflow data that can be easily exported to other solutions to improve incident response management.
CLICK Image to download the FireSIGHT Management Center Datasheet.
☑ Unified management of multiple security functions across multiple systems: Facilitates centralized management of the Cisco security environment as mentioned in text above.
☑ Integrated policy management over multiple security functions: Configures firewall access, application control, threat prevention, URL filtering, and advanced malware protection settings in a single policy. Eases policy administration, reduces errors, and promotes consistency. Enables a single policy to be deployed to multiple security solutions.
☑ Superior threat intelligence: Integrates Cisco Talos Group's security, threat, and vulnerability intelligence for up-to-minute threat protection. Addresses new attack methods with both IP-based and URL-based security intelligence. Includes Cisco OpenDNS for threat visibility outside the network perimeter.
☑ Application visibility and control: Further reduces threats to the network with precise control of more than 4000 commercial applications. Uses the open-source standard OpenAppID for detailed identification and control over custom applications.
☑ Multitenancy management and policy inheritance: Creates up to 50 management domains with separate event data, reporting, and network mapping, enforced through role-based access control Implements consistent and efficient management through its policy hierarchy structure, with each level inheriting policies above it.
☑ Reporting and dashboards: Provides the visibility required through customizable dashboards with custom and template-based reports. Delivers comprehensive alerts and reports for both general and focused information. Displays event and contextual information in hyperlinked tables, graphs, and charts for easy-to-use analysis. Monitors network behaviour and performance to identify anomalies and maintain system health.