In at this time’s safety local weather, NetOps and SecOps groups are witnessing elevated assault floor space as purposes and workloads transfer far past the boundaries of their knowledge heart. These purposes/workloads transfer to, and reside in multi-cloud structure, including complexity to connectivity, visibility, and management. In the multi-cloud world, the SecOps groups use a distributed safety mannequin that’s costly, troublesome to deploy, and complicated to handle.
Cisco has partnered with Alkira to assist safe your multi-cloud surroundings. Combining Alkira’s simplified cloud connection by way of their cloud network-as-a-service platform (SaaS-like mannequin) with Cisco’s industry-leading safety controls, we are able to ship a centralized safety mannequin for multi-cloud structure that’s simple to deploy, handle, and will increase visibility and management.
Cisco Secure Firewall Threat Defense Virtual offers unmatched safety controls reminiscent of stateful firewalling, Snort3 IPS, URL filtering, malware protection, software visibility and management, and extra. Additionally, with the acquisition of Secure Firewall Threat Defense Virtual, you’ll obtain license entitlement to Cisco SecureX, our open XDR and orchestration platform, serving to you speed up menace detection, investigation, and remediation.
Cisco Secure Firewall Management Center (FMC) is required for managing Secure Firewall Threat Defense Virtual, serving to directors implement constant entry insurance policies, quickly troubleshoot safety occasions, and examine summarized reviews throughout the deployment.
Secure Firewall Threat Defense Virtual is offered on Alkira’s service market by way of Bring-Your-Own-License (BYOL) and Pay-As-You-Go licensing choices. Customers can seamlessly deploy and insert Secure Firewall of their Alkira Cloud Exchange Points (CXP).
Benefits of this built-in structure embody:
- Simplified community and safety structure: Leverage absolutely automated insertion and service-chaining of Secure Firewall in a centralized safety mannequin for a streamlined community and safety structure.
- Deeper visibility and management in multi-cloud environments: Enjoy simplified firewall insertion in a centralized safety mannequin to attain each north-south and east-west visitors inspection functionality for multi-cloud environments.
- Unified safety coverage: Uniformly implement firewall safety coverage throughout on-premises, cloud, and multi-cloud environments.
- Greater visibility: Cloud-agnostic safety controls provide deeper visibility and management throughout all platforms
- Auto-scale: Cisco Secure Firewall offers a versatile structure that may routinely scale with the community load to fulfill demand. The auto-scaled firewall occasion receives the configuration and licenses routinely (Cisco Secure Firewall Threat Defense auto-scale coming in Q2CY23).
The Cisco Secure Firewall Threat Defense brings the next capabilities to the surroundings:
- Stateful Firewall Inspection
- Application Visibility & Control
- Next-Generation Intrusion Prevention System (IPS)
- URL Filtering
- Malware Defense
- Encrypted Traffic Visibility
Figure 1 exhibits a multi-cloud surroundings inter-connected utilizing Alkira Cloud Exhange Platform (CXP). In the above structure, Cisco offers seamless insertion of safety controls and permits the next use instances for firewall insertion:
- Multicloud Security: Cisco Secure Firewall Threat Defense offers a centralized safety mannequin that allows higher safety controls, visibility, and community segmentation. This deployment presents north-south (N/S) and east-west (E/W) visitors inspection fashions.
- Branch Security: Alkira Cloud Exchange Platform (CXP) connects branches and Cisco Secure Firewall Threat Defense protects N/S and E/W department visitors.
- Secure Internet Edge: Deployment of Cisco Secure Firewall inside CXP permits safe Internet edge for inbound and outbound Internet visitors.
- Cloud DMZ: Enforce ingress firewall safety coverage for software visitors between distant customers and Internet-facing purposes deployed within the on-premises knowledge facilities or cloud environments.
- Shared Application Services: Enforce firewall safety coverage for cross-segment software visitors in instances of enterprise companion integration, mergers, acquisitions, and divestitures.
Firewall Insertion made simple
Using Alkira’s buyer portal, Cisco Secure Firewall Threat Defense Virtual could be simply inserted within the visitors path inside minutes. Figure 2 exhibits how automation & orchestration eliminates further configuration required within the legacy insertion mannequin.
Management Options
Cisco Secure Firewall Threat Defense Virtual is managed utilizing Cisco Secure Firewall Management Center (FMC). Customers can use on-premises FMC or construct a digital FMC occasion within the cloud. Cisco and Alkira help each fashions of deployment.
Insertion fashions
Cisco Secure Firewall Threat Defense Virtual protects the next visitors flows in Alkira CXP:
- Cloud to cloud (intra & Inter-cloud)
- Cloud to on-premises
- Cloud to Internet
- On-premises to cloud
- On-premises to Internet
- Internet to on-premises
- Branch to department
- Branch to Internet
- Internet to department
Alkira and Cisco’s partnership simplifies the deployment of enterprise-grade safety within the cloud whereas enabling multi-cloud visibility and end-to-end menace protection for purchasers.
Additional Resources:
Cisco Secure Firewall Threat Defense
Cisco Secure Firewall Data Sheet
Cisco Secure Firewall Management Center
Alkira weblog on Cisco Secure Firewall Threat Defense
We’d love to listen to what you assume. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Instagram
Facebook
Twitter
LinkedIn
Share: