Can your firewall do that?

Can your firewall do that?

Prevent breaches automatically to keep your business moving

At Cisco, we’re constantly talking with executives and IT leaders about cybersecurity. They’re concerned – they want to know how to protect their company, their employees, and their customers. But three primary concerns always seem to top the list:

  • Breach Prevention
  • Lack of Visibility
  • Limited Resources

More often than not, organizations look for shiny new security tools to address these problems. But rather than adding more tools, have you thought about asking how your firewall can help?

In this blog, we’ll explore the concerns above and showcase how a Cisco Next-Generation Firewall, as a core component of your security defenses, can offer a solution. You should be demanding more from your firewall. You should be asking yourself – “Can my firewall do that?”

Let’s address the first concern – breach prevention. In the face of constant attacks and headline-grabbing cybersecurity breaches, organizations today are worried about the next big cybersecurity breach. A breach can compromise sensitive data, erode confidence in an organization’s brand, knock the network out of commission, and result in lost productivity and millions of dollars lost. How can a Cisco firewall prevent breaches and keep your business moving?

Actionable threat intelligence can stop threats in their tracks

It all starts with the best threat intelligence. A firewall acts as a filter and gateway for network traffic, but it must scrutinize network traffic and files against the largest, most robust, and most up-to-date threat intelligence available. Cisco Talos provides threat intelligence to Cisco firewalls. Cisco Talos is the largest commercial threat intelligence team in the world, comprised of over 250 world-class researchers, analysts and engineers. The team is supported by unrivaled telemetry and sophisticated systems to create accurate, rapid and actionable threat intelligence that is continuously pushed out to Cisco products (including the firewall)– free of charge.

The breadth and depth of Talos intelligence and analysis is staggering. For instance:

  • Talos blocks approximately 200 billion malicious emails a day, which equates to approximately 2.3 million blocks per second.
  • Talos inspects nearly 17 billion web requests each day
  • Talos collects and analyzes more than 1.5 million malicious software samples a day by compiling data acquired from product telemetry along with honeypots, sandboxes, and industry partnerships in the malware community

Talos uses this data to create security protections (in the form of security rules) to defend Cisco customers against known and emerging threats, discover new vulnerabilities in common software, and interdict threats in the wild before they can further harm the internet at large. Talos maintains the official rule sets of Snort.org, ClamAV, and SpamCop, in addition to releasing many open-source research and analysis tools.

The result? A proven track record

This combination of expertly-sourced threat intelligence and integrated IPS functionality built into the Cisco firewall translates to real results. Consider some of the biggest breaches over the past few years – WannaCryNyetya, and VPNFilter. Cisco Talos caught all of these (and others) and Cisco firewall customers were automatically protected without having to do a thing.

Take WannaCry for example. Cisco Talos created a security protection in the form of a Snort rule to protect against WannaCry two months before it hit the broader public. WannaCry made global headlines when it hit on May 12th, 2017. Cisco NGFW customers were protected way back on March 14th. That’s because WannaCry leveraged several previously disclosed vulnerabilities in order to compromise systems. Cisco NGFW customers automatically received and applied protections thanks to IPS rules that were written by Talos to protect against any attacks that would try to exploit these vulnerabilities.

 

John Dominguez
February 13, 2019