Tuesday, April 7, 2015

Cisco Offers Threat Grid via Cloud or On-prem Appliance

Cisco announced a number of new network security capabilities and services, including a new AMP Threat Grid in the Cisco Advanced Malware Protection (AMP) portfolio:

AMP Threat Grid provides dynamic malware analytics and threat intelligence.  These advanced capabilities are provided as a standalone cloud service or via new UCS based on premise appliances.  AMP Threat Grid analytics engines provide security teams with breach detection against advanced malware, allowing them to quickly scope and recover from a breach by providing context-rich, actionable threat intelligence.

Vulnerability visibility and prioritization: AMP for Endpoints brings additional visibility to the extended network by providing a list of hosts that contain vulnerable software, a list of the vulnerable software on each host, and the hosts most likely to be compromised. Powered by Cisco threat intelligence and security analytics, AMP identifies vulnerable software being targeted by malware and the potential exploit, and provides customers with a prioritized list of hosts to patch.
Enhanced Retrospective Security Capabilities

Cisco also announced new models of its ASA with FirePOWER Services -- a threat-focused next-generation firewall (NGFW) aimed at midsize companies, branch offices and industrial environments with the same advanced malware protection and threat detection capabilities deployed by large enterprise organizations. The Cisco ASA with FirePOWER Services combines stateful firewall, application visibility and control (AVC), advanced malware protection (AMP), and next-generation intrusion prevention capabilities (NGIPS) into a single device. Pricing starts at US $995 including a Cisco ASA with FirePOWER Services appliance and management.

 "Every day organizations are faced with advanced threats that infiltrate and persist in company environments for months before they are discovered.  We believe that the most effective way to address these real-world challenges is continuous threat protection against these attacks. Further enhancements like advanced correlation of indicators of compromise, vulnerability mapping and expanded retrospective security further differentiate Cisco AMP and strengthen security teams' responses before, during and after an attack," stated Marty Roesch, Vice President, Chief Architect, Cisco Security Business Group.