Cisco extends its Security Everywhere strategy deeper into cloud, network and endpoints

Cisco has announced it is advancing its Security Everywhere strategy deeper into the cloud, network, and endpoints with new security products and features, and a threat awareness service as organizations execute on their digital transformation. Specifically, Cisco is adding Cisco Cloud Access Security (CAS), which provides visibility and data security for cloud-based applications; Identity Services Engine (ISE) enhancements, extending visibility and control for network and endpoints with new location access controls; and Threat Awareness Service, which provides organizations with threat visibility into their networks. [caption id=“attachment_2289250” align=“alignleft” width=“380”]  Courtesy: Cisco website[/caption] The new Cisco Cloud Access Security (CAS) offering allows organizations to address this complexity as well as increase visibility and control over data in cloud applications. Partnering with Skyhigh Networks and Elastica, CAS delivers increased visibility into “hidden” applications that employees might bring onto the network; detection of malicious behavior; and the ability to set security policies that tailor application usage and user behavior to align with corporate policies. To protect cloud-based applications, such as Dropbox and Salesforce.com, CAS prevents the uploading of sensitive information and inappropriate sharing of data in the applications, to limit data exposure breaches. Cisco Cloud Web Security now integrates with CAS and provides branch offices secure direct Internet access with Integrated Services Router 4K router integration, saving on bandwidth costs. The Cisco Identity Services Engine (ISE) is extending software-defined business policies for control over more granularly segmented endpoint, user and geographical access. ISE now integrates with the Cisco Mobility Services Engine, so IT can create and enforce location policies that define access to data down to a specific room. This reduces the overall attack surface, containing network threats, and securing wired, wireless and remote network access across the entire attack continuum. ISE also is extending its security coverage through its pxGrid partner ecosystem with nine new partners – including Check Point, Infoblox, Invincea, E8 Security, Hawk Defense, Huntsman Security, LogRhythm, SAINT, and SOTI – bringing the total number of partners to 30 in its first year of deployment. Ecosystem partners can now share security telemetry bi-directionally between pxGrid partners. A new feature of the pxGrid Adaptive Network Control allows partners to leverage ISE to rapidly investigate and contain attacks using the network as an enforcer. Leveraging the power of Cisco’s threat intelligence telemetry, Cisco Threat Awareness Service enhances threat visibility of inbound and outbound network activity and highlights potential threats that may require additional attention. Rounding out the new security offerings are the addition of the Network Visibility Module to AnyConnect VPN to provide traffic flow and contextual data regarding users, applications, devices, locations, and destinations. Also, AMP (Advanced Malware Protection) Threat Grid now provides broader contextual information across the full AMP portfolio, extending protection for ASA with FirePOWER Services and AMP for Networks. Newly acquired OpenDNS uses its view of global Internet activity to provide cloud-delivered network security and threat intelligence solutions that provide advanced threat protection for any device, anywhere, anytime. With this latest update, the OpenDNS Umbrella threat enforcement platform prevents system compromise and data exfiltration over any port or protocol for both DNS and IP-initiated connections. Additionally, the OpenDNS Investigate global threat intelligence product now features a new search functionality that can uncover shared attacker infrastructure, find newly registered domains that are used to impersonate brand websites, and identify other patterns in phishing or targeted attacks.