Distributed security architecture for security enforcement
The new borderless organizations have dramatically changed the definition of how, when and where people work, causing a need to redefine the way security solutions are built and deployed. Driving this change is a new wave of mobility, virtualization and cloud technologies that have forced IT security administrators to deal with a multidimensional problem and to rethink how security must be implemented and enforced.
To enable companies to conduct business without borders, Cisco is introducing a new highly distributed security architecture that manages enforcement elements like firewalls, Web proxies and intrusion-prevention sensors with a higher-level policy language that is context-aware to accommodate business needs.
These next-generation scanning elements are independent of the physical infrastructure and can be deployed as appliances, modules and cloud services. Better suited to address today’s security challenges, they are designed to know exactly who a user is, what role that user plays in the organization, and whether that user should be allowed access.
Cisco SecureX Architecture includes:
- Context-aware security enforcement elements that are independent of the physical infrastructure and can be deployed in a highly distributed way.
- A context-aware policy language that helps manage the context-aware enforcement elements.
- Cisco AnyConnect, which tethers any device, anytime, from anywhere, into the security enforcement fabric.
- Virtual and cloud platforms that attach to Cisco’s virtual data center switching capabilities.
- Cisco Security Intelligence Operations, a cloud-based service that provides global context and threat intelligence.
- Comprehensive, extensible APIs that allow Cisco’s own management systems and partners to plug in and complete the security ecosystem.
New context-aware capabilities for the Cisco Adaptive Security Appliance (ASA):
The Cisco ASA will be the first to offer full context-aware firewalling and policy enforcement. By combining local context using Cisco TrustSec, global context from Cisco Security Intelligence Operations, and mobile insight from Cisco AnyConnect, the Cisco ASA allows businesses to gain visibility into their network infrastructure, provide better security, and create streamlined policies that correspond to business rules. Users, applications, data, reputation, devices, posture, threats, destinations, sources and locations are some of the components of the multifaceted context that the Cisco ASA will deliver. These will allow customers to extend their existing trusted firewall infrastructure to be consistent with the dynamic needs of their businesses and employees.
Cisco AnyConnect Client Telemetry for Cisco Security Intelligence Operations:
AnyConnect 3.0 adds real-time client-based threat telemetry to Cisco Security Intelligence Operations to bolster an existing footprint of more than 700,000 network and content security appliances. Telemetry from existing Cisco security services for e-mail, Web, intrusion prevention, firewall and cloud security services enable powerful global context and threat intelligence, ensuring fast and focused protection against a full range of malicious activity. With a footprint of more than 150 million AnyConnect and legacy VPN clients, this represents a huge step forward in the visibility and actionable threat intelligence that Cisco Security Intelligence Operations can provide.
Other AnyConnect 3.0 highlights:
Cisco AnyConnect 3.0 now supports Web security services delivered via Cisco IronPortTM Web Security Appliances and Cisco ScanSafe cloud security service.