Service
providers have told us that APIs are no longer enough. Security services
integration is too costly, and the efficacy is inadequate.
Until now,
service providers’ only viable security approach has been the deployment of
scalable point solutions. This approach limits integration, leaving gaps in
threat visibility and correlation. Furthermore, disparate security appliances
hinder the dynamic protection of workloads and data flows as they traverse
physical, virtual, and cloud topologies.
Cisco reimagines
service provider security by integrating its own security services and those of
its partners. With intelligent service stitching, the capability helps optimize
both threat defense and network performance. This approach supports the full
realization of open and programmable networks. Security policies consistently
follow data flows and workloads across the network fabric.
Security is
central to the Cisco Evolved Programmable Network architecture for service
providers (Figure1). The architecture
protects data and availability for service providers and their customers.
As well, Cisco’s
rapid provisioning makes new security services practical to deploy. Security
thus becomes a value-added strategic business differentiator.
Our unique
threat-focused approach is available with the Cisco Firepower 9300 Security
Appliance and the Cisco Firepower 4100 Series high-performance carrier-class
platforms. Both platforms can deliver multiple Cisco security services,
including the Cisco ASA firewall, Cisco Firepower next-generation firewall,
Cisco next-generation IPS (NGIPS), and Cisco Advanced Malware Protection (AMP).
The platforms can support the Cisco Firepower Threat Defense or the ASA
software image and the Radware DefensePro distributed-denial-of-service
mitigation capability.
Transforming
Best-in-Class Solutions
Deploying point
solutions has been critical to fulfilling service-level agreements. However,
this approach relies on manual and inefficient processes (Figure2).
Our Unique Approach
Cisco’s
threat-centric security approach tightly integrates security services beyond
APIs across physical, virtual, and cloud topologies (Figure4).
With Cisco’s
approach, costs are lowered and the operations of service providers and their
customers are protected with scalable, dynamic, and threat-centric security.
Cisco Firepower
9300 is a carrier-class platform that scales with security modules to meet
business needs. It provides:
• Performance
that is 600 percent higher and a port density 30 percent greater than the Cisco
ASA 5585-X Adaptive Security Appliance
• Terabit
backplane and high power efficiency
• Low latency and
high efficiency through intelligent service stitching of multiservice and
multivendor (Cisco and third-party) security applications
• Swappable
application-blade architecture for flexible configuration and easy performance
scaling
• 10, 40, or 100
Gigabit Ethernet
Cisco Firepower 4100 Series carrier-class platforms
deliver:
• Performance
that is 200 percent higher and a port density 30 percent greater than the Cisco
ASA 5585-X Adaptive Security Appliance
• High
efficiency through intelligent service stitching of multiservice and
multivendor (Cisco and third-party) security applications
• 10 or 40
Gigabit Ethernet (GE) I/O Next Steps
Reference from https://www.cisco.com/c/dam/en/us/products/collateral/security/firepower-9300-security-appliance/at-a-glance-c45-734810.pdf
More info
More Cisco Security & Firewall Topics