Service providers have told us that APIs are no longer enough. Security services integration is too costly, and the efficacy is inadequate.
Until now, service providers’ only viable security approach has been the deployment of scalable point solutions. This approach limits integration, leaving gaps in threat visibility and correlation. Furthermore, disparate security appliances hinder the dynamic protection of workloads and data flows as they traverse physical, virtual, and cloud topologies.
Cisco reimagines service provider security by integrating its own security services and those of its partners. With intelligent service stitching, the capability helps optimize both threat defense and network performance. This approach supports the full realization of open and programmable networks. Security policies consistently follow data flows and workloads across the network fabric.
Security is central to the Cisco Evolved Programmable Network architecture for service providers (Figure1). The architecture protects data and availability for service providers and their customers.
As well, Cisco’s rapid provisioning makes new security services practical to deploy. Security thus becomes a value-added strategic business differentiator.
Our unique threat-focused approach is available with the Cisco Firepower 9300 Security Appliance and the Cisco Firepower 4100 Series high-performance carrier-class platforms. Both platforms can deliver multiple Cisco security services, including the Cisco ASA firewall, Cisco Firepower next-generation firewall, Cisco next-generation IPS (NGIPS), and Cisco Advanced Malware Protection (AMP). The platforms can support the Cisco Firepower Threat Defense or the ASA software image and the Radware DefensePro distributed-denial-of-service mitigation capability.
Transforming Best-in-Class Solutions
Deploying point solutions has been critical to fulfilling service-level agreements. However, this approach relies on manual and inefficient processes (Figure2).
Our Unique Approach
Cisco’s threat-centric security approach tightly integrates security services beyond APIs across physical, virtual, and cloud topologies (Figure4).
With Cisco’s approach, costs are lowered and the operations of service providers and their customers are protected with scalable, dynamic, and threat-centric security.
Cisco Firepower 9300 is a carrier-class platform that scales with security modules to meet business needs. It provides:
• Performance that is 600 percent higher and a port density 30 percent greater than the Cisco ASA 5585-X Adaptive Security Appliance
• Terabit backplane and high power efficiency
• Low latency and high efficiency through intelligent service stitching of multiservice and multivendor (Cisco and third-party) security applications
• Swappable application-blade architecture for flexible configuration and easy performance scaling
• 10, 40, or 100 Gigabit Ethernet
Cisco Firepower 4100 Series carrier-class platforms deliver:
• Performance that is 200 percent higher and a port density 30 percent greater than the Cisco ASA 5585-X Adaptive Security Appliance
• High efficiency through intelligent service stitching of multiservice and multivendor (Cisco and third-party) security applications
• 10 or 40 Gigabit Ethernet (GE) I/O Next Steps
Reference from https://www.cisco.com/c/dam/en/us/products/collateral/security/firepower-9300-security-appliance/at-a-glance-c45-734810.pdf
More Cisco Security & Firewall Topics