Menu
Cisco unveils security-product barrage at Cisco Live Conference

Cisco unveils security-product barrage at Cisco Live Conference

Includes a push into virtualising its ASA firewall,

Cisco's Advanced Malware Protection (AMP) technology, known as FireAMP, is already supported in its firewalls and e-mail gateways, but now the company is making AMP available as a standalone product.

That's just one of a slew of security announcements the company is making at this week's Cisco Live Conference.

The dedicated AMP for Networks appliances include the FirePOWER AMP8150 (up to 2Gbps performance) and AMP7150 (up to 500Mbps performance), a line of products that start at $48,000. Both of the new dedicated AMP appliances are designed to monitor and block malware, including zero-days, via Cisco's cloud-based content-inspection technology. But for Cisco customers that don't want to send their data off premises in this sandboxing process, Cisco has also come up with an on-premises option called the AMP Private Cloud Appliance that starts at $100,000.

+ ALSO ON NETWORK WORLD Cisco announces security service linked with new operations centers | Cisco details Sourcefire security-threat integration, integration, open-source direction +

The AMP Private Cloud appliance was created to meet the needs of organizations working under security and data-privacy rules that restrict where data can be transmitted. It will work the same way as the other AMP choices, such as collecting information from AMP endpoint connector agents for Windows, Mac OS X or Android.

"There's a synchronization mechanism to keep up with all the dynamic analysis, machine-learning and blacklists," said Marty Roesch, vice president and chief architect for Cisco's Security Business Group. AMP for Endpoints starts at $30 per user for enterprise deployments over 5,000 seats.

Cisco says it's also expanding how AMP works by including a search engine for threat analysis that lets the security manager perform forensics related to file and host names relative to the scope and containment of malware across an enterprise. In addition, AMP 5.3 has a "file extraction" capability that lets the security manager request that a host computer that has an AMP agent send up a copy of a file if it hasn't gone through the sandboxing analytics process to be inspected for malware. Cisco has also added a way to correlate "indicators of compromise" using AMP. In forensics, indictors of compromise point to the strong likelihood of specific compromise or intrusion into an enterprise network.

One Cisco customer, Dan Polly, vice president enterprise information security manager at First Financial Bank, says unknown threats and social engineering attacks, especially phishing attacks on employees, remain a key concern. First Financial Bank has deployed several security technologies, but AMP is considered an "anchor" of defense for the bank because its sandboxing approach "finds things traditional A/V can't," Polly says. First Financial expects to also look into the newer option Private Cloud option.

Cisco today also announced its intent to acquire ThreatGRID, the New York City-based security firm that offers malware analysis and threat intelligence technology, for an undisclosed price. Cisco said it's acquiring ThreatGRID to enhance Cisco's Advanced Malware Protection (AMP) products.

Cisco also made a push into virtualising its ASA firewall, saying the new software-based ASAv is designed to run on the VMware platform initially with plans to add support for KVM and Microsoft's HyperV. "Our goal is to make it hypervisor-agnostic," says Raja Patel, Cisco's senior director, cloud security and threat intelligence product management.

Patel says the virtualized ASAv firewall was built with RESTful APIs so it can be used to run in Cisco's Software-Defined Network data center environment or any SDN supporting RESTful APIs. The ASAv firewall is not oriented toward next-generation application filtering but is mainly port-based for flexibly firewalling virtualized workloads, for example in bursting environments. Cisco says it's possible to spin up virtual machines and leverage one to four cores to produce 2Gbps of performance per instance. The Cisco ASAv virtual firewall starts at $56,000.

Cisco also announced an updated version of the ASA 5585-X series that will now support 16-node clustering for up to 640Gbps throughput. It starts at $29,995. All of these products are available now, and by the end of next month, Cisco will be providing a free Cisco Validated Design guide for Cisco Secure Data Center that outlines planning and design architectures.

Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com

Read more about wide area network in Network World's Wide Area Network section.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags ampsourcefireanti-malwareWide Area NetworkFirewall & UTM

Featured

Slideshows

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA

Reseller News has honoured the leading female front runners of the New Zealand ICT industry at the 2019 Women in ICT Awards (WIICTA) in Auckland. The awards recognised standout individuals across six categories, spanning Entrepreneur, Rising Star, Shining Star, Community, Technical and Achievement. Photos by Gino Demeer.

Leading female front runners of the Kiwi ICT industry honoured at 2019 WIICTA
Reseller News kicks off awards season in 2019 with Judges' Lunch

Reseller News kicks off awards season in 2019 with Judges' Lunch

The 2019 Reseller News Innovation Awards has kicked off with the Judges Lunch in Auckland with 70 judges in the voting panel. The awards will reflect the changing dynamics of the channel, recognising excellence across customer value and innovation - spanning start-ups, partners, distributors and vendors. Photos by Christine Wong.

Reseller News kicks off awards season in 2019 with Judges' Lunch
Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomes industry figures for 2019 Hall of Fame lunch

Reseller News welcomed 2018 inductees - Chris Simpson, Kendra Ross and Phill Patton - to the third running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing landscape of the technology industry in New Zealand, while outlining ways to attract a new breed of players to the ecosystem. Photos by Gino Demeer.

Reseller News welcomes industry figures for 2019 Hall of Fame lunch
Show Comments