Cisco Unveils the Next Generation Firewall

NGFW178390103Last year when Cisco Systems acquired Sourcefire Inc., the Maryland-based cybersecurity solutions firm, the company’s goal obviously was to strengthen its security offerings.

This week Cisco announced its new threat-focused, next-generation firewall (NGFW). Cisco ASA with FirePOWER Services in combination with Sourcefire’s advanced malware protection for integrated threat defense helps Cisco showcase its dedication to cybersecurity.

Cisco already boasted a leading portfolio of security products. But with the growing attention cybersecurity gets with every new headline caused by large-scale breaches, the company looked to boost its line of security products with the addition of Sourcefire’s threat protection capabilities, remediation and enforcement options.

“In today’s climate of industrialized hacking and sophisticated cybercrime, we’ve entered an era in which legacy NGFW solutions are not enough to thwart attackers,” said Christopher Young, senior vice president of Cisco’s security business group. “Now more than ever, organizations need to be able to implement dynamic controls to manage the pace of change of their environments and address security incidents.”

“Cisco ASA with FirePOWER Services is a major step forward for the NGFW market, empowering customers to deepen their protection from the data center, through the network, to the endpoint with the agility to identify, understand, and stop advanced threats in real-time and retrospectively,” Young continued in a release on Cisco’s website.

An NGFW protects the network against new sophisticated attacks by utilizing in-line deep packet inspection (DPI), website filtering and QoS/bandwidth management within a network.

Also, NGFWs are better able to verify a user’s identity, thus allowing user-based policy enablement.

Because threats such as modern web-based malware, application-layer, and targeted attacks are increasing, NGFWs are becoming more popular. In fact, it’s estimated that 80% of all new malware and intrusion attempts are exploiting weakness in applications instead of networking hardware and services.

Desiring to position itself as a leader when it comes to cybersecurity, Cisco’s announcement shows that the company wants to change the way companies protect their networks against ever-increasing sophisticated threats.

Cisco’s threat-focused next-generation firewall integrates its popular ASA 5500 Series firewall with the application control and advanced malware protection the company inherited with the Sourcefire acquisition. The next-generation firewall is engineered to defend during all phases of an attack with full contextual awareness and dynamic controls needed to successfully assess threats and strengthen network defenses.

Traditional NGFWs have focused on application control and were not able to address advanced threats including zero-day attacks. Cisco ASA with FirePOWER Services offers a visibility-driven, threat-focused and platform-based approach.

With better visibility, Cisco ASA with FirePOWER Services is able to detect advanced, multi-vector threats with continuous analysis and automated notifications for both known and unknown malware.

Cisco also announced its continued support for open source network intrusion prevention systems including Snort, ClamAV and other open source software.

Related Courses
SSFIPS – Securing Cisco Networks with Sourcefire Intrusion Prevention System
SSFAMP – Securing Cisco Networks with Sourcefire FireAMP Endpoints
SSFRULES – Securing Cisco Networks with Snort® Rule Writing Best Practices

In this article

Join the Conversation