Global security challenges are ever-growing, especially with the rise of sophisticated threats. A growing concern for many of our customers is around security for today’s complex data centers. How do you keep data safe while you’re running applications in both on-prem data centers and in public, private, and hybrid clouds?
The solution is simple— security for the data center must evolve to deliver greater insight. In order to protect your data and reduce the scope of an attack, customers are choosing multi-layered segmentation, which limits the ability for threats to spread through the data center from one resource to another, while delivering threat protection to quickly see and stop the breach before hackers can steal data or disrupt operations. The result is increased agility and intelligence together with robust protection as workloads move across physical data centers and multi-cloud environments.
The proliferation of devices and applications are creating many new entry points for threats while generating a flood of traffic, requiring organizations to rethink data center security. Virtualization, cloud, and software defined networking (SDN) increase security complexity, while new technologies such as microservices, containers and APIs increase the opportunity for data theft. Traditional perimeter methods for security are no longer sufficient to protect dynamic applications and workloads.
Cisco is offering our Next Generation Firewall (NGFW), Tetration, Stealthwatch and Application Centric Infrastructure (ACI) technologies as a comprehensive, integrated solution that enables effective security that follows the workload everywhere.
Cisco’s architectural security solution to secure the modern data center is comprehensive, and we are the only vendor that can truly protect the workload everywhere.
Our integrated security solution provides these unique capabilities:
- Enhanced visibility – Identify network and application anomalies in minutes by using endpoint and network analytics and process behavior dynamic baselining and by detecting and flagging deviations. This helps organizations identify who users are, where they are connecting from, and what hosts and application resources they are accessing.
- With Cisco Stealthwatch, Cisco makes it easier for organizations to quickly discover breaches with hundreds of threat classifiers and global machine learning that analyze user and device communications for malicious network activity such as encrypted threats.
Using Cisco Tetration, customers can identify a broad set of Common Vulnerabilities and Exposures (CVEs) including high impact server vulnerabilities. Customers can also detect suspicious process behavior deviations such as shellcode, privilege escalation, and side channel attacks such as Spectre and Meltdown.
Efficient application segmentation— Reduce the attack surface up to 85 percent by eliminating identified vulnerabilities. Cisco keeps bad actors in one place by preventing them from moving laterally across servers or east-west traffic flows with micro-segmentation and application whitelisting.
Segmentation is enforced at multiple areas in the data center — at the perimeter but also deep into the application tiers. Workloads no matter where they go can have security attached to them in the form of multi-layered segmentation. This allows for dynamic control of workloads across multiple areas in the data center – across the perimeter, on the fabric, and on the server and application process.
Segmentation enables consistent and granular policy enforcement on our Next Generation Firewalls (NGFW), on the Nexus 9000 Series Switches on the ACI Fabric, across and down to the servers including HyperFlex and United Computing System (UCS) and application process with Tetration.
We can now enforce policy on the workload wherever it moves in the data center and also in a multi-cloud environment. As the workloads move, our integrated segmentation solution works dynamically to adjust and map the right security to those workloads. This allows you to consolidate silos of policy and automate the enforcement of policy.
Quickly detect, block, and respond to breaches—Cisco Talos is the industry’s leading threat intelligence team, blocking 19.6 Billion threats per day and 2.5 Million threats per second.
Powered by Talos, multi-layered threat sensors from Stealthwatch, Next Generation Firewall (NGFW), Firepower Next Generation IPS (NGIPS), and Advanced Malware Protection (AMP) work together to detect the latest and most advanced forms of malware.
Our integrated security architecture works intelligently with Tetration and ACI to deliver comprehensive threat protection to find and block more threats and quickly contain and mitigate those that do breach a data center.
Original post from Cisco.