6 Ways to Secure Your Network & Users with Cisco Security

Investments in cyber-security are gaining importance more than ever before, and taking care of network security, access, users and data is no longer just a matter of responding to ad hoc threats when they appear.

A new reality, where many processes happen virtually or in a cloud environment, requires proactive steps towards achieving effective protection of your business. Cisco security landscape covers comprehensive solutions in this particular scope.

This text will focus on solutions for network access security and end device protection.

Lately, Cisco has heavily broadened its security products portfolio. That’s good news, especially because the giant opens up for integration with other systems, which can result in the ability to build security systems based on solutions provided by various suppliers. It will benefit especially small and medium organizations.

SecureX, or All in One Place

They say that all roads lead to Rome. In case of Cisco security, the Rome is SecureX, a platform that integrates not only Cisco solutions, but is also open for integration with third-party systems. For Cisco that is truly ground-breaking!

Cisco bets on integration to such a degree that they add SecureX to all of their solutions from the Cisco Security portfolio. The visibility of all devices in a single panel is without a doubt an interesting asset. Even more so, when you add the ability to aggregate and analyse security data coming from the entire organization, as well as daily updates set up by the Cisco Talos team.

What captivating stuff can SecureX do?

• It correlates threats between devices, which tangibly cuts the response time
• It automatically secures all connected devices and areas
• It knows the context amongst the devices
• It shows ROI and other metrics of many products at once

Most of all, it aggregates information from various parts of the infrastructure and enables responding to them from a single admin dashboard. This way, it not only reduces the threat response time, but also the number of people involved in the process.

Business Network Security. How to Provide It?

The times, when the security of a company was provided solely by anti-virus software and possibly a firewall, are long gone. The threats are on the rise, and it’s fostered by the dispersed nature of organizations. The solutions are migrating towards the cloud to handle query analysis and effectively protect end users, and thus the company data.

It’s difficult to imagine an organization without a firewall. However, it’s worth asking yourself, whether a classic firewall is enough to provide an adequate level of security. There is only one answer – it cannot be enough.

Next-Generation Firewall – Cisco Firewall Firepower 1150

Next-Generation Firewalls are complex units providing a host of safety features, such as URL Filtering, or Application Control, which enables them to view app layer packets, and not only L3 and L4 layers, as is the case with old stateful firewalls. Some can also have anti-malware mechanisms, such as IPS or AMP.

The FPR 1000 Series firewalls, like Firepower 1150 – a popular pick by our customers – will be great for small and medium businesses.

Cisco Secure Firewall

Besides the next-generation firewalls, Cisco also offers the so-called Secure Firewall. It’s a new model of a device that integrates with SecureX. It’s also a way to migrate from ASA 5500-X and FPR8000 series, which will no longer be supported as of May 2023 and June 2024.

In comparison with its predecessors, Secure Firewall offers up to three times greater performance, not to mention the possibility of large-scale encrypted traffic inspections. Among the security mechanisms, you will find Snort 3 IPS, and a peek at apps and control over them is possible thanks to eDynamic.

What’s interesting in Secure Firewall, is the capability to manage from the majority of available platforms, including Firewall Device Manager (FDM), Cisco Secure Firewall Management Center (FMC), Cisco Defense Orchestrator (CDO), or Cisco Security Analytics and Logging.

Cisco ISE – Managing Network Access

Cisco Identity Services Engine (ISE) is a sophisticated NAC-class (Network Access Control) system. Relatively simple to set up, it has a significant impact on providing secure access for users with various permissions, including guests. It will work great in organizations that need to pay special attention to traffic separation and network & asset access levels.

Cisco ISE helps to get a look into what happens within the network – who is connected, which apps are installed and launched, etc. It also includes relevant contextual data, such as user and device identities, threats and gaps in security, which helps speed up hazard identification and removal.

Cisco ISE is available as a physical unit or a virtual machine. It easily integrates with central directories, such as Active Directory.

We wrote about it before, in the context of securing wireless network access.

Endpoint Device User Protection

Endpoint Security is known for years as a security measure for endpoint devices with Internet access, like mobile phones, laptops, desktops or printers. In the times of the Internet of Things (IoT), endpoints also include medical devices, cash machines, smartwatches, or even refrigerators and washing machines.

Endpoint devices are one of the first areas that companies cover when it comes to security. A challenge with regard to effective endpoint security is their constantly increasing number, and growing attack activities using malware or ransomware. One additional risk factor is also a BYOD policy (Bring Your Own Device), which involves connecting to the company systems from any device, private ones included.

Cisco Secure Endpoint – A Modern EDR

Once the endpoint security was provided by an antivirus software installed on a single device, however, nowadays it involves platforms that enable tracking of all devices from one console, updating them and enforcing the use of the company’s security policy.

As part of its portfolio, Cisco offers an advanced Secure Endpoint solution, which uses:

• Detection and Response (EDR, XDR), i.e. mechanisms that enable threat detection and prevention by, e.g. blocking specific files or connections on the endpoint, and in severe cases, isolating the device;
• Advanced analytics based on Machine Learning, which provides effective recognition of cyber threats, even zero-day ones;
• User access control integrated with securing endpoints themselves;
• Integration with SecureX, which makes it possible to collect data on hazards at various points of the infrastructure, and correlate them with one another;
• Secure Malware Analytics Cloud, or the possibility to identify attacks in real-time.

Secure Endpoint solution was highly graded in the “AV-Comparatives Endpoint Prevention and Response Test” comparison. The chart below shows the value to the cost of ownership ratio of each EDR solution for the organization. The red star indicates the placement of Cisco Secure Endpoint.

Cisco Duo – Multi Factor Authentication

Multi Factor Authentication (MFA) is a security measure that provides double or triple verification of a user’s identity before granting them access to data.

The use of another authentication factor (e.g. a physical or digital token, SMS code, biometrics, or push notifications in an app) works well especially for securing remote access outside the organization’s headquarters.

The Cisco portfolio features a convenient solution for multi-factor authentication – Cisco DUO. Its forte is the option to integrate with most apps, without excessive involvement or workload for the IT department.

Besides MFA, Cisco Duo also provides solutions like Single Sign-On (SSO – secure access to any app from a single navigation dashboard), Adaptive Access Policies (a tool used for creating complex access policies), Remote Access (secure remote access to on-premise apps), and Device Trust (a tool used for verification of device safety).

Cisco Umbrella

Once based only on the DNS Protection mechanism, nowadays Umbrella is the foundation of Cisco SASE architecture. It combines firewalls, SWG, DNS protection, as well as CASB and threat intelligence in a single spot (one cloud).

With so many capabilities under one Umbrella, you can effectively safeguard remote users, who work from a home office, and entire company sites that are placed outside its headquarters.

The basis of Umbrella operation is the use of Cisco Talos’ work, which “powers” Umbrella with knowledge of new susceptibilities, thus enabling the elimination of existing and emerging threats.

What Do You Get Thanks to Cisco Umbrella?

1. Protection against malware, ransomware, and phishing. Using DNS servers, Umbrella effectively blocks hazardous domains, using over 20 billion domains for daily analyses. What’s more, the Secure Web Gateway mechanism logs and reviews web traffic, and the firewall blocks it with its rules and protocols.
2. Shorter incident response time. Umbrella can categorize traffic, visibly indicating what kind of threat is associated with specific connections. In addition, the Investigate Console lets you review historic and contextual data, which speeds up the safety incident response time.
3. Integration with Cisco SecureX. The SecureX platform is a part of all Umbrella subscriptions by default, which will help you easily provide your security department with information coming not only from Umbrella, but also other, non-Cisco security devices.

How to Select the Right Cybersecurity Solution?

The plethora of cybersecurity solutions on the market, even in a portfolio of a single manufacturer, may seem overwhelming. Which areas should be protected first? Are all of them equally important? Will the different manufacturers’ solutions work well together? Will I have to replace the hardware used so far?

These are frequently asked questions that are impossible to answer clearly without proper context and preparation. Some of these questions will be difficult to answer by yourself.

Cisco’s portfolio includes many modern products that are perfectly competitive on the security market, providing safety not only for networks and users, but also for clouds and applications. The renewed Umbrella and the open SecureX platform are especially interesting.

If you’re wondering whether your current solutions meet the actual needs of your organization, it’s about time that you go and have a look at it. Our engineers (proficient not only in Cisco) will help you not only with diagnosis, but – if needed – also with selection and deployment of specific solution that is tailored to your organization.