Cisco unveils new service enhancement around XDR and SASE for security customers
Cisco, unveiled a new security services to further its journey to radically simplify and deliver end-to-end security, across users, devices, networks, applications and data. Announcements improve Extended Detection and Response (XDR) with greater visibility across corporate networks, endpoint and cloud. New innovations expand Cisco’s vision for Secure Access Service Edge (SASE) with enhanced threat detection in the cloud and redefine and simplify network security. Cisco continues to simplify customers’ security, network and IT operations – empowering organizations to embark securely on digital transformation.
The world has shifted towards a more distributed workforce, and with recent global events, hybrid work is here to stay. Users now expect to connect from anywhere and on any device, while security management has the same complex, piecemeal and time-consuming solutions. It is time to rethink security.
“Security has to be at the heart of everything in the new world we live in. We believe it needs to be done with a platform approach that is simple, comprehensive and based on intelligence,” said Fady Younes, Cybersecurity Director at Cisco Middle East and Africa. “There is really no perimeter in the enterprise to defend anymore. We need visibility across endpoints, users and applications as well as securing critical control points with continuous passwordless authentication.”
Improving Visibility and Simplifying Extended Detection and Response (XDR)
The erosion of the network perimeter and transition to work-from-anywhere have conspired to expose endpoint devices, users and applications to advanced Threats more so than ever before. Organizations continue to struggle with extending visibility and protection to endpoints, with more than 40 percent globally reporting a major security incident in the last two years, according to the new Cisco Security Outcomes Study: Endpoint Edition. Organizations that do not prioritize integrated solutions were almost twice as likely to have suffered a major security event. In response, Cisco continues to expand its XDR capabilities, integrating multiple security control points and applying analytics and automation to reduce customers’ time to detection and response. Cisco today announced:
- Industry-leading Vulnerability Management with Kenna Security: Cisco will combine threat and risk-based vulnerability management as part of the SecureX platform with its announcement of intent to acquire Kenna Security. This integration will help customers prioritize vulnerabilities, speed and automate decision making with tailored information, and accelerate response time for cyber readiness.
- SecureX Device Insights: Customers can quickly consolidate their device inventory from multiple sources within the SecureX platform to provide unsurpassed visibility and context for IT operations (ITOps) and security operations (SecOps) as well as automated threat response and enrichment.
- Simplified Transition to XDR from EDR: As the only endpoint security solution with a built-in platform, SecureX continues to help customers simplify the move from Endpoint Detection and Response (EDR) to XDR with more than 30 pre-built workflows, 40 turnkey integrations and new orchestration capabilities. In addition, Cisco Secure Client, our single agent across user, cloud and endpoint protection, enables faster XDR while reducing agent fatigue.
- Expanded Investigation and Quicker Response: Cisco Secure Endpoint’s advanced search technology now bolsters XDR value, offering more than 200 endpoint queries out-of-the-box to get real-time answers to support investigations, threat hunting, and IT Ops use cases such as tracking artifacts about endpoints.
Delivering on a SASE Vision with Enhanced Cloud Security
Today’s distributed and hybrid workforce necessitates delivering protection and performance wherever employees access the internet or cloud applications. Cisco’s SASE architecture integrates multiple security and networking functions into a single, secure connectivity offer. This significantly simplifies security and reduces the cost, time, and resources previously required for deployment, configuration, and integration. Continuing to deliver on its SASE vision, Cisco today announced:
- Rapid Deployment of Cloud Security across SD-WAN: New integration between Cisco Umbrella and Cisco SD-WAN powered by Meraki extends the SD-WAN fabric to the cloud with the click of a button and includes intelligent path selection to enable customers with secure access and the best user experiences when connecting to cloud applications.
- Intrusion Prevention System (IPS) in cloud-delivered firewall: Umbrella’s cloud-delivered firewall now includes an additional layer of protection with Snort 3 IPS, backed by Cisco Talos, one of the largest commercial threat intelligence teams in the world.
- New Packages for Best Protection and Value: Umbrella’s new Secure Internet Gateway (SIG) Advantage package reduces the complexities of purchasing and unifying point solutions by offering a complete set of security capabilities in a single subscription.
Redefining and Simplifying Network Security
Constantly changing application environments make network security more complex. Modern continuous integration and continuous delivery (CI/CD) applications necessitate tighter coordination among developers, security, and network teams to ensure application environments and workloads are secure, firewalls are appropriately configured, and policies are integrated. Otherwise, vulnerabilities and misconfigurations in these constantly changing environments leave doors open for potential threat actors. Redefining and simplifying network security, Cisco today announced:
- Industry-first Integrated Network and Workload Security: Cisco Secure Workload dynamically informs Cisco Secure Firewall of required policy changes and provides comprehensive visibility and control, no matter where applications are located.
- Upgraded Threat Defense: Secure Firewall Threat Defense 7.0, delivers better efficacy with Snort 3 IPS, the world-leading threat protection platform which defined next generation intrusion prevention systems (NGIPS). Snort is now deployed across 800K+ Cisco devices, and the open-sourced Snort engine has seen over 8M+ downloads with 750K+ active users. It includes the flexibility to create robust policies in dynamic environments where fixed IP addresses don’t exist, and performance gains up to 30 percent on most appliances. (Snort 3 is also now featured in Cisco SD-WAN powered by Meraki and Umbrella. The addition of the SecureX ribbon to Secure Firewall Management Center also further simplifies detection and response.
- Introducing Cisco Secure Firewall Cloud Native: Purpose-built for Kubernetes environments, Cisco Secure Firewall Cloud Native is developer-friendly, and the most elastic firewall Cisco has ever built.