Cisco Canada Blog

Protecting the Attack Continuum

April 21, 2015

For AMP blog post  -Apri l2015This month, Cisco announced a new host of advanced capabilities and services for security professionals, continuing Cisco’s commitment to arming businesses against all stages of the attack continuum.

We’ve discussed in the past how security threats have evolved over the last the few years and how the frequency and scope of attacks have forced professionals to change their attitudes concerning protection. It’s no longer a matter of if you’ll be attacked, or even when. Security breaches are happening every day; you already have been compromised.

As a result, organizations need to address all stages of the attack continuum: before, during and after. And that’s where Cisco comes in. For the last few years, Cisco has been releasing security solutions to fight this escalating war. With this new announcement, customers can get advanced malware protection that includes context-rich threat intelligence, dynamic malware analysis, and retrospective security, along with faster time to detection (TTD) and time to remediation (TTR).

Spearheading this announcement is the introduction of Incident Response Services to equip organizations with teams of information security experts that utilize threat intelligence and best practices for readiness and response from network to endpoint to cloud. The group works with organizations to identify the source of infection, where it entered the environment, and what data was compromised. It’s something I’m particularly excited about and will be discussing in more depth in a future blog.

Additional highlights of the new announcement include:

– New capabilities in Cisco Advanced Malware Protection (AMP) to enhance continuous breach detection, response and remediation.
– New Cisco ASA with FirePOWER Services for SMBs, midsized organizations, and branch offices.

In addition, this latest announcement represents another technology integration success in the Cisco portfolio of security solutions, specifically between Cisco and ThreatGRID, acquired in June 2014. AMP Threat Grid adds new threat intelligence and dynamic malware analysis capabilities that strengthen continuous and zero-day detection.

One of the most innovative aspects of the new solution is what we refer to as the “AMP Everywhere” strategy. We know that one of the biggest challenges facing a business is the actual deployment of security solutions – ensuring the right solution is used to meet a business’ specific needs.  Cisco AMP is deployable on multiple platforms and able to meet a number of performance and storage requirements to reduce complexity and fragmentation.

The solution can be deployed:

– As a network-based solution
– As an endpoint solution for PCs, Macs, mobile devices and virtual environment
– As an on-premise private cloud virtual appliance built for high-privacy environments
– As an integrated feature in Cisco Cloud Web Security or Cisco Web and Email Security Appliances
– As a stand-alone threat intelligence and dynamic malware analysis solution via the AMP Threat Grid appliance.

This is a key competitive differentiator for Cisco, and offers a range of flexible deployment, performance and storage options, unmatched in the industry.

These additions to the Cisco portfolio of security solutions further enhance our overall strategy of threat-centric products and services, specifically by providing advanced malware protection “everywhere” and across the full attack continuum.

Leave a comment