Cisco (CSCO) is delivering on the AI-driven Cisco Security Cloud, investing in artificial intelligence and machine learning innovations that will empower security teams by simplifying operations and increasing efficacy.
Today’s IT environment has dramatically shifted. Cloud adoption is accelerating. Remote and hybrid users are now the majority. Most organisations rely on a complex web of point products that weren’t designed to support today’s highly distributed environment. Users are forced to navigate inconsistent access experiences and reauthenticate throughout the day – disrupting productivity.
With Cisco Secure Access, Cisco’s new SSE solution, decisions about how users connect to applications are handled behind the scenes, so they get to what they want more quickly. The result is users who are more secure with less hassle.
“With Cisco Secure Access, we are removing the burden from the user and providing a superior experience with frictionless access to all applications – not just some – to enable secure, hybrid work,” says Jeetu Patel, executive vice-president and GM of security and collaboration at Cisco. “Our unmatched visibility of the network gives us an advantage that no other company has–and we truly believe that where security meets the network, Cisco is the best in the world.”
Highlights of Cisco Secure Access include:
* Common Access Experience: Delivers a single, easy way to access all applications and resources (not just some) by intelligently and securely steering traffic to private and public destinations without end-user intervention.
* Single, Cloud-Managed Console: Simplifies security operations by converging multiple functions into one easy to use solution that protects all traffic. Instead of managing a broad set of tools, administrators, and analysts can go to one place to see all traffic, set all policy, and analyse security risks. This translates into efficiency gains, cost reductions, and a flexible IT environment.
* Faster Detection and Response: Provides analysis to speed up investigations and is backed by Cisco Talos AI-driven threat intelligence to detect and block more threats.
Cisco Secure Access is taking a hybrid Points of Presence (POP) approach with Cisco Data Centers and public cloud providers to rapidly extend global reach for our customers. As part of the Cisco Security Cloud, it leverages capabilities from the rest of the Cisco security and networking portfolio, including embedded network visibility from Cisco ThousandEyes, and can be easily integrated with solutions from third-party vendors. Cisco Secure Access will be in limited availability starting in July 2023 and will be Generally Available in October 2023.
Generative AI
Cisco is previewing the first generative AI capabilities in the Security Cloud. Today, most organisations have a patchwork of security products, forcing teams to set and maintain extremely complex security policies as well as track and remediate threats across numerous solutions.
* Reduce Policy Complexity: The Cisco Security Cloud will leverage a generative AI-powered Policy Assistant that enables Security and IT administrators to describe granular security policies and evaluate how to best implement them across different aspects of their security infrastructure. For the first implementation, customers will be able to reason with Cisco’s AI Assistant to evaluate and produce more efficient firewall policies. It will leverage customers’ existing rulesets in Cisco Secure Firewall Management Center to drive unmatched efficiency without sacrificing granular control and will be available later this year.
* Quickly Detect and Remediate Threats: Cisco’s SOC Assistant will support the Security Operations Center (SOC) to detect and respond to threats faster. When an incident occurs, the assistant will contextualise events across email, the web, endpoints, and the network to tell the SOC analyst exactly what happened and the impact. Analysts can then interact and reason with the assistant to determine the best remediation approach leveraging an extensive knowledgebase of potential actions while also taking into account the analysts input.
Network Security Bolstered for Hybrid Work
The world is hybrid, and users require seamless connected experiences at the office and on the road.
As the demands of the firewall as the foundation of the security stack continue to expand, the new Cisco Secure Firewall 4200 Series raises the bar for performance and flexibility with cryptographic acceleration, clustering and modularity.
Running the new 7.4 version of the operating system, Secure Firewall 4200 features:
* AI and ML-based encrypted threat blocking without decryption.
* An evolution of Zero Trust Network Access (ZTNA) with complete threat inspection and policy for each individual application.
* Simplified branch routing that brings security, control, and visibility to traffic from remote offices to applications in hybrid datacenters.
Cisco has also announced Cisco Multicloud Defense following its recent acquisition of Valtix. Multicloud Defense extends the traditional firewall concept into a service-oriented, multicloud world. SecOps teams can now manage security across AWS, GCP, Azure, and OCI with a single policy, in real- time, from a single SaaS platform.
In addition, teams can rapidly spin up security for any cloud environment, leading to increased security and efficiency. Cisco Multicloud Defense is available today.
Cloud Application Security
Cisco is delivering an integrated approach to secure cloud native applications from code to cloud with new capabilities in Panoptica, Cisco’s cloud native application security solution.
Adding to the Cloud Workload Protection (CWPP) that Panoptica currently provides, Cloud Security Posture Management (CSPM) will be available starting Fall 2023 to deliver continuous cloud security compliance and monitoring at scale, giving customers visibility into their entire inventory of cloud assets, including Kubernetes clusters.
In addition, a new attack path engine that uses graph-based technology to deliver advanced attack path analysis will help security teams quickly identify and remediate potential risks across cloud infrastructures. Further, Panoptica’s integration with Cisco’s Full Stack Observability portfolio provides real-time visibility to prioritise business risks.
These integrated capabilities will help security and developer teams alike gain the visibility, control and actionable intelligence required to protect dynamic cloud applications and infrastructure.