Cisco Firepower -Source fireIntrusion Prevention System




Csico Firewalls and Firewalls in general help to prevent a broad network attack pattern. In the case of focused attacks the best practice would be to mitigate the risk by using an intrusion prevention system (IPS) a traffic filtering device that works on pre-defined security signature sets, deep packet inspection technology and traffic anomaly detection.

The Cisco Intrusion Prevention System (IPS) and Cisco Intrusion Detecsion (IDS )protects the entire network usually by being deployed at the forced entry bottleneck in order to cater for all the critical traffic traversing the network. Because the IPS is positioned inline of the critical network traffic it can identify, and blocks known and unknown threats to your network, including:

Product Overview

Meet the industry’s first adaptive, threat-focused next-generation firewall (NGFW) designed for a new era of threat and advanced malware protection. Cisco® ASA with FirePOWER Services delivers integrated threat defense for the entire attack continuum - before, during, and after an attack - by combining the proven security capabilities of the Cisco ASA firewall with the industry-leading Sourcefire® threat and advanced malware protection features together in a single device. The solution uniquely extends the capabilities of the Cisco ASA 5500-X Series Next-Generation Firewalls beyond what today’s NGFW solutions are capable of.

Superior Multilayered Protection

Cisco ASA with FirePOWER Services brings distinctive threat-focused next-generation security services to the Cisco ASA 5500-X Series Next-Generation Firewalls and Cisco ASA 5585-X Adaptive Security Appliance firewall products. It provides comprehensive protection from known and advanced threats, including protection against targeted and persistent malware attacks (Figure 1). Cisco ASA with FirePOWER Services features these comprehensive capabilities:

●   Cisco ASA is the world’s most widely deployed, enterprise-class stateful firewall with remote access VPN and advanced clustering for highly secure, high-performance access and high availability to help ensure business continuity.

●   Granular Application Visibility and Control (AVC) supports more than 3,000 application-layer and risk-based controls that can invoke tailored intrusion prevention system (IPS) threat detection policies to optimize security effectiveness.

●   The industry-leading Cisco ASA with FirePOWER next-generation IPS (NGIPS) provides highly effective threat prevention and full contextual awareness of users, infrastructure, applications, and content to detect multivector threats and automate defense response.

●   Reputation- and category-based URL filtering offers comprehensive alerting and control over suspect web traffic and enforces policies on hundreds of millions of URLs in more than 80 categories.

●   Advanced Malware Protection provides industry-leading breach detection effectiveness, a low TCO, and superior protection value that helps you discover, understand, and stop malware and emerging threats missed by other security layers.

Unprecedented Network Visibility

Cisco ASA with FirePOWER Services is centrally managed by the Cisco FireSIGHT Management Center. Management Center provides security teams with comprehensive visibility into and control over activity within the network. Such visibility includes users, devices, communication between virtual machines, vulnerabilities, threats, client-side applications, files, and websites. Holistic, actionable indications of compromise (IoCs) correlate detailed network and endpoint event information and provide further visibility into malware infections.

Management Center also provides content awareness with malware file trajectory that aids infection scoping and root cause determination to speed time to remediation.

Cisco Security Manager provides scalable and centralized network operations workflow management. It integrates a powerful suite of capabilities; including policy and object management, event management, reporting, and troubleshooting for Cisco ASA firewall functions. For small-scale and simple deployments, the Cisco Adaptive Security Device Manager (ASDM) is available to provide on-device, GUI-based firewall network operations management.

Cisco’s enterprise-class management tools help administrators reduce complexity with unmatched visibility and control across NGFW