Cisco is delivering on its promise of the AI-driven Cisco Security Cloud to simplify cybersecurity and empower people to do their best work from anywhere regardless of the increasingly sophisticated threat landscape. Cisco is investing in cutting-edge artificial intel that will empower security teams by simplifying operations and increasing efficacy.
With Cisco Secure Access, Cisco’s new SSE solution, decisions about how users connect to applications are handled behind the scenes, so they get to what they want more quickly. The result is users who are more secure with less hassle.
Highlights of Cisco Secure Access include:
• Common Access Experience: Delivers a single, easy way to access all applications and resources (not just some) by intelligently and securely steering traffic to private and public destinations without end-user intervention.
• Single, Cloud-Managed Console: Simplifies security operations by converging multiple functions into one easy to use solution that protects all traffic. Instead of managing a broad set of tools, administrators, and analysts can go to one place to see all traffic, set all policy, and analyze security risks. This translates into efficiency gains, cost reductions, and a flexible IT environment.
• Faster Detection and Response: Provides analysis to speed up investigations and is backed by Cisco Talos AI-driven threat intelligence to detect and block more threats.
Cisco is collaborating with leading mobile device vendors to create the safest and best user experience no matter where users work. Cisco collaborated with Apple to incorporate Zero Trust Access (ZTA) capabilities powered by
Cisco Secure Access into a native experience on iOS and macOS, making secure access to applications pervasive while making it simpler for IT and more secure for everyone.
Cisco Secure Access is taking a hybrid Points of Presence (POP) approach with Cisco Data Centers and public cloud providers to rapidly extend global reach for our customers. As part of the Cisco Security Cloud, it leverages capabilities from the rest of the Cisco security and networking portfolio, including embedded network visibility from Cisco ThousandEyes, and can be easily integrated with solutions from third-party vendors. Cisco Secure Access will be in limited availability starting in July 2023 and will be Generally Available in October 2023.
Generative AI to Improve Threat Response & Simplify Security Policy Management
Cisco is previewing the first generative AI capabilities in the Security Cloud. Today, most organizations have a patchwork of security products, forcing teams to set and maintain extremely complex security policies as well as track and remediate threats across numerous solutions.
• Reduce Policy Complexity: The Cisco Security Cloud will leverage a generative AI-powered Policy Assistant that enables Security and IT administrators to describe granular security policies and evaluate how to best implement them across different aspects of their security infrastructure. For the first implementation, customers will be able to reason with Cisco’s AI Assistant to evaluate and produce more efficient firewall policies. It will leverage customers’ existing rulesets in Cisco Secure Firewall Management Center to drive unmatched efficiency without sacrificing granular control and will be available later this year.
• Quickly Detect and Remediate Threats: Cisco’s SOC Assistant will support the Security Operations Center (SOC) to detect and respond to threats faster. When an incident occurs, the assistant will contextualize events across email, the web, endpoints, and the network to tell the SOC analyst exactly what happened and the impact. Analysts can then interact and reason with the assistant to determine the best remediation approach leveraging an extensive knowledgebase of potential actions while also taking into account the analysts input. Cisco first shared the concept at RSA Conference 2023 and is excited to share that the event summarization feature will be available by the end of calendar 2023 with the remaining capabilities in the first half of calendar 2024.
Network Security Bolstered for Hybrid Work
The world is hybrid, and users require seamless connected experiences at the office and on the road.
As the demands of the firewall as the foundation of the security stack continue to expand, the new Cisco Secure Firewall 4200 Series raises the bar for performance and flexibility with cryptographic acceleration, clustering and modularity.
Running the new 7.4 version of the operating system, Secure Firewall 4200 features:
• AI and ML-based encrypted threat blocking without decryption.
• An evolution of Zero Trust Network Access (ZTNA) with complete threat inspection and policy for each individual application.
• Simplified branch routing that brings security, control, and visibility to traffic from remote offices to applications in hybrid datacenters.
Cisco Secure Firewall 4200 Series appliance will be generally available in September 2023 supporting the 7.4 version of the operating system. The 7.4 OS will be generally available for the rest of the Secure Firewall appliance family in December 2023.
Cisco is also proud to announce Cisco Multicloud Defense following its recent acquisition of Valtix. Multicloud Defense extends the traditional firewall concept into a service-oriented, multicloud world. SecOps teams can now manage security across AWS, GCP, Azure, and OCI with a single policy, in real-time, from a single SaaS platform. In addition, teams can rapidly spin up security for any cloud environment, leading to increased security and efficiency. Cisco Multicloud Defense is available today.
Cloud Application Security
Cisco is delivering an integrated approach to secure cloud native applications from code to cloud with new capabilities in Panoptica, Cisco’s cloud native application security solution. Adding to the Cloud Workload Protection (CWPP) that Panoptica currently provides, Cloud Security Posture Management (CSPM) will be available starting Fall 2023 to deliver continuous cloud security compliance and monitoring at scale, giving customers visibility into their entire inventory of cloud assets, including Kubernetes clusters. In addition, a new attack path engine that uses graph-based technology to deliver advanced attack path analysis will help security teams quickly identify and remediate potential risks across cloud infrastructures. Further, Panoptica’s integration with Cisco’s Full Stack Observability portfolio provides real-time visibility to prioritize business risks. These integrated capabilities will help security and developer teams alike gain the visibility, control and actionable intelligence required to protect dynamic cloud applications and infrastructure.
