Cisco (NASDAQ: CSCO) takes on security bottlenecks, with the introduction of the Cisco Firepower® 2100 Series Next-Generation Firewall (NGFW). The 2100 series is designed for businesses that perform high volumes of sensitive transactions, such as banking and retail, and supports their need to maintain uptime and protect critical business functions and data. The series aims to end the industry tug of war between performance and protection – with incorporation of a new scalable architecture and improvements of up to 200 percent greater throughput to eliminate bottlenecks – from the Internet edge to the data center.
Cisco also is simplifying management of business’ security portfolios from device to the cloud with productivity and threat defense enhancements to tools that match their needs. These include Cisco® Firepower Device Manager for on-box requirements, Cisco Firepower Management Center for centralized security management needs, and Cisco Defense Orchestrator for cloud-based management.
“The Cisco Next-Generation Firewalls have been proven to be the most effective on the market, but we also know that businesses everywhere are struggling with a number of factors, including lack of talent and expanding attack surfaces, which can impact the effectiveness of even the best solutions. The New Cisco Firepower 2100 Series addresses these challenges, making it easier for enterprises to manage their architecture and ensure that they have the best performance at all times,” said Scott Manson, Cyber Security Leader for Middle East and Turkey, Cisco.
As businesses increasingly move to digital business models, cybersecurity solutions must scale to add new functions and address the latest vulnerabilities and threats without impacting application or network performance. Traditionally, this has not been the case. In fact, it is common that enabling intrusion inspection on a NGFW can slow throughput performance by up to 50 percent or more. This can have a significant impact on customer-facing web applications, such as ecommerce and online banking, which require top performance but also are often targeted by attackers. To ensure the best possible customer experience, some businesses turn off critical security capabilities putting themselves and customers at risk.
Proven Protection and Performance
The new Cisco Firepower 2100 Series provides businesses with the confidence to pursue new digitization opportunities, knowing they have a security architecture designed to protect against the greatest threats, without affecting the performance of critical business functions.
As the industry’s first architecture with dual multicore CPU complexes that accelerate key cryptographic, firewall, and threat defense functions, the 2100s are purpose-built to meet customers’ ongoing protection and performance needs without compromise. The Cisco Firepower 2100 Series delivers up to 200 percent greater throughput than similarly priced offerings, even when threat inspection is turned on.
The new Cisco Firepower 2100 Series NGFW is a family of four threat-focused NGFW security platforms (2110, 2120, 2130, and 2140) that deliver throughput ranges from 1.9-8.5 Gbps, for enterprise use cases from the Internet edge to the data center. Each delivers Cisco’s renowned reliability for network uptime, and twice the port density with 10 GbE connectivity in a compact 1RU design.
Simple, Effective Management
High-profile breaches have illustrated that management can be the Achilles heel of protection. Misconfiguration and missed alerts pose challenges for security teams as noted in the Cisco 2017 Annual Cybersecurity Report (Fig. 52). To combat this, Cisco has enhanced local, centralized, and cloud-based management tools that allow customers to streamline operations and more cost-efficiently address unique enterprise user requirements.
- Firepower Device Manager: Features an on-box web-based interface to deploy Cisco Firepower NGFW devices in minutes, with the use of a guided set-up wizard.
- Firepower Management Center (FMC): Enables simple and comprehensive security administration of multiple appliances. New FMC appliances offer a 50 percent increase in management scalability over previous models. Further simplifying and improving protection, the FMC enables users to automate security tasks, including assessment, tuning, correlation, containment and remediation. With the Cisco Threat Intelligence Director (TID), using industry standards FMC can now also automatically take in and correlate third-party and customer-specific threat intelligence providing additional defense via security sensors on your network.
- Cloud Defense Orchestrator: Delivers simple, cloud-based policy management. This tool allows teams to streamline and scale security policy management, designing and deploying policy uniformly across an organization. CDO now offers support for Web Security Appliance v.11 and is now available via a European cloud.