Solutions » Security » Protection and Inspection of traffic flow

Why should you use Cisco firewalls?

 

In 2018, it has been concluded that cyberattacks are getting more and more sophisticated and rapidly increasing in numbers. What current firewall users need are features and capabilities to help with managing the growing velocity and complexity of cyber risks with higher proficiency level.

Cisco has engineered their Next-Generation Firewall (NGFW) to do so much more than just access control. Cisco Next-Generation Firewall also prevents network breaches by utilizing the most sophisticaed threat intelligence available (maintained and developed by Cisco’s Talos team which consits of more than 250 full-time threat researchers and security experts). The purpose of Cisco Talos is collection and analysis of information about threats (both existing and developing ones) which are present in today’s network environment. Through Cisco Talos, Cisco firewall users were automatically protected. Also, prevention is not the only goal of Cisco NGFW, but also the opportunity to have superior network visibility to quickly detect and stop threats.

One of many advantages of Cisco NGFW is both the ability to provide more capabilities than just access control, but also the fact that Cisco’s security products are all designed to work together. Simply put, this adds to justification for investing in Cisco’s firewalls because of the interoperability between various Cisco security devices. Cisco NGFW works well with Cisco AMP (endpoint security), Cisco ISE (identity services) and other Cisco tools. Practically, all of these security tools share and correlate threat intelligence, policy information and event data automatically, which means that when one of those tools detects a threat in one place, the entire system of security tools can synergize and automatically eliminate the threat.

Cisco firewalls appeal to a broad range of customers. NGFW meet the need of SMBs, large businesses , large enterprises, data center environments etc. Whatever the size and profile of your company is, Cisco can provide the best NGFW for you!

In the table below is a quick overview of Cisco NGFW:

 

Model

ASA 5500-X with FirePOWER services

 

Firepower 2100 series

Firepower 4100 series

Firepower 9000 series

 

Cisco ASAv

 

Cisco NGFWv

 

Meraki MX series

 

Throughput

256-1750 Mbps

2.0-8.5 Gbps

12-30 Gbps

Up to 225 Gbps

100 Mbps to 10 Gbps using 1 to 16 GB of memory

1.2Gbps for Firewall + AVC, 1.1 Gbps AVC+IPS

250 Mbps for 6 Gbps

For who?

For small to medium business and branch offices

For Internet edge to data center environments

For Internet edge, high performance environments

For service providers, data center

Optimized for cloud and data center environments

Optimized for cloud and data center environments

Cloud-Managed UTM for distributed environments

Threat inspection speed

125-1250 Mbps

2.0-8.5 Gbps

10-24 Gbps

Up to 90 Gbps

-

-

-

Other characteristics

Stateful firewall, Application Visibility and Control, NGIPS, Advanced Malware Protection, URL filtering

Stateful firewall, Application Visibility and Control, NGIPS, Advanced Malware Protection, URL filtering

Stateful firewall, Application Visibility and Control, NGIPS, Advanced Malware Protection, URL filtering ,DDoS

Stateful firewall, Application Visibility and Control, NGIPS, Advanced Malware Protection, URL filtering ,DDoS

Support for VMware, KVM, Hyper-V hypervisor, ASA stateful firewall, VPN, support for AWS, Azure and Azure government cloud

Support for VMWare, KVM and Hypervisor, Built-in SD-WAN, Stateful firewall, Application Visibility and Control, NGIPS, Advanced Malware Protection, URL filtering, VPN, support for AWS, Azure and Azure government cloud

Built-in SD-WAN, Stateful firewall, Application Visibility and Control, NGIPS, Advanced Malware Protection, URL filtering

 

What is, actually, a NGFW?

 

 

Throughout the years, firewalls have evolved from simple traffic filtering and inspection to blocking modern network threats, like advanced malware and application-layer attacks. By definition, NGFWs must have:

  • Standard Firewall characteristics
  • Integrated intrusion prevention
  • Upgrade paths
  • Application awareness to control and block ones that are risky
  • Techniques to manage security threats

Cisco gives you the opportunity to simply migrate from Cisco ASA traditional Firewall to new NGFW using the Cisco NFGW Migration Tool. That which Cisco NGFW’s offer you, if you decide to buy one, is:

  • Advanced security and breach prevention – Your Firewall should do everything in its power to make your enterprise secure even when attacks come through. In that case, a quick reaction is necessary to rapidly eliminate malware from the system, given the fact that malware has passed through your front-line defences
  • Network visibility – In every moment, you should be able to see what is happening on your network, so that you can stop everything that you consider inappropriate behavior on your network.
  • Flexibility in management and implementation – Cisco NGFW completely adapt to your system, regardless of whether you’re a big enterprise, or an SMB
  • Shortest detection time – NGFW detects threats in a matter of seconds, breaches in just a few hours or minutes, while the current industry standard is between 3 and 6 months
  • Cooperativity with other security tools – Your NGFW will never be alone. If you already have Cisco security tools, your NGFW will communicate and cooperate with it so that the effect of all tools is maximized