Integrated Branch Threat Defense

Move to Direct Internet Access

Learn how to ensure better application experiences and secure your branch.

Move to Direct Internet Access

Integrated Defense for Branch and Remote Offices

Use your branch router to safeguard your network from advanced threats and help you meet regulatory compliance.

Today's distributed enterprises are facing increased pressure from their branch offices for direct Internet access (DIA) to take advantage of local Internet paths. DIA at the branch reduces IT spending and helps to ensure a better user experience, but it may come with a cost, as the branch could expose security vulnerabilities. Also, having router security at the branch helps to prevent internal threats from propagating to headquarters and other branches.

Guest User Wi-Fi

  • Route guest user traffic directly to the Internet while backhauling your corporate traffic to headquarters. In this way, guest traffic won't pose a threat to your corporate environment and you can help ensure appropriate usage of the Wi-Fi network to avoid liability

Access to the Public Cloud or Partner Sites (Partial DIA)

  • Only selected types of traffic or applications can use the local Internet path. A combination of technologies, such as firewall, content inspection and filtering, and malware protection give you multilayered protection from unauthorized network access, web-based threats and malware

Full Direct Internet Access:

All traffic is routed to the Internet using the local path. This helps to ensure enterprise-class protection from enterprise-class threats.

Cisco Integrated Services Routers and Cisco Cloud Services Routers help you meet the additional network security requirements that Direct Internet Access at the branch poses, without the cost of deploying additional appliances in your network. With Cisco ISR and CSR 1000V, you can also meet PCI DSS and other regulatory compliance at the branch.

IOS Zone-Based Firewall

Get perimeter control and stateful inspection. In combination with Cisco TrustSec, it provides a straightforward method for traffic segmentation in guest Wi-Fi use cases.

Cloud Web Security

Take advantage of industry-leading content filtering with web and file reputation, inspection, and advanced malware protection (AMP) in all the scenarios where web filtering and web-based protection is required.

Snort IPS, Integrated IPS, and FirePower Next-Generation IPS

Build branch and remote-site threat protection right into your Cisco Integrated Services Router (ISR). That helps you comply with Payment Card Industry Data Security Standard (PCI DSS) and other industry security mandates, without having to buy special hardware.

FirePOWER Threat Defense on Cisco ISR routers

Get industry-leading multilayered threat protection with real-time contextual awareness, full-stack visibility, and lower cost of ownership through intelligent security automation.

Additional Links

Cisco IOS Software on Cisco ISRs and WAN aggregation routers offers a suite of threat defense technologies including: