Cisco Security and Elastica

Elastica is part of Symantec which is a business division of Boradcom.

Product Integrations

ISE: The Elastica CloudSOC platform enables companies to confidently leverage cloud applications and services while staying safe, secure, and compliant. Leveraging advanced data science and machine learning, CloudSOC taps real-time user traffic, native SaaS APIs, and other data sources to provide a single pane of glass for monitoring and controlling SaaS apps. Elastica Integration between Cisco ISE and Cloud Access Security Brokers gives administrators deeper visibility, security, and control over access to cloud resources. *Elastica was acquired by Symantec (via BlueCoat).

Secure Endpoint: The Secure Endpoint integration enables collection, analysis and correlation of Secure Endpoint events and alerts with Elastic Security. Correlate EDR alerts with security data from cloud, network and other data sources.

Secure Firewall: The Secure Firewall integration provides Elastic Common Schema mappings and dashboards for Secure Firewall and Secure Firewall ASA data, including network traffic, VPN, authentication, and system events.

Secure Firewall ASA: The Secure Firewall ASA integration provides Elastic Common Schema mappings and dashboards for ASA and FTD data, including network traffic, VPN, authentication, and system events.

Secure Email: Leverage data from Cisco Secure Email Appliance within Elastic Security, including AMP Engine, Anti-Spam, Authentication, Bounce, HTTP, Textmail and System logs.

Umbrella: Access users’ DNS, firewall and secure web gateway activity in Elastic. Correlate Umbrella data with security data from cloud, network and endpoint data. Ingestion of data via self-managed and Cisco-managed S3 are both supported.

Duo: Gain visibility and detect unusual authentication and SSO activity with the Cisco Duo integration. Easily onboard Duo logs into Elastic including Administrator, Authentication, Offline Enrollment and Telephony logs.