What if you could effectively secure your entire production network? With Cisco® threat-centric security solutions for service providers, you can protect your carrier network infrastructure; mobile, cloud, and video networks; plus your data center and corporate IT environments.
The growth of video, mobility, the Internet of Everything (IoE), and cloud services presents both business opportunities and security challenges. To monetize the new opportunities, you’re adopting open and programmable network architectures. They’re helping you increase your business agility and lower your costs. But cyber adversaries are exploiting the growing attack surface presented by new services, expanded network connections, and device proliferation.
Legacy security approaches have not kept pace with evolving network architectures or the changing threat landscape. Until now, the only viable security approach for service providers has been to deploy scalable point solutions. But this approach is costly. It also hinders the dynamic protection of workloads and data flows across physical, virtual, and cloud environments.
And point solutions are difficult to integrate, leaving gaps in threat visibility and correlation. This makes it very challenging to identify, contain, and remediate sophisticated threats. And to do all that without inhibiting service delivery, network flexibility, speed, or scalability.
Cisco threat-centric security solutions are integrated within Cisco’s open network architecture for service providers. It is designed for web-speed agility. Its open, elastic, and application-centric network infrastructure protects you and your customers from advanced threats.
Enhanced agility: Get responsive security protection with rapid provisioning. Automatic adjustments are made for changing workloads and threats. By allowing security to dynamically follow workloads and data flows, you can take full advantage of open and programmable networks. You’ll avoid the problems that traditionally unintegrated security services present. In addition, Cisco’s security-as-a-service solutions can offer best-in-class, flexible, and scalable private, public, and hybrid cloud security services help you achieve faster time to value and rapidly provision differentiated security services to your customers.
Reduced expense: Cisco and our partners are integrating security services to reduce your burden of costly integration projects. Our dynamic orchestration eliminates the need for overprovisioned, unintegrated, and manually administered security services. Consistent central policy management reduces risk and lowers both operating costs and capital expenditures on infrastructure. Cloud security as-a-service solutions allow you to deliver highly cost-effective managed security services. You can better serve customers who face challenges in maintaining a secure infrastructure, complying with regulatory requirements, and controlling costs, and who experience a shortage of security expertise. And you’ll provide always-up-to-date security protection while offloading security management operations.
Increased revenue: As enterprises move to the cloud, service providers like you have an unprecedented opportunity to profit from the trend while better meeting your customers’ security, management, and budget requirements. You can deliver simple, open, automated and effective, security-enabled services to create incremental revenue streams.
Cisco Threat-Centric Security Solutions for Service Providers
Cisco threat-centric security solutions can help you enforce effective security everywhere across a production network and corporate IT.
Our advanced security solutions provide visibility and protection across your extended network before, during, and after an attack (Figure 1).
● Network security and data center solutions protect high-value data and data center resources with threat defense, highly secure virtualization, segmentation, and policy control features.
● Cisco Advanced Malware Protection (AMP) analyzes attacks and hidden exploits retrospectively and adapts automatically to emerging threats. It boosts protection before an attack, responds effectively during an attack, and remediates faster after an attack.
● Through our partnership with Arbor Networks, we’ve integrated virtual distributed denial-of-service (vDDoS) protection with our ASR 900 Series Aggregation Services Routers. Arbor vDDoS protects against volumetric, state exhaustion, and application layer DDoS attacks.
● Highly secure content gateway solutions deliver critical protection against constant, dynamic, and rapidly evolving email and web threats.
● Access and policy management solutions control access and segment traffic. They manage consistent policies based on advanced visibility and context across the extended network.
● Highly secure mobility and endpoint solutions provide consistent and context-aware security services for your infrastructure, endpoints, and data while empowering employees to work on devices anywhere and anytime.
Figure 1. Cisco’s Threat-Centric Security Model
Our unique security approach delivers consistent security policy across physical, virtual, and cloud environments. It combines the power of open and programmable networks with a deep integration of Cisco and third-party security services. You can strengthen and automate your threat intelligence to detect, analyze, and respond to attacks as workloads are dynamically provisioned and shifted across topologies.
Additionally, you can extend these security capabilities as service offerings. Your customers can strengthen their businesses and reduce their demand on resources while you protect them from advanced threats before, during, and after an attack.
Security is a foundational building block of Cisco’s open network architecture for service providers, which includes the Evolved Programmable Network and Cisco Evolved Services Platform (Figure 2). Our approach meets the security challenges that have plagued older architectures and have put service providers, customers, and their data at risk.
Figure 2. Security for Open and Programmable Networks
Cisco’s Threat-Centric Security Products for Service Providers
Cisco provides one of the industry’s most comprehensive advanced threat protection portfolios. Our threat-centric and operational approach to security reduces complexity while providing superior visibility, continuous control, and advanced threat protection across the extended network and the entire attack continuum. Offerings include:
● Firewalls and next-generation firewalls
● Next-generation IPS
● Advanced Malware Protection
● Web Security
● Email Security
● Cisco Identity Services Engine
● Cisco ASR 9000 vDDoS Protection
The Cisco Firepower™ 9300 Security Appliance (Figure 3) and Cisco Firepower 4100 Series appliances (Figure 4) are carrier-class, multiservice security platforms that are purpose built for service providers. They provide tight integration of best-in-class security applications from Cisco and third parties. They offer unprecedented performance and scaling along with advanced orchestration and management. These products deliver high performance and scalable security. Their features include the Cisco Firepower next-generation firewall along with Cisco next-generation IPS, Cisco AMP, URL filtering, and Cisco ASA firewalling with Radware DefensePro DDoS mitigation.
Figure 3. Cisco Firepower 9300
Figure 4. Cisco Firepower 4100 Series
Cisco cloud security-as-a-service solutions can help you offer cloud-based, customer-premises-equipment-based, and hybrid security services to multiple customers from one platform. You gain economies of scale by operating services for multiple customers from a multitenant service-delivery platform. You can reduce expenses while maintaining competitive prices and offering new revenue-generating services.
The Cisco Hosted Security as a Service (HSS) solution is based on a Cisco virtualized multiservice data center architecture. This architecture allows the service providers to deliver bundles of cloud services, including security, collaboration, infrastructure as a service (IaaS), and application services. Cisco HSS helps you to host and operate virtual security appliances in the cloud. You can deliver managed security services and offer multiple services—such as email protection, web protection, and firewall services—to each business customer from a single multitenant service delivery platform.
The Cisco Virtual Managed Services solution provides a rich set of highly secure cloud-based network services. You deliver this through pre-packaged software over any access technology, including cloud VPN, for the automated and flexible delivery of highly secures VPN and Internet access services. Complementing these services are an open, modular set of firewall, network address translation (NAT), intrusion prevention, content filtering, and web and email security applications. And you get cloud security for the open, modular delivery of hosted firewall, NAT, intrusion prevention, content filtering, web and email security applications. Your business customers access these through your wide-area network (WAN) and data center interconnect (DCI) infrastructure.
Cisco provides threat-centric security solutions that protect your workloads as they are provisioned and distributed across physical, virtual, and cloud environments. With consistent security policy and orchestration across topologies, Cisco and third-party partners can deliver highly effective security in open and programmable networks. We are the first vendor to tightly integrate both our own and partner best-in-class security services into a carrier-class, Network Equipment-Building System (NEBS)-compliant platform. This includes our proven threat-centric security solutions. These provide unprecedented performance and scaling, deep threat correlation and integration, and advanced orchestration and management from a multiservice and multivendor security platform.
Cisco is disrupting the market. The days of overprovisioned, manually configured, and unintegrated security services are coming to an end. Security is a pillar of our EPN and ESP capabilities for service providers. Stronger security facilitates the full realization of open and programmable networks that reduce costs and enable new revenue streams.
To learn more, contact your local Cisco account representative or visit:
● Cisco service provider security solutions
● Cisco security products and solutions
● Cisco service provider products and solutions