About Multicloud Defense
Multicloud Defense (MCD) is a comprehensive security solution consisting of two primary components: the Multicloud Defense Controller and Multicloud Defense Gateway. These components collaborate to establish a secure multicloud environment
Multicloud Defense currently supports Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), and Oracle OCI cloud accounts. The range of support for these platforms vary.
In essence, Multicloud Defense offers a sophisticated and streamlined security framework, harmonizing controller orchestration, gateway communication, and optimized datapath processing for a robust and efficient multicloud protection mechanism.
This documentation has been prepared for practitioners who have a basic understanding of public cloud networking and security concepts, and participate in various functional teams, including:
-
Development Operations (DevOps and DevSecOps)
-
Security Operation Centers (SOCs)
-
Security Architects Info
-
Sec Architects Cloud Architects
For more information on the components of this product, continue reading.
Additional Information
You can find additional information about Multicloud Defense in the following documents:
Recommended Versions of Multicloud Defense Components
We recommend keeping your components up to date with the latest upgrades and updates for enhancements and new features, as well as bug fixes. For more information on what updates and upgrades are available, and what each package addresses, see the Cisco Multicloud Defense Release Notes.
Third Party Product Support and Versioning
Multicloud Defense utlilizes additional products and functions. For optimal operations, consider using the appropriate versions listed.
Internet Browsers
We support and recommend the following internet browsers for Multicloud Defense components:
Browser |
Supported |
---|---|
Chrome |
Yes. We strongly recommend this browser. |
Firefox |
Yes. |
Edge |
Yes. |
Safari |
Yes. |
Inernet Explorer |
Yes. |
Instance Metadata Service For AWS
The Instance Metadata Service (IMDS) is used to access instance metadata from an Amazon EC2 instance. The Multicloud Defense Controller version 23.10 sets up IMDSv2 to be Required or Optional depending on the corresponding Multicloud Defense Gatewayversion.
We strongly recommend upgrading to a Multicloud Defense Gateway version that specifically supports IMDSv2 in the Required mode for optimal security with Amazon EC2 instances.
Note |
The Multicloud Defense Controller version 23.10 forces Multicloud Defense Gateway versions 23.04 and later to default to IMDSv2 for EC2 instances. |
Use the table below to determine which IMDS version will be setup inside the EC2 instance for your environment:
Multicloud Defense Gateway Version |
Required IMDS Version |
---|---|
23.08 |
IMDSv2 (required) |
23.06 |
IMDSv2 (required) |
23.04 |
IMDSv2 (required) |
23.02 |
IMDSv1 IMDSv2 (optional) |
22.12 |
IMDSv1 IMDSv2 (optional) |
For more information on IMDS versions and how to migrate to the version of your choice, see AWS documentation.
Supported Disk Size
Consider the following disk size support for the appropriate gateway versions:
Gateway Version |
Supported Disk Size |
---|---|
23.12 and later |
128GB |
up to 23.10 |
256GB |