SecureX is now a year old, with numerous releases delivered, dozens of integrations, and thousands of active customers that rely on it to simplify security and investigate threats faster. Cisco Secure Firewall protects hundreds of thousands of networks and Snort IPS have over a million deployments around the world. Together the breadth, variety, and capability of Cisco Security’s platform approach mean you can depend on these solutions to protect you and deliver more value with your security investment.
With the Firewall Threat Defense 7.0 release, the Cisco Secure Firewall and SecureX integration have three significant new enhancements that drive security efficiency:
- The power of SecureX Most apparent, the SecureX ribbon is incorporated into the Firewall Management Center (FMC) user interface. When you’re in FMC, you get a summary view, and you can instantly pivot in SecureX for deeper invention as necessary.
- SecureX orchestration of FMC, The SecureX integration now adds orchestration to what had previously a data exchange mechanism, empowering you to automate FMC activities. Now, the SecureX Security Services Exchange (SSE) acts as an API gateway, enabling SecureX Orchestrator to invoke FMC API calls.
- Four new workflow playbooks. Download them today and address common use cases for observable actions, remediations, and incident endpoint enrichment. Find these new workflows, and more, at ciscosecurity.github.io/sxo-05-security-workflows/workflows/secure-firewall/
Let’s talk details
FMC is much more than a “manager” — it enhances security visibility and response. The traffic of interest generates events and intelligence for further investigation. As well, it’s a full-featured and scalable tool driving network security policy, eventing, and systems management.
Why does this matter? For example, perhaps the movement of Cybersecurity Maturity Model Certification (CMMC)-relevant files with Controlled Unclassified Information (CUI) content needs to be tracked, or some suspiciously obfuscated communications are discovered. With the new SecureX ribbon, relevant IOCs and other data points can be captured and correlated with sightings from homegrown, open-sourced, and partner-found equivalents.
SecureX’s value-add within FMC is pervasive. Every screen now has the ribbon option. The ribbon sits unobtrusively at the ready for your use. Just imagine…
- Reviewing hits from your TAXII delivered OSINT feeds within FMC. Capture those matches, and identify additional corresponding hits from other tools using a diversity of threat feeds.
- Wondering about a file that is propagating throughout your remote branch office? Capture that hash and see if other tools have seen the same file elsewhere.
- Is something in your guest network probing your Active Directory admin port? Has it reached out to suspicious sites?
These questions, and more, can be answered with the communal power of the Cisco security portfolio and partners, brought together by the SecureX platform – and shown live in your FMC interface.
Source: blogs.cisco.com Credit@ Robert Albach