Simplified Security with Purpose-Built Networking for Advanced Threat Detection
Have you ever looked at your switch and wondered what is going on inside there? It hums, at times it buzzes, and it has a few blinky lights, but what is it really doing? Are you able to understand what types of traffic are being sent to and fro? And do you ever wonder if any threats are lurking within? Of course you have; we all know that threats are everywhere and can be anywhere within our network at any point in time. I mean, we have extensive networks, with a lot of places to get in and even more places to hide. Our networks extend across the enterprise, branch, campus, data center, and, of course, into the cloud. Obtaining deep knowledge of your traffic by deploying a sensor or probe at each location isn’t always possible. And this lack of visibility is often a barrier to shining a light on what’s lurking within.
Cisco is the recognized leader in networking. We are also the world’s largest security vendor, so it makes sense that we would tackle this problem head-on. And we have. But not with “bolt-on“ security as an afterthought that results in one more box, increased investment, and at times increased complexity. Within our Catalyst 9200 and 9300 Series switches, we now have built-in security functions that enable telemetry to be gathered and analyzed in the cloud by Cisco Secure Cloud Analytics (formerly Stealthwatch Cloud). The ability is there, just waiting to be turned on.
Why have we done this? Simplicity and network protection.
Two reasons pop to mind—one is simplicity. We need to simplify the way we do security. For years we have been talking about the challenges involved in bolting on security. Rerouting traffic causes bottlenecks and throughput issues, slowing everything down and putting a damper on the user experience. The complexity that comes with adding more security solutions in a layered approach isn’t helping anyone but the attackers. We know that we need to take a platform approach to integrate our security solutions, so that we can improve detection and automate our response, if we want to stay ahead of the malware economy. I mean, if you haven’t noticed, the arms race in network security is heating up, and threat actors are well motivated to win.
Second, we need comprehensive protection across the entirety of the network. If we are going to help our customers obtain this protection, we have to acknowledge the barriers to achieving it. And we need to ask how we, as Cisco, can lead the way in removing these barriers. Our engineering team recognized that deploying another box, probe, or even VM at each location in the distributed network was no longer feasible. Customers have enough “things” to deal with in their networks. So we went to the source, the switch, and built in the ability to gather and send telemetry to the cloud to detect advanced persistent threats.
Sounds great, but what will this get you? Catalyst 9200 and 9300 Series customers will now be able to gain SaaS-based threat detection across the entirety of their network. Regardless of whether it is on-premises or in the cloud, you can add this capability without any increased complexity. Customers have reported deploying Secure Cloud Analytics in under two hours without this integration. Now we have made it even easier.
How do we do this?
Secure Cloud Analytics can ingest telemetry from both the on-premises infrastructure and public cloud environments to identify the device and establish a baseline of normal behavior. With the use of Cisco’s dynamic entity modeling, we continually observe the behavior of all your network entities and alert you to any abnormal behavior as well as identify known threats. And if that isn’t enough, Secure Cloud Analytics is also backed by Cisco Talos, the largest nongovernmental threat intelligence organization globally, which offers supervised detections and immediate alerts based on global threat intelligence. And it all just needs to be turned on. It’s a lightweight, simple–to–configure solution that speeds the time to value and gets you detecting and responding to threats in a few hours.
What if you don’t have Catalyst 9200 or 9300 Series switches across your entire infrastructure? Secure Cloud Analytics is easy to deploy with a lightweight collector across your existing infrastructure to reap all the same benefits. With a 90-day trial and everything stored in the cloud, getting started is “easy-peasy lemon squeezy.” To learn more about the solution, visit our webpage and request a trial today.
To learn more about this topic and other innovations that unify threat detection, visit the Innovation Insights hub.
Share: