Unyielding Defense: Cisco Firewall Achieves AAA Rating From SE Labs
Organizations must protect their networks and have confidence that their first line of defense can stop sophisticated threats. By selecting a firewall integrated with current, global threat intelligence, organizations can quickly identify and block both advanced attacks and exploits of common vulnerabilities. Enter Cisco Secure Firewall 4225, which demonstrated exceptional performance in SE Labs’ rigorous Advanced Security Test, scoring 100% in protection accuracy.
Quickly detect and stop attacks
SE Labs attempted a full breach where testers simulated attacks orchestrated by notorious hacking groups like APT29 and Scattered Spider. These groups are known for their relentless and sophisticated attack strategies, often targeting high-profile sectors such as government, military, and telecommunications. Testers attempted to move across the attack chain to steal sensitive information, damage systems, or move laterally and connect to other network systems.
In all cases with Cisco Secure Firewall, threats could not move beyond the earliest stage of the attack chain. It detected and neutralized all simulated threats before they could execute any malicious actions or cause harm, resulting in 100% protection accuracy. This score was achieved with TLS decryption enabled, demonstrating the powerful efficacy of our industry-leading decryption capabilities that improve security without compromising performance. Because testers had no visibility into their target to probe for vulnerabilities, they could not use the target as a launch pad for lateral movement.
In all cases with Cisco Secure Firewall, threats could not move beyond the earliest stage of the attack chain.
Award-winning threat detection
To achieve 100% protection accuracy, Secure Firewall was scored according to a points system that counted its ability to detect and block every attack with optimal efficiency. For example, during testing, if malware runs on the target (even for a short time) before it is detected and blocked, the protection accuracy score drops.
Benign files were interspersed with threats to measure false positive rates, an indicator of how well a vendor has tuned its detection engine. Out of 75 samples, 74 were accurately identified as benign. With three classified as unknown, and according to SE Labs’ weighting system, Secure Firewall achieved a rating of 91%.
The firewall’s impressive Total Accuracy Rating of 95% earned it the prestigious AAA award from SE Labs. This report follows our recent Best Next Generation Firewall Award from SE Labs for Cisco Secure Firewall, our second year in a row receiving this excellent recognition.
Balancing security with business continuity
Cisco has spent the last few years developing and optimizing firewall capabilities for an encrypted world. Our Field Programmable Gate Array (FPGA) component implements an industry-first flow offload engine to decrypt and encrypt TLS traffic in hardware.
For TLS sessions that cannot be decrypted, Cisco adds another layer of protection with its Encrypted Visibility Engine (EVE). EVE leverages behavioral analytics and machine learning to detect malicious outbound communications even within encrypted traffic. Our customers see value in these innovations because they can implement security best practices for encrypted traffic while ensuring operational efficiency.
A proactive approach to stopping threats
Fortified by the intelligence of Cisco Talos, one of the largest commercial threat intelligence teams in the world, Cisco Secure Firewall stays ahead of modern threats. Talos identifies emerging threats and vulnerabilities, then integrates those findings into Cisco products like Secure Firewall.
With Snort 3 and ClamAV detection engines from Talos, Secure Firewall can flag malicious domains, IPs, and file hashes, providing critical intelligence to security controls. Talos’ reputation tools allow Secure Firewall to detect brand spoofing, malicious senders, and identify phishing campaigns or malware.
Further enhancing the efficacy of Cisco’s firewall, Talos now offers SnortML, a threat detection engine designed to proactively identify zero-day vulnerabilities. The system finds patterns in common vulnerability types that are often used by threat actors for initial access: command injection, code injection, and SQL injection. SnortML identifies when payloads match a particular vulnerability class, even if there are variations (which previously would have classified it as a zero-day attack).
View the SE Labs Report
Cisco Secure Firewall is one of the enforcement points of Cisco’s Hybrid Mesh Firewall, a highly distributed security fabric with intelligent centralized management that makes it easy for organizations to protect their applications wherever they live. For an in-depth look at the real-world threats and tactics our firewall was tested against, explore the report.
Experience our firewall in action
Want to give it a try? Join the Cisco Secure Firewall Test Drive, an instructor-led 4-hour security course, allowing you to gain firsthand experience with Cisco firewalls, and discover the new techniques of attackers that have changed the network security needs.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Security Social Channels
Instagram
Facebook
Twitter
LinkedIn
Share:
