SlideShare a Scribd company logo

Cisco firepower ngips series migration options

Download as DOCX, PDF
IT Tech
IT Tech

Upgrade your customers to Cisco Firepower NGIPS today to help them protect their network, users, applications, and information assets.

Technology
1 of 4
Cisco Firepower NGIPS Series Migration Options Strengthen Your Network Defenses It’s no secret that today’s attackers have the resources, expertise, and persistence to compromise any organization at any time. Traditional defenses are no longer effective. Many people think that with the adoption of a next-generation firewall (NGFW), that they no longer need a stand-alone intrusion prevention system (IPS). That’s simply not true. A “true” NGIPS can provide visibility, threat detection, threat response, and malware discovery. And it can do all that in areas of your network that remain off-limits to firewall inspection and controls. Safeguarding your network assets and data from today’s threats requires detailed visibility into all your network layers and resources. 1. It requires comprehensive, and up-to-date security intelligence. 2. It requires a dynamic approach that uses awareness and automation to adapt to new threats, new vulnerabilities, and everyday network changes. 3. It requires Cisco Firepower NGIPS (Next-Generation Intrusion Prevention System) threat appliances. The Cisco Firepower NGIPS threat appliance provides industry-leading visibility and threat efficacy against both known and unknown threats. Cisco Firepower NGIPS stops threats by using:
• More than 30,000 IPS rules that identify and block traffic trying to exploit a vulnerability in your network • Reputation-based IP, URL, and DNS security intelligence that can shrink the attack surface by identifying malicious sites • A tightly integrated defense against network-based advanced malware attacks • An integrated sandboxing technology that uses hundreds of behavioral indicators to spot zero-day attacks • An Indications of Compromise (IoC) feature that correlates events from multiple sources to identify what may be compromised hosts Upgrade your customers to Cisco Firepower NGIPS today to help them protect their network, users, applications, and information assets. It’s as easy as 1...2...3 1. Confirm your current IPS model and refresh needs. 2. Review the recommended migration path. 3. Contact your trusted Cisco Security account manager or partner to get started. Migration Recommendations for Cisco IPS and FirePOWER (former Sourcefire) Customers Cisco IDS/IPS 4000 Appliances Recommendation Throughput Performance Improvement Cisco IPS 4270-20 Firepower 4110 2X Cisco IPS 4360 Firepower 4110 3.2X Cisco IPS 4510 Firepower 4110 1.33X Cisco IPS 4520 Firepower 4120 1.6X Cisco IPS 4520-XL Firepower 4140 1X
FirePOWER 81xxAppliances Recommendation Throughput Performance Improvement FirePOWER 8120 Firepower 4110 2X FirePOWER 8130 Firepower 4110 1X FirePOWER 8140 Firepower 4120 1.33X Firepower 8xxxx AMP Appliances Recommendation Throughput Performance Improvement FirePOWER AMP 8050 Firepower 4110 AMP 1.5X FirePOWER AMP 8150 Firepower 4120 AMP 1.2X FirePOWER AMP 8150 Firepower 4140 AMP 2X Learn More: Find the Right Cisco Firewall for your Needs Why NGFW and NGIPS are needed in network security infrastructure? Do you really need both a next-generation firewall (NGFW) and next- generation intrusion prevention system (NGIPS) for my network security infrastructure? The answer is YES! What does a next-generation firewall do? The NGFW has its core competencies and it includes: 1. Network address translation 2. Acting as a stateful firewall 3. VPN concentrator 4. Application visibility and control 5. And don’t forget, IPS inspection A next-generation IPS has its core competencies and they include: 1. Inspect asymmetric traffic flows 2. Perform as a transparent bump-in-the wire inspection device 3. Provide visibility and protection by inspecting network traffic that moves lateral to a perimeter firewall Since the NGFW is a network device, it can operate lower in the OSI stack and can act as a network boundary or create a network pinch-point perfect for stateful firewalling, application identification, and deep packet inspection.
Using a NGIPS to perform deep packet inspection makes for a more effective strategy against the would-be-adversary. Because an NGIPS does not maintain a state table, it is less vulnerable to attacks that exploit state table exhaustion and result in denial of service. This also gives it the ability to inspect asymmetric data flows. The NGIPS is also a transparent device, just a bump in the wire, allowing traffic to flow as if it is not even there, even if it is deployed in the core, doing deep packet inspection or on the network edge. Did you know that traffic looks differently in the core vs. the edge of the network? Advanced persistent threats are more easily detected by the NGIPS. Because the NGIPS can be deployed where it will have of the lateral visibility of the traffic, it gives you that advantage over a firewall. A traditional stateful firewall cannot provide this. The lateral visibility it is perfect to identifying machines on a network that have already been compromised and are being used by a bad guy to collect and infiltrate sensitive or important data. Visibility and the ability to secure a network at the perimeter and at the network core should be essential for every organization that wants to strengthen their overall security posture. To learn more about Cisco Firepower NGIPS threat appliances, please visit http://www.cisco.com/go/ngips. To learn more about the Cisco Advanced Malware Protection capability, please visit http://www.cisco.com/go/amp. To learn more about Cisco’s Talos Security Intelligence and Research team, please visit http://www.talosintelligence.com/. Info from https://www.cisco.com/c/dam/m/en_us/products/security/ngips/NGIPS_transi tion_guide.pdf More Related Guide to the New Cisco Firepower 2100 Series How to Deploy the Cisco ASA FirePOWER Services in the Internet Edge, VPN Scenarios and Data Center? The Most Common NGFW Deployment Scenarios Cisco’s High-end Next Generation Firewalls-Firepower 4100 and 9300 Series UTM vs. NGFW

Recommended

8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
BGA Cyber Security
 
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolOpen Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Sylvain Martinez
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
mmiznoni
 
IPS Best Practices
IPS Best PracticesIPS Best Practices
IPS Best Practices
Heather Axworthy
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2b
Sylvain Martinez
 
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS Overview
GuardEra Access Solutions, Inc.
 
Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...
Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...
Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...
LiveAction Next Generation Network Management Software
 

Recommended

8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
8 Ocak 2015 SOME Etkinligi - A10 Networks - Accelerating and Securing Applica...
BGA Cyber Security
 
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive toolOpen Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Open Source IDS - How to use them as a powerful fee Defensive and Offensive tool
Sylvain Martinez
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
Sourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPSSourcefire Webinar - NEW GENERATION IPS
Sourcefire Webinar - NEW GENERATION IPS
mmiznoni
 
IPS Best Practices
IPS Best PracticesIPS Best Practices
IPS Best Practices
Heather Axworthy
 
Talk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2bTalk2 esc2 muscl-wifi_v1_2b
Talk2 esc2 muscl-wifi_v1_2b
Sylvain Martinez
 
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS Overview
GuardEra Access Solutions, Inc.
 
Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...
Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...
Sourcefire - A Next-Generation Intrusion Prevention Solution Delivering Scala...
LiveAction Next Generation Network Management Software
 
Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
Cisco Canada
 
Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2
Sylvain Martinez
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA Cyber Security
 
'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFV'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFV
OPNFV
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
Anthony Daniel
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for meraki
Cisco Canada
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
Cisco Canada
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the Noise
Cisco Canada
 
stackArmor MicroSummit - Niksun Network Monitoring - DPI
stackArmor MicroSummit - Niksun Network Monitoring - DPIstackArmor MicroSummit - Niksun Network Monitoring - DPI
stackArmor MicroSummit - Niksun Network Monitoring - DPI
Gaurav "GP" Pal
 
vSRX Buyer’s Guide infographic - Juniper Networks
vSRX Buyer’s Guide infographic - Juniper Networks vSRX Buyer’s Guide infographic - Juniper Networks
vSRX Buyer’s Guide infographic - Juniper Networks
Juniper Networks
 
Infographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastInfographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning Fast
Juniper Networks
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
BGA Cyber Security
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco Canada
 
Next Generation Firewall and IPS
Next Generation Firewall and IPSNext Generation Firewall and IPS
Next Generation Firewall and IPS
Data#3 Limited
 
Trusted Environment. Blockchain for business: best practices, experience, tips
Trusted Environment. Blockchain for business: best practices, experience, tipsTrusted Environment. Blockchain for business: best practices, experience, tips
Trusted Environment. Blockchain for business: best practices, experience, tips
Kaspersky
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
Robb Boyd
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco Canada
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
Cisco Enterprise Networks
 
Stop Translating, Start Defending: Common Language for Managing Cyber-Risk
Stop Translating, Start Defending: Common Language for Managing Cyber-RiskStop Translating, Start Defending: Common Language for Managing Cyber-Risk
Stop Translating, Start Defending: Common Language for Managing Cyber-Risk
Priyanka Aash
 
Cisco Connect 2018 Thailand - Cisco Meraki an innovation journey to a smarter...
Cisco Connect 2018 Thailand - Cisco Meraki an innovation journey to a smarter...Cisco Connect 2018 Thailand - Cisco Meraki an innovation journey to a smarter...
Cisco Connect 2018 Thailand - Cisco Meraki an innovation journey to a smarter...
NetworkCollaborators
 
Cisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfCisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdf
TaherAzzam2
 
FortiGate_600E(2).pdf
FortiGate_600E(2).pdfFortiGate_600E(2).pdf
FortiGate_600E(2).pdf
Rochdi Bouzaien
 

More Related Content

What's hot

Trusted Environment. Blockchain for business: best practices, experience, tips
Trusted Environment. Blockchain for business: best practices, experience, tipsTrusted Environment. Blockchain for business: best practices, experience, tips
Trusted Environment. Blockchain for business: best practices, experience, tips
Kaspersky
 
Stop Translating, Start Defending: Common Language for Managing Cyber-Risk
Stop Translating, Start Defending: Common Language for Managing Cyber-RiskStop Translating, Start Defending: Common Language for Managing Cyber-Risk
Stop Translating, Start Defending: Common Language for Managing Cyber-Risk
Priyanka Aash
 

What's hot (20)

Next Generation Security
Next Generation SecurityNext Generation Security
Next Generation Security
 
Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2Talk2 esc4 muscl-ids_v1_2
Talk2 esc4 muscl-ids_v1_2
 
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
BGA SOME/SOC Etkinliği - Tehdit Odaklı Güvenlik Mimarisinde Sourcefire Yakla...
 
'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFV'Moon' Security Management System for OPNFV
'Moon' Security Management System for OPNFV
 
Next generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefitsNext generation firewall(ngfw)feature and benefits
Next generation firewall(ngfw)feature and benefits
 
Cisco amp for meraki
Cisco amp for merakiCisco amp for meraki
Cisco amp for meraki
 
Cisco umbrella overview
Cisco umbrella overviewCisco umbrella overview
Cisco umbrella overview
 
Talos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the NoiseTalos Insight: Threat Innovation Emerging from the Noise
Talos Insight: Threat Innovation Emerging from the Noise
 
stackArmor MicroSummit - Niksun Network Monitoring - DPI
stackArmor MicroSummit - Niksun Network Monitoring - DPIstackArmor MicroSummit - Niksun Network Monitoring - DPI
stackArmor MicroSummit - Niksun Network Monitoring - DPI
 
vSRX Buyer’s Guide infographic - Juniper Networks
vSRX Buyer’s Guide infographic - Juniper Networks vSRX Buyer’s Guide infographic - Juniper Networks
vSRX Buyer’s Guide infographic - Juniper Networks
 
Infographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning FastInfographic: Whack Hackers Lightning Fast
Infographic: Whack Hackers Lightning Fast
 
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
8 Ocak 2015 SOME Etkinligi - Cisco Next Generation Security
 
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat IntelligenceCisco ThreatGrid: Malware Analysis and Threat Intelligence
Cisco ThreatGrid: Malware Analysis and Threat Intelligence
 
Next Generation Firewall and IPS
Next Generation Firewall and IPSNext Generation Firewall and IPS
Next Generation Firewall and IPS
 
Trusted Environment. Blockchain for business: best practices, experience, tips
Trusted Environment. Blockchain for business: best practices, experience, tipsTrusted Environment. Blockchain for business: best practices, experience, tips
Trusted Environment. Blockchain for business: best practices, experience, tips
 
TechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnectTechWiseTV Workshop: OpenDNS and AnyConnect
TechWiseTV Workshop: OpenDNS and AnyConnect
 
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
Cisco connect winnipeg 2018 stealthwatch whiteboard session and cisco secur...
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
 
Stop Translating, Start Defending: Common Language for Managing Cyber-Risk
Stop Translating, Start Defending: Common Language for Managing Cyber-RiskStop Translating, Start Defending: Common Language for Managing Cyber-Risk
Stop Translating, Start Defending: Common Language for Managing Cyber-Risk
 
Cisco Connect 2018 Thailand - Cisco Meraki an innovation journey to a smarter...
Cisco Connect 2018 Thailand - Cisco Meraki an innovation journey to a smarter...Cisco Connect 2018 Thailand - Cisco Meraki an innovation journey to a smarter...
Cisco Connect 2018 Thailand - Cisco Meraki an innovation journey to a smarter...
 

Similar to Cisco firepower ngips series migration options

Cisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfCisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdf
TaherAzzam2
 
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docxANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
write4
 
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docxANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
write4
 
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docxANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
write31
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
Chrysostomos Christofi
 
Zankhana Pandya Resume @ 21_Dec_2015
Zankhana Pandya Resume @ 21_Dec_2015Zankhana Pandya Resume @ 21_Dec_2015
Zankhana Pandya Resume @ 21_Dec_2015
Zhankhana Pandya
 
Virtual security gateways at network edge are key to protecting ultra broadba...
Virtual security gateways at network edge are key to protecting ultra broadba...Virtual security gateways at network edge are key to protecting ultra broadba...
Virtual security gateways at network edge are key to protecting ultra broadba...
Paul Stevens
 

Similar to Cisco firepower ngips series migration options (20)

Cisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdfCisco Firepower Next-Generation Firewall (NGFW).pdf
Cisco Firepower Next-Generation Firewall (NGFW).pdf
 
FortiGate_600E(2).pdf
FortiGate_600E(2).pdfFortiGate_600E(2).pdf
FortiGate_600E(2).pdf
 
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptxA Complete Guide To Firewall How To Build A Secure Networking System.pptx
A Complete Guide To Firewall How To Build A Secure Networking System.pptx
 
Jatinder Singh
Jatinder SinghJatinder Singh
Jatinder Singh
 
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docxANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
 
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docxANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
 
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docxANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
ANSWER QUESTIONS AND RESPOND TO BOTH Your CISO was very.docx
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
 
Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto Presentation
 
Forcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPSForcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPS
 
Migration to cisco next generation firewall
Migration to cisco next generation firewallMigration to cisco next generation firewall
Migration to cisco next generation firewall
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
 
Zankhana Pandya Resume @ 21_Dec_2015
Zankhana Pandya Resume @ 21_Dec_2015Zankhana Pandya Resume @ 21_Dec_2015
Zankhana Pandya Resume @ 21_Dec_2015
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services
 
Virtual security gateways at network edge are key to protecting ultra broadba...
Virtual security gateways at network edge are key to protecting ultra broadba...Virtual security gateways at network edge are key to protecting ultra broadba...
Virtual security gateways at network edge are key to protecting ultra broadba...
 
Fortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-seriesFortigate fortiwifi-80f-series
Fortigate fortiwifi-80f-series
 
Best practices for CCNA training
Best practices for CCNA training Best practices for CCNA training
Best practices for CCNA training
 
Digital Transformation Drives WAN Evolution
Digital Transformation Drives WAN EvolutionDigital Transformation Drives WAN Evolution
Digital Transformation Drives WAN Evolution
 
Cisco NGFW AMP
Cisco NGFW AMPCisco NGFW AMP
Cisco NGFW AMP
 
nsx overview with use cases 1.0
nsx overview with use cases 1.0nsx overview with use cases 1.0
nsx overview with use cases 1.0
 

More from IT Tech

More from IT Tech (20)

Cisco ip phone key expansion module setup
Cisco ip phone key expansion module setupCisco ip phone key expansion module setup
Cisco ip phone key expansion module setup
 
Cisco catalyst 9200 series platform spec, licenses, transition guide
Cisco catalyst 9200 series platform spec, licenses, transition guideCisco catalyst 9200 series platform spec, licenses, transition guide
Cisco catalyst 9200 series platform spec, licenses, transition guide
 
Cisco isr 900 series highlights, platform specs, licenses, transition guide
Cisco isr 900 series highlights, platform specs, licenses, transition guideCisco isr 900 series highlights, platform specs, licenses, transition guide
Cisco isr 900 series highlights, platform specs, licenses, transition guide
 
Hpe pro liant gen9 to gen10 server transition guide
Hpe pro liant gen9 to gen10 server transition guideHpe pro liant gen9 to gen10 server transition guide
Hpe pro liant gen9 to gen10 server transition guide
 
The new cisco isr 4461 faq
The new cisco isr 4461 faqThe new cisco isr 4461 faq
The new cisco isr 4461 faq
 
New nexus 400 gigabit ethernet (400 g) switches
New nexus 400 gigabit ethernet (400 g) switchesNew nexus 400 gigabit ethernet (400 g) switches
New nexus 400 gigabit ethernet (400 g) switches
 
Tested cisco isr 1100 delivers the richest set of wi-fi features
Tested cisco isr 1100 delivers the richest set of wi-fi featuresTested cisco isr 1100 delivers the richest set of wi-fi features
Tested cisco isr 1100 delivers the richest set of wi-fi features
 
Aruba campus and branch switching solution
Aruba campus and branch switching solutionAruba campus and branch switching solution
Aruba campus and branch switching solution
 
Cisco transceiver module for compatible catalyst switches
Cisco transceiver module for compatible catalyst switchesCisco transceiver module for compatible catalyst switches
Cisco transceiver module for compatible catalyst switches
 
Cisco ios on cisco catalyst switches
Cisco ios on cisco catalyst switchesCisco ios on cisco catalyst switches
Cisco ios on cisco catalyst switches
 
Cisco's wireless solutions deployment modes
Cisco's wireless solutions deployment modesCisco's wireless solutions deployment modes
Cisco's wireless solutions deployment modes
 
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dell
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dellCompetitive switching comparison cisco vs. hpe aruba vs. huawei vs. dell
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dell
 
Four reasons to consider the all in-one isr 1000
Four reasons to consider the all in-one isr 1000Four reasons to consider the all in-one isr 1000
Four reasons to consider the all in-one isr 1000
 
The difference between yellow and white labeled ports on a nexus 2300 series fex
The difference between yellow and white labeled ports on a nexus 2300 series fexThe difference between yellow and white labeled ports on a nexus 2300 series fex
The difference between yellow and white labeled ports on a nexus 2300 series fex
 
Cisco transceiver modules for compatible cisco switches series
Cisco transceiver modules for compatible cisco switches seriesCisco transceiver modules for compatible cisco switches series
Cisco transceiver modules for compatible cisco switches series
 
Guide to the new cisco firepower 2100 series
Guide to the new cisco firepower 2100 seriesGuide to the new cisco firepower 2100 series
Guide to the new cisco firepower 2100 series
 
892 f sfp configuration example
892 f sfp configuration example892 f sfp configuration example
892 f sfp configuration example
 
Cisco nexus 7000 and nexus 7700
Cisco nexus 7000 and nexus 7700Cisco nexus 7000 and nexus 7700
Cisco nexus 7000 and nexus 7700
 
Eol transceiver to replacement model
Eol transceiver to replacement modelEol transceiver to replacement model
Eol transceiver to replacement model
 
Cisco firepower 2100 series, as a ngfw or a ngips
Cisco firepower 2100 series, as a ngfw or a ngipsCisco firepower 2100 series, as a ngfw or a ngips
Cisco firepower 2100 series, as a ngfw or a ngips
 

Recently uploaded

Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
David Michel
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
ScyllaDB
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
CzechDreamin
 

Recently uploaded (20)

AI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří KarpíšekAI revolution and Salesforce, Jiří Karpíšek
AI revolution and Salesforce, Jiří Karpíšek
 
IESVE for Early Stage Design and Planning
IESVE for Early Stage Design and PlanningIESVE for Early Stage Design and Planning
IESVE for Early Stage Design and Planning
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1UiPath Test Automation using UiPath Test Suite series, part 1
UiPath Test Automation using UiPath Test Suite series, part 1
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
PLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. StartupsPLAI - Acceleration Program for Generative A.I. Startups
PLAI - Acceleration Program for Generative A.I. Startups
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 

Cisco firepower ngips series migration options

  • 1. Cisco Firepower NGIPS Series Migration Options Strengthen Your Network Defenses It’s no secret that today’s attackers have the resources, expertise, and persistence to compromise any organization at any time. Traditional defenses are no longer effective. Many people think that with the adoption of a next-generation firewall (NGFW), that they no longer need a stand-alone intrusion prevention system (IPS). That’s simply not true. A “true” NGIPS can provide visibility, threat detection, threat response, and malware discovery. And it can do all that in areas of your network that remain off-limits to firewall inspection and controls. Safeguarding your network assets and data from today’s threats requires detailed visibility into all your network layers and resources. 1. It requires comprehensive, and up-to-date security intelligence. 2. It requires a dynamic approach that uses awareness and automation to adapt to new threats, new vulnerabilities, and everyday network changes. 3. It requires Cisco Firepower NGIPS (Next-Generation Intrusion Prevention System) threat appliances. The Cisco Firepower NGIPS threat appliance provides industry-leading visibility and threat efficacy against both known and unknown threats. Cisco Firepower NGIPS stops threats by using:
  • 2. • More than 30,000 IPS rules that identify and block traffic trying to exploit a vulnerability in your network • Reputation-based IP, URL, and DNS security intelligence that can shrink the attack surface by identifying malicious sites • A tightly integrated defense against network-based advanced malware attacks • An integrated sandboxing technology that uses hundreds of behavioral indicators to spot zero-day attacks • An Indications of Compromise (IoC) feature that correlates events from multiple sources to identify what may be compromised hosts Upgrade your customers to Cisco Firepower NGIPS today to help them protect their network, users, applications, and information assets. It’s as easy as 1...2...3 1. Confirm your current IPS model and refresh needs. 2. Review the recommended migration path. 3. Contact your trusted Cisco Security account manager or partner to get started. Migration Recommendations for Cisco IPS and FirePOWER (former Sourcefire) Customers Cisco IDS/IPS 4000 Appliances Recommendation Throughput Performance Improvement Cisco IPS 4270-20 Firepower 4110 2X Cisco IPS 4360 Firepower 4110 3.2X Cisco IPS 4510 Firepower 4110 1.33X Cisco IPS 4520 Firepower 4120 1.6X Cisco IPS 4520-XL Firepower 4140 1X
  • 3. FirePOWER 81xxAppliances Recommendation Throughput Performance Improvement FirePOWER 8120 Firepower 4110 2X FirePOWER 8130 Firepower 4110 1X FirePOWER 8140 Firepower 4120 1.33X Firepower 8xxxx AMP Appliances Recommendation Throughput Performance Improvement FirePOWER AMP 8050 Firepower 4110 AMP 1.5X FirePOWER AMP 8150 Firepower 4120 AMP 1.2X FirePOWER AMP 8150 Firepower 4140 AMP 2X Learn More: Find the Right Cisco Firewall for your Needs Why NGFW and NGIPS are needed in network security infrastructure? Do you really need both a next-generation firewall (NGFW) and next- generation intrusion prevention system (NGIPS) for my network security infrastructure? The answer is YES! What does a next-generation firewall do? The NGFW has its core competencies and it includes: 1. Network address translation 2. Acting as a stateful firewall 3. VPN concentrator 4. Application visibility and control 5. And don’t forget, IPS inspection A next-generation IPS has its core competencies and they include: 1. Inspect asymmetric traffic flows 2. Perform as a transparent bump-in-the wire inspection device 3. Provide visibility and protection by inspecting network traffic that moves lateral to a perimeter firewall Since the NGFW is a network device, it can operate lower in the OSI stack and can act as a network boundary or create a network pinch-point perfect for stateful firewalling, application identification, and deep packet inspection.
  • 4. Using a NGIPS to perform deep packet inspection makes for a more effective strategy against the would-be-adversary. Because an NGIPS does not maintain a state table, it is less vulnerable to attacks that exploit state table exhaustion and result in denial of service. This also gives it the ability to inspect asymmetric data flows. The NGIPS is also a transparent device, just a bump in the wire, allowing traffic to flow as if it is not even there, even if it is deployed in the core, doing deep packet inspection or on the network edge. Did you know that traffic looks differently in the core vs. the edge of the network? Advanced persistent threats are more easily detected by the NGIPS. Because the NGIPS can be deployed where it will have of the lateral visibility of the traffic, it gives you that advantage over a firewall. A traditional stateful firewall cannot provide this. The lateral visibility it is perfect to identifying machines on a network that have already been compromised and are being used by a bad guy to collect and infiltrate sensitive or important data. Visibility and the ability to secure a network at the perimeter and at the network core should be essential for every organization that wants to strengthen their overall security posture. To learn more about Cisco Firepower NGIPS threat appliances, please visit http://www.cisco.com/go/ngips. To learn more about the Cisco Advanced Malware Protection capability, please visit http://www.cisco.com/go/amp. To learn more about Cisco’s Talos Security Intelligence and Research team, please visit http://www.talosintelligence.com/. Info from https://www.cisco.com/c/dam/m/en_us/products/security/ngips/NGIPS_transi tion_guide.pdf More Related Guide to the New Cisco Firepower 2100 Series How to Deploy the Cisco ASA FirePOWER Services in the Internet Edge, VPN Scenarios and Data Center? The Most Common NGFW Deployment Scenarios Cisco’s High-end Next Generation Firewalls-Firepower 4100 and 9300 Series UTM vs. NGFW