Overblog
Follow this blog Administration + Create my blog
Cisco & Cisco Network Hardware News and Technology

Updated-5 Tips for Choosing a Next-Generation Firewall/NGFW

November 28 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Switches - Cisco Firewall, #Cisco & Cisco Network, #IT, #Technology

Not sure this is the firewall for you? Read the 5 tips for Choosing a Next-Generation Firewall today.

If you decide to invest in a threat-focused Next-Generation Firewall (NGFW), you can ask like this: If it delivers…

1. Integrated Threat Defense

Get actionable, multi-layered protection.

Today’s multi-vector and persistent threats slip through gaps in protection and evade detection. A threat-focused NGFW provides best-in-class security technologies that work together across the network and endpoints and are managed through a central console. Built on a comprehensive stateful ­firewall foundation, threat-focused NGFW technologies should include:

  • Next-Generation IPS
  • Advanced Malware Protection
  • Application Visibility and Control
  • Reputation-based URL filtering
  • Application-level VPN
  • With integrated threat and advanced malware protection that continuously correlates threat intelligence across security layers, you can identify and protect against sophisticated attacks.

 

2. Actionable Indicators of Compromise

Accelerate malware detection to mitigate risk.

The current industry standard time to detect a threat is between 100 to 200 days; that’s far too long. An NGFW should provide actionable indicators of compromise (IoCs) that:

  • Correlate network and endpoint security intelligence
  • Provide highly accurate visibility into suspect and malicious ­le and host behavior
  • Prioritize infected hosts for rapid remediation
  • Actionable IoCs let you see malware activity on hosts and endpoints, understand the impact, and quickly contain and remediate.

 

3. Comprehensive Network Visibility

Increase security effectiveness with a holistic view.

You can’t protect what you can’t see. You need to monitor what’s happening on your network at all times. An NGFW should provide full contextual awareness of:

  • Users, operating systems, and devices
  • Communications between virtual machines
  • Threats and vulnerabilities
  • Applications and website access
  • File transfers, and more
  • This level of insight helps you identify and address security gaps and fine-tune policies so as to reduce the number of significant events requiring additional action.

 

4. Reduced Complexity and Costs

Unify security layers and automate for efficiencies.

A combination of advanced threats and a shortage of skilled IT security professionals is stretching IT departments to the max. Look for an NGFW that:

  • Consolidates multiple layers of defenses on a single platform
  • Delivers consistent and robust security at scale
  • Automates routine security tasks like impact assessment, policy tuning, and user identi­fication
  • By reducing complexity and costs your team is freed up to focus on events that matter most.

 

5. Integration with Third-Party Solutions

Maximize existing security investments.

You need to be able to share intelligence and better leverage existing security technologies to consolidate and streamline response. Look for an NGFW that is open and integrates smoothly with an ecosystem of third-party security solutions like:

  • Vulnerability management systems
  • Network visualization and SIEM systems
  • Workflow remediation and ticketing systems
  • Network access control (NAC), and more
  • Third-party solution integration reduces your IT burden and total cost of ownership (TCO) and strengthens multi-layered protection.

Attacks will continue to evolve as will the IT environment you need to protect. Make sure the NGFW you select provides tightly integrated, multi-layered threat protection. By sharing context and intelligence among security functions you accelerate threat detection and response across your organization, and get the most from your investments.

The tips from https://www.cisco.com/c/dam/en/us/products/collateral/security/next-gen-firewall.pdf

More Related…

Migrate from the Cisco ASA5505 to Cisco ASA5506X Series

Cisco ASA with Firepower Services, Setup Guide-Part1

Cisco ASA with Firepower Services, Setup Guide-Part2

Cisco ASA with Firepower Services, Setup Guide-Part3

Cisco ASA with Firepower Services, Setup Guide-Part4

Read more

Cisco 1000 Series ISRs-Digital Ready, Fixed-platform

November 16 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco Routers, #Cisco & Cisco Network, #Cisco News

Cisco 1000 Series ISRs, Cisco’s newest fixed, high-performance routers, small yet powerful, are easy to deploy and manage with advanced capabilities.

They provide highly secure broadband, Metro Ethernet, and wireless LAN connectivity. 

The Cisco 1000 Series ISR platform with a small form factor is best suited for small and midsize businesses, enterprise branches, and as customer premises equipment in managed services environments.

  1. The routers come in two models: an 8-LAN-port option and a 4-LAN-port option.
  2.  

  3. They have high performance with Gigabit Ethernet packet forwarding capabilities. The multicore architecture has separate cores for data plane and control plane.
  4. The 1000 Series ISRs support Power over Ethernet (PoE) and PoE+ to power branch devices such as IP phones and cameras.
  5. They are easy to deploy with zero-touch provisioning using Plug-and-Play capability. There are multiple LAN, WLAN, WAN, and LTE combinations to choose from, depending on your branch needs.
  6. The 1000 Series can be used in ATMs, retail stores, and kiosks, as well as for various other purposes.

The Cisco 1000 Series Integrated Services Routers (ISRs) are the latest high end fixed routing ISRs. They are based on Cisco IOS® XE Software, with great performance at a low price point, perfect for small and midsize businesses, for enterprise branches, and as Customer Premises Equipment (CPE) in managed services environments. They address increased mobility demands with LTE Advanced and 802.11ac (Wave 2) Wi-Fi.

The key difference between the 1000 Series ISRs and the 800 Series routers

More simple questions and answers help you know more about the new 1000 Series ISRs

Q: Can I continue to order the 800 Series routers after the 1000 Series ISRs are orderable?

A: Yes, the 800 Series routers are not at end of sale or end of life. You can continue to order the 800 Series after the 1000 Series ISRs are orderable.

 

Q: What are the different models of the 1000 Series ISRs?

A: The 1000 Series ISRs have two primary models, with 8 LAN ports (C1100-8P) and 4 LAN ports (C1100-4P). Both come with varied combinations of WAN interfaces, LTE, and Wi-Fi options.

 

Q: What are the different SKUs/product IDs for the 1000 Series?

A: Multiple SKUs are available for the 8-port and 4-port models that offer a combination of WAN links (Gigabit Ethernet, DSL, and LTE) and wireless LAN capabilities. Please refer to the product ID table in the data sheet for the full list.

 

Q: What kind of CPU is used in the 1000 Series ISRs?

A: The naming convention for the 1000 Series ISR product IDs is given in the table below.

Q: What is the naming convention for the 1000 Series ISR product IDs?

A: The CPU in the 1000 Series ISRs is a 4-core ARM processor with separate cores used for data plane, data plane scheduler, and control plane. The fourth core is currently not used. There is a different crypto engine for cryptographic operations.

 

Q: What is the size of the DRAM on the 1000 Series ISR models? How much flash is available on the device?

A: Both the 4-LAN-port and 8-LAN-port 1000 Series ISRs come with 4 GB of RAM and 4 GB of flash storage by default.

 

Q: Are the 1000 Series ISRs fanless routers?

A: Yes, the 1000 Series ISRs are fanless, fixed branch routers with multiple WAN link options.

 

Q: What Cisco IOS Software version is supported on the 1000 Series ISRs?

A: The 1000 Series ISRs are based on Cisco IOS XE Software and will support the Cisco IOS XE 16.6.1 Universal image.

 

Licensing

Q: What is the license packaging model for the 1000 Series?

A: The licensing model for the 1000 Series ISRs uses the IP Base, App, and Security licenses. The 1000 Series comes with the IP Base license by default. For additional security features and Application Experience features, the Security and App licenses, respectively, have to be purchased.

Q: Is there a performance license for the 1000 Series ISRs?

A: A performance license is needed only for encrypted traffic of over 50 Mbps. With the IP Base and Security licenses, you can get up to 50 Mbps of IPsec throughput. On the 4-LAN-port model, you can purchase an IPsec Performance license for a 100-Mbps upgrade, and on the 8-LAN-port model, you can purchase an IPsec Performance license for a 200-Mbps upgrade.

 

Q: What features are part of the IP Base, App and Security licenses?

A: Please refer to the software licensing document for the 1000 Series ISRs, which will list all the features that are part of the different licenses available.

 

Q: Is the software license Right-to-Use (RTU)?

A: Yes, all the software licenses on the 1000 Series are Right-to-Use and do not need a license file to be installed.

 

Q: Will the 1000 Series support Cisco ONE™ licensing, and what license features will it cover?

A: Yes, the 1000 Series ISRs support Cisco ONE licenses. The Cisco ONE license will include the IP Base, App, and Security licenses for the platform. The IPsec Performance license will have to be purchased separately.

 

Hardware features

Q: Is the 1000 Series PoE and PoE+ capable?

A: Yes, the 8-LAN-port model supports either 4 PoE ports or 2 PoE+ ports. The 4-LAN-port model supports either 2 PoE ports or 1 PoE+ port. When PoE or PoE+ is ordered, the default 66W power supply is replaced with a 125W power supply for the 8-port model and with a 115W power supply for the 4-port model.

More FAQ of 1000 Series ISRs you can read here: https://www.cisco.com/c/dam/en/us/products/collateral/routers/1000-series-integrated-services-routers-isr/q-and-a-c67-739639.pdf

https://www.cisco.com/c/en/us/products/collateral/routers/1000-series-integrated-services-routers-isr/datasheet-c78-739512.pdf

More Cisco Router Topics you can visit here: http://blog.router-switch.com/category/reviews/cisco-routers/

Read more

Cisco BE7000, Scalable Collaboration for Enterprises

November 7 2017 , Written by Cisco & Cisco Router, Network Switch Published on #Networking, #Cisco & Cisco Network, #Cisco Technology - IT News, #IT, #Technology

Cisco Business Edition 7000 is an all-in-one, end-to-end collaboration solution designed for fast-growing enterprises.

Empower your employees to engage and innovate anywhere, on any device, any time, with industry-leading technology.

Cisco BE7000, Scalable Collaboration for Enterprises

  • Voice over IP phone system (VoIP): Comprehensive Unified Communications capabilities including voice and video calling, voicemail, messaging and presence, contact center and mobility options for every user.
  • Easy installation and management: It’s preloaded with all the essential collaboration applications you need, and simple to deploy and manage.  Consolidate your communications infrastructure costs and reduce maintenance overheads.
  • Flexible premises and hybrid cloud deployment: Deploy essential communications on-premises and add the latest meetings and messaging services from the Cisco Spark collaboration cloud.
  • Scalable design for future growth: It’s purpose-built for small and midsize businesses with the industry’s leading Cisco Unified Communications Manager. It grows with the pace of your business as you add new users or locations.

Cisco Unified Communications Solutions- Flexible, Affordable, Easy to deploy and Manage, and Scalable to Support business growth

Cisco Business Edition 6000S

Cisco Business Edition 6000

Cisco Business Edition 7000

Cisco Spark

Cisco Hosted Collaboration Solution

Great for small scale collaboration

Great for midsize collaboration

Great for large scale collaboration

Great for team productivity

Flexible, agile, efficient cloud collaboration

Small business phone system, mobility, messaging, routing, and security in a single server

Small to midsized phone system, mobility, messaging, contact center, and conferencing in a single server

Enterprise scale phone system, mobility, messaging, contact center, and conferencing in a modular, scale-out server solution

The Cisco Spark service is a complete collaboration-as-a-service (CaaS) offering that delivers unified messaging, meeting, and calling capabilities that are hosted by Cisco and sold by partners.

Voice, video, unified communications, contact center, mobility, and more as a service from Certified Cisco Partners

Cisco BE7000, a perfectly affordable, simple, and very cool packaged collaboration solution with zero maximum capacity limits on users, devices, locations and applications. 

Built with a modular and stackable design, BE7000 scales however customers need, whenever they want. Check it out!

 

More Related

How You Benefit from Cisco Business Edition 6000

Cisco IP Phone 7800 and 8800 Series-Security Features for Today

What’s New on Cisco IP Phone 8800 Series

Updated: Cisco IP Phone 7800 Series

IP Phone 8861 vs. IP Phone 8851 vs. IP Phone 8841

Cisco IP Phone 7861 vs. Cisco IP Phone 7841 vs. Cisco IP Phone 7821

How to Save Power on Cisco IP Phones?

Read more