- Detail
- Parameters
At present, it is critical for organizations to protect themselves against potential security attacks.
The attack surface is expanding. Today's technology trends such as mobile, cloud, and Internet of Things have multiplied the penetration points of your network. Attackers have also become increasingly sophisticated. They are usually members of international cybercrime organizations and know more about your network and your defenses than you do.
Therefore, the exploration and remediation work after the intrusion of the network is very complicated and time-consuming. In the global end-to-end network, it takes weeks, or even months, to implement remediation efforts at each branch and campus. So time-consuming you can not afford.
Protective measures throughout the network
How to protect yourself? Use all the security measures in your architecture, such as advanced malware protection and firewalls. Then, enable one of the strongest off-the-shelf tools: the network itself; that is, Cisco Catalyst switches, Integrated Services Routers (ISRs) and Aggregation Services Routers (ASRs) and wireless products. These networked solutions, coupled with an application-centric Cisco infrastructure, provide full protection against attacks in the early to mid-late stages.
This is how to achieve it? From three aspects: the network is the sensor, the network that the implementation of the Act, and the network that disaster reduction accelerator.
When your network is a sensor, Cisco IOS NetFlow allows you to monitor your network for unknown devices, malformed traffic patterns, and unexpected behavior in-depth. Your network can thus proactively detect hidden activity.
When your network is an enabler, your network can use Cisco TrustSec to mitigate attacks by implementing segmentation and user access controls. Even if there is an attacker, their scope of activities is limited to a segment of the network area.
Network, or disaster mitigation accelerator, your network can accelerate troubleshooting in an automated manner through the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC). So you do not have to spend weeks or months on defense and network patching of your branch offices and campus, and you can apply it to your entire enterprise in real time.
This is the application-centric Cisco infrastructure capabilities. How to protect your business: Combine Cisco's advanced malware protection, firewalls, and Cisco network sensors, actuators, and disaster mitigation accelerator capabilities.
As a result, Cisco Enterprise Network Security solutions can be double-defended and proactively respond to emerging security threats.
AAG - Network or Sensor (PDF - 285 KB)
Five Measures of Network Defense
To protect your data, customers, and reputation, you can take the following five steps to make the most of your Cisco network investment:
With Flexible NetFlow, you can learn the basics of normal communication and proactively identify suspicious behavior.
Deploy Cisco TrustSec Segmentation Network - Prevents attack behavior through role-based environment topology and access-independent control.
Use MACsec encrypted links and use the Cisco Catalyst Integrated Security Function (CISF) - to protect your data.
Deploy Cisco Intelligent Wide Area Network - Helps protect branch office security through direct Internet access.
Deploy Cisco Application Policy Infrastructure Controller Enterprise Module - Accelerate security configuration and threat prevention.
Take advantage of Cisco services to evaluate, design and implement optimized security solutions for your business.
