As the needs and complexity of organizational networks expand, there is a greater need to provide threat protections that span diverse use cases, architectures, and attack vectors. These new capabilities found in our latest firewall software release, Cisco Secure Firewall version 10.0, expand the scope of protection to include previously unidentified threats, more accurately match security rules to users and applications, and offer better threat detection capabilities for clustered firewall architectures.
You can test drive these capabilities today with Secure Firewall Test Drive, an instructor-led course that will guide you through the Secure Firewall and its powerful roles in cybersecurity for your organization.
Expanded Protections for ML-based Intrusion Prevention
SnortML complements the robust capabilities of Secure Firewall’s intrusion prevention engine, Snort3, by detecting and analyzing zero-day threats in-line. Because this technology uses machine learning to actively identify threats instead of pattern-matching rules, it is able to detect threats for which there may not yet be a pattern-based traditional rule.
With the release of Cisco Secure Firewall version 10.0, expanded protections covering SQL injection attacks, Command Injection attacks, Cross-Site Scripting exploits are now available. You can learn more about SnortML in the Cisco Secure Essentials SnortML Section.
AppID Default Port Specifications
Cisco AppID allows for the rapid automatic classification of network traffic pertaining to specific applications, greatly simplifying the creation and maintenance of policies controlling access to them. Cisco Secure Firewall version 10.0 now provides default port specifications for applications so that new policies set for these applications will be scoped to the default ports they use. This bolsters security by ensuring rules are properly scoped and not applying unintentionally to unrelated traffic by specified with applications only applying to traffic on the ports the application is likely to use. It also may improve performance in busy networks with more complex security policies. This behavior can be altered so that the policies apply to all ports if desired. To ensure consistent operations, existing AppID rules will not be modified.
DNS Rules with Security Group Tag Attributes
Modern users frequently move between networks, changing VLANs, IP addresses, and device profiles, making it challenging to provide DNS filtering rules to scoped groups of users. DNS filtering rules are a critical part of organizational security, providing the ability to block or redirect domains based on individual domain names, known bad actor domains, or categories of web sites.
Security Group Tags (SGTs) address the shifting nature of modern users’ connections by anchoring to a verified user identity instead of the ever-changing network attributes. Cisco Secure Firewall version 10.0 ties DNS filtering to SGTs, enabling seamless and accurate policy application as the user moves across networks.
Portscan Detection and Prevention for Clustered Firewalls
Cisco Secure Firewall protects organizations against undesired portscans, where tools rapidly probe thousands of ports across network devices to search out open communication paths and possible exploit vectors. Cisco Secure Firewall version 10.0 brings new capabilities for clustered firewall configurations, allowing identification of portscan attempts even if the connections are distributed among firewalls in a cluster. This ensures clustered configurations can rapidly identify and enact protections against these potentially exploitative efforts.
It is Easier Than Ever to Upgrade
Using AIOps in Cisco Security Cloud Control, the process to upgrade your Secure Firewall software is streamlined and device-personalized. Upgrade workflows are now 90% faster. Security Cloud Control is a unified management interface that provides advanced protection, simplified operations, and real-time intelligence for a more secure, scalable future.
Take a Hands-On Look at Cisco Secure Firewall 10.0
Want to dive deeper into Cisco firewalls? Sign up for the Cisco Secure Firewall Test Drive, an instructor-led, four-hour hands-on course where you’ll experience the Cisco firewall technology in action and learn about the latest security challenges and attacker techniques.
We’d love to hear what you think! Ask a question and stay connected with Cisco Security on social media.
Cisco Security Social Media