Towards AI-first Security Cloud

Cisco launches new security service edge (SSE) solution to enable superior hybrid work experiences and dramatically simplify access across any location, any device, and any application.

  • Tuesday, 6th June 2023 Posted 9 months ago in by Phil Alsop

Cisco is delivering on its promise of the AI-driven Cisco Security Cloud to simplify cybersecurity and empower people to do their best work from anywhere regardless of the increasingly sophisticated threat landscape. Cisco is investing in cutting-edge innovations in artificial intelligence and machine learning that will empower security teams by simplifying operations and increasing efficacy.

 

Secure Connectivity to All Applications and Resources, Anywhere

Today’s IT environment has dramatically shifted. Cloud adoption is accelerating. Remote and hybrid users are now the majority.  Most organizations rely on a complex web of point products that weren’t designed to support today’s highly distributed environment. Users are forced to navigate inconsistent access experiences and reauthenticate throughout the day—disrupting productivity. With Cisco Secure Access, Cisco’s new SSE solution, decisions about how users connect to applications are handled behind the scenes, so they get to what they want more quickly.  The result is users who are more secure with less hassle.

 

“With Cisco Secure Access, we are removing the burden from the user and providing a superior experience with frictionless access to all applications—not just some—to enable secure, hybrid work,” said Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco. “Our unmatched visibility of the network gives us an advantage that no other company has—and we truly believe that where security meets the network, Cisco is the best in the world.”

 

Highlights of Cisco Secure Access include:

Common Access Experience: Delivers a single, easy way to access all applications and resources (not just some) by intelligently and securely steering traffic to private and public destinations without end-user intervention.

Single, Cloud-Managed Console: Simplifies security operations by converging multiple functions into one easy to use solution that protects all traffic. Instead of managing a broad set of tools, administrators, and analysts can go to one place to see all traffic, set all policy, and analyze security risks. This translates into efficiency gains, cost reductions, and a flexible IT environment.

Faster Detection and Response: Provides analysis to speed up investigations and is backed by Cisco Talos AI-driven threat intelligence to detect and block more threats.

 

 

"Cisco is collaborating with leading mobile device vendors to create the safest and best user experience no matter where users work. Cisco collaborated with Apple to incorporate Zero Trust Access (ZTA) capabilities powered by Cisco Secure Access into a native experience on iOS and macOS, making secure access to applications pervasive while making it simpler for IT and more secure for everyone."

 

Cisco Secure Access is taking a hybrid Points of Presence (POP) approach with Cisco Data Centers and public cloud providers to rapidly extend global reach for our customers. As part of the Cisco Security Cloud, it leverages capabilities from the rest of the Cisco security and networking portfolio, including embedded network visibility from Cisco ThousandEyes, and can be easily integrated with solutions from third-party vendors. Cisco Secure Access will be in limited availability starting in July 2023 and will be Generally Available in October 2023.

 

“Organizations are deploying SSE for a variety of reasons, but improving security outcomes is arguably at the top of the list. Achieving this requires an emphasis on users to create a frictionless experience and simplifying security team processes to improve efficiency and ensure consistency,” said John Grady, Principal Analyst Enterprise Strategy Group. “Security teams making plans for SSE should prioritize integrated solutions that focus on simplicity, scale, and user experience.”

 

“At WWT our goal is to provide security solutions and services that help our customers achieve their business goals. As a Cisco partner, we are really excited about the direction Cisco is taking with the launch of their Cisco Secure Access solution,” said Neil Anderson, Area Vice President, Cloud & Infrastructure Solutions at WWT. “With Cisco Secure Access our customers gain a simplified way of accessing both private, cloud, and SaaS applications private and internet resources, while transparently securing against threats and boosting user productivity while reducing frustration.”

 

Generative AI to Improve Threat Response & Simplify Security Policy Management

Further delivering on its strategic vision, Cisco is previewing the first generative AI capabilities in the Security Cloud. Today, most organizations have a patchwork of security products, forcing teams to set and maintain extremely complex security policies as well as track and remediate threats across numerous solutions.

 

Reduce Policy Complexity: The Cisco Security Cloud will leverage a generative AI-powered Policy Assistant that enables Security and IT administrators to describe granular security policies and evaluate how to best implement them across different aspects of their security infrastructure. For the first implementation, customers will be able to reason with Cisco’s AI Assistant to evaluate and produce more efficient firewall policies. It will leverage customers’ existing rulesets in Cisco Secure Firewall Management Center to drive unmatched efficiency without sacrificing granular control and will be available later this year.

Quickly Detect and Remediate Threats: Cisco’s SOC Assistant will support the Security Operations Center (SOC) to detect and respond to threats faster. When an incident occurs, the assistant will contextualize events across email, the web, endpoints, and the network to tell the SOC analyst exactly what happened and the impact. Analysts can then interact and reason with the assistant to determine the best remediation approach leveraging an extensive knowledgebase of potential actions while also taking into account the analysts input. Cisco first shared the concept at RSA Conference 2023 and is excited to share that the event summarization feature will be available by the end of calendar 2023 with the remaining capabilities in the first half of calendar 2024.

 

Network Security Bolstered for Hybrid Work

The world is hybrid, and users require seamless connected experiences at the office and on the road.

 

As the demands of the firewall as the foundation of the security stack continue to expand, the new Cisco Secure Firewall 4200 Series raises the bar for performance and flexibility with cryptographic acceleration, clustering and modularity.

 

Running the new 7.4 version of the operating system, Secure Firewall 4200 features:

AI and ML-based encrypted threat blocking without decryption.

An evolution of Zero Trust Network Access (ZTNA) with complete threat inspection and policy for each individual application.

Simplified branch routing that brings security, control, and visibility to traffic from remote offices to applications in hybrid datacenters.

 

Cisco Secure Firewall 4200 Series appliance will be generally available in September 2023 supporting the 7.4 version of operating system. The 7.4 OS will be generally available for the rest of the Secure Firewall appliance family in December 2023.

 

Cisco is also proud to announce Cisco Multicloud Defense following its recent acquisition of Valtix. Multicloud Defense extends the traditional firewall concept into a service-oriented, multicloud world.   SecOps teams can now manage security across AWS, GCP, Azure, and OCI with a single policy, in real-time, from a single SaaS platform. In addition, teams can rapidly spin up security for any cloud environment, leading to increased security and efficiency. Cisco Multicloud Defense is available today.

 

Cloud Application Security

Cisco is delivering an integrated approach to secure cloud native applications from code to cloud with new capabilities in Panoptica, Cisco’s cloud native application security solution. Adding to the Cloud Workload Protection (CWPP) that Panoptica currently provides, Cloud Security Posture Management (CSPM) will be available starting Fall 2023 to deliver continuous cloud security compliance and monitoring at scale, giving customers visibility into their entire inventory of cloud assets, including Kubernetes clusters. In addition, a new attack path engine that uses graph-based technology to deliver advanced attack path analysis will help security teams quickly identify and remediate potential risks across cloud infrastructures. Further, Panoptica’s integration with Cisco’s Full Stack Observability portfolio provides real-time visibility to prioritize business risks. These integrated capabilities will help security and developer teams alike gain the visibility, control and actionable intelligence required to protect dynamic cloud applications and infrastructure.