Cisco Integrates ACI With FirePOWER to Deliver Threat Protection for Datacenters
Cisco today announced the full integration of Application Centric Infrastructure (ACI) embedded security with the threat detection of FirePOWER Next Generation Intrusion Prevention System (NGIPS), providing automated threat protection to combat emerging datacenter security threats. Combining best of breed FirePOWER NGIPS with ACI, customers are now able to build highly secure infrastructure with fine-grained control (including application level security), visibility and centralized automation all the way from infrastructure to the application level. In addition, customers benefit from lower total cost of ownership including infrastructure and management costs as well as costs associated with security breaches. Cisco also announced that ACI is now validated by independent auditors for deployment in PCI compliant networks, which can help reduce the scope of a PCI audit and lower audit costs and time.
Cisco ACI also supports investment protection with the most comprehensive and open ecosystem that includes: Check Point Software Technologies, Fortinet, Infoblox, Intel Security, Radware, and Symantec.
The Cisco FirePOWER family of security appliances, available as both physical devices and virtual appliances, offer best-in-class threat effectiveness, superior visibility and global threat intelligence. ACI is a highly secure multi-tenant infrastructure based on whitelist policy model that isolates and segments both physical and virtual applications in the datacenter with centralized automation, visibility and auditing through the Application Policy Infrastructure Controller (APIC).
ACI integration with FirePOWER NGIPS (including Advanced Malware Protection) provides security before, during and after an attack, enabling organizations to dynamically detect and block advanced threats with continuous visibility and control across the full attack continuum. These new security capabilities deliver unprecedented control, visibility and centralized security automation in the data center.
Cisco also announced that independent qualified security assessors have validated ACI for deployment in payment card industry (PCI) compliant networks. Managing and simplifying the scope of compliance can help reduce costs for these organizations. More details in Cisco whitepaper here.
"Protecting our corporate and customer information is always uppermost in our daily jobs and in planning for the future," said Chuck Huetter, Director of Information Technology at Ameritas. "Cybersecurity is key to customer confidence, and we chose carefully when we selected Cisco ACI as our next generation data center network platform. ACI's policy-based automation combined with next-generation intrusion protection and advanced malware protection will optimize our ability to safeguard sensitive information."
Security threats are escalating every year in terms of sophistication and complexity, while the cost of a security breach and the resulting brand damage are a CEO's nightmare. According to a 2015 survey of IT security professionals commissioned by Cisco and conducted by Enterprise Strategy Group (ESG), 57 percent reported a security incident had compromised their data center services within the last 24 months. Also, the study found that 68 percent of IT security professionals reported that it is difficult to remove expired or out-of-date access control lists (ACLs) or firewall rules because it is so time-consuming and entails many manual processes. Using group based white list policy, ACI simplifies setting firewall rules and reduces complexity while trimming operational costs through automation.
