Network Security

Quality

Self Defending Networks

Information theft often occurs without network or security personnel suspecting it. Therefore, security systems must react quickly and automatically to suspicious network behavior. A security system must be fully integrated into all aspects of the network, so that the network and its managers can proactively recognize suspicious activity, identify if the threat is real, react appropriately and quickly to the theft attempt. The Cisco Self-Defending Network strategy outlines comprehensive theft of information protection. Organizations can use their existing investments in routing, switching, wireless, and security platforms to deploy a self-defending network that will help them identify, prevent, and adapt to security threats originating both inside and outside of the organization.

Confiance has great experience designing, implementing, and supporting the following components that comprise the “Cisco Self Defending Network” solution.

Cisco NAC (Network Access Control)

Cisco NAC Appliance (formerly Cisco Clean Access) is an easily deployed Network Admission Control (NAC) product that uses the network infrastructure to enforce security policy compliance on all devices seeking to access network computing resources. With NAC Appliance, network administrators can authenticate, authorize, evaluate, and remediate wired, wireless, and remote users and their machines prior to network access. It identifies whether networked devices such as laptops, IP phones, or game consoles are compliant with your network's security policies and repairs any vulnerabilities before permitting access to the network.
Networks with Cisco NAC Appliance can realize benefits such as:

  • Minimized network outages
  • Enforcement of security policies
  • Significant cost savings with automated device repairs and updates

Cisco NAC Appliance extends NAC to all network access methods, including access through local area networks (LANs), remote-access gateways, and wireless access points. Cisco NAC Appliance also supports posture assessment for guest users.
When deployed, Cisco NAC Appliance provides the following benefits:
  • Recognizes users, their devices, and their roles in the network. This first step occurs at the point of authentication, before malicious code can cause damage.
  • Evaluates whether machines are compliant with security policies. Security policies can include specific antivirus or anti-spyware software, OS updates, or patches. Cisco NAC Appliance supports policies that vary by user type, device type, or operating system.
  • Enforces security policies by blocking, isolating, and repairing noncompliant machines.

Noncompliant machines are redirected into a quarantine area, where remediation occurs at the discretion of the administrator

Cisco MARS (Security Monitoring, Analysis, and Response System)

The Cisco® Security Monitoring, Analysis, and Response System (Cisco Security MARS) is an appliance-based, all-inclusive solution that provides unmatched insight and control of your existing security deployment. Part of Cisco's security management lifecycle, Cisco Security MARS empowers your security and network organizations to identify, manage, and counter security threats. It works with your existing network and security investments to identify, isolate, and recommend precise removal of offending elements. It also helps maintain internal policy compliance and can be an integral part of your overall regulatory compliance solution.

Security and network administrators face numerous challenges, including:

  • Security and network information overload
  • Poor attack and fault identification, prioritization, and response
  • Increases in attack sophistication, velocity, and remediation costs
  • Compliance and audit requirement adherence
  • Security staff and budget constraints

Cisco Security MARS addresses these challenges by:

  • Integrating network intelligence to modernize correlation of network anomalies and security events
  • Visualizing validated incidents and automating investigation
  • Mitigating attacks by taking full advantage of your existing network and security infrastructure
  • Monitoring systems, network, and security operations to aid in compliance
  • Delivering a scalable appliance that is easy to deploy and use with the lowest total cost of ownership (TCO)

Cisco Security MARS transforms raw network and security data into intelligence that can be used to subvert valid security incidents and maintain compliance. This easy-to-use family of threat mitigation appliances enables operators to centralize, detect, mitigate, and report on priority threats using the network and security devices already deployed in your infrastructure.


Cisco ASA 5500 Security Appliance

Cisco ASA 5500 Series Adaptive Security Appliances are easy-to-deploy solutions that integrate world-class firewall, Unified Communications (voice/video) security, SSL and IPsec VPN, intrusion prevention (IPS), and content security services in a flexible, modular product family. Designed as a key component of the Cisco Self-Defending Network, the Cisco ASA 5500 Series provides intelligent threat defense and secure communications services that stop attacks before they impact business continuity. Designed to protect networks of all sizes, the Cisco ASA 5500 Series enables organizations to lower their overall deployment and operations costs while delivering comprehensive multilayer security.


Cisco CSA (Cisco Security Agent)

Cisco Security Agent software provides threat protection capabilities for server, desktop, and Point-of-Service (POS) computing systems. This security software goes beyond conventional endpoint security solutions by providing an industry-leading defense against targeted attacks, spyware, rootkits, and day-zero attacks. Cisco Security Agent offers proactive protection against unknown threats that have not been seen before threats along with new exploits and variants that are trying to take advantage of published and unpublished vulnerabilities.
Cisco Security Agent provides zero-update system integrity protection for critical servers and POS terminals that cannot be taken out of service to apply operating system or application-specific vulnerability patches. This capability helps reduce the need for emergency system patching in response to vulnerability announcements, and also minimizes patch-related downtime and IT man-hour expenses. With Cisco Security Agent, your company can patch on its own set schedule, rather than waiting for an emergency.
Robust policy compliance controls offer protection for sensitive data files and critical servers. Access to key files, applications, and servers can be monitored or controls enforced to stop inadvertent or malicious data loss. Removable media usage controls reduce risk and help ensure workplace compliance. Your organization can put granular controls in place as needed to manage policy compliance for users, applications, systems, locations, and network addresses.
Cisco Security Agent provides numerous benefits, including:
Regulatory policy compliance enforcement
Preventive protection against targeted attacks, spyware, malware, and worms
Identify and Quarantine rootkits
Industry-leading host intrusion prevention, personal firewall, and day zero attack protection
Optimization of Wi-Fi bandwidth
Helps ensure the availability of critical client-server applications and transactions

 

Press Room

Confiance was named the "Cisco South Selected Enterprise Partner of the Quarter award FY2010 Q3"

By Brian Corum - Regional Manager Cisco Systems

Solutions

Security
Network Design
IP Communications
Applications Development

Featured Products

Confiance Recorder



 

Terms and Conditions Privacy Statement