Cisco Next Generation Security Solutions

Intrusion Prevention & Web Filtering Solutions

Available on our London Cloud Platform, Next Generation IPS (Intrusion Prevention System) filtering analyses network traffic in real-time at the network edge and compares it against a comprehensive list of known threat signatures developed by the Cisco Security Intelligence Operations Center. When a network threat is detected, the malicious traffic is automatically dropped at the core before it reaches the Xperience cloud environment.

”Perimeter defences don’t address how your users access information and resources. Now it isn’t just people outside your organisation who are of concern, your own users may consume excess bandwidth or access inappropriate content that can put your organisation at risk. Their personal devices may introduce malware from inside the firewall.”

Cisco

Today’s interactive web technologies benefit businesses by helping them innovate and reduce costs. However, these same technologies introduce a new set of challenges. Every web interaction exposes companies to hidden cybersecurity threats, staff productivity losses and significant business risks. Cisco Web Security solutions provide best in class uptime, zero-day threat protection, and integration with Cisco’s market leading family of security offerings. Users are protected everywhere, all the time, with safeguards including Cisco’s unparalleled global threat intelligence infrastructure.

To reduce the risk of infection from internet websites, the Cisco Threat Operations Center uses dynamic updates and actionable intelligence obtained from other adaptive security appliances, IPSs, email security appliances, web security appliances, and system administrators to calculate a web reputation score for web sites. Web reputation is a statistical assessment based on context and past behaviour and combines many factors of varying significance into one correlated metric.

Similar to a person’s credit score, web reputation is a continuous value along a graduated scale from -10 to 10. By defining a low reputation zone, predictive, zero-day protection against low reputation sites – the ones that are most likely to serve malware to users. However, even trusted sites can be hijacked to serve malware to unsuspecting users. Individual websites contain objects, such as images, executables, JavaScript, advertisements and compromised websites often incorporate objects hosted on external sources. Real security means looking at each object individually, not just the initial request.

Key Features

Web Filtering – Control web access to more than 50 million websites by applying filters from over 79 (03/16) categories including Adult, Advertisements, Alcohol, Chat & Instant Messaging, Security, Dating, Gambling, Games, Illegal Downloads, Jobs and Pornography.

Malware Scanning – With intelligent multi-scanning technologies that divides web traffic into functional elements for efficient analysis, security threats can be stopped at the network edge to dramatically reduce the risk of infection.

Website Reputation – Restrict website access based on site reputation. Analyse data such as the domain owner, the hosting server, the time created, the type of site requested, and more than 50 other distinct parameters to provide a reputation score for the site requested.

Application Control – Increase employee productivity by controlling access to webpages, individual web parts, or micro applications so that employees can access the sites needed for work without unnecessary distractions whilst preventing access to inappropriate content.

Dynamic Content Analysis – Defend against compliance, liability, and productivity risks by combining traditional URL filtering with real-time dynamic content analysis (DCA). The DCA engine automatically categorises the content of an unknown URL by analysing the content of the page itself, scoring relevancy to web categories (such as pornography, hate speech, gambling, and illegal downloads) and blocking the page if it conflicts with web security policies.

Centralised Management & Reporting – Receive actionable insight across threats, data, and applications. A powerful centralised tool controls both security operations (such as management) and network operations (such as analysis of bandwidth consumption). Administrators have access to a variety of predefined reports and can create customized dashboards and set notifications. All reports are generated and stored in the cloud, so they are delivered in seconds as opposed to hours. Reports can be also be saved and scheduled for automated delivery. These capabilities provide flexibility, offering detail down to the user level, and help enable administrators to spotlight potential issues quickly.

“Combine traditional URL filtering with dynamic content analysis to mitigate compliance, libability and product risks. Cisco’s continuously updated URL filtering database of over 50 million blocked websites provides exceptional coverage for known websites.”

Cisco