Cisco Next-Generation Intrusion Prevention
Home — SecurityDistributed Denial Of Service Security — Cisco Next-Generation Intrusion Prevention System

Network security for the threats you face. Get better protection against today’s sophisticated attacks. Stop more threats, gain more insight into your environment, and protect your digital business initiatives. Cisco Next-Generation Intrusion Prevention System (NGIPS) FirePOWER threat appliances combine superior visibility, embedded security intelligence, automated analysis, and industry-leading threat effectiveness. Real-time contextual awareness. If you can’t see it, you can’t protect it. Gain deep insight into your network devices, applications, users, operating systems, files, and more. Use this information to better understand network behavior, identify out-of-compliance situations, and evaluate intrusion events. Advanced threat protection — address known and unknown threats through fully integrated Advanced Malware Protection (AMP) and sandboxing solutions. Rapidly detect, block, contain, and remediate advanced threats. Cisco Median Time To Detection (MTTD) is an industry-leading 13 hours.

Global threat intelligence. Get up-to-the-minute threat protection through Cisco’s worldwide threat visibility and analysis organization. Their efforts result in more than 35,000 vulnerability-focused IPS rules, advanced malware detections, and embedded IP-based, URL-based, and DNS-based security intelligence. LibOFX is an open source implementation of OFX (Open Financial Exchange) an open format used by financial institutions to share financial data with clients. As an implementation of a complex standard, this library is used by financial software such as GnuCash. Cisco Talos has discovered an exploitable buffer overflow in the implementation: a specially crafted OFX file can cause a write out-of-bounds resulting in code execution. This vulnerability is not currently patched and Talos has not received a response from the developers within the period specified by the Vendor Vulnerability Reporting and Disclosure Policy.

Cisco Next-Generation Intrusion Prevention System — High Performance Appliances

Cisco Firepower (4100 Series and 9000 Series) and FirePOWER (7000 Series and 8000 Series) appliances are purpose-built to provide the right throughput, modular design, and carrier-class scalability. They incorporate a low-latency, single-pass design and include fail-to-wire interfaces. Cisco Next-Generation Intrusion Prevention System (NGIPS) Firepower threat appliances provide network visibility, security intelligence, automation and advanced threat protection. It uses industry-leading intrusion prevention capabilities and multiple techniques to detect even the most sophisticated network attacks and protect you against them. Cisco Firepower NGIPS continuously discovers information about your network environment, including data about operating systems, mobile devices, files, applications and users. It then uses this information to build network maps and host profiles. This gives you the contextual information you need to make better decisions about intrusion events. And this information is also used as input to better enable the automation of key threat protection features.

Cisco NGIPSv For VMware

Industry-leading threat protection. Real-time contextual awareness. Full-stack visibility. Intelligent security automation. Together they equal security you can count on when using Cisco NGIPSv for VMware, the virtualized offering of the Cisco Next-Generation Intrusion Prevention System (NGIPS) solution. This highly effective intrusion prevention system provides reliable performance and a low total cost of ownership. Threat protection can be expanded with optional subscription licenses to provide Advanced Malware Protection (AMP), application visibility and control, and URL filtering capabilities. Cisco Next-Generation Intrusion Prevention System (NGIPS) FirePOWER appliances set the industry benchmark for threat detection effectiveness, inspected throughput, and value as measured by studies conducted by NSS Labs, the world’s leading information security research and advisory company. Server virtualization brings significant business benefits. It is capable of reducing costs, enabling rapid deployment, and improving system availability. Yet implementing virtualization introduces potential security risks.

Global Threat Intelligence

Get up-to-the-minute threat protection through Cisco’s worldwide threat visibility and analysis organization. Their efforts result in more than 35,000 vulnerability-focused IPS rules, advanced malware detections, and embedded IP-based, URL-based, and DNS-based security intelligence. Correlate threat events with the intended target’s vulnerabilities to prioritize the threats that matter most. Analyze your network vulnerabilities to identify needed security policies. Associate users with our intrusion events to speed investigations. Do more with less staff. Cisco Firepower (4100 Series and 9000 Series) and FirePOWER (7000 Series and 8000 Series) appliances are purpose-built to provide the right throughput, modular design, and carrier-class scalability. They incorporate a low-latency, single-pass design and include fail-to-wire interfaces. Cisco Firepower NGIPS is available on many appliance models and in both physical and virtual form factors. Choose the best option for your use case and throughput needs.
Cisco Next-Generation Intrusion Prevention

Benefits

Your data center is critical to the success of your business. Our Secure Data Center solution gives you integrated protection and dynamic, intelligent control to defend against today’s sophisticated attacks. Security becomes a growth engine for new business opportunities. Get protection across virtual, physical, cloud, and SDN architectures. Get the latest intelligence and integrated defense for better security. Industry-leading analysis keeps you informed and protected. Use Cisco TrustSec technology, found in Cisco switches, routers, and wireless devices to simplify provisioning, accelerate security operations, and consistently enforce policy. Security becomes a growth engine for new business opportunities. Get protection across virtual, physical, cloud, and SDN architectures.

Bring visibility and control to cloud and virtual workloads with Cisco’s Adaptive Security Virtual Appliance (ASAv) and Next-Generation Virtual Firewall (NGFWv). Gain visibility and rapid detection with our threat-focused next-generation firewalls (NGFWs). Cisco Next-Generation Intrusion Prevention System (NGIPS) and Advanced Malware Protection (AMP) offer contextual awareness and retrospective security. Go beyond conventional threat detection with the Cisco Stealthwatch system. Harness the power of NetFlow for advanced network visibility, analytics, and protection. Get the latest intelligence and integrated defense for better security. Industry-leading analysis keeps you informed and protected.

Features

Correlate threat events with the intended target’s vulnerabilities to prioritize the threats that matter most. Analyze your network vulnerabilities to identify needed security policies. Associate users with Cisco intrusion events to speed investigations. High-performance appliances — Cisco Firepower (4100 Series and 9000 Series) and Cisco FirePOWER (7000 Series and 8000 Series) appliances are purpose-built to provide the right throughput, modular design, and carrier-class scalability. They incorporate a low-latency, single-pass design and include fail-to-wire interfaces. Cisco Stealthwatch uses NetFlow to provide visibility across the network, data center, branch offices, and cloud.

It’s advanced security analytics uncover stealthy attacks on the extended network. Stealthwatch helps you use your existing network as a security sensor and enforcer to dramatically improve your threat defense. The most dangerous threats are the ones you can’t see. Get the visibility you need to monitor your infrastructure and detect threats before damage is done. Cisco Stealthwatch delivers security that is simple, open, and automated for integrated threat defense and strong protection.

Next-Gen Firewalls

Stop threats, see what's happening on your network, and reduce costs with Cisco threat-focused next-generation firewall appliances. Block more threats and quickly mitigate those that do breach your defenses with the industry’s first threat-focused NGFW. Cisco Firepower NGFW appliances combine our proven network firewall with the industry’s most effective next-gen IPS and advanced malware protection. All so you can get more visibility, be more flexible, save more, and protect better.

Identify and control user access to over 4000 commercial applications, plus support custom applications. Get the visibility, automation, flexibility, and scalability you need to defeat the latest threats. Discover, track, contain, and block the progression of network-based advanced malware, zero-day attacks, and persistent threats. See alerts and gain control over suspect web traffic. Enforce policies on hundreds of millions of URLs in more than 80 categories. With Cisco Umbrella protect against threats when users are off the VPN — without needing to deploy another agent.

Next-Gen Intrusion Prevention System

Get better protection against today’s sophisticated attacks. Stop more threats, gain more insight into your environment, and protect your digital business initiatives. Cisco Firepower Next-Generation IPS (NGIPS) threat appliances combine superior visibility, embedded security intelligence, automated analysis, and industry-leading threat effectiveness. If you can’t see it, you can’t protect it. Gain deep insight into your network devices, applications, users, operating systems, files, and more. Use this information to better understand network behavior, identify out-of-compliance situations, and evaluate intrusion events.

Address known and unknown threats through fully integrated advanced malware protection (AMP) and sandboxing solutions. Rapidly detect, block, contain, and remediate advanced threats. Cisco median time to detection (MTTD) is an industry-leading 13 hours. Get up-to-the-minute threat protection through Cisco’s worldwide threat visibility and analysis organization. Their efforts result in more than 35,000 vulnerability-focused IPS rules, advanced malware detections, and embedded IP-based, URL-based, and DNS-based security intelligence.