Cisco Next Generation Firewall (NGFW) Demo

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi I'm Neil with the Cisco security team and I'd like to show you how Cisco's new next-generation firewall can prevent breaches stop advanced threats and give you unparalleled visibility into your network and security operations quickly and easily so if you're a small to medium sized business and you need simple and effective security a Cisco next-generation firewall is a perfect fit so for this scenario let's look at our management console called fire powered device manager I want to start by showing you how easy it is to get set up upon first login you're greeted with the Welcome wizard this is designed to ask you all the right questions to get your device set up first we connect our firewall to the internet here we can very simply define IP addressing for our outside weather our ISP gives us a dynamic DHCP address or we have a static address we enter the details and move to configure the management interface below we give our device a hostname and defined DNS servers press the big button here to automatically populate those servers then press next here we'll configure our NTP settings to ensure our firewall has the correct time we can just as easily use the default time servers and continue on the last step if you're up and running is registering the device with our Cisco smart licensing server if you have your key handy you can enter it on the screen or you can enable a trial license temporarily until you come back and register it completely at a later date and that's it with the press of the finish button your firewall is now ready to pass traffic upon completion of the setup wizard we're prompted for next steps to setup policy let's jump into that the final step is to ensure your network is secure by building a security policy here is where we can create access control policy to ensure our users are protected from threats to start we can get a quick glance of our current policy rules by expanding the entry to display a network flow diagram this visually represents what we would expect to happen as traffic flows through our firewall this can be done with any rule at any time to ensure it has the desired effect to create a rule we can simply hit the plus at the top right of the screen and we're presented with the rule creation window here we can create our rules based numerous criteria we can select from over a hundred and fifty thousand different applications eighty different URL categories and augment them with advanced inspection like advanced malware protection and IPS all backed by more than 30,000 unique signatures this immense coverage is a result of our security intelligence organization Talos who continually identifying new threats and develop actionable data from the security research to feed our security products including the next-generation firewall in addition to the extensive IPS signature set URL categories and applications we can also enable a security intelligence policy this will act as a first line of defense against threats it contains a talos curated IP and URL database that is constantly fed with the latest data to keep you safe now with our protection in place we can begin to see our security posture when we jump to the monitoring dashboard we get a system status overview to start from there we have a number of different dashboards to select based on what we're looking for our network overview dashboard gives us a holistic view showing what kinds of traffic we're seeing and any threats we protected against so with that we have a foundational security policy to ensure our network is protected and we can make quick Network changes if need be a perfect blend of simple and effective security without an immense learning curve now for the medium to enterprise business that needs to manage their firewall devices from a single pane of glass and requires advanced security capabilities with deep customization our firepower management center is built for you you get breach prevention but also the ability to uncover and shut down advanced threats that may be inside your network let's see how it works we start in the access control policy and you can see just like an FDM we have all the same rule elements but with firepower management center we have some additional customizations we can see here the ability to create rules tied to security group tags this is a result of the integration with Cisco identity services engine based on these security group tags we can create unique policy though we have similar policy parameters we have the additional ability to customize both IPS and ABC definitions to make our very own rules here we see how we can create custom detections for an application this allows you to design policy specifically tailored to your environment and any homegrown applications you may have with this you can now grant and deny access to specifically your own apps intrusion prevention on the firewall is powered by snort snort is an open source lightweight intrusion detection system software here you can make your own rules as simple or complex as you need the interface allows you to build the rule without needing to know any specific syntax just the parameters of what you would like to detect in addition all of this advanced IPS security on the new firepower 2100 comes without a performance hit for security intelligence here we can augment Talos with third-party feeds via the threat intelligence director here you can add your own intelligence from industry agencies for example FSI sack the enforcement can be on domains IPS file hashes and even a combination giving you more targeted protection in addition to all of this there is a tremendous amount of visibility and detail into the security posture of your organization thus streamlining security incident response from the threats dashboard we get a view of the IPS events in the environment and impact flags associated with those events these impact flags are derived by analyzing the attack against its victim the destination host based on how vulnerable the host is to the specific exploit you are given an impact level to prioritize what incidents are of high risk and need to be addressed these host profiles against which we compare to assess that risk can be passively derived or with a number of third-party vulnerability integrations malware based attacks can be seen on this dashboard here we get a view of specific file based detection and trends over time this allows us to better understand the most common file types being exploited and the most common actions diving deeper into the detections we can see a complete picture of every single file and how it lived and spread on the network the network file trajectory view shows us a graphical representation of how a single file found its way across our network this level of detail is invaluable when investigating a breach and trying to understand the scope of an attack with the power of the integrated Cisco security architecture we can use network based detections to remediate by quarantine eing an offending file on an endpoint with an for endpoints we can take this a step further and quarantine the endpoint on the network with identity services engine with integrations like this the next-generation firewall is stitched into a network wide architecture of threat intelligence policy and enforcement the result being more visibility across your network the ability to identify and remediates a lot faster cisco didn't build these tools in silos instead they were designed to communicate share information and work together to provide you with the most robust protection possible so whether you need a simple security for your firewall device or customized security we have you covered you get Best of Breed breach prevention visibility and advanced security capabilities not to mention the best performance uptime and reliability that you need to keep your business moving to learn more about cisco next-generation firewalls visit us at cisco comm /go /n gfw thank you
Info
Channel: Cisco
Views: 31,511
Rating: undefined out of 5
Keywords: malware, security, Cisco, Firepower, NGFW, firewall, Next Gen Firewall
Id: ynUQe2friYM
Channel Id: undefined
Length: 8min 22sec (502 seconds)
Published: Fri Mar 09 2018
Related Videos
Firepower Management Center - FMC 101
Cisco
104K
5 Considerations: Sizing Your Next-Gen Firewall (NGFW)
The CISO Perspective
27K
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.2M
Firepower 1010 & Firepower Device Manager
Aaron McDaniel
16K
How To Speak by Patrick Winston
MIT OpenCourseWare
5.1M
Cisco ASA with FirePOWER Services vs Palo Alto Next-Generation Firewall
Plixer
66K
What is a Firewall? | Traditional + Next Generation
CertBros
32K
Unifi USG and UDM Firewall Rules 2020
Mactelecom Networks
36K
FIrepower 1010 Overview and Setup
Cisco Sal
37K
Next Generation Firewall and IPS explained | CCNA 200-301|
NETWORKING WITH H
15K
Forescout Transforming Network Segmentation
Tech Field Day
1.9K
Introduction to the Forcepoint NGFW
e92plus
18K
$250 Slab To $7700 Table
Blacktail Studio
3.6M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.