At Cisco Partner Summit, Cisco unveiled a new approach to endpoint security that is transforming the market- Cisco AMP for Endpoints.
NEW DELHI: The new solution combines prevention, detection and response to simplify endpoint security, allowing customers to ditch ineffective prevention-only strategies. By leveraging the scale and power of the cloud and Cisco’s threat-centric security architecture, AMP for Endpoints allows customers to see and stop more threats, faster.
A New Approach to Endpoint Security
A secure foundation is essential for today’s digital business models. Yet organizations are struggling to protect mobile users, desktops, laptops and servers against advanced malware attacks. Why? Most organizations focus on a prevention-only strategy based on legacy solutions that are not effective in defending against modern malware. Some organizations then layer additional products onto the endpoint to gain visibility and respond to threats that have evaded these legacy solutions. This creates significant operational complexity and inefficiency. With the fact that it takes enterprises, on average, over 100 days to detect a threat in their own environment, it is clear that organizations need a new approach to endpoint security.
AMP for Endpoints offers a path to simpler, more effective endpoint security. By combining prevention, detection and response in one SaaS-deployed, cloud-managed solution, it reduces complexity and stops more threats. Through this cloud-based approach, AMP for Endpoints gets actionable intelligence into the hands of organizations faster, giving them an edge against today’s attackers.
New AMP for Endpoint offers:
- Next-generation prevention that combines proven and advanced protection capabilities to stop more threats - both known and emerging malware. With the latest global threat intelligence from Cisco® Talos at its backbone, AMP for Endpoints also offers built-in sandboxing technology to quarantine and analyze unknown files.
- Greater visibility and faster detection through continuous monitoring and shared analytics to detect stealth attacks. AMP for Endpoints records all file activity to monitor and detect malicious behavior, alerting security teams fast. Drawing on the industry’s broadest view of threat data from across Cisco and its customers, AMP for Endpoints shares and correlates threat information in real time, reducing time to detection (TTD) to minutes.
- More effective response based on deep visibility and a detailed recorded history of malware’s behavior over time – where it came from, where it has been, and what it has been doing. AMP for Endpoints accelerates investigations and reduces complexity through a simple cloud-based user interface to searching across all enterprise endpoints for Indicators of Compromise. Users can then systemically respond to attacks across PCs, Macs, Linux, and mobile devices, removing malware with just a few clicks.
From the network to the endpoint to the cloud, Cisco’s threat-centric security architecture ensures that customers get more from existing security investments, increasing capability while decreasing complexity. Like other Cisco security products, AMP for Endpoints shares and correlates threat information across the entire architecture, both the AMP ecosystem and other Cisco security platforms. This architectural approach to security means Cisco customers can see more threats, faster. In recent testing by NSS labs, Cisco achieved the fastest TTD with 91.8 percent of threats detected in under three minutes.
New software suites radically simplify advanced infrastructure security
Cisco is also introducing a new way for customers to simplify how they buy and deploy its security software and gain more value from its architectural approach. Cisco is extending its successful software licensing program, Cisco ONE™ Software, into advanced security. Cisco ONE gives customers a simple and flexible way to consume Cisco’s software capabilities for infrastructure. Today, more than 14,000 customers, including 91 percent of the Fortune 100, have purchased Cisco ONE Software.
With Cisco ONE Advanced Security, Cisco is simplifying the purchase of infrastructure security in the Data Center, WAN, and Access domains. Customers no longer have to worry about securing their infrastructure as an afterthought. With Cisco ONE Advanced Security, they can buy predefined solutions for these key domains – often with a single transaction.
Cisco has announced availability of three new advanced security software suites.
- Threat Defense for Data Center
- Threat Defense for WAN and Edge
- Policy and Threat Defense for Access
The software suites are customized with key security products and services for each domain. For example, in the data center, the offer includes advanced malware protection, next-generation intrusion prevention, URL filtering and virtualized firewall and services. The suites are automatically updated to provide customers with access to the latest security capabilities from Cisco.
While Cisco ONE has traditionally been made available through perpetual licensing models, Cisco ONE Advanced Security is being offered via subscription. With subscriptions, customers can buy the capabilities they need, when and how they need them. This enables a more agile approach to security and helps accelerate the deployment of new capabilities.