business information technology security specialists
Homepage Contact Us
 
computer network support computer network security computer network consultants computer network software computer network case studies
business information technology specialists
 
Intrusion Prevention
Cisco ASA 5500 Series IPS Edition for the Enterprise


Defend yourself from attacks on critical information assets and infrastructure
The most effective risk mitigation requires a solution that combines multiple trusted security technologies working in concert. Providing unparalleled protection for an organization's critical information assets, the Cisco ASA 5500 Series IPS Edition provides best-in-class firewall, application security, and intrusion prevention capabilities in a single, easy-to-deploy platform. Combining the strength and stability of the world's most-deployed firewall technology with the advanced inspection capabilities of the most popular IPS technology, the Cisco ASA 5500 Series IPS Edition protects an organization's servers and infrastructure from attack.

Challenge

Information assets and infrastructure form the core of the modern enterprise. Networked enterprises benefit from increased business efficiency and effectiveness, as well as a sustainable competitive advantage. However, this dependence on the network exposes the organization to risk. The growing number of attacks on the network, in concert with the increasing sophistication of these attacks, poses serious risks to the core business.

• Web presences and Internet commerce sites are targets for attack
• Internet worms can infect servers, disable them, and take down an entire network
• Day-zero exploits expose organizations before patches are released and implemented
• Difficult-to-control internal environments, such as labs, are ideal locations for worm and virus infestations
• Disgruntled employees can launch attacks from inside the Internet edge perimeter

Solution

The Cisco® ASA 5500 Series IPS Edition protects an organization's servers and infrastructure without compromising its ability to use the network as a business tool. With its solid firewall and advanced application security capabilities, the Cisco ASA 5500 Series IPS Edition provides robust and stable policy enforcement. Market-leading intrusion prevention and antiworm capabilities enable the Cisco ASA 5500 Series IPS Edition to protect assets from sophisticated attacks. Combined with Cisco's management and monitoring application suites, the Cisco ASA 5500 Series IPS Edition provides unparalleled protection of critical assets and infrastructure.

Capabilities of the solution include:

• Most trusted and deployed firewall technology: Building on the Cisco PIX® Family of security appliances, the Cisco ASA 5500 Series allows valid business traffic to flow, while keeping out unwelcome visitors. And with its application control capabilities, the solution can control the use of peer-to-peer, instant messaging, and other non-corporate applications. Such applications can lead to security leaks and the introduction of threats to the business's network.
• Accurate, multi-vector threat protection: The Cisco ASA 5500 Series IPS Edition combines inline intrusion prevention services with innovative technologies that improve accuracy. As a result, more threats can be stopped without the risk of dropping legitimate network traffic. Through a series of innovative yet simple techniques, the Cisco ASA 5500 Series IPS Edition allows organizations to adapt the detection and response technologies to individual environments, providing analysis and mitigation that is specific to your business.
• Network integration and resiliency: Building on Cisco networking expertise, the Cisco ASA 5500 Series IPS Edition provides tight integration with other network elements, increasing the effectiveness of security technologies.
• Threat-protected VPN: Building upon the market-proven VPN capabilities of the Cisco VPN 3000 Series Concentrator, the Cisco ASA 5500 Series IPS Edition provides secure site-to-site and remote-user access to corporate networks and services. This solution offers businesses maximum flexibility for secure connectivity by combining support for Secure Sockets Layer (SSL) and IP Security (IPSec) VPN capabilities into a single, best-in-class solution. Using the services offered by the Cisco ASA 5500 Series IPS Edition, businesses can enforce identity-based security and networking policies, as well as prevent worms and many other forms of attack, while extending their network securely to employees, contractors, and business partners.
• Complete Incident Life-Cycle Management: The Cisco management and monitoring suite enables large-scale deployment and operation of the Cisco ASA 5500 Series IPS Edition. Cisco provides a complete solution, covering management, monitoring, and outbreak prevention. Also included with the solution is the Cisco Adaptive Security Device Manager (ASDM), which provides a powerful, yet easy-to-use browser-based management and monitoring interface for individual devices.

Business Benefits

The Cisco ASA 5500 Series IPS Edition provides the security and connectivity that helps your business with:

• Business Resiliency: Prevent disruption of business-critical applications and services due to security breaches by implementing the industry's most-deployed enterprise-grade firewall, IPS, application security, and worm protection technology.
• Reduce Cleanup Costs: Reduce the costly process of cleaning up after an infection by preventing the infection from occurring.
• Operational Consolidation: Reduce costs associated with deployment and ongoing management and monitoring of the security solution by standardizing on a single platform for security services.
• Liability Management: Reduce the company's exposure to liability related to compromised data or inadequate corporate controls by implementing comprehensive access control and threat protection services in a single device

Architecture

The Cisco ASA 5500 IPS Edition is the focal point of a complete solution for critical asset protection. Tight integration with Cisco management, monitoring, and outbreak prevention systems enables organizations to deploy and maintain a security solution that protects critical assets and infrastructure (Figure 1).



Figure 1. Solution Architecture


Management
Cisco Security Manager (CS-Manager) provides an enterprise-grade management infrastructure for large-scale deployments of Cisco security technologies.

Monitoring
Cisco Security Monitoring, Analysis, and Response System (CS-MARS) provides real-time monitoring and incident response capabilities, which enable organizations to get the most value from the advanced inspection services of the Cisco ASA 5500 Series IPS Edition.

Outbreak Prevention
The Cisco Incident Control System (ICS) premium service enhances the capabilities of the Cisco ASA 5500 Series IPS Edition by providing near-real-time updates for the most dangerous worms and viruses. Cisco ICS enables organizations to respond in minutes, in a way never before possible, to new threats by using the industry's most rapid outbreak prevention response system.

Complementary Solutions
The Cisco® ASA 5500 Series Adaptive Security Appliance is a modular platform that provides the next generation of security and VPN services for small and medium-sized business and enterprise applications. The comprehensive portfolio of services within the Cisco ASA 5500 Series enables customization for location-specific needs through its four tailored package product editions: the Firewall, IPS, Content Security, and VPN Editions.

These packages enable superior protection by providing the right services for the right location. At the same time, they enable standardization on the Cisco ASA 5500 Series platform to reduce costs in management, training, and sparing. Finally, each Edition simplifies design and deployment by providing pre-packaged location-specific security solutions.




Figure 2. Complementary Solutions

Cisco Services
Cisco Systems® and its partners offer world-class service and support tailored for your business. Cisco has adopted a lifecycle approach to services that addresses the necessary set of requirements for deploying and operating Cisco ASA 5500 Series security appliances that improves your network's business value and return on investment. For more information on Cisco security services, visit http://www.cisco.com/go/services/security.

 

Back
Telephone: +44(0) 117 2020 020• Email: enquiries@signalnetworks.co.uk
Copyright © 2008 Signal Networks Ltd.
All rights reserved. Disclaimer
CEH
IT Support Bristol Server Support Bristol Computer Support Bristol Network Support Bristol
 
Valid HTML 4.01 Transitional Valid CSS! Google Search it support bristol Internet Marketing

XML Site Map