Security is the name of the game at Cisco’s Partner Summit gathering this week with the addition of a new firewall and data-loss prevention (DLP) and passwordless authentication features to its security suite.
On the firewall front, Cisco announced the Secure Firewall 3105 which it says is specifically designed for hybrid workers and small branch offices.
Available early next year, the 1U 3105 supports 10Gbps throughput, 7Gbps IPSec throughput and 3,000 VPN peers. The box is the new low-end to the Secure Firewall 3100 family, which includes the 3110, 3120, 3130 and the high-end 3140, which supports 45Gbps throughput.
The family supports Cisco Adaptive Security Appliance (ASA) or Firewall Threat Defense (FTD) software and can be deployed in firewall and dedicated intrusion-prevention system (IPS) modes.
The firewall integrates with Cisco IPS, Cisco Cloud Web Security, Cisco Identity Services Engine (ISE), and Cisco TrustSec, Cisco said.
Cisco is now offering Cisco Lifecycle Pay for Secure Firewall, a fixed-term subscription plan from Cisco Capital to provide a financial incentive to upgrade firewalls. Customers can get a 10% replacement incentive when returning firewall hardware and upgrading to Cisco’s latest qualified firewall, the company said.
To help with DLP, Cisco has upgraded its Umbrella cloud-based security that stops current and emerging threats across all ports and protocols. It blocks malicious domains, URLs, IPs and access to files before a connection is established or a file is downloaded.
Cisco said it has added policies and reporting features to Umbrella out-of-band DLP and real-time inline DLP to make it easier for security teams to track and manage DLP.
“This out-of-band DLP functionality will initially support Cisco WebEx, Google Drive and Microsoft 365,” said Jason Gallo, vice president of Cisco’s Global Partner Organization. And we plan to add additional support for other applications soon thereafter. “
Policy and reporting capabilities are compatible with out-of-band and real-time inline DLP, which is unique to Cisco products.
Cisco has introduced Duo Passwordless Authentication with support for biometric authentication including Windows Hello, Mac Touch Eye and others.
“Passwordless authentication reduces the risk of phishing attacks and their ability to use stolen passwords or, as we’ve seen recently, MFA [multifactor authentication] Fatigue,” said Dave Lewis, Global Advisory CISO at Cisco. “As cyberattacks move closer to end users, there is a huge opportunity to adopt low-friction authentication methods that allow only trusted users and devices to access applications and corporate resources.”
Duo customers enabled biometrics on 81% of mobile devices, according to Cisco’s 2022 Duo Trusted Access report, which was also released at the conference.
Some other findings from Duo’s customer base of 49 million devices, over 490,000 unique applications and approximately 1.1 billion monthly authentications include:
- The percentage of accounts allowing browser-based WebAuthn authentication increased by 50%, and WebAuthn usage increased fivefold since April 2019.
- An increasing number of certifications are given to cloud applications, with a 24% increase in the percentage of cloud applications in 2022.
- Remote-access authentication peaked in 2020 but has since fallen below pre-pandemic levels.
- Less than 1% of organizations explicitly deny or allow policies based on geographic location, but 91% block either Russia or China and 63% block both.
- There is a move towards requiring multi-factor authentication for all access, not just access to resources that have a material impact on the business as was the case a few years ago. MFA can reduce risk for all resources and streamline security operations.
Copyright © 2022 IDG Communications, Inc.