Thursday, 20 June 2024

Campaign Spotlight: Driving Demand with Marketing Velocity Central and User Protection Campaign

Marketing Velocity Central (MVC) is Cisco’s data-driven demand generation platform created by marketers for marketers. Our partners use MVC to learn, build their brand, launch campaigns, track results and become world-class marketers.

For the past decade, MVC has provided our partner marketing professionals with curated campaigns for today’s biggest opportunities. This month’s spotlight campaign is on end user security with Cisco User Protection Suite.

The User Protection Challenge


One of the main challenges facing organizations today is identity-based attacks. Bad actors are using a wide range of techniques, from phishing and social engineering to supply chain attacks, business email compromise, and more. For many of these attacks, it would take a cybersecurity expert to spot the red flags. This has become a major problem for organizations. Talos, Cisco’s Threat Intelligence Group, found that 80% of breaches were caused by targeting users.

Campaign Spotlight: Driving Demand with Marketing Velocity Central and User Protection Campaign

User Protection is a hot topic, and one many security buyers have been grappling with. Each time a new threat emerges, a new solution comes to the market to protect against that threat. In fact, large enterprises have, on average, 76 security products. This is leading to product complexity for security and IT teams and organizations are looking to simplify.

This is where Cisco, along with our partners, can provide a holistic approach to protecting users.

Cisco has investigated and researched this problem and when we asked security buyers what their top concern is, they said over and over that product complexity is the root of the challenge. So rather than continue the vendor-by-vendor approach, we asked if these same buyers would consider a suite to save time managing products, to make it easier to deploy products, and save money.

With the Cisco User Protection Suite, we offer a new approach to protecting users and only Cisco has the scale and network to inform our products to better protect our customers. With over 300,000 customers and over 550 billion security events per day, we see a lot. We are using this information to better protect our users so we know which malicious sites we should block, which IP addresses bad actors are using, or what behavioral indicators should trigger certain alerts.

Campaign Spotlight: Driving Demand with Marketing Velocity Central and User Protection Campaign

Cisco User Protection Suite


The Cisco User Protection Suite provides a simplified, integrated user experience. User protection provides better efficacy through an integrated roadmap, comprehensive protection, and incorporates AI to transform management and secure outcomes.


Products work together and provide customers with:

  • Better experiences: enables your customers to be productive at their job with secure, seamless access to all resources
  • Better economics: Work with one vendor to provide the breadth of solutions to protect your users – that means one contact, one contract, and one renewal.
  • Better efficacy: improve your customers’ security posture, lower their risks, and keep their sensitive information safe.

Cisco User Protection Suite provides our partners with:

  • Consolidating cybersecurity solutions under one vendor to simplify subscription management for partners
  • Expanding the opportunity into an Enterprise Agreement (EA), making it much more difficult for competitive security providers to displace incumbency
  • Collaborating with our customers as a trusted advisor and support customers on their user protection journey
  • Improving efficiency and saving customers money, while providing a valuable business outcome

Drive demand and pipeline with Marketing Velocity Central


Did you know that partners who use Marketing Velocity Central (MVC) generate 4 times more pipeline than those who do not? As a benefit for being a Cisco registered partner, you can generate more pipeline and bookings by activating the User Protection campaign on Marketing Velocity Central.

MVC accelerates your time to market with ready-to-use content, customizable campaigns including email and social copy, images, logos, and shareable content to drive customer engagement.

To optimize your marketing campaigns, MVC also provides services such as:

  • Co-branding: show your credibility by downloading and using your Cisco partnership logo through logo builder
  • Customization: set yourself apart by picking a ready-to-go campaign, edit it and choose from the many images in our library
  • Account-Based Targeting: upload and manage your list of contacts in one single place while tracking campaign engagement via a lead-scoring method
  • Full-Service Activities: hire a third-party marketing agency to help you obtain even better results and use your Cisco marketing funds, or your own funds

Source: cisco.com

Tuesday, 18 June 2024

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting

Workload security tools draw the attention of diverse cohorts, united by a mission: fortifying hybrid cloud workloads. In a market filled with disparate tools, Secure Workload offers a tailored reporting solution that revolutionizes how SecOps, Network Administrators, and CxOs interact with their workload security solution.

A New Era of Informed Decision Making


Traditional workload security tools often fail to provide metrics tailored to the distinct needs of SecOps, Network Administrators, or CxOs. These tools fall short due to a lack of development focus on holistic user requirements and an inadequate understanding of the diverse metrics that each of them values.

For example, SecOps teams require detailed insights into Cisco Security Risk scores, workload vulnerabilities, and the effectiveness of security policies. NetOps, on the other hand, requires visibility into agent health and policy compliance, and CxOs need high-level summaries that demonstrate cost savings and ROI. Without these tailored insights, traditional tools fail to offer a comprehensive view of security effectiveness.

The shift towards DevSecOps, AI-driven security, and Cloud Native security has led to cumbersome back-and-forth communication and the need to share information across siloed network, security, and application development functions. In the past couple of years, we have seen a surge in productivity-enhancing feature requests from customers, driven by the challenges of siloed networks and security organizations not sharing information. This lack of integration highlights the critical need for a single pane of glass view that can provide a unified perspective of the organization’s security posture.

By consolidating data from various functions into one comprehensive dashboard, the Reporting Dashboard addresses these challenges facilitating smoother communication, enhanced collaboration, and more effective security management across all teams.

Addresses Challenges Directly


Let’s delve into the specific outcomes that the Reporting Dashboard delivers.

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting
Reporting Dashboard Landing View

Data-driven Insights for CxO and SecOps

The feedback from CxO participants at Secure Workload’s Customer Advisory Board highlights the need for personalized reports that deliver actionable intelligence. The out-of-the-box summary of security, compliance, and evidence-based metrics is invaluable for the CxO. By showcasing the percentage of workloads protected with Secure Workload agent coverage on the license utilization chart and workspace policy coverage, SecOps can demonstrate tangible productivity gains to CxOs. Moreover, by quantifying the time savings in policy maintenance, SecOps, and Network Admins can provide CxOs with actionable analytics that illustrate the efficiency and effectiveness of their microsegmentation strategy.

This data-driven approach empowers CxOs to make informed decisions and strategically channel investments to optimize their company’s security posture.

Empower NetOps

NetOps enjoys enhanced visibility with the Reporting Dashboard, which provides a consolidated view of deployed agents and other assets. This allows NetOps to quickly identify and address agent issues, ensuring seamless operation of critical assets.

Policy Compliance is simplified through a single, unified view that highlights workspaces without enforcement and identifies policy discrepancies, and policy sync issues. This streamlined approach aids NetOps in ensuring policy compliance.

Insights from the Cluster Summary enable NetOps to establish retention policies for regulatory compliance and mitigate the risk of unauthorized access, while the Telemetry Summary provides a comprehensive view of telemetry sources and their health status enabling NetOps to swiftly identify and resolve issues.

The effectiveness of the ‘Telemetry Summary’ was validated when a customer shared their feedback –  “I like this quick viewpoint which should help troubleshoot duplicates.”​

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting
Telemetry Summary section highlighting Inventory issues for NetOps

Elevate SecOps Productivity

◉ Prioritizing CVEs alleviates the challenge of CVE prioritization as shown in the image below.
◉ Providing workload summaries with enforcement status, enabling seamless policy enforcement assessment.

Stay Compliant: Cisco Secure Workload Introduces State-of-the-art, Persona-based Reporting
CVE Prioritization

Equipped with predefined rules and MITRE TTPs, CSW agents can detect suspicious application behavior with precision. Reporting Dashboard complements these capabilities by providing users with a brand-new intuitive experience.

Source: cisco.com

Saturday, 15 June 2024

Bolster SaaS Security Posture Management with Zero Trust Architecture

Bolster SaaS Security Posture Management with Zero Trust Architecture

According to AppOmni’s 2023 State of SaaS Security report, 79% of organizations reported a SaaS security incident during the preceding 12-month period. As enterprises incrementally store and process more sensitive data in SaaS applications, it is no surprise that the security of these applications has come into greater focus. Security Service Edge (SSE) solutions with Zero Trust Network Access (ZTNA) are a common way to securely connect the hybrid workforce to cloud applications.

Bolster SaaS Security Posture Management with Zero Trust Architecture
Changes in the workplace, employee preferences, external users, and customer services have made remote access to cloud applications outside the corporate network or VPN commonplace. Simultaneously, changes in SaaS usage and data with access by both human and machine identities, new compliance requirements, and cloud-to-cloud connectivity between SaaS applications have created new risks that security teams need to address.

This article describes how Cisco and AppOmni have teamed to extend zero trust principles to secure SaaS applications and data with a closed loop zero trust architecture.

Introducing Zero Trust Posture Management


The myriad SaaS applications used by today’s organizations are procured, configured, and managed by multiple departmental owners or business units with little or no visibility to security teams. Nearly all SaaS breaches involve some violation of implicit trust models — for example, a user in a sales operation role can grant Salesforce access to guest users; a test user is able to create new users and grant them new privileges. These scenarios are all too common with how SaaS applications and users are set up.

Zero-trust architectures are built by granting explicit trust that is continuously assessed based on identity and contextual risks. If such zero-trust principles can be extended to SaaS applications, policies would be designed, maintained, and monitored such that SaaS identities would never be implicitly trusted and always verified regardless of the location of the user. This zero-trust model for SaaS needs to be implemented using the just-in-time context of the application, data access, users, behavior, and events. It should be able to work together with the ZTNA controls to give security teams better mechanisms to prevent, detect, and react to attackers at the application level. These capabilities are collectively called Zero Trust Posture Management (ZTPM) for SaaS applications.

Cisco Secure Access and AppOmni SaaS Security Platform


Cisco Secure Access provides a robust, cloud-delivered SSE solution that is grounded in zero trust and delivers protected access from any user to any application. Cisco Secure Access simplifies IT operations through a single, cloud-managed console, unified client, centralized policy creation, and aggregated reporting. Extensive security capabilities are converged in one solution (ZTNA, secure web gateway, cloud access security broker, firewall as a service, DNS-layer security, remote browser isolation, and more) to mitigate risk by applying zero trust principles and to enforce granular security policies.

As a complement to Cisco’s zero trust access approach, AppOmni has implemented ZTPM principles to fill a critical void in traditional zero trust implementations by securing the application layer regardless of access location with unparalleled visibility into configurations, security postures, SaaS identities (human and machine), and user behaviors within SaaS applications. It ensures that the principles of zero trust are embedded deeply within the applications that manage and process vital business data.

Closed-Loop Zero Trust Implementation with Cisco and AppOmni

Bolster SaaS Security Posture Management with Zero Trust Architecture

How ZTPM Complements ZTNA


While Cisco Secure Access provides seamless and managed access to internal and external applications based on identity and device posture, AppOmni extends this security through the application layer.

Cisco Secure Access delivers:

  • Secure access to all applications including those involving non-standard protocols as well as those based on multi-channel and client-to-client architectures
  • A single unified management console across all security modules
  • Comprehensive ‘best-of-breed’ security capabilities, consistent rulesets, and entails a minimal learning curve
  • Resilient cloud-native architecture with extensive end-user count scalability, efficient single-pass processing for faster responses
  • Automatic load distribution and rebalancing of traffic fosters better performance

AppOmni ZTPM capabilities include:

  • Visibility into data access configuration and least privilege within SaaS applications
  • Security coverage for all SaaS identities (human and machine) i.e. external users, anonymous/ guest-users, and third party or cloud-to-cloud applications
  • Application and identity-aware threat detection to monitor user behavior of internal and external users
  • Continuous security of application posture, configuration drift, and critical application components of SaaS applications
  • Identify and mitigate misconfigurations such as side-loaded accounts or misconfigured Single Sign On (SSO) that may allow bypassing of ZTNA controls and protect your users from password attacks and account compromise

Continuous visibility into app configurations and activities enables a critical feedback loop in a zero-trust architecture. This approach uses a user’s permissions, data access entitlements, and behaviors to dynamically adjust security measures or to terminate access based on suspicious activities.

Additionally, AppOmni enhances the integrity of the ZTNA capabilities provided by Cisco Secure Access by identifying potential application misconfigurations that could lead to bypassing ZTNA controls. By implementing zero trust principles across their applications, customers can detect unmanaged accounts, inadequate IP restrictions, and other security vulnerabilities. Such proactive identification helps user and access settings from undermining ZTNA protections, thereby safeguarding users and data against phishing and other attacks.

Source: cisco.com

Thursday, 13 June 2024

Cisco Simplifies Cloud Security with AWS Cloud WAN Service Insertion

Cisco Simplifies Cloud Security with AWS Cloud WAN Service Insertion

In conversations with customers about cloud infrastructure, I routinely hear two challenges when it comes to scaling their cloud deployments, these challenges include:

  • Achieving secure connectivity across clouds, virtual private clouds (VPCs), regions, and on-premises networks
  • Ensuring security is baked into the network architecture from the start.

As customers grow their cloud environment, the increasing number of VPCs and regions leads to a complex mesh of connections to ensure their applications and users can access the applications they need, regardless of on-premises or in the cloud. These interwoven spiderwebs of connections make it difficult for IT teams to properly establish secure connectivity throughout the infrastructure which increases management complexity and hinders scale. Because of the challenges organizations face in multi-VPC and multi-region deployments, customers are increasingly transitioning to cloud wide area networks (WAN) services, driven by the desire to centralize and streamline how they manage their network topology and security.

AWS Cloud WAN simplifies how customers build, manage, and monitor their WANs by automating the connectivity between branch offices, data centers, VPCs through automation and a rich dashboard. Customers can use network policies to automate network management and security tasks from a single place eliminating the need to create the complex mesh of traditional VPC peering. Recently, Amazon Web Services (AWS) enhanced AWS Cloud WAN to simplify inserting security services or VPC into these connections. This feature enables customers to integrate their Cisco security services into their network with AWS Cloud WAN, significantly simplifying how they add security into their network.

With the release of AWS’ service insertion feature as part of Cloud WAN, I am pleased to announce Cisco Secure Firewall Threat Defense Virtual and Cisco Multicloud Defense support for AWS Cloud WAN. With this support, customers can seamlessly integrate Cisco cloud firewalls into their Cloud WAN managed network topology, eliminating the need for complicated routing configurations to ensure the security of their environment. Instead, they can route traffic to their Cisco cloud firewall using the AWS Management Console or API.

Cisco’s cloud firewalls


Cisco provides two best-in-class solutions to help customers secure their cloud environments:

  • Cisco Secure Firewall Threat Defense Virtual (formerly FTDv) is the virtualized option of the Secure Firewall Threat Defense solution, enabling you to extend your network security capabilities from on-premises into the cloud, gaining a complete view of your network environment.
  • Cisco Multicloud Defense is a cloud-native security-as-a-service offering that automatically scales to secure your cloud applications wherever they’re deployed. Multicloud Defense offers the same infrastructure automation that you expect from a cloud service, making your security as easy to deploy as your application is.

Benefits of Cisco cloud firewalls with Cloud WAN


Utilizing Cisco cloud firewalls in conjunction with AWS Cloud WAN to enhance the protection of global network traffic offers customers significant operational benefits, including:

  • Unified Infrastructure for Security and Global Networking: AWS Cloud WAN offers a unified infrastructure designed for extensive AWS deployments worldwide. The integration of Cisco’s cloud firewalls with AWS Cloud WAN equips organizations with superior security measures for protecting traffic within regions, between regions, and from on-premises networks to cloud environments.
  • Simplified Multi-Regional Security Deployment: Many enterprises utilizing AWS Cloud WAN establish multi-regional networks to facilitate regional growth or implement disaster recovery strategies. The new service insertion feature streamlines the deployment across multiple regions, enabling straightforward traffic routing for both intra- and inter-regional flows through the security infrastructure, thereby eliminating the complexity associated with intricate multi-regional network arrangements.
  • Seamless integration: Customers often need inter-VPC, VPC-to-internet, or on-premises-to-VPC traffic inspected. With Cisco’s cloud firewalls supporting AWS Cloud WAN Services Insertion, customers can easily steer network traffic for inspection without creating and managing complex routing configurations.
  • Ease of management: Customers are constantly looking to simplify operational complexities. Cisco’s cloud firewall does all the heavy lifting in deployment and management, allowing customers to focus on their business priorities.

Cisco Simplifies Cloud Security with AWS Cloud WAN Service Insertion
Figure 1: Multicloud defense architecture in Cloud WAN

Cisco Cloud Firewall with AWS Cloud WAN


Because Cloud WAN operates globally, the best practice is to deploy your Cisco cloud firewalls within the same AWS regions as your application. This ensures that there aren’t any single region dependencies, latency, or bandwidth challenges when securing your network connectivity.

Wrap up


We’re excited for customers to take advantage of this new capability from Cisco and AWS, enabling them to simplify how they secure their increasingly complex cloud deployments.

Source: cisco.com

Wednesday, 12 June 2024

Cisco Secure Connect: The Turn-Key SASE Solution for Managed Service Providers

Cisco Secure Connect: The Turn-Key SASE Solution for Managed Service Providers

We understand that Managed Service Providers (MSPs) are always on the lookout for solutions that can streamline their service delivery while ensuring top-notch security for their clients. Cisco Secure Connect stands out as a turnkey Secure Access Service Edge (SASE) offering that simplifies the deployment and management of multi-customer SASE environments. Here’s why MSPs should be paying attention to Cisco Secure Connect and considering it for their managed service offerings.

What is Cisco Secure Connect?


Cisco Secure Connect is a unified SASE solution that enables secure access to applications and resources no matter where they are hosted, from any location and at any time. It is built on the robust Meraki platform, bringing together networking and security services through a single, user-friendly interface, simplifying the management of complex multi-cloud environments.

Why Should MSPs Care?


Secure Connect MSP portal capabilities are inherited from the existing Meraki MSP architecture. For MSPs, operational efficiency and the ability to provide a seamless service experience are critical. Cisco Secure Connect, with its new Meraki GUI, enhances the admin experience by streamlining workflows, allowing for easier deployment, usage, and management through a unified cloud dashboard. This improves agility, speed, and scalability, reducing operational complexities.

Cisco Secure Connect: The Turn-Key SASE Solution for Managed Service Providers
Cisco Secure Connect MSP Architecture

The Global Overview Page, replacing the older “MSP portal page” and offering a summary view of all customer environments. This allows MSP admins to manage multiple organizations with a single login, while still maintaining customer privacy as each organization’s licensing, inventory, users, and configurations are treated independently. The global dashboard is customizable to select and display the required columns. Also the view can change based on “Organisations”, “ Networks” or “Network Tags”.

Cisco Secure Connect: The Turn-Key SASE Solution for Managed Service Providers
Cisco Secure Connect Global Overview Page

Benefits of Adding Cisco Secure Connect to Your Managed Offering


Easy Operations: Raise support tickets directly from each organization’s page on Secure Connect. The platform provides unified support, making troubleshooting for both network (Meraki) and security (Umbrella) simpler.

Global Overview Page: serves as the command centre. This page has been enhanced with a new “Ticket” column, so MSP admins can view and manage support tickets for each organization with ease.

Dashboard Branding: Cisco Secure Connect allows MSPs to brand their dashboard, providing a personalized experience for clients. If this feature isn’t visible, MSPs can request activation through a support ticket.

Automation: Cisco is introducing an integrated API for Secure Connect, consolidating what used to require separate calls to Meraki and Umbrella APIs. This streamlines automation workflows and maintains a unified platform approach.

Monetization: Cisco Secure Connect is based on the Meraki cloud platform, enabling MSPs to upsell additional services without added management overhead. For instance, MSPs can extend their offerings to include physical security by provisioning Meraki smart cameras, all managed from the same portal.

Final Thoughts


Don’t hesitate to reach out to your existing Meraki SD-WAN customers and discuss layering security for secure internet and cloud access. With Cisco Secure Connect, you can augment your managed SD-WAN offering by adding security features with just a few clicks, providing a comprehensive SASE experience.

MSPs looking to simplify their operations while expanding their service portfolio should consider Cisco Secure Connect as a strategic addition to their managed services. It’s a solution that not only brings efficiency but also opens the door to new revenue opportunities.

Source: cisco.com

Tuesday, 11 June 2024

Security, the cloud, and AI: building powerful outcomes while simplifying your experience

Security, the cloud, and AI: building powerful outcomes while simplifying your experience

Over the past year, I’ve spoken with hundreds of professionals about what they expect from their network security. This question is mostly met with equal parts enthusiasm and angst. As we wrap up another successful Cisco Live, I’m eager to share the deep insights I’ve gathered from these extensive conversations and how Cisco is actively addressing your security needs.

As organizations navigate application transformations and grapple with the intricacies of defending increasingly complex networks, they’re also confronting a new wave of technological advancements.

Naturally, these advancements can be a double-edged sword. While they offer the potential for enhanced security measures, they also empower threat actors, who can now exploit vulnerabilities with alarming speed and efficiency.

The overwhelming message is twofold: Organizations need help bolstering their security, but also in streamlining their processes. Integrating too many security tools alone has become its own source of complexity, diluting the focus on threats and stretching resources too thin.

This point was poignantly made during a recent conversation with a Chief Information Security Officer (CISO), who expressed a sentiment all too common in the industry. Faced with the prospect of integrating yet another security solution, the CISO lamented, “I can’t ask my team to adopt the 212th tool in our portfolio!”

The CISO’s frustration illustrates a critical challenge for security leaders: They must balance the adoption of necessary security measures with the practical limitations of their teams’ capacity and the potential for tool sprawl.

In response to this complexity, organizations are hungry for a more streamlined approach to security, one that prioritizes the consolidation of tools and the simplification of security policies without compromising the efficacy of defense mechanisms.

Meanwhile, cybersecurity organizations must deliver solutions that are not just robust and cutting-edge, but also manageable and user-friendly. This way we can empower security teams to effectively combat the threats of tomorrow while keeping their operational sanity today.

Vendors, point products, and a transition to the cloud 


For many professionals, buying a specialized security product leads to something called “the Ferrari problem”. Like that expensive sports car, you’re purchasing something costly and specialized. The product may indeed do the specialized task very well. But security is not done in isolation—some level of integration will inevitability be required.

Thus, the expensive, specialized product opens the door to even more costly integrations (or, in the case of the car, costly repairs).

This doesn’t even count the disjointed security of working with different vendor solutions or the radical complexity of deploying a configuration or security policy across hundreds or thousands of branch offices.

There’s a reason many security professionals avoid updating their tools. With all this complexity, they’re afraid it will disrupt the business or the customer experience.

How Cisco is redefining effective, simplified security for the cloud  


It’s no secret that Cisco built the backbone of switching and routing across the globe for our one million+ customers and partner ecosystem. And we’re currently responsible for facilitating 85% of the world’s internet traffic.

Now, we’ve taken another giant leap by launching Cisco Security Cloud Control.

Cisco Security Cloud Control is designed to unify management for the Cisco Security Cloud, starting with a network security fabric.

Security Cloud Control delivers an AI-native approach to proactively surface actionable insights and automate resolution across hybrid environments. It is designed to help teams get the most of out their Cisco Security investment—saving time and benefiting from simpler and streamlined policies

Building robust security for complicated, ever-shifting cloud environments  


With too many tools and too much complexity to manage, the only answer is a security system that seamlessly ties everything together. We’ve answered the call, building a platform that blends Cisco Hypershield, multi-cloud defenses, advanced firewalls, and microsegmentation technologies.

This platform can collect information across the system and explain what it finds in reports, and via a natural language interface, show the risks to sensitive business assets like PCI databases. You can even ask the system about its own insights and next steps.

But at its heart is the promise of comprehensive visibility and complete detection across every facet of the network, whether it’s ingress/egress at a cloud edge, data center edge, campus, or branch, all the way down to every process and connection from your applications and workloads.

The level of visibility and management from Security Cloud Control helps leaders focus on delivering the outcomes their teams need. From taking intent-based policies in one place and translating them throughout all the control points in your network to streamlining, troubleshooting and recommending policies that span multiple solutions, Cisco Security Cloud Control helps with it all.

And Security Cloud Control’s ability to translate the complex language of cybersecurity delivers an added benefit: the ability to explain and articulate what’s happening–and what you need– to decision-makers. The simplicity and clarity of reports can help you keep leadership informed and engaged in your cybersecurity work.

At the core of this is, yes, AI technology but not just a prompt-based assistant—this is one driving proactive insights and sections across your network and will transform how you engage across the platform.

In essence, what we’ve built stands as a testament to the future of cybersecurity—a single platform that not only anticipates and neutralizes threats, it also empowers organizations to develop a more sophisticated, responsive, and resilient approach to protecting their digital assets.

It’s not just a powerful solution; it’s a strategic enabler for any enterprise looking to secure its future in an unpredictable cyber world, across network requirements that are only destined to become even more complex.

Source: cisco.com

Saturday, 8 June 2024

Cisco AI Assistant for Managing Firewall Policies Is Now Available

Cisco AI Assistant is now available for Cisco XDR and Cisco Defense Orchestrator


Managing firewall policies and locating relevant documentation can be daunting for firewall administrators. However, the AI Assistant integrated with the Cisco Defense Orchestrator (CDO) and the cloud-delivered Firewall Management Center simplifies these processes. With this powerful combination, administrators can effortlessly manage firewall devices, configure policies, and access reference materials whenever required, streamlining their workflow and boosting overall efficiency.

Prerequisites


Administrators need to ensure they have met the following prerequisites to use the AI Assistant:

User roles:

● CDO and cloud-delivered Firewall Management Center – Super Admin or Admin
● On-Prem FMC – Global Domain Admin

Upon successful login into your tenant, you will notice an AI Assistant button positioned in the top menu bar of the dashboard.

Cisco AI Assistant for Managing Firewall Policies Is Now Available

Click the AI Assistant button on the CDO or cloud-delivered Firewall Management Center home page to access the AI Assistant.

The Cisco AI Assistant interface contains the following components: Text Input Box, New Chat, Chat History, Expand View, and Feedback.

Cisco AI Assistant for Managing Firewall Policies Is Now Available

Cisco AI Assistant interface following the best Generative AI assistant practices.

AI Assistant interaction


AI Assistant completion with the prompt “Can you provide me with the distinct IP addresses that are currently blocked by our firewall policies?”

Cisco AI Assistant for Managing Firewall Policies Is Now Available

AI Assistant completion with the prompt “What access control rules are disabled?”

Cisco AI Assistant for Managing Firewall Policies Is Now Available

If you think that response is wrong, please click the thumbs-down button below for the related completion and fill out and submit the form.

Cisco AI Assistant for Managing Firewall Policies Is Now Available

AI Assistant can’t proceed with some prompts and questions. In this case, you can see the following completion:

Cisco AI Assistant for Managing Firewall Policies Is Now Available

It looks like the engineering team decided not to display answers if there is insufficient data to correct them or in cases where the model can hallucinate.

Source: cisco.com