The title seems like a simple enough concept, but when it comes to advanced threat protection, truer words were never written. This concept ofvisibilityinto your network, which in turn enables better protection and control of your network, is at the heart of Cisco's Next-Generation Intrusion Prevention System (NGIPS). Visibility is what feeds critical capabilities in the solution and it's also what sets our NGIPS apart from other IPS products.
In the coming weeks, we'll focus on different aspects of our market-leading NGIPS solution, as recognized by third-party groups such as Gartner and NSS Labs, but since NGIPS is all about threat protection -and you can't protect what you can't see -let's start with visibility.
Historically, IPS products have provided visibility into network packets to be able to identify and block network attacks. The last couple of years have seen next-generation firewalls get a lot of industry buzz by providing visibility (and subsequent control) into applications and users.
But is that all the visibility you need in order to protect today's dynamic computing environments? What about:
Granted, there are a number of different products that individually provide visibility into many of these different areas -but at what cost? Additional appliances? Agents? Management interfaces? Support requirements? And if this visibility is contained in different product interfaces, do you really have holistic visibility into your network environment?
That's why FireSIGHT? sets Cisco's NGIPS apart. FireSIGHT passively discovers more network, host, application, and user information than any other IPS solution. It uses this information, also known as "contextual awareness," to build network maps and host profiles. It correlates and organizes this information to easily display trends and actionable security metrics. This real-time contextual awareness provides an "information superiority" advantage so that defenders can stay a step ahead of attackers. Remember, if you can't see it, you can't protect it!With FireSIGHT, you see all.
All of this critical visibility is provided out-of-the-box in a single product. In a single interface. Passively, without a single agent.
But what's visibility without control? Cisco NGIPS' ability to "see" all of this information also enables this information to be used in protection policies -providing better security over a wider range of dynamic assets. We also use FireSIGHT information to make smarter decisions and to fuel automation.
Our next blog will explore these advantages in more detail.
For more information, visit http://www.sourcefire.com/products/next-generation-network-security