Cisco Brings Sourcefire Technology to Next-Gen Firewall

The vendor's ASA with FirePower Services solution leverages technology obtained when Cisco bought Sourcefire almost a year ago.

Sourcefire technology

Cisco Systems is leveraging the technology it inherited almost a year ago through the $2.7 billion acquisition of Sourcefire in its new next-generation firewall, which officials said will enable organizations to be more proactive when dealing with such threats as advanced and zero-day attacks.

Cisco is combining its ASA firewall technology with Sourcefire's FirePower Service to give customers the contextual awareness and dynamic controls needed to automatically take the steps needed to protect their networks. Through its ASA with FirePower Services offering, businesses will automatically be able to assess any threats, bring together the intelligence they need and then get the protections in place for their networks, according to Cisco officials.

"To meet current and future needs, a [next-generation firewall] must now provide full visibility and contextual awareness across applications, hosts, and the network, address dynamic threats, quickly correlate and identify multi-vector threats and deliver the dynamic controls organizations now require to combat advanced threats," Scott Harrell, vice president of product management in Cisco's Security Business Group, said in a post on the company blog. "It must do all of this while reducing complexity. These capabilities are crucial for enabling continuous protection across the attack continuum—before, during and after an attack."

Security has been one of the key focuses for Cisco officials as they look to grow the company from a networking hardware vendor to an enterprise IT solutions provider, with the company innovating both in-house and through acquisitions. If a tech company wants to be a trusted player from the edge of the network back into the data center, it needs to ensure security at all levels, Cisco CEO John Chambers.

"We are moving to become the number-one security company, because the only way you can defend [the enterprise IT environment] is from the cloud to the data center, the wide-area network to the edge to any device," Chambers said in May in an interview with Bloomberg. "We are moving rapidly to all areas of security, not with individual pieces but an architecture that brings them together."

Cisco's security business is growing. During the second quarter of the year, its security business grew 29 percent over the same period in 2013, with strength in its advanced threat solutions offerings and such core businesses as firewalls and ASA, Chambers said during a conference call with analysts and journalists in August to discuss the quarterly results. He said he expects the security business' growth to be in the double digits going forward.

The new offering integrates Cisco's ASA 5500 Series firewall with Sourcefire's Next-Generation Intrusion Prevention System and Advanced Malware Protection capabilities to enable businesses to deal with threats before, during and after an attack.

According to Cisco officials, most next-generation firewalls have concentrated on policy and application control, which don't enable them to easily handle advanced and zero-day attacks. Cisco's new solution is different in that it is designed to be visibility-driven and threat-focused. It leverages Cisco's FireSight Management Center technology to offer greater visibility into activity running in the network, from users, devices and communications to operating systems, virtual machine communications, Websites and vulnerabilities.

In addition, the focus on threats comes from Cisco's intrusion-prevention system to battle threats and the use of big data analytics, continuous analysis and the vendor's Collective Security Intelligence efforts to protect the network from a host of attackers.

"This purpose-built appliance family is highly scalable, performs at up to multigigabit speeds, and provides consistent and robust security across branch, Internet edge, and data centers in both physical and virtual environments," Cisco's Harrell wrote.

Customers who want the solution have two options: Cisco ASA with FirePower Services by buying an ASA 5500-X Series or 5585-X series firewall that include a bundled FirePower Services license, or by purchasing a FirePower Services for Cisco ASA by enabling FirePower Services on existing ASA 5500-X and 5585-X firewall products, according to Cisco.