Cisco Appliances Flashcards
(5 cards)
Cisco ASA (Adaptive Security Appliance)
Cisco ASA is a unified threat management appliance that combines firewall, VPN, and intrusion prevention functionalities in a single platform. It has long been a staple of Cisco’s security lineup and is renowned for its reliability and ease of integration into existing network infrastructures. Key points include:
- Firewall & VPN: Provides robust network perimeter security and secure remote connectivity.
- Stateful Inspection: Inspects traffic flows to enforce security policies based on connection state.
- Modular Integration: Can host additional services—such as FirePOWER modules for enhanced threat protection—making it adaptable to evolving security needs.
Cisco Firepower
- Cisco Firepower represents the evolution of Cisco’s next-generation firewall capabilities. This platform can be deployed as a dedicated appliance or as an integrated service within ASA hardware (as a module). It focuses on advanced threat detection and prevention with features including:
- Intrusion Prevention (IPS): Continuously monitors and analyzes traffic to block known and emerging threats.
- Application Visibility and Control (AVC): Identifies and controls allowed applications irrespective of port or protocol.
- Integrated Threat Defense: Offers real-time contextual awareness and automated threat mitigation by combining multiple security layers into one platform.
Cisco AMP (Advanced Malware Protection)
Cisco AMP is designed to provide comprehensive malware detection, prevention, and response across networks, endpoints, and mobile devices. It works by:
- Continuous Analysis: Monitoring files, links, and behaviors over time to detect sophisticated and previously unknown threats.
- Integrated with Multiple Platforms: Often embedded within Cisco’s network and endpoint security solutions to deliver coordinated defense mechanisms.
- Retrospective Security: Not only stops threats as they attempt to execute but also tracks and examines data for any later signs of compromise, allowing organizations to trace the attack lifecycle.
Cisco Umbrella
Cisco Umbrella is a cloud-delivered security service that provides DNS-based protection and access control for users both on and off the corporate network. It’s built to secure all internet-bound traffic by:
- DNS-Layer Security: Blocking requests to potentially malicious domains before a connection is established, which reduces exposure to threats.
- Secure Web Gateway (SWG): Provides URL filtering, content inspection, and threat intelligence directly from the cloud.
- Cloud Security Posture: Integrates with existing security infrastructure to extend protection to remote users and branch offices without the need for traditional on-premises appliances.
point to multipoint
vs
Hub and spoke
The key difference is that point-to-multipoint allows direct communication from the central node to multiple endpoints, while hub-and-spoke forces all communication to go through the hub, potentially adding latency but improving control and management
