Cisco NGFWv License

Cisco NGFWv License

By providing consistent security policies, visibility, and improved threat response, the Cisco Next-Generation Firewall (NGFW) portfolio allows you to defend your workloads against an array of threats that are getting more complex. Leveraging Cisco’s power transforms your current network infrastructure into an extension of your firewall solution, providing adaptive security wherever you need it, whether it be in your data center, branch offices, cloud environments, or anywhere else in between.

Consistent visibility, unified management, and policy harmonization are all enabled by Cisco`s top-notch NGFW. In order to quickly identify, research, and eliminate threats, Cisco Threat Response automates integrations across the entire Cisco security portfolio. The same threat protection features are provided by the physical and virtual Cisco Firepower NGFW appliances, ensuring uniform security efficacy and visibility across physical and virtual workloads.

For virtual, public, private, and hybrid cloud deployments, the Cisco Firepower® NGFWv is available on VMware, KVM, Amazon Web Services (AWS), and Microsoft Azure platforms. With the help of Cisco Firepower NGFWv, businesses using software-defined networks can quickly provision and organize flexible network protection. Additionally, when using Cisco Firepower NGFWv, organizations using network function virtualization can reduce costs even more.

Cisco NGFWv Key Features

• • Sandboxing for the Cisco AMP Threat Grid is available.
  • More than 80 categories are available for URL filtering.
  • URL Filtering: Number of Categorized URLs: Over 280 million
  • High Availability and Clustering: Active/Standby (ESXi and KVM only)
  • Delivery modes: forwarded, transparent (online IPS only), and passive
  • Support for custom, open-source application detectors using OpenAppID is standard in AVC.
  • It is possible to use KVM and ESXi with Cisco Firepower Device Manager (local management).
  • Threat intelligence for IP, URL, and DNS is included in the standard Cisco Security Intelligence.
  • Application Visibility and Control (AVC): Standard, supporting more than 4000 applications, users, users, and websites.
  • Automated Threat Feed and IPS Signature Updates: Yes: Industry-leading Collective Security Intelligence (CSI) from Cisco Talos Group
  • Third-party and open-source ecosystem: Open API for integrations with third-party products; Snort and OpenAppID community resources for emerging and specific threats
  • With the Cisco Firepower Next-Generation Intrusion Prevention System (NGIPS), endpoints and infrastructure can be passively detected for threat correlation and Indicators of Compromise (IoC) intelligence.
  • Centralized configuration, logging, monitoring, and reporting are handled by the Cisco Firepower Management Center (all platforms, including on-premises, in AWS, and Azure), or alternatively, in the cloud with Cisco Defense Orchestrator (ESXi and KVM only).
  • Available; Cisco Advanced Malware Protection (AMP) for Networks enables targeted and persistent malware detection, blocking, tracking, analysis, and containment, addressing the attack continuum both during and after attacks. Optionally offered is integrated threat correlation with Cisco AMP for Endpoints.

How does Cisco NGFW help you?

Avoid breech situations.

To keep your business operating, you must automatically stop breaches. Cisco`s 250 threat researchers, Talos, analyzes millions of threats every day and develops security measures that the Cisco NGFW uses to guard against the next significant breach. Talos stopped these massive hacks (and others) before they happened, and Cisco firewall customers were automatically protected. A good track record.

Automate to work efficiently and save time

Cisco NGFW automates networking and security operations to save you time, reduce complexity, and free up your attention for tasks that are of the utmost importance. Threat alerts are ranked in order of importance so you can stop whack-a-mole-ing each other and concentrate on what’s important. In order to give you visibility across various attack vectors, from edge to endpoint, Cisco NGFWs collaborate with the other integrated security tools from Cisco. A threat will automatically be blocked everywhere when this system of tools detects it in one location.

Quickly identify and eliminate threats

Cisco NGFWs go beyond prevention and access control to give you deep visibility so you can see and stop threats quickly. Sandboxing, next-generation IPS, advanced malware protection, and other built-in advanced security features can be used to gain visibility across users, hosts, networks, and infrastructure. They keep an eye out for suspicious activity and immediately put a stop to it when they spot it. Cisco`s cutting-edge security features give you greater visibility so you can make more stops.

Support for platform images

The licensed Cisco Firepower NGFWv comes with URL Filtering, Cisco Advanced Malware Protection (AMP) for Networks, Next-Generation IPS (NGIPS), Application Visibility and Control (AVC), and other optional features. The Cisco Firepower Threat Defense software image is used by the Cisco Firepower 2100 Series, 4100 Series, and 9300 appliances. Alternately, the Cisco Adaptive Security Appliance (ASA) software image is supported by the Cisco Firepower 2100 Series, 4100 Series, and 9300 appliances.

Firepower DDoS mitigation

Tightly integrated, comprehensive, behavioral DDoS mitigation for both network and application infrastructure protection is also offered on the Cisco Firepower 4100 Series and 9300 appliances. Radware’s Virtual DefensePro (vDP) is a DDoS mitigation system. Directly from Cisco, it is obtainable and supported.

Cisco Firepower 2100 Series Appliances.

Four licensed threat-focused NGFWv security platforms that deliver business resilience through superior threat defense make up the Cisco Firepower 2100 Series. When advanced threat functions are enabled, it provides exceptional sustained performance. These platforms are unique in that they use a cutting-edge dual multicore CPU architecture that simultaneously optimizes firewall, cryptographic, and threat inspection operations. The firewall throughput range of the series addresses use cases from the edge of the Internet to the data center. The Cisco Firepower 2100 Series platform supports Network Equipment Building Standards (NEBS) compliance.

The Cisco Firepower 4100 Series Appliances.

Four NGFW security platforms with a threat-focus belong to the Cisco Firepower 4100 Series family. Their range of throughput addresses use cases for data centers and internet edges. They offer better threat defense, operate at higher speeds, and take up less space. The management of security services using RESTful APIs is supported by the Cisco Firepower 4100 Series, along with flow-offloading and programmatic orchestration. The platform for Cisco Firepower 4120 supports NEBS (Network Equipment Building Standards) compliance.

The Cisco ASA 5500-FTD-X Series Appliances.

There are eight licensed threat-focused NGFWv security platforms in the Cisco ASA 5500-FTD-X Series. Their range of throughput addresses use cases from the Internet edge to the small or branch office. In a footprint that is affordable, they provide superior threat defense.

NGFW virtual (NGFWv) appliances from Cisco.

For virtual, public, private, and hybrid cloud environments, Cisco Firepower NGFWv is available on VMware, KVM, Amazon Web Services (AWS), and Microsoft Azure. With Firepower NGFWv, businesses using SDN can quickly provision and organize flexible network protection. Additionally, by utilizing Firepower NGFWv, organizations using NFV can further cut costs.