Cisco has just released FirePOWER v6.0 and it has several new features that have been long awaited.
Three key features include:
On-box SSL Decryption: The ASA firewall now has the ability to perform SSL decryption. By some estimates, at the end of 2016, roughly two-thirds of all Internet traffic will be encrypted. It is no surprise that attackers will continue to leverage SSL-based attacks because it is more difficult to detect. Security solutions must have the ability to look inside SSL-encrypted traffic to combat against attacks that leverage SSL encryption.
Integration with Cisco ISE: This is a big step in the right direction for Cisco to tie in multiple security solutions. This will extend the capabilities of ISE and allow better policy enforcement. PxGrid capabilities are also extended to this new code release in addition to support for Security Group Tagging (SGT). The security enforcement becomes a lot more simplified (reduced complexity) with these capabilities.
Integration with AMP Threat Grid: This is another big step in the right direction that provides enhanced intelligence for Cisco security solutions deployed throughout an environment. Instead of different point-product solutions relying on individual intelligence and security threat updates, Threat Grid can push continuous updates to vast number of Cisco security solutions. This increases the accuracy and detection of security related events. In other words, the time-to-detection is reduced substantially.
Several other noteworthy features include:
- Local Malware Checks
- File Property Analysis
- Captive Portal and Active Authentication
- Support for OpenAppID-defined Applications
- Expanded ASDM Management.
To read more about the long-awaited and welcomed changes that the Cisco FirePOWER 6.0 update brings, click here: Release Notes – FirePOWER Version 6.0