In Today ‘s world networks security is very important. To secure your network and overcome your endpoint’s vulnerability, a good security design is needed. Here, we will talk about this good network security design to prevent a network towards threats. We will cover Cisco threat defense.
To provide this security, Cisco has created a security architectural framework named Cisco SAFE (Cisco Secure Architecture for Everyone). This is a complete solution which integrates different security solution.
Cisco SAFE provides security solutions for the following places in the network (PIN).
Branches are one of the top places targeted by different threats. These threats can be a malware, MitM attack, a rogue access point connection or any unauthorized access. To prevent branches from such threats key security implementations must be done.
Campus is a large, public area. It is also vulnerable to the threats. The attacks that can be seen in campus are phishing, malware or any unauthorized network access or exploits.
Data Center is the place where thousands of servers reside in. It is the storage of the information. So, it is very critical to safe this place towards the threats. These threats can cause data loss, data theft or any malicious behavior on the network.
Edge is the most targeted place by threats. Because, it is the entrance and exit point of the traffic. DDoS Attacks, MitM Attacks are mostly seen in these places.
Cloud is another targeted place. The security of this place is provided by service provider. Malware, web server vulnerabilities, data or access loss and MitM attacks can be seen on cloud.
WAN is the part of the network that connects the other parts. So, it is critical to secure this place. In WAN malware propagation, WAN sniffing, MitM attacks or any unauthorized network access can be seen.
Cisco SAFE also defines secure domains. These are operational areas used to protect the different PINs. The following security concepts are used to evaluate each PIN:
The key to Cisco SAFE
Implement Cisco SAFE provides advanced level threat defense.
There are different threats towards organizations and these threats are developing day by day. To prevent systems from such threats new security models are needed. Cisco threat-centric security model was created to do this. So, what is Cisco threat-centric security?
Cisco threat-centric security is a security approach which addresses security across the entire attack continuum. It covers three period of threats: Before an attack, during an attack and after an attack.
With this threat-centric security approach:
Before an attack, we need to be more aware of what we have in our network. In other words, we need to have full knowledge of the assets in the network. Beside full network knowledge, we should also foresee the threat types towards these attacks. We need to know “why can these systems be target?” to be more proactive. If we do this, we can implement security policies better to defend our assets in the network.
During an attack, we should have the ability to detect the threats and block them to prevent our assets from the negative effects of these malicious attacks. This is the most critical part of these steps. Here, next-generation firewalls, next-generation intrusion prevention systems or any security solution can be used by the organizations.
After an attack, we need to detect the impact of the threat and note what we have learned from this threat. This is the remediating step of this attack defense.
Here, we have learned Cisco thread defense basically.