Cisco Systems is adding new security capabilities to its family of intrusion-prevention and firewall systems, security management software and other products to address the unique, but growing, security needs of consolidated, virtualized and cloud-based data centers.
Leading off the list of new products announced Sept. 12 is the Cisco ASA 1000V Firewall for cloud environments, part of the Adaptive Security Appliance (ASA) line from Cisco. The ASA 1000V runs on top of a Cisco Nexus 1000V switch and complements the Cisco Virtual Security Gateway (VSG), which secures virtual and cloud infrastructure, the company says. A single instance of the product secures up to 64 VMware ESX host servers running virtual machines (VMs) internally.
The Cisco virtual firewall approach differs significantly from that of some of its competitors, said Jeff Aboud, marketing manager for enterprise network security at Cisco.
Other vendors use a virtual firewall in which they take existing firewall code and wrap it up in a VM wrapper, which is quick and easy to install and deploy, Aboud said.
“The bad news, though, is that it was really a firewall that was built for the physical world and has been retrofitted in order to handle virtual workloads,” he said. “What we have done is taken our baseline mainstream ASA code and optimized it for the virtual cloud environment.”
Cisco has also introduced the IPS 4500 series intrusion-prevention system (IPS), which offers 400 percent higher performance density, consumes 75 percent less power and occupies 75 percent less rack space than a Juniper Networks system chosen for comparison. It delivers 10G bps throughput and supports up to 100,000 connections per second. Supported by the Cisco Security Intelligence Operation (CISO), Aboud said the IPS can intercept an intruder before it enters the network while competing systems can detect a breach only after it has occurred.
Cisco is also introducing version 9.0 of its ASA operating system. Among the new enhancements from version 8.4, it delivers up to 320G bps of firewall and 60G bps of IPS throughput, 1 million connections per second and 50 million concurrent connections. It also offers higher density, 84 percent less power consumption and takes up 75 percent less rack space than a Juniper system.
To read the original eWeek article, click here: Cisco Beefs Up IPS, Firewalls to Better Protect Data Centers