A networking giant going toe-to-toe with malware threats? Yes, Cisco just announced it has added Advanced Malware Protection (AMP) to its Content Security Portfolio of products. Originally developed by Sourcefire, AMP is making its way into Cisco technologies like Web and e-mail security appliances and its Cloud Web Security Service.
Call it the first fruits of Cisco’s Sourcefire acquisition. The new integration aims to offer customers comprehensive malware-defeating capabilities, including detection and blocking, continuous analysis and retrospective remediation of advanced threats.
“Today’s advanced threats that can attack hosts through a combination of different vectors require a continuous security response versus point in time solutions,” said Christopher Young, senior vice president, Cisco Security Business Group. “Web and e-mail gateways do a large amount of heavy lifting in the threat defense ecosystem, blocking the delivery of malicious content. By bringing together AMP and threat analytics with our Web, Cloud Web and e-mail security gateways, we provide our customers with the best advanced malware protection from the cloud to the network to the endpoint.”
Before, During and After Attacks
AMP taps the cloud security intelligence networks of both Cisco and Sourcefire. Like the attacks it is designed to protect against, AMP evolves to provide continuous monitoring and analysis across the extended network and throughout the full attack continuum. That means before, during and after an attack.
By combining Sourcefire’s knowledge of advanced threats and analytics expertise with Cisco’s e-mail and Web security solutions, the company said its customers will benefit from more visibility and control combined with a seamless approach to addressing advanced malware problems.
But Cisco didn’t stop there. The company also added Cognitive Threat Analytics, acquired last year via Cognitive Security, as an option for Cisco Cloud Web Security customers. Cognitive Threat Analytics is an intuitive, self-taught system that uses behavioral modeling and anomaly detection to identify malicious activity and reduce time to discovery of threats operating inside the network. With this integration, Cisco addresses the broadest range of attack vectors across the extended network.
“Bringing the AMP technology to the Cisco Web and e-mail security appliances and Cloud Web Security Services is a smart move that will greatly benefit customers in their efforts to protect against today’s rapidly evolving threats,” said Damon Rouse, IT Director at Epsilon System Solutions. “AMP is the only solution we’ve seen that can combine the power of sandboxing with the innovation of file retrospection; it has helped to put us in a better position to further mitigate the impact of potential attacks.” (continued...)