Shimizu island, El Nido, Palawan, Philippines, Southeast Asia
vuk8691 / Getty Images
Cisco has added support for advanced malware Protection (AMP) are more than a million ISR / ASR edge routers, in an effort to strengthen the protection of malware from the main network and branch offices across the SD WAN.
Last year, Cisco said its technology Viptela SD-WAN IOS XE software version 16.9.1 running their core routers ISR / ASR, as the ISR 1000, 4000 and ASR 5000 models are used by organizations worldwide. Cisco purchased Viptela in 2017.
More about SD-WAN
How to purchase SD-WAN technology: important questions to consider when selecting a provider
How to choose an off-site data backup method
SD branch: what is it and why do you need it?
What are the SD-WAN security options?
The release of Cisco IOS XE provided an instant upgrade path to create SD-WAN tissues controlled by the cloud for connecting scattered offices, people, devices, and applications operating in the installed base, Cisco said. Cisco said at the time that Cisco SD-WAN builds a secure virtual IP structure on edge routers by combining routing, segmentation, security, policy and orchestration.
With the recent launch of IOS-XE SD-WAN 16.11, Cisco has made AMP and other improvements to its SD-WAN.
“Together with Cisco Talos [poor intelligence and security services Cisco] AMP permeates its branches, and SD-WAN offices with threats from millions of users around the world, honeypots, sandbox and extensive industry organizations” wrote Patrick Vitalone of Cisco as a product. Marketing manager in a blog about the security part of the new software. “In total, AMP identifies more than 1.1 million unique malware samples per day.” When AMP detects malicious behavior in Cisco SD-WAN, it is automatically blocked, he wrote.
The idea is to use integrated preventive engines, abuse prevention and signature-based smart antivirus programs to stop malicious attachments and malware without files before they are executed, Vitalone wrote.
AMP support is added to a menu of security features already included in the SD-WAN software, including support for URL filtering, protection of Cisco Umbrella DNS, prevention of Snort intrusion, the ability to segment users into the WAN and the security of the integrated platform, including the Cisco Trust. Anchoring module.
[Prepare to become a certified professional in information security systems with this comprehensive online course from PluralSight. Now offers a free 10-day trial period! ]
The software is also compatible with SD-WAN Cloud onRamp for colocation, which allows customers to link distributed applications from multiple clouds to a local branch or local private data center. In this way, a cloud-to-branch link would be shorter, faster and possibly more secure than linking cloud-based applications directly to the data center.
“The idea that this type of security technology is now integrated into the SD-WAN offering from Cisco is crucial for Cisco customers looking to evaluate SD-WAN offerings,” said Lee Doyle, principal analyst at Doyle Research.
IOS-XE SD-WAN 16.11 is now available.
This story, “Cisco adds AMP to SD-WAN for ISR / ASR routers” was originally published by Network World.