6 Hot New Security Tools And Features Unveiled At Cisco Live 2020

From crowdsourced automated workflows on GitHub to a unified dashboard with more than 70 customizable metrics, here are the top security features rolling out at the Cisco Live 2020 virtual event.

Securing The Future

Global availability of the Cisco SecureX cybersecurity platform is rapidly approaching, and the San Jose, Calif.-based technology giant said customers can expect to benefit from features like unified dashboards and automated workflows. The company is also debuting a new email security feature and unifying its endpoint security and multi-factor authentication capabilities to better safeguard remote workers.

Cisco SecureX will save time and reduce management complexity for partners and customers alike, according to Bob Cagnazzi, CEO of New York-based Presidio, No. 22 on the 2020 CRN Solution Provider 500. The platform gives Presidio a global view of its Cisco infrastructure and insight into all technology areas, which Cagnazzi said will allow the company to identify and diagnose security issues more quickly.

“Customers don’t want point products in security anymore,” Cagnazzi told CRN. “SecureX is a game-changer for managed services.”

Solution providers will benefit from reduced operational complexity and additional sales and services opportunities thanks to SecureX, said Jeff Reed, senior vice president of product for Cisco’s Security Business Group. From crowdsourced automated workflows on GitHub to a selection of more than 70 customizable metrics, here are the top security features rolling out at the Cisco Live 2020 virtual event.

6. Cisco Secure Brand Unveiled

The Cisco Secure brand is intended to simplify how the company discusses it’s solutions and products over time, Reed said. The new nomenclature debuted with the Cisco Secure Remote Worker offering, Reed said, and aims to use specific, outcome-based language to minimize complexity and describe exactly what a product does.

Over time, Reed said, more Cisco Security products will adopt functional names with clear outcomes. This could mean moving away from names like Cisco Adaptive Security Appliance (ASA) since it isn’t immediately clear to some newer customers that that’s what the company calls its firewall products, Reed said.

The Cisco Secure branding is straightforward and really speaks to what the company is trying to provide customers, Reed said. It is clean, simple, easy to grasp and represents the company’s brand and vision across its security product set, according to Reed.

5. Cisco SecureX Global Availability Announced

The June 30 global availability of the cloud-native Cisco SecureX security platform will benefit the company’s partners in three ways, according to Reed. First, Cisco SecureX will reduce operational complexity for managed security service providers (MSSPs) doing work on behalf of their customers by leveraging automation, simplified workflows and cross-portfolio visibility.

Cisco SecureX is also expected to generate additional sales opportunities for partners since it provides customers with a view across not only the Cisco products they have today, but also other solutions within the Cisco portfolio, Reed said. For instance, Reed said that 85 percent of Cisco Threat Response customers end up purchasing an additional Cisco Security product of equal or greater value.

Lots of partners are also looking to attach more services to the Cisco portfolio to provide customers with additional intelligence and capabilities, according to Reed. Cisco SecureX provides stakeholders a single point to get threat intelligence and insight from across the Cisco portfolio, and Reed said partners can augment that with their own unique capabilities.

4. Endpoint Security, Authentication Integrated

Cisco has more closely stitched together its AMP (Advance Malware Protection) for Endpoints and Duo multi-factor authentication capabilities, meaning that AMP can now notify Duo if it sees malware on an end user device, according to Reed. If an end user device is potentially compromised, Reed said Duo is able to change the application access policy as soon as it’s notified of the potential issue by AMP.

Augmenting the access policy means that Duo can now take advantage of the malware and endpoint health visibility provided by AMP for Endpoints, Reed said. This is an improvement over how things have worked up until now, where Reed said any issues in AMP for Endpoint would require an administrator or SOC analyst to first spot the alert and then manually change the authentication policy for that customer.

Now that the products communicate automatically, Reed said there’s no time gap between when malicious activity is spotted on the endpoint and when the user’s authentication policy has been modified. Tying together application access and Cisco’s endpoint security offering means that customers are now staying secure at the speed of machines rather than the speed of people, according to Reed.

3. Visibility Enhanced Through Unified Dashboard

Each user can personalize their Cisco SecureX dashboard by selecting which of the more than 70 available metrics are most important to them, Reed said. As a result, a network security engineer measuring the performance of the firewall can have different metrics in their dashboard than the person responsible for managing endpoint security.

Cisco’s individual product teams worked with SecureX to determine which metrics made the most sense to put into the dashboard, Reed said. SecureX takes the dashboards that live inside each separate Cisco product and creates a composite dashboard for the things a particular user cares about most, he said.

The metrics available to users span the gamut from malware detection and the top hosts Cisco is seeing to indicators of compromise (IOCs) in Cisco Umbrella and details around where traffic is heading across the internet, Reed said. There are lots of different data in each product that Cisco looked at, and Reed said SecureX’s dashboard provides a single view across the entire portfolio.

2. Cloud Mailbox Defense Debuted

Cisco’s Cloud Mailbox Defense is designed to be super quick and easy for customers to stand up and use within Office 365 in less than five minutes, according to Reed. Cloud Mailbox Defense for Office 365 is good for organizations with smaller security and IT staffs, Reed said, and leverages the Cisco Talos threat intelligence team to add an additional layer of security around blocking URLs and threat files.

Up until now, Reed said Cisco has become the deployed gateway for email, and users must configure their mail flows so that messages are first going to the Microsoft Exchange Server. This takes more customer effort to configure and manage on an ongoing basis, according to Reed.

But when Office 365 gets an email in Cisco Mailbox Defense, the company gets sent a copy for security analytics purposes, which Reed said allows Cisco to look at the reputation of the domains and URLs with the help of OpenDNS and Cisco Umbrella. The APIs provided by Office 365 also allow Cisco to extract an email out of the user’s inbox and quarantine it if necessary, according to Reed.

1. Manual Labor Slashed Using Automated Workflows

The on-screen drag and drop components within Cisco SecureX allow for the creation of workflows, which Reed said saves users time and energy and allows them to get to answers more quickly. The workflows cut across both Cisco, as well as third-party products, and are integrated with Teams on the network side to make it easier to pull things together.

SecureX will ship with a set of pre-configured workflows, and Reed said Cisco has created a GitHub site where people can share some of the workflows they’ve created. Up until this point, Reed said CISOs have been forced to spend a lot of time stitching disparate products together, which prevents them from going after higher-level tasks to secure their organizations.

Reed said the technology came out of Cisco’s efforts to stitch multi-cloud tools together and allows organizations to take things that would have been manual and automate them. The automated workflows are a lot more advanced than what customers expected from the initial version of SecureX, Reed said, and have generated the most excitement of any platform element in early field trials.