Cisco Firewall

SecureX and Secure Firewall: Integration and automation to simplify security

Aditya Sankar from Cisco
Placeholder for Aditya SankarAditya Sankar

Aditya Sankar from Cisco

4 min. read
Placeholder for Aerial view ship portAerial view ship port

Share

Cisco Secure Firewall stops threats faster, empowers collaboration between teams, and enables consistency across your on-premises, hybrid, and multi-cloud environments. With an included entitlement for Cisco SecureX, the XDR and orchestration platform, you’ll experience efficiency at scale and maximise your productivity. New streamlined Secure Firewall integrations make it easier to use SecureX capabilities to increase threat detection, save time and provide the rapid and deeper investigations you require. These new features and workflows provide the integration and automation to simplify your security.

Move to the cloud

The entire suite of Firewall Management Center APIs is now available in the cloud. This means that existing APIs can now be executed from the cloud. Cisco makes this even easier for you by delivering fully operational workflows as well as pre-built drag-n-drop code blocks that you can use to craft your own custom workflows. SecureX is able to proxy API calls from the cloud to the SSE connector embedded in the FMC codebase. This integration between Firewall 7.2 and SecureX provides your firewall with modern cloud-based automation.

Expedited integration

We’ve dramatically reduced the amount of time needed to fully integrate the firewall into SecureX. Even existing firewall customers who use on-premises Firewall Management Center will be able to upgrade to version 7.2 and start automating/orchestrating in under 15 minutes — a huge time-saving! The 7.2 release makes the opportunities for automating your firewall deployment limitless with our built-in low code orchestration engine.

Previously firewall admins had to jump through hoops to link their smart licensing account with SecureX, resulting in a very complicated integration process. With the new one-click integration, simply click “Enable SecureX” in your Firewall Management Center and log into SecureX. That’s it! Your firewalls will automatically be onboarded to SecureX.

Placeholder for Firewall Management Centre SecureX SetupFirewall Management Centre SecureX Setup

Built-in orchestration

Cisco Secure Firewall users now get immense value from SecureX with the orchestration capability built natively into the firewall. Previously firewall admins would have to deploy an on-premises virtual machine in vCenter to take advantage of firewall APIs in the cloud which was a significant hurdle to overcome. With the 7.2 release, orchestration is built into your existing Firewall Management Center (FMC). No on-premises connector is required; SecureX orchestration can communicate directly with Firewall APIs highlighting the power of Cisco-on-Cisco integrations.

Customisable workflows

PSIRT impact monitoring

The PSIRT (Product Security Incident Response Team) impact monitoring workflows helps customers streamline their patch management process to ensure their network is always up to date and not vulnerable to CVEs. This workflow will check for new PSIRTs, determine if device versions are impacted, and suggest a fixed version to upgrade to. By scheduling this workflow to run once a week customers can be notified via email if there is any potential impact from a PSIRT.

Firewall device health monitoring

This workflow will run every 15 minutes to pull a health report from FMC and proactively notify customers via email if any devices are unhealthy. This means customers can rest assured that their fleet of devices is operating as expected or be notified of things like high CPU usage, low disk space, or interfaces going down.

Expiry notification for time-based objects

This workflow highlights the power of automation and showcases what is possible by using the orchestration proxy to use FMC API’s. Managing policy is always an on-going effort but can be made easier by introducing automation. This workflow can be run once a week to search through Firewall policies and determine if any rules are going to expire soon. This makes managing policy much easier because customers will be notified before rules expire and can make changes accordingly.

Response Action: Block URL in access control policy

This workflow is a one-click response action available from the threat response pivot menu. With the click of a button a URL is added to an object in a block rule of your access control policy. This action can be invoked during an investigation in SecureX or from any browser page using the SecureX browser extension. Reducing time to remediation is a critical aspect of keeping your business secure. This workflow turns a multi-step policy change into a single click by taking advantage of Secure Firewall’s integration with SecureX.

Proven Results

A recent Forrester Economic Impact Study of Secure Firewall show that deploying these types of workflows in SecureX with Secure Firewall increased operational efficiency.

In fact, SecureX in combination with Secure Firewall helped to dramatically reduce the risk of a material breach. It’s clear that the integration of the two meant a significant time savings for already overburdened teams.

Using SecureX in conjunction with Secure Firewall and Firewall Management Center enabled organizations to save up to an additional 77% of time spent on investigation and response.

We continue to innovate new features and workflows that prioritize the efficacy of your teams and help drive the security resilience of your organization.

Nomios and Cisco partnership

Nomios is an award-winning Cisco Gold Partner with advanced specialities and the distinction of multiple certified engineers on staff. Our engineers are recognised by Cisco as technical experts and advocates of Cisco solutions. That means you can count on Nomios for the technical know-how and hands-on experience to accurately assess your business requirements, and design, implement, and manage a Cisco-based solution to suit your needs.

Get in touchDo you want to know more about this topic?

Our experts and sales teams are at your service. Leave your contact information and we will get back to you shortly.

Placeholder for Portrait of french manPortrait of french man