RSA Conference 2018 kicks off today in San Francisco, and Cisco wants to make it clear that its security portfolio is booming with new services and capabilities. The company today added new email security services as well as visibility and protection features to its Advanced Malware Protection (AMP) for Endpoints.
The tech giant also extended its partnership with ConnectWise that allows managed service providers (MSPs) to sell Cisco’s security portfolio as managed services.
This follows last week’s news that Cisco will offer its Tetration analytics platform as software-as-a-service (SaaS) and a software-only version with a virtual appliance. Also last week Cisco rolled out an integrated data center security architecture based on four of its products.
Back to today’s news, AMP for Endpoints is a cloud-managed endpoint security product that Cisco claims uncovers the 1 percent of threats that other products miss. This 1 percent includes things like file-less malware and environmentally aware malware. “The more sophisticated stuff,” said Cisco’s Jason Lamar, a senior director in the security product management group. “That’s where Cisco comes in. Our whole focus is to get this 1 percent boiled down to zero.”
The company claims it can do this via a new feature called Cisco Visibility. It’s an engine that ingests data from Cisco’s threat intelligence team Talos and third-parties, along with security events and alerts from products across Cisco’s entire portfolio. It then visually represents these threats across an organization, from endpoints to network and the cloud.
“It also minimizes the need to switch between multiple consoles,” Lamar said. “We’re bringing all that together in one place to simplify investigations.”
Cisco also strengthened its detection and protection mechanisms even when a user is offline. A new AMP for Endpoints exploit prevention service helps protect against file-less attacks, including those that reside solely in memory. It prevents ransomware execution, killing the processes and preventing propagation. It also protects against unpatched software vulnerabilities.
Email Security Services
To better protect employees from phishing and spoofing attacks, Cisco inked a deal with security company Agari to sell new email services. These include domain and phishing protection.
The new domain protection services use Domain-Based Message Authentication, Reporting, and Conformance (DMARC), an email authentication standard, and reports in real time back to domain users about noncompliant emails being sent from their domains. The U.S. Department of Homeland Security has ordered federal agencies with .gov email domains to implement strict DMARC policies by October.
The new phishing protection adds machine learning capabilities to block advanced identity deception attacks for inbound email. It also uses both global and local telemetry data combined with analytics and modeling to validate the reputation and authenticity of senders. The goal being that only legitimate emails reach an employee inbox.
“The whole point of these innovations is Cisco will help you keep your employees’ emails safe with new cloud technologies,” Lamar said.
These email security services will be available in Cisco’s fourth quarter.
Managed Security Services
And finally, Cisco beefed up its relationship with IT services company ConnectWise. The companies originally teamed up in November 2017 to offer MSPs a portal with a single interface from which to access multiple Cisco networking and security services. MSPs can also automate billing and other business management functions through the portal.
The expanded relationship builds on the portal for MSPs to offer additional Cisco security services as managed services. Planned for availability in May as a pilot, the ConnectWise Advanced Security Dashboard will include Meraki MX firewalls, Umbrella, Stealthwatch Cloud, Cisco Adaptive Security Appliances, Cisco Next Generation Firewall, and AMP for Endpoints.