Cisco Cisco ScanSafe Wi-Fi Hotspot Security White Paper

Page 4 of 8

Figure 3. The Network-Based Security Architecture

Cisco’s security architecture today includes three main sections:

●

Content security: Web and email security solutions that monitor ingoing and outgoing web and email traffic

and regulate employee web and application access

●

Network security: Firewalls, VPNs, and intrusion prevention systems that manage companywide policies,

regulate network access, and adjust automatically to alerts

●

Secure access: Remote access solutions with identity and access controls to safeguard connections,

enforce policies, and regulate remote and guest access to the network

Cisco Cloud Web Security

Cloud Web Security (see Figure 4) keeps malware off the network and helps organizations of all sizes more

effectively control and secure web usage. It provides both inbound and outbound protection and extends web

security to roaming users with the Cisco AnyConnect

Secure Mobility Client, a lightweight, highly modular security

agent providing easily customizable capabilities based on the individual needs of the business.

Cloud Web Security pairs with Advanced Malware Protection (AMP) to protect against the latest and most

advanced threats and analyze traffic in a highly secure environment in real time. Only AMP delivers the ability to
track a file’s disposition in a network over time to identify where malicious files may be hiding. Cognitive Threat

Analytics adds continuous capabilities to scan the environment for symptoms of an infection and malware that

bypasses perimeter defenses.

Furthermore, Cisco Cloud Access Security provides visibility and control for software-as-a-service (SaaS)

application usage, cloud data loss protection, and anomaly detection for the growing risks created by the

proliferation of cloud apps.