Cisco Cisco ScanSafe Wi-Fi Hotspot Security Livre blanc
© 2014 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 2 of 7
Cisco Cloud Web Security Essentials
Cisco
®
Cloud Web Security (CWS) helps organizations meet the challenge of maintaining continuous security
across the extended network. The solution provides industry-leading security and control for the distributed
enterprise and offers the broadest set of deployment options available. A cloud-based version of Cisco Web
Security, the Cisco CWS platform extends web security to mobile devices and distributed environments. It protects
users through Cisco’s worldwide threat intelligence, advanced threat defense capabilities, and roaming-user
protection.
enterprise and offers the broadest set of deployment options available. A cloud-based version of Cisco Web
Security, the Cisco CWS platform extends web security to mobile devices and distributed environments. It protects
users through Cisco’s worldwide threat intelligence, advanced threat defense capabilities, and roaming-user
protection.
Cisco CWS features intuitive tools to create, enforce, and monitor inbound and outbound web policy, giving
businesses complete control of how end users access Internet content. In short, Cisco CWS is a security perimeter
in the cloud. It provides detailed context-aware policy control and enforcement. In addition, it:
businesses complete control of how end users access Internet content. In short, Cisco CWS is a security perimeter
in the cloud. It provides detailed context-aware policy control and enforcement. In addition, it:
●
Dynamically blocks threats in real time
●
Protects the network and users from undesirable web content
●
Optimizes network resources by reducing bandwidth congestion
●
Enables comprehensive reporting and monitoring of online activity
●
Protects the organization from data leaks
Cisco CWS integrates with Cisco firewalls, branch routers, and client-based software to provide protection
wherever users work. All traffic—whether it originates from the headquarters location, from branch offices, or from
mobile or remote users—is routed through a global network of Cisco CWS data centers. Cisco CWS eliminates
backhaul, speeds the deployment of web security, and helps to extend the value of existing Cisco investments.
wherever users work. All traffic—whether it originates from the headquarters location, from branch offices, or from
mobile or remote users—is routed through a global network of Cisco CWS data centers. Cisco CWS eliminates
backhaul, speeds the deployment of web security, and helps to extend the value of existing Cisco investments.
With the recent acquisitions of the security companies Sourcefire and Cognitive Security, Cisco is now able to
provide an enhanced version of Cisco CWS to thwart advanced malware threats, particularly in the “after” phase of
the attack continuum, and to improve real-time threat detection in the “during” phase. Cisco offers this solution
through an optional Premium subscription, described below.
provide an enhanced version of Cisco CWS to thwart advanced malware threats, particularly in the “after” phase of
the attack continuum, and to improve real-time threat detection in the “during” phase. Cisco offers this solution
through an optional Premium subscription, described below.
Cisco CWS Premium
Cisco CWS Premium includes all of the features from Cisco CWS Essentials, but it also incorporates two
innovative malware detection systems: Cognitive Threat Analytics (CTA) and Advanced Malware Protection (AMP).
These systems automate the search for high-risk threats in an organization’s web traffic. Cisco CWS Premium
provides additional point-in-time protection, retrospective security, and continuous analysis to help organizations
find and address the threats that matter most. And it reduces the time to the discovery of threats already operating
inside their networks.
innovative malware detection systems: Cognitive Threat Analytics (CTA) and Advanced Malware Protection (AMP).
These systems automate the search for high-risk threats in an organization’s web traffic. Cisco CWS Premium
provides additional point-in-time protection, retrospective security, and continuous analysis to help organizations
find and address the threats that matter most. And it reduces the time to the discovery of threats already operating
inside their networks.
Security teams can now provide continuous web security that protects systems across the entire attack continuum.
Following is a closer look at these two malware detection systems.
Following is a closer look at these two malware detection systems.
Cognitive Threat Analytics
Cognitive Threat Analytics, or CTA, developed by Cognitive Security, is a near-real-time network behavior analysis
system. It uses machine learning and advanced statistics to spot unusual activity on a network: the symptoms of an
infection. The solution is not dependent on rule sets, meaning no human intervention is required to “tune” the
technology. Once CTA is enabled, it immediately begins looking for threats. Data is correlated in the cloud to
enhance the speed, agility, and depth of CTA’s anomaly detection capabilities.
system. It uses machine learning and advanced statistics to spot unusual activity on a network: the symptoms of an
infection. The solution is not dependent on rule sets, meaning no human intervention is required to “tune” the
technology. Once CTA is enabled, it immediately begins looking for threats. Data is correlated in the cloud to
enhance the speed, agility, and depth of CTA’s anomaly detection capabilities.