TLS adoption has grown quickly, with practically 100% of web site connections now delivered over HTTPS. Now, firewalls should do greater than merely block threats—they should present superior decryption capabilities to detect hidden risks, whereas sustaining efficiency, all with out compromising the velocity of enterprise operations.
Safety shouldn’t come at the price of efficiency
Many firewalls decelerate considerably when superior security measures like Layer 7 inspection and TLS decryption are enabled. Deep packet inspection—important for detecting threats similar to malicious file transfers or internet utility assaults—requires decrypted visitors for efficient evaluation. With out decryption, these options change into ineffective, as encrypted visitors flows by means of unchecked, permitting vital threats to stay hidden.
In recognition of this development in direction of encryption, Cisco has made leading edge product investments over the previous couple of years to make sure our firewalls keep efficiency with out sacrificing safety performance. Our Subject Programmable Gate Array (FPGA) part implements an industry-first stream offload engine to decrypt and encrypt TLS visitors in {hardware}. For TLS classes that can’t be decrypted, Cisco provides one other layer of safety with its Encrypted Visibility Engine (EVE). EVE leverages behavioral analytics and machine studying to detect malicious outbound communications even inside encrypted visitors. Our prospects see worth as a result of they get to implement safety greatest practices for encrypted visitors and guarantee operational effectivity.
Testing validates Cisco’s superiority in inspecting encrypted visitors
We’re thrilled to share that these advances from Cisco have been acknowledged by NetSecOPEN throughout latest testing. The NetSecOPEN report confirms the superior safety capabilities of Cisco Safe Firewall, with 98% risk efficacy, 100% detection for evasive threats, and 100% block price underneath heavy load circumstances. To be clear with our prospects in order that they know what efficiency to count on when real-world visitors and threats attain their firewalls, we publish our HTTPS throughput capabilities in our knowledge sheet. In testing, with its cutting-edge FPGA design, Cisco Safe Firewall 3105 maintained a powerful 4.17 Gbps throughput. This implies our firewall exceeded its knowledge sheet variety of 3.2 Gbps by 30%, whereas firewalls from different firewall distributors carried out as much as 74% slower than their knowledge sheet numbers.
Noticed efficiency exhibits Cisco Safe Firewall performs 30% quicker
Setting the usual: Validated by NetSecOPEN
NetSecOPEN, a nonprofit group with members similar to Cisco, Palo Alto Networks, and Fortinet, conducts open and clear testing in partnership with high labs like SE Labs, SecureIQ Lab, and UNH-IOL. These methodologies permit prospects to replicate the outcomes in their very own environments, in keeping with the specs of RFC 9411.
Powering safety with Talos Intelligence
Cisco Safe Firewall is fortified by the intelligence of Cisco Talos, one of many largest industrial risk intelligence groups on the earth. Talos powers the Cisco portfolio with in depth intelligence protecting an enormous vary of buyer environments throughout the globe. Talos supplies verifiable and customizable defensive applied sciences and strategies that assist prospects, customers and the web at-large shortly shield their property. This 12 months, Talos launched SnortML, a machine-learning detection engine designed to establish zero-day vulnerabilities, additional enhancing the efficacy of Cisco’s firewall.
Working on the precept of “See As soon as, Block In every single place,” Talos takes a proactive method to international risk protection. It leverages status instruments to detect model spoofing and malicious senders, whereas real-time categorization identifies phishing campaigns or malware. With Snort and ClamAV detection engines, Talos flags malicious domains, IPs, and file hashes, offering vital intelligence to safety controls. With enrichment capabilities, it presents deeper risk context, empowering safety groups to make quicker, extra knowledgeable choices.
Trusted efficiency. Seamless safety.
With Cisco Safe Firewall, companies can confidently allow superior security measures with out compromising velocity. Our options empower your operations to stay quick, agile, and guarded—at the same time as visitors grows, and threats evolve. Cisco Safe Firewall empowers you to face the long run with out trade-offs, providing seamless safety immediately and tomorrow.
See the report
If you wish to see how one can recreate the ends in your individual atmosphere, you may observe the rules within the report. We’ve got verified what Cisco Safe Firewall has steadily provided: industry-leading safety with efficient velocity whereas closing safety gaps. As a pacesetter in community safety, you may depend on Cisco as your trusted companion.
Expertise our firewall in motion
Wish to give it a attempt? Be a part of the Cisco Safe Firewall Take a look at Drive, an instructor-led 4-hour safety course, permitting you to achieve firsthand expertise with Cisco firewalls, and uncover the brand new strategies of attackers which have modified the community safety wants.
1Desk 12: HTTPS Throughput, NetSecOPEN Certification Report: Cisco Methods
2Desk 2: Efficiency specs and have particulars, Cisco Firewall 3100 Collection Knowledge Sheet
3Desk 11: HTTPS Throughput, NetSecOPEN Certification Report: Palo Alto Networks
4Desk 1: PA-400 Collection Efficiency and Capacities, PA-400 Collection Knowledge Sheet
5Desk 11: HTTPS Throughput, NetSecOPEN Certification Report, Fortinet
6Specs part: FortiGate 600F Collection Knowledge Sheet
We’d love to listen to what you assume. Ask a Query, Remark Beneath, and Keep Linked with Cisco Safety on social!
Cisco Safety Social Channels
Share: