Cisco Enhances Security Tools with AI-Powered Access Control and Identity Management

New Identity Intelligence service aggregates data from pre-existing access and identity solutions, presenting a cohesive dashboard through which IT teams can survey the whole network, identify suspicious accounts, and hinder access.

Cisco is instigating updates to crucial components of its large-scale Security Cloud platform, with the aim of aiding corporate clients in safeguarding their extensively distributed resources.

The enhancements incorporate a novel service named ‘Identity Intelligence’ that amalgamates information from the provider’s pre-existing security products, like its Duo authentication application and XDR threat identification system. This is augmented by AI-powered behavioural analytics to enhance network authentication, and fortify defences against identity-oriented attacks.

Identity Intelligence is an overlay on client’s diverse directories and identity tools to allow visibility into active usage of identities, and to automate policy enforcement. The premise with Identity Intelligence is to enable enterprise security operators, via a solitary dashboard, to view their whole network, pinpoint and resolve dubious accounts, identify suspicious behaviours, and block access when required, using existing products, according to Raj Chopra, Senior Vice- President and Chief Product Officer of Cisco’s security division. 

Chopra elaborates on the concept of Security Intelligence as an all-inclusive framework within Cisco’s offerings. Previously, access to applications and resources was largely static, but that’s no longer sustainable. Cisco can examine network intelligence and behaviors, making real-time assessment of whether enterprise access should be granted based on the risk level.

As per the Cisco Talos 2023 Year in Review report, compromising credentials were accountable for initiating one-fourth of the Talos incident response activities.

Vikas Butaney (Senior VP and General Manager, Cisco SD-WAN, multicloud, and industrial IoT ) and Joe Vaccaro(VP of Product at Cisco ThousandEyes) emphasize in a blog post, the importance of swiftly managing and barring access as connections multiply exponentially across a diverse and distributed array of applications, devices, and users.

According to Butaney and Vaccaro, the complications heighten as businesses heavily bet on multicloud services, software-as-a-service (SaaS), and infrastructure-as-a-service (IaaS), with generative AI technologies thrown into the mix. With billions of potential points of failure and exploit pathways, there are numerous surfaces requiring protection and optimization as the attack landscape broadens for institutions.

Cisco is not only introducing a new Security Intelligence service, but also incorporating its AI Security Assistant into the Secure Access package, part of its secure service edge (SSE) offering.

Secure Access by Cisco comprises various security capabilities such as zero-trust network access (ZTNA), secure web gateway (SWG), cloud access security broker (CASB), firewall as a service (FWaaS), DNS security, remote browser isolation (RBI) and more. It is engineered to safeguard any application through any port or protocol. It achieves this with optimized performance and persistent trust verification and allocation says Cisco.

By incorporating the AI Security Assistant into the SSE package, Cisco aims to enable business customers to utilize genAI to simplify SSE policy handling using natural language prompts says Chopra. One of the main objectives of the AI Assistant is to minimize the response time customers need to potential threats and to streamline the complete security process.

The AI Security Assistant of Cisco was initially integrated within the vendor’s Firewall Management Center and Cisco Defense Orchestrator services. Cisco’s Firewall Management Center serves as a unified platform for managing, monitoring, troubleshooting and controlling Cisco Firepower next-generation firewalls. The orchestrator platform facilitates central management, control, and automation of security policies across various cloud-native security systems.

Cisco has introduced AI-based email threat detection to its Email Threat Defense offering. This feature uses artificial intelligence to examine various aspects of incoming emails for signs of harmful intentions.

In addition, Cisco has improved its Full Stack Observability (FSO) platform’s security features. The FSO platform aims to gather and relate data from various sources like applications, networking, infrastructure, security, and cloud domains. This provides a comprehensive view of the enterprise and makes it easier to identify irregularities, prevent and resolve performance issues, and enhance threat mitigation.

The improvements include:

New Cisco AIOps software has been added to simplify real-time business health monitoring, reduce alert noise, and automate IT processes. The software brings together data from Cisco AppDynamics, Cisco ThousandEyes, Cisco DNA Center, VMWare, Zabbix and ServiceNow (ITSM, ITOM and CMDB). Lastly, it includes dynamic thresholds-based alerting on metrics and events and a variety of anomaly-detection methods.

Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Article

Cancellation of New Nier Game Reportedly: Not a Cause for Concern

Next Article

Exploring Cisco's Cloud Networking Evolution through Key Portfolio Updates

Related Posts