Cisco ONE Advanced Security, Simplify Your Threat Defense

Cisco promoted its ONE software a year ago. The Cisco ONE Software was designed to simplify the way you purchase software licenses within these technology platforms.

Cisco ONE Software is a new portfolio of software products that span the technology categories of data center and cloud, WAN, access, and security.

Instead of selling point software products and features, Cisco released the software solutions that address the most relevant IT and business outcomes. Cisco ONE Software simplifies the buying process for customers who need to deliver a specific business outcome. It also provides access to updates, upgrades, new capabilities and software license portability, similar to the benefits offered by modern application software.

Cisco ONE Software also simplified Security. That is Cisco ONE Advanced Security.

Cisco ONE Advanced Security is a software subscription for domain-specific advanced security for data center, WAN, and access. It is the advanced security layer in Cisco ONE Software framework and has benefits such as simplicity, better together pricing, portability of unused subscription term, and access to ongoing innovation.

With Cisco ONE Advanced Security, it is easier than ever to fortify your organization’s data center, WAN and access. Minimize the time you spend figuring out what security solutions to purchase, deploy and integrate. Cisco ONE advanced security suites provide predefined set of key security products and services for your data center, WAN and access in a single offer each.

Cisco ONE Advanced Security suites Data Center, Access, WAN and Edge:

  • All 3 suites are offered as 1,3, or 5 year software subscriptions
  • Cisco ONE Advanced Security for Data Center: The subscription is supported on the Cisco ASA 5585-X Adaptive Security Appliance, the Cisco Firepower 9300 Security Appliance, and the Cisco Firepower 4100 Series.
  • Cisco ONE Advanced Security for WAN and Edge: The subscription is supported on the Cisco ASA 5506, 5508, 5516, 5525, 5545, and 5555 appliances.
  • Cisco ONE Advanced Security for Access: Cisco ISE is supported on physical and virtual ISE appliance

Cisco ONE Advanced Security for...

More FAQ of Cisco ONE Advanced Security

More FAQ of Cisco ONE Advanced Security-01

For Data Center and Cloud, WAN and Edge and Access, what benefits can we get from the Cisco ONE Threat Defense?

Benefits of Cisco ONE Threat Defense for Data Center and Cloud

Benefits of Cisco ONE Threat Defense for Data Center and Cloud-01

Threat Defense for Data Center and Cloud supports the following ASA firewalls and Cisco Firepower platforms:

● ASA platforms

  • ◦ All ASA 5585-X platforms

● Cisco Firepower platforms

  • ◦ All Cisco Firepower 4100 Series platforms with Cisco Firepower Threat Defense
  • ◦ All Cisco Firepower 9300 Security Appliance platforms with Cisco Firepower Threat Defense

Cisco ASA Licensing for Cisco ONE Threat Defense for Data Center and Cloud

  Cisco ASA 5585-10 Cisco ASA 5585-20 Cisco ASA 5585-40 Cisco ASA 5585-60
Cisco ASA with Firepower Services (IPS, URL, and AMP): Threat, applications, and malware (TAMC) Yes Yes Yes Yes
Security contexts Yes(20 contexts) Yes(50 contexts) Yes(100 contexts) Yes(250 contexts)

Cisco Firepower 4100 Series Licensing for Cisco ONE Threat Defense for Data Center and Cloud

Cisco Firepower 4110 Cisco Firepower 4120 Cisco Firepower 4140 Cisco Firepower 4150
Cisco Firepower Threat Defense services (IPS, URL, and AMP): Smart license Yes Yes Yes Yes

Cisco Firepower 9300 Licensing for Cisco ONE Threat Defense for Data Center and Cloud

Cisco Firepower 9300 Security Module 24 Cisco Firepower 9300 Security Module 36 Cisco Firepower 9300 Security Module 44
Cisco Firepower Threat Defense services (IPS, URL, and AMP): Smart license Yes Yes Yes

Reference from http://www.cisco.com/c/en/us/products/collateral/software/one-advanced-security/datasheet-c78-737167.html

Benefits of Cisco ONE Threat Defense for WAN and Edge

Cisco ONE Threat Defense for WAN and Edge is a complete software solution that helps ensure the highest level of security for your WAN environment. It helps enhance and strengthen security offered by the best-in-class Cisco ASA 5500 Series Adaptive Security Appliances by using the power of Cisco Firepower Services. In addition, you’ll have a client-side VPN to provide remote access for roaming users. Threat Defense for WAN and Edge is available as Threat Defense for WAN and Edge on ASA

Benefits of Cisco ONE Threat Defense for WAN and Edge-01

Threat Defense for WAN and Edge has the following software components:

  • Threat Defense for WAN and Edge provides licenses for ASA with Firepower Services.
  • Cisco ASA with Firepower Services combines the world’s most deployed firewall with the industry’s most effective NGIPS and AMP solutions.
  • Cisco AnyConnect Secure Mobility Plus Client increases visibility and control across the extended network, preventing compromised endpoints from gaining access to critical resources.

Cisco ASA Firewall Platforms Supported

Threat Defense for WAN and Edge supports the following ASA firewall platforms:

  • ASA 5506-X, 5506-H, 5508-X, 5512-X, 5515-X, 5516-X, 5525-X, 5545-X, and 5555-X

Cisco ASA Licensing for Cisco ONE Threat Defense for WAN and Edge.

  Cisco ASA 5506-X 

 

Cisco ASA 5506-H Cisco ASA 5508-X 

 

Cisco ASA 5516-X Cisco ASA 5525-X Cisco ASA 5545-X Cisco ASA 5555-X
Cisco ASA with Firepower Services (IPS, URL, and AMP): Threat, applications, and malware (TAMC) Yes Yes Yes Yes Yes Yes Yes
Cisco AnyConnect Plus Yes(50 users) Yes(100 users) Yes(250 users) Yes(500 users) Yes(1000 users) Yes(2500 users) Yes(5000 users)

The primary features and capabilities of Threat Defense for WAN and Edge for ASA with Firepower Services

Main Features

Feature Benefits
Market-leading NGIPS Superior threat prevention and mitigation for both known and unknown threats
AMP Detection, blocking, tracking, analysis, and remediation to protect the enterprise against targeted and persistent malware attacks
Full contextual awareness Policy enforcement based on complete visibility of users, mobile devices, client-side applications, communication between virtual machines, vulnerabilities, threats, and URLs
Application control and URL filtering Application-layer control (over applications, geographical locations, users, and websites) and the capability to enforce use and tailor detection policies based on custom applications and URLs

For a full list of features and capacities for ASA 5500-X with Firepower Services platforms, view the data sheet here.

Reference from http://www.cisco.com/c/en/us/products/collateral/software/one-advanced-security/datasheet-c78-737170.html

 Benefits of Cisco ONE Policy and Threat Defense for Access

Benefits of Cisco ONE Policy and Threat Defense for Access-01

Licensing for Cisco ONE Policy and Threat Defense for Access

  Cisco Catalyst2000 and 3000 Series Switches Cisco Catalyst 4000 and 6000 Series Switches Wireless (All Controllers and Access Points Are Supported)
ISE Plus Yes(50 endpoints) Yes(150 endpoints) Yes(25 endpoints)
ISE Apex Yes(50 endpoints) Yes(150 endpoints) Yes(25 endpoints)
Cisco AnyConnect Apex Yes(50 users) Yes(150 users) Yes(25 users)

Reference from http://www.cisco.com/c/en/us/products/collateral/software/one-advanced-security/datasheet-c78-737168.html

More Related:

Cisco ONE Software Overview

Cisco ONE Software Licensing Program

Cisco ONE for WAN-Benefits

Share This Post

Post Comment