Cisco promoted its ONE software a year ago. The Cisco ONE Software was designed to simplify the way you purchase software licenses within these technology platforms.
Cisco ONE Software is a new portfolio of software products that span the technology categories of data center and cloud, WAN, access, and security.
Instead of selling point software products and features, Cisco released the software solutions that address the most relevant IT and business outcomes. Cisco ONE Software simplifies the buying process for customers who need to deliver a specific business outcome. It also provides access to updates, upgrades, new capabilities and software license portability, similar to the benefits offered by modern application software.
Cisco ONE Software also simplified Security. That is Cisco ONE Advanced Security.
Cisco ONE Advanced Security is a software subscription for domain-specific advanced security for data center, WAN, and access. It is the advanced security layer in Cisco ONE Software framework and has benefits such as simplicity, better together pricing, portability of unused subscription term, and access to ongoing innovation.
With Cisco ONE Advanced Security, it is easier than ever to fortify your organization’s data center, WAN and access. Minimize the time you spend figuring out what security solutions to purchase, deploy and integrate. Cisco ONE advanced security suites provide predefined set of key security products and services for your data center, WAN and access in a single offer each.
Cisco ONE Advanced Security suites Data Center, Access, WAN and Edge:
- All 3 suites are offered as 1,3, or 5 year software subscriptions
- Cisco ONE Advanced Security for Data Center: The subscription is supported on the Cisco ASA 5585-X Adaptive Security Appliance, the Cisco Firepower 9300 Security Appliance, and the Cisco Firepower 4100 Series.
- Cisco ONE Advanced Security for WAN and Edge: The subscription is supported on the Cisco ASA 5506, 5508, 5516, 5525, 5545, and 5555 appliances.
- Cisco ONE Advanced Security for Access: Cisco ISE is supported on physical and virtual ISE appliance
More FAQ of Cisco ONE Advanced Security
For Data Center and Cloud, WAN and Edge and Access, what benefits can we get from the Cisco ONE Threat Defense?
Benefits of Cisco ONE Threat Defense for Data Center and Cloud
Threat Defense for Data Center and Cloud supports the following ASA firewalls and Cisco Firepower platforms:
● ASA platforms
- ◦ All ASA 5585-X platforms
● Cisco Firepower platforms
- ◦ All Cisco Firepower 4100 Series platforms with Cisco Firepower Threat Defense
- ◦ All Cisco Firepower 9300 Security Appliance platforms with Cisco Firepower Threat Defense
Cisco ASA Licensing for Cisco ONE Threat Defense for Data Center and Cloud
|Cisco ASA 5585-10||Cisco ASA 5585-20||Cisco ASA 5585-40||Cisco ASA 5585-60|
|Cisco ASA with Firepower Services (IPS, URL, and AMP): Threat, applications, and malware (TAMC)||Yes||Yes||Yes||Yes|
|Security contexts||Yes(20 contexts)||Yes(50 contexts)||Yes(100 contexts)||Yes(250 contexts)|
Cisco Firepower 4100 Series Licensing for Cisco ONE Threat Defense for Data Center and Cloud
|Cisco Firepower 4110||Cisco Firepower 4120||Cisco Firepower 4140||Cisco Firepower 4150|
|Cisco Firepower Threat Defense services (IPS, URL, and AMP): Smart license||Yes||Yes||Yes||Yes|
Cisco Firepower 9300 Licensing for Cisco ONE Threat Defense for Data Center and Cloud
|Cisco Firepower 9300 Security Module 24||Cisco Firepower 9300 Security Module 36||Cisco Firepower 9300 Security Module 44|
|Cisco Firepower Threat Defense services (IPS, URL, and AMP): Smart license||Yes||Yes||Yes|
Reference from https://www.cisco.com/c/en/us/products/collateral/software/one-advanced-security/datasheet-c78-737167.html
Benefits of Cisco ONE Threat Defense for WAN and Edge
Cisco ONE Threat Defense for WAN and Edge is a complete software solution that helps ensure the highest level of security for your WAN environment. It helps enhance and strengthen security offered by the best-in-class Cisco ASA 5500 Series Adaptive Security Appliances by using the power of Cisco Firepower Services. In addition, you’ll have a client-side VPN to provide remote access for roaming users. Threat Defense for WAN and Edge is available as Threat Defense for WAN and Edge on ASA
Threat Defense for WAN and Edge has the following software components:
- Threat Defense for WAN and Edge provides licenses for ASA with Firepower Services.
- Cisco ASA with Firepower Services combines the world’s most deployed firewall with the industry’s most effective NGIPS and AMP solutions.
- Cisco AnyConnect Secure Mobility Plus Client increases visibility and control across the extended network, preventing compromised endpoints from gaining access to critical resources.
Cisco ASA Firewall Platforms Supported
Threat Defense for WAN and Edge supports the following ASA firewall platforms:
- ASA 5506-X, 5506-H, 5508-X, 5512-X, 5515-X, 5516-X, 5525-X, 5545-X, and 5555-X
Cisco ASA Licensing for Cisco ONE Threat Defense for WAN and Edge.
|Cisco ASA 5506-X
|Cisco ASA 5506-H||Cisco ASA 5508-X
|Cisco ASA 5516-X||Cisco ASA 5525-X||Cisco ASA 5545-X||Cisco ASA 5555-X|
|Cisco ASA with Firepower Services (IPS, URL, and AMP): Threat, applications, and malware (TAMC)||Yes||Yes||Yes||Yes||Yes||Yes||Yes|
|Cisco AnyConnect Plus||Yes(50 users)||Yes(100 users)||Yes(250 users)||Yes(500 users)||Yes(1000 users)||Yes(2500 users)||Yes(5000 users)|
The primary features and capabilities of Threat Defense for WAN and Edge for ASA with Firepower Services
|Market-leading NGIPS||Superior threat prevention and mitigation for both known and unknown threats|
|AMP||Detection, blocking, tracking, analysis, and remediation to protect the enterprise against targeted and persistent malware attacks|
|Full contextual awareness||Policy enforcement based on complete visibility of users, mobile devices, client-side applications, communication between virtual machines, vulnerabilities, threats, and URLs|
|Application control and URL filtering||Application-layer control (over applications, geographical locations, users, and websites) and the capability to enforce use and tailor detection policies based on custom applications and URLs|
For a full list of features and capacities for ASA 5500-X with Firepower Services platforms, view the data sheet here.
Reference from https://www.cisco.com/c/en/us/products/collateral/software/one-advanced-security/datasheet-c78-737170.html
Benefits of Cisco ONE Policy and Threat Defense for Access
Licensing for Cisco ONE Policy and Threat Defense for Access
|Cisco Catalyst2000 and 3000 Series Switches||Cisco Catalyst 4000 and 6000 Series Switches||Wireless (All Controllers and Access Points Are Supported)|
|ISE Plus||Yes(50 endpoints)||Yes(150 endpoints)||Yes(25 endpoints)|
|ISE Apex||Yes(50 endpoints)||Yes(150 endpoints)||Yes(25 endpoints)|
|Cisco AnyConnect Apex||Yes(50 users)||Yes(150 users)||Yes(25 users)|
Reference from https://www.cisco.com/c/en/us/products/collateral/software/one-advanced-security/datasheet-c78-737168.html
Cisco ONE Software Overview