Alerts and Analysis – Cisco Cloud Security

Alerts and Analysis Based on the combination of roles, observations, and other threat intelligence, Secure Cloud Analytics generates alerts, which are actionable items that represent possible malicious behavior as identified by the system. To build on the previous example, a New Internal Device observation on its own does not constitute possible malicious behavior. However, over … Read more

How Secure Cloud Analytics Works – Cisco Cloud Security

How Secure Cloud Analytics Works The deployment and working of Secure Cloud Analytics is described in the following sections. Deployment Secure Cloud Analytics supports two deployment types to support your network: • Public cloud monitoring: Agent-less monitoring of workloads by ingesting native cloud logs, and API integration to deliver threat detection and configuration monitoring. • … Read more

Benefits – Cisco Cloud Security

Benefits The following components are integrated seamlessly in a single, cloud-delivered platform: • DNS-layer security: DNS requests precede the IP connection, enabling DNS resolvers to log requested domains over any port or protocol for all network devices, office locations, and roaming users. You can monitor DNS requests, as well as subsequent IP connections, to improve … Read more

Umbrella Integrations – Cisco Cloud Security

Umbrella Integrations Umbrella, while providing multiple levels of defense against Internet-based threats, is the center piece of a larger architecture for Internet security. Figure 8-29 illustrates Cisco Umbrella integrations. Figure 8-29 Cisco Umbrella integrations This section will explore the integrations that occur with other products in the Cisco portfolio and the role each plays in … Read more

Cisco Secure Cloud Analytics – Cisco Cloud Security

Cisco Secure Cloud Analytics Only 56 percent of security alerts are investigated, and more than half of those are not remediated, according to the Cisco 2017 Annual Cybersecurity Report. Responding to these alerts is an overwhelming job, and most organizations do not have the security staff to keep up. Companies of all sizes face the … Read more

Understanding Secure Cloud Analytics – Cisco Cloud Security

Understanding Secure Cloud Analytics Cisco Secure Cloud Analytics is a SaaS-based network detection and response (NDR) offering that give CISOs more confidence in their ongoing journey into the cloud. This solution is already built to protect your public cloud resources, as it provides comprehensive visibility into all of your public cloud traffic. It is a … Read more

Enabling Cloudlock via WSA (11.5) – Cisco Cloud Security

Enabling Cloudlock via WSA (11.5) Figure 8-8 illustrates Cisco Cloudlock enablement workflow using WSA. Figure 8-8 Cisco Cloudlock enablement workflow using WSA Figure 8-9 shows the Cisco Cloudlock onboarding page for signing in and signing up. Figure 8-9 Cisco Cloudlock onboarding page (sign-in and sign-up) The new radio button for Cloudlock log subscription has the … Read more

Cloud Access Security Broker – Cisco Cloud Security

Cloud Access Security Broker Umbrella exposes shadow IT by providing the ability to detect and report on cloud applications in use across your organization. For discovered apps, you can view details on the risk level and block or control usage to better manage cloud adoption and reduce risk. Figure 8-16 illustrates Cisco Cloudlock’s “shadow IT” … Read more

Optimization – Cisco Cloud Security

Optimization With hundreds of apps in use and new ones being adopted on a regular basis, organizations need an automated way to view key vendor and app details and compare risk elements and compliance certifications. It’s also important to be able to view which identities are using which applications to enable monitoring and to help … Read more

Cisco Umbrella – Cisco Cloud Security

Cisco Umbrella Security is shifting and converging in the cloud. You may hear different names for this trend, such as secure Internet gateway (SIG), edge security, secure access service edge (SASE), and more. It can get confusing. Regardless of what you call it, it denotes multiple security functions integrated into one cloud service, the flexibility … Read more