Today's attacks are stealthy and evasive, designed to bypass traditional perimeter defenses like firewalls, antivirus software, and intrusion prevention systems. Having an industry-leading perimeter defense is a key part of any security strategy, but these tools will never be 100 percent effective. Fighting malware effectively today requires new approaches, strategies, and advanced threat capabilities. Malware Defense with Cisco® Secure Firewall delivers network-based advanced malware protection that goes beyond point-in-time detection to protect your organization across the entire attack continuum-before, during, and after an attack. Malware Defense detects, blocks, tracks, and contains malware threats across multiple threat vectors within a single system. It also provides the visibility and control necessary to protect your organization against highly sophisticated, targeted, zero day, and persistent advanced malware threats. To active Malware Defense, purchase the Malware Defense licence for Cisco Secure Firewall. With Malware Defense, you can: - Trust protection that moves beyond point-in-time: Malware Defense goes beyond point-in-time detection to analyze files and traffic continuously. This capability helps enable retrospective security, the ability to look back in time and trace processes, file activities, and communications. You can understand the full extent of an infection, establish root causes, and perform remediation. The result: more effective, efficient, and pervasive protection for your organization.
- Limit policy-violating files and more: Tracking data that comes through the web, email, or other attack vectors, Malware Defense automatically recognizes files and applications. It then performs broad-based filtering of files using the application and file control policies that you set.
- Detect and block exploit attempts: With an inline deployment, the Cisco solution can detect and block client-side exploit attempts. You're also protected against vulnerability exploit attempts aimed at Adobe Acrobat, Java, Flash, and other commonly targeted client applications.
- Identify, block, and analyze malicious files: The system blocks malicious files from their target system and analyzes files with an unknown disposition. If no disposition is returned, the suspect file will automatically be submitted to Cisco Secure Malware Analytics (formerly Threat Grid) for further analysis.
- Go beyond just sandboxing: Malware Defense includes built-in sandboxing capabilities, but with the integration of Secure Malware Analytics, malware analysis and threat intelligence are taken to a whole new level. Secure Malware Analytics provides more than 700 unique behavioral indicators to analyze the actions of a file and help you understand what malware is doing, or attempting to do, and how large a threat it poses to your organization. You get easy-to-understand threat scores and billions of malware artifacts at your disposal for exceptional scale and coverage from global threats.
- Analyze files and traffic continuously: Determining that an observed file is malicious triggers retrospective alerts from Malware Defense, even if the file traversed the network hours or days in the past, so you can still take action and mitigate damage
|