Cisco Extended UTM Solution Extension

The Cisco security solution is based on the ASA 5500 series Adaptive UTM device, which organically integrates security and VPN services with a new adaptive identification and Defense (AIM) architecture. As part of the Self Defense Network, the entire security package provides active threat defense, UTM to prevent attacks before the network is compromised, control network behavior and application traffic, and provide flexible VPN connections.

This multifunctional network security scheme not only protects large and medium sized enterprise networks, but also lowers the overall deployment and operational costs and complexities associated with implementing this security. It is reported that UTM equipment can provide a variety of market-proven technologies in a single platform, both technically and economically, to deploy a variety of security services for multiple locations.

It can be said that the effective use of UTM multi-function security components, enterprises almost no need to make any dilemma, not only to enjoy a strong security, but also to reduce the number of locations to deploy multiple units operating costs.

A reasonable set of UTM solutions can help organizations manage the network more effectively and provide excellent investment protection through the following key components:

First, market-proven security and VPN capabilities. This side covers high-performance firewalls and intrusion prevention systems (IPS), network antivirus and Ipsec/ssl VPN Technologies, user-and application-based access control, worm and virus defenses, malware protection, and remote user/site connections.

Second, scalable adaptive recognition and defense services architecture. With a modular service processing and policy framework, aim can apply specific security policies or network services to provide highly accurate policy control and anti-x protection and streamline traffic processing based on each traffic situation. The aim architecture is highly efficient, and its Security Service module SSM provides software and hardware scalability, so you can extend existing services and deploy new services without requiring a replacement platform or performance degradation.

Third, reduce deployment and operational costs. For UTM devices, it enables standardization of platform, configuration, and management, reducing deployment and day-to-day operational costs.

As one of the key components of Cisco Adaptive Threat Defense and unified secure access strategy, Cisco's UTM scheme combines a variety of security and VPN technologies, providing rich application security, anti-x Defense, network control and suppression, and secure connectivity features.

The scheme provides powerful application-layer Security through 30 application-aware detection engines that can check the second to seventh-tier network traffic. To prevent the network from being subjected to application layer attacks, enterprises can control the use of applications and protocols in the environment, these detection engines contain rich application and protocol knowledge, and adopt security implementation techniques, including application/protocol command filtering, protocol anomaly detection, and application and protocol status tracking. As another application detection and control layer, these detection engines also employ attack detection and defense techniques such as buffer flood defenses, content filtering and validation, and URL display services.

UTM provides high-performance protection against network and application layer attacks, denial of service attacks, and malware such as worms, network viruses, Trojan horses, spyware, and adware. To achieve efficient anti-x defense, a wide range of attack detection techniques should be matched with advanced analytical techniques to achieve highly accurate threat classification, thus ensuring that appropriate defensive measures are implemented without affecting legitimate network traffic.

In addition, Cisco's program provides a wide range of network control and suppression services, enabling enterprises to accurately control application access and network traffic transmission. As a security base, the UTM device has a rich stateful detection Firewall service that tracks the status of all network traffic and prevents unauthorized access to the network. It provides a highly flexible access control service that enables organizations to implement their corporate security policies, as well as application and resource usage policies.

As a complete security control endpoint, Cisco stresses that UTM must also provide strong intersite and remote access VPN services, enabling businesses to create secure connections on public networks for mobile users, remote locations, and business partners. There is no doubt that this provides an integrated way to achieve security, enabling organizations to gain access to the Internet and cost advantages without disrupting the integrity of corporate security policies. It is learned that by integrating the VPN service with a wide range of security services provided by Cisco UTM, the enterprise can benefit from a stronger, more secure VPN connection.