3 min read

New next-gen firewall from Cisco, security mainframe from IBM

Security

Two of the biggest names in IT have announced new products they say will help enterprises better secure their systems.

Cisco Systems introduced a new next generation firewall line with an integrated management console for all functions while IBM revealed the z13s mainframe with encryption enhancements for organizations that need 100 per cent  availability.

The Cisco Firepower 4100 NGFW has been derived from the Firepower 9300 security appliance for service providers.

INSIDE Cisco_4100 next gen firewall

Cisco’s Firepower 4100 next-gen firewall

Like other next-gen firewalls, it includes a range of capabilities. But David Stuart, Cisco’s director of product marketing for network security products, said that many of them focus mainly on Layer 7 application protection and don’t deliver best of breed effectiveness. Many are also hard to manage each capability needs a separate management consoles, he added, and scripts to share data.

“Our goal is to collapse those silos to not have compromises and be able to deliver best of breed functions in all those areas,” he said, “and unify management.”

With the 4100 series a security team can run firewall policy, intrusion detection and file disposition and remediation from one console. It should help administrators automate action, Stuart said.

The series, which has four 1RU models, includes standard firewall, application visibility control, IPS (intrusion prevention) with contextual awareness, Cisco AMP (advanced malware protection) for both the network and endpoints, URL filtering, analysis and remediation.

The architecture also allows third party software vendors to plug in applications. The first being offered is Radware’s  DefensePro distributed denial of service mitigation.

Ciso is also offering so-called “smart licencing” on each security service, to make them “floatable” —  which Stuart said means administrators can turn them on or off on each security appliance.

The four appliances differ in performance, with a choice of 10G and 40G interfaces and offering between 20 and 80 Gbps throughput.

“Integration is key to this announcement. We’ve unified the software base, we’ve unified the management and further connected it with the rest of the Cisco security solution architecture” such as Identity Services Engine to Cisco’s Talos intelligence pool. That in turn feeds back into the Firepower Management Center to help give earlier warning of possible compromises.

Pricing start at about US$90,000.

Also on Tuesday IBM announced the release next month of the z13s air-cooled single frame mainframe for hybrid cloud and other applications that need to secure critical data and transactions.

IBM z13s mainframe

IBM’s z13s mainframe

Derived from the z13 system released last year, the z13s includes new capabilities that weren’t available when the larger system was launched, Kathryn Guarini, VP of Offering Management for z Systems, said in an interview.

These include a new microprocessor with simultaneous multithreading that can run two threads at the same time for higher throughput, and an integrated cryptographic engine on the CryptoExpress5S card that can process twice as fast as previous generations.

In addition, it has high I/0 bandwidth, four layers of embedded integrated memory cache and up to 4 TB of integrated memory.

“Clients no longer have to chose between security and performance,” Guarini said.

The company is also now offering new optional security solutions that can run on this platform:

— IBM Multi-factor Authorization for z/OS, which requires privileged users to enter a second form of identification, such as a PIN or randomly generated token, to gain access to the system. IBM says this is the first time multi-factor authorization has been tightly integrated in the operating system, rather than through an add-on software solution.

— a new Cyber Security Analytics service that can help identify malicious activity by analyzing and learning user behavior over time. For the time being it’s a no-charge, beta offering for z13 and z13s customers.
Guarini said z13s customers might be in the financial services, retail and government sectors that need 100 per cent availability and security for mission critical workloads

Pricing was not available.

Leave a Reply

Your email address will not be published. Required fields are marked *

Post comment