Cisco has adopted a "threat-focused" approach with its latest ASA firewall.
A/NZ security general manager, Anthony Stitt, said the security industry has traditionally invested heavily in the “before” or prevention phase.
“There has been less focus on the 'during' and 'after' piece, and that is what is different about the ASA platform,” he said.
Stitt is seeing a “real gap in the market” around security appliances being able to provide enough information about the threat itself.
“That’s why we have positioned our security portfolio around the before, during and after taxonomy, as this type of integration provides benefits in each one of those areas,” he said.
The Cisco ASA 5500 series firewall comes with FirePOWER Services, which consists of Next-Generation Intrusion Prevention Systems (NGIPS) and Advanced Malware Protection (AMP) from its acquisition of Sourcefire.
All about context
Stitt is first to admit that Cisco is not the only security vendor in the world to offer intrusion prevention capability with application and user awareness on a single platform.
“However, Sourcefire differs in its ability to bring together what the security industry understands about the threat world into a well-tested and independently verified rule set,” he said.
Another point of differention for Cisco ASA with FirePOWER Services is the ability to collect contextual data in real time to enable better decisions to be made.
“That information provides customers with better awareness of threats, and enables some automation features in terms of automatically tuning rules and providing impact assessment,” he said.
Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.