Information Technology Reference
In-Depth Information
SAFE facilitates the development, implementation, and management of secure
networks.
■
Figure 13-1 shows Cisco SAFE components and major concepts.
Security Devices
• VPNs
• Monitoring
• Firewall
• Email Filtering
• Admission Control
• Intrusion Prevention
Security Solutions
• PCI
• DLP
• Threat Control
Network Devices
• Routers
• Servers
• Switches
Identify
Harden
Monitor
Isolate
Visibility
Control
Correlate
Enforce
Security Control Framework
Cisco
Virtual
Office
Data
Center
WAN
Edge
Internet
Edge
E-
Virtual
User
Partner
Sites
Campus
Branch
commerce
Secured Mobility, Unified Communications, Network Virtualization
Network Foundation Protection
Figure 13-1
Cisco SAFE Architecture
Network Security Platforms
Network security starts with having a secure underlying network. The underlying network
provides an ideal place to implement core and advanced security solutions. The center of
these secure network solutions consists of the Adaptive Security Appliances (ASA), Inte-
grated Services Routers (ISR), and Cisco Catalyst switches that have integrated security
feat ure s. The s e are highly intelligent net work s ec ur it y dev ice s w ith many built-in s ec ur it y
feat ure s that prov ide a framework for incor porat ing s ec ur it y throu ghout the net work.
Here is a description of some important security device platforms:
ASA
is a high-performance firewall appliance with IPS, antivirus, IPsec, and Secure
Shell (SSL) virtual private network (VPN) technologies integrated into a single unified
architecture. ASA also has embedded Network Admission Control (NAC) capabilities.
■
ISR
G2 combines IOS firewall, VPN, and IPS services across the router portfolio, en-
abling new security features on existing routers. Supported VPNs include IPsec VPN,
■
