Chris JacksonChapter 11
Cisco Security Platforms and APIs
This chapter covers the following topics:
Cisco Security Portfolio: This section introduces Cisco’s security portfolio and describes the detect, segment, and protect mechanisms.
Cisco Umbrella: This section introduces the Cisco Umbrella product and the relevant APIs.
Cisco Firepower: This section provides an overview of Cisco Firepower Management Center and API categories.
Cisco Advanced Malware Protection (AMP): This section provides information you need to understand Advanced Malware solution.
Cisco Identity Services Engine: This section provides an overview of Cisco Identity Services Engine (ISE) and ISE APIs.
Cisco Threat Grid: This section provides an overview of Cisco Threat Grid and Threat Grid APIs.
Cisco has been building the backbone of the Internet for nearly 35 years. In addition, Cisco has created networks, big and small, and gained vast amounts of knowledge about what happens on a network. Along the way, Cisco has built a robust security portfolio to keep networks and users safe. Cisco’s security portfolio has three main pillars:
Visibility
Detection
Mitigation
A lot of organizations don’t have the visibility and the analytics to know what’s going on across their networks. Visibility includes understanding who is on the network, including people and devices, who is accessing the various servers, who is communicating with whom, and what type of traffic is on the network. Detecting all these activities is the second pillar. And as they say, one cannot discover what you can’t see. The network now needs to observe, learn, and detect anomalies continuously. By staying ahead of continually evolving attacks, a network senses the critical threats by mitigating and responding with corrective actions.
This chapter introduces various Cisco security products as well as multiple aspects of integrating security products via APIs. It covers the following: