IOS Security from Cisco is network security technology.
N/A
Snort
Score 9.0 out of 10
N/A
Sourcefire developed Snort, an open source intrusion prevention system capable of real-time traffic analysis and packet logging. Snort was acquired (and is now supported) by Cisco in 2013.
We used to access list remote login to the switches for only network admin from specific vlan. And allow some vendor server to connect for snmp messages. This has allowed us to monitor with external vendor while keeping security tight and audit for users. In other hand we had to use external solution for NAC
If a colleague was looking to tighten down their network I can easily recommend Snort to them. It gives you some more peace of mind knowing that its always scanning traffic for malicious looking code. Even things your major firewalls and security hardware might miss, Snort has picked up. Its an easy recommendation for me.
Cisco could provide an initial set up script for those are not used to the CLI (Command Line Interface). With that initial script, people could easily deploy the security features instead of having to learn how to use the commands.
The web interface that Cisco provides with the routers, although it’s useful to set up the security features, it could also have some sort of tutorials to help people understand the main concepts of iOS security.
You have to license iOS security separately from the main OS. For that reason, sometimes it tends to be a little expensive if you have a small business.
Cisco IOS Security usibility require a network administrator or an engineer with CCNA knowledge to know how to handle and configure Cisco IOS Security. The Cisco IOS Security usability once you know your way is smooth and very helpful. Even for new commands you can just type question mark and the new commands will pop on the screen.
Cisco has the best Support team that gives us 24/7 support as we need. Cisco has huge detailed documentation for design, implementation, and troubleshooting all areas of the IOS security. There are many communities discussing all Cisco devices and solutions for studying groups and for customers to share their stories, technical problem and solutions.
IOS Security is a bonus feature when you purchase Cisco devices. It is great to have a vendor provide equipment to go above and beyond the minimal needs for business operation. Having security at the downstream edge of our organization provides a sense of ease from potential attacks.
For our organization, the Cisco defense in depth concept works the best. While Cisco can be made to work with other vendors, we have found the best in depth protection by integrating Cisco products for maximum visibility. We had a Barracuda Web Filter, but it was difficult to maintain when you had limited scope on what you could block, so we created a whitelist only setup which required a lot of additional manpower. This wouldn't have covered new threats with DNS spoofing and the like. Sourcefire also integrated with our anti-malware platform (Cisco AMP) for even better visibility on what may be happening on the end users workstation. We are planning on adding in Cisco ISE to complete the approach and possibly stealthwatch to cover our bases in the future. The Palo Alto gear was interesting, but it was priced far out of our range.
