Cisco Multicloud Defense Review
Updated March 31, 2024
Cisco Multicloud Defense Review
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with Cisco Multicloud Defense
We have a considerable cloud environment that we run most of our networking and services from and we utilize Cisco Multicloud Defense to secure and monitor all of the above. It is helping us manage our cloud inventory more effectively, and closing knowledge gaps in our security footprint, to give us an overall better posture.
- The thing that I'd like the most about Cisco Multicloud Defense so far is that it's allowed me to look at security within our cloud environment in a new way and to rebuild it in a far more scalable fashion while giving more control to people that are actually involved in the delivery end of things some ability to manage the networking security within that.
- I think there are some GUI changes that could be made, and probably will be made as the product matures moreso to align it with the wider Cisco security platform look and feel
- Our availability has increased because of how availability works within this product. Whereas before as running two virtual machines for firewalls, the automated end of this entire deployment where if it sees a health issue, it will build another version itself and drain the old one and re-add the traffic into the new one very cleanly with very little loss. So that's really greatly improved our availability. Then the deployment of new services will also be quicker because, as I mentioned, it is tag-based, if you already have a preexisting tag architecture, you can just add new services into that and they will automatically be pulled into the new system. So it's more efficient in that way. In terms of commercials, I guess it's kind of similar. I don't think it will make a massive commercial difference to us, but in terms of the operational element it will.
I come from a deployment background, so I've used most of the vendor's firewall technologies. In the cloud, I've primarily used Cisco's legacy Firepower product. It doesn't really parallel with them in that it's not a traditional firewall appliance sitting in the cloud. Its utilization of tags and how it groups objects are separated a little bit as it's very intrinsically linked with the cloud environment itself. It doesn't just sit in it, it spans out into it in a much more organic way. And because of that then you can, as I mentioned before, if there are security requirements that exist on one server, it is very easy to replicate these over to another server utilizing tags without having to configure this new server you're spinning up within the firewall itself. It will pull it all into its inventory with no intervention from you.
Do you think Cisco Multicloud Defense delivers good value for the price?
Yes
Are you happy with Cisco Multicloud Defense's feature set?
Yes
Did Cisco Multicloud Defense live up to sales and marketing promises?
Yes
Did implementation of Cisco Multicloud Defense go as expected?
Yes
Would you buy Cisco Multicloud Defense again?
Yes
Cisco Multicloud Defense Feature Ratings
Using Cisco Multicloud Defense
2 - Engineers within the infrastructure team
2 - - Network Engineering
- Security Engineering
- Cloud
- Scripting
- Security Engineering
- Cloud
- Scripting
- Perimeter Security
- Access Control
- Cloud Inventory
Evaluating Cisco Multicloud Defense and Competitors
Yes - Cisco Virtual Firepower - Legacy design
- Cloud Solutions
- Scalability
- Integration with Other Systems
- Ease of Use
Long term ease of use - logical layout
Cisco Multicloud Defense Support
| Pros | Cons |
|---|---|
Quick Resolution Good followup Knowledgeable team Immediate help available Support cares about my success | None |
Yes- It is a critical piece of our infrastructure - all issues will need to be dealt with quickly.
The support during the deployment phases was second to nonw
Using Cisco Multicloud Defense
| Pros | Cons |
|---|---|
Like to use Relatively simple Easy to use Well integrated Consistent Quick to learn Convenient Feel confident using | Requires technical support Lots to learn |
- Implementation of security on critical resources
- Creation of polices
Cisco Security
I guess from our perspective, cybersecurity is everything. Every decision we make, security comes into it. So organizationally within it, nothing gets done without a conversation being had around its security, which can be a new service being deployed or a change of vendor, or patching of software. We are very heavily invested in security within our department, so when it came to selecting a new firewall vendor for the cloud, it being our most critical area to protect, it was a big debate and lots of people had opinions on it and I can say unanimously everyone agreed to go the way we went.
I think it was the change in outlook, whereas with other vendors it looked like I was just going to replace what I had already with something similar. This was replacing what I had already with something entirely different. And I guess one of the issues with that in the initial stages of the conversation was me wrapping my head around how this actually was going to work and what it was going to look like when it was fully implemented.
They were very hands-on during the deployment. We did use their professional service element to deploy this, but we never felt isolated or unsure of what the next stage was or where we were going or what if it was going to look like when it was complete, once we began the actual implementation of it.
So when we went to tender for these firewalls, we asked each of the major players in the market to do a design based on what we had implemented and the information that we provided. Three came back with pretty much an identical solution as it was just a direct replacement of, or with some refinements of what I had already with some marginal improvements. The Cisco Multicloud Defense prospect, there were some sweeping changes involved in it, let's say. But when you looked at those sweeping changes, it demonstrated that after the implementation had been done, we would be in a far superior and more manageable position than we were before. So they were the only vendor that truly gave us a new design based on our requirements as opposed to the same design based on our requirements.
No, we don't use AI-based security at present
We utilize AI in other aspects of networking here, but in terms of cybersecurity, I think as much as the vendors are going to start utilizing it to help them, the bad actors will also utilize it just as much if not more, to try and thwart the impact that the vendors are trying to make in security. So I think it's going to be a battleground for quite a long time and the hope is that everyone keeps developing at the same pace to mitigate the threats that are going to be coming from all over the world.