Introduction
With Christmas fast approaching, and trying to find time to organise seasonal activities, gifts and holiday shut-downs, it also means that the common end-of-Financial Year date (31st March 2022) is fast-approaching too. This also means that many organisations are right now in the process of planning budgets and projects for the new year.
As organisations look around their technology capabilities, Cyber Security has (hopefully) become the norm, and there are wider topics also being considered – Cloud and Carbon Footprint reduction for example. These are all important topics, yet in shifting our focus, let’s not forget about the existing Cyber Security footprint, especially Cisco Sourcefire sensors.
Although this post is mostly aimed towards organisations that already use these sensors, the fundamentals of a technology refresh can be applied to any sized organisation.
Cisco are currently mid-way through their Sourcefire IPS End-of-Life (EOL) programme; up next is the 3D8100 model range. The 3D8100s (specifically consisting of 8120/8130/8140) are the lower-to-mid range sensors, capable of inspecting 2-6Gb/s IPS maximum throughput. These go End-of-Life on 31st December 2022.
So, for the organisations who have these, why should they care about refreshing them?
What Are The Impacts of End-of-Life?
Discussed in my previous posts about this topic, as with any End-of-Life, the risks to the business are centred around the lack of protection against new security threats and the availability of a service should the device fail, as there will be no further vendor support.
The Importance of Cisco IPS In The Future
Over time, more network traffic is being encrypted, which reduces the effectiveness of IPS (Intrusion Prevention System) without decryption. It does not have the same visibility it needs to block malicious traffic.
However, there are other elements to the platform which does provide value:
- Cisco TALOS’ Security Intelligence – the ability to block connectivity from newly external threat actors within hours of being discovered, based on IP address, DNS record and URL/Website Address.
- URL Filtering – the ability to use the IPS as a proxy and provide explicit and/or implicit access to web resources.
- SSL Decryption – onboard decryption using dedicated chipsets without significantly impact performance
But most of all…
- a Firewall – a Next-Generation Firewall too! Cisco combined their ASA and Sourcefire IPS (SNORT) engine into a single appliance called Firepower Threat Defense – Just like an All-in-One printer!
So What Are The Refresh Options?
- Maintain a standalone IPS – but at 40% cheaper the cost and only utilising 1RU rackspace and power – reduce the power consumption and carbon footprint, whilst scaling up to 40GB/s IPS throughput.
- Deploy as a Next-Generation Firewall – refresh both Firewall and IPS into a single unit.
- Deploy in the Cloud – as part of the SASE (Cisco Umbrella) for Endpoints or AWS/Azure/GCP workloads.
How Can We Make This Easy?
We have one of the largest, independent consulting teams – Cisco accredited and trusted. We already help a variety of businesses globally with their Cisco Sourcefire Refresh programme, from aspects of business spend justification to design and delivery. We can also help with procurement of new devices and can ship to just about anywhere in the world!
We do all this with carbon-reduction and the ongoing COP26 in mind – we can help businesses get to NetZero by 2030!
Interested in a friendly chat with us? Just drop us a line to cisco@accordantsolutions.co.uk and we’ll be happy to help!
