Cisco Security Appliance Software as a Service
The recent economic downturn prompted many companies to explore using cloud computing and Software as a Service solutions in
an effort to control costs. Cisco Cloud Security appliance can receive and analyze syslog messages from various
networking devices and hosts from Cisco and other vendors. Cisco Cloud Security appliance extends the portfolio of
security management products for the Cisco Self-Defending Network initiative. Cisco Cloud Security appliance is the
first purpose-built appliance for real-time security threat mitigation.
Using NetFlow telemetry and contextual information from the Cisco network infrastructure, a network security analyst can,
from a single pane of glass, identify suspicious activity, gather pertinent user information, identify the application,
and collection of host information.
Cisco Cloud Security appliance monitors many types of logging and reporting traffic that is available from the security
and network products in the enterprise network, as shown above. Cisco Cloud Security appliance combines all this log
data into a series of sessions that it then compares to a database of rules.
If the rules indicate that there might be a problem, an incident is triggered.
By using this method, a network administrator can have the Cisco Cloud Security appliance process most of
the logging data from network devices and focus human efforts on the potential problems.
Moreover, the network security threat landscape is ever evolving. But always at the cutting edge are custom-written,
stealthy threats that evade traditional security perimeter defenses.
The Cisco Cloud Security appliance provides greater visibility into these threats by identifying
suspicious network traffic patterns within the network interior. These suspicious patterns are then supplemented with
contextual information necessary to discern the level of threat associated with the activity.