Cisco Catalyst 9000 switches detect malware in encrypted traffic without decryption

Newsroom 06/02/2019 | 15:30

The new Cisco Visual Networking Index (VNI) analysis estimates that by 2022, 60 percent of the global population will be internet users. More than 28 billion devices and connections will be online. And video will make up 82 percent of all IP traffic. 

Your network is being challenged by more users and more devices that need more and more bandwidth. In fact you are likely being asked to do more with less – handle more users and devices with less budget and less staff to manage the network. The average number of devices that one IT staff member supports has been increasing, from a hundred devices to hundreds of thousands, with the expectation that it will be perhaps millions of devices in the future.

This is clearly not possible in today’s management environment.

A new network is needed. A network that is software driven and hardware enhanced.

That is why we developed the Cisco Catalyst 9000 switching family as a foundational element of the Cisco Digital Network Architecture (Cisco DNA) and Software-Defined Access (SD-Access).

SD-Access makes the network look like a single large virtual switch to the users and devices connecting to it. Virtualization allows for agility and flexibility in ways that are not possible with a traditional network. Using the Cisco DNA Center management interface with the Cisco Catalyst 9000 family of switches, you can manage and secure your network from a single interface. This allows for faster network design, definition, provisioning, and maintenance, which ultimately improves network uptime. Altogether, the result is the most intelligent network available, one that allows your network to change as the needs of your business change.

Almost half of the world’s network access ports connect to a Catalyst product.

The Cisco Catalyst 9000 family of campus LAN switches is designed for a new era of intent-based networking. The network can now learn, adapt, and evolve.

We have designed the Cisco Catalyst 9000 family of switches to meet five specific challenges facing your network, with breakthrough innovations in security, operational simplicity, mobility, IoT, and multicloud.

Identify malware in encrypted traffic

An average data breach costs a company nearly $4 million. In fact, it has been estimated that cybercrime costs companies and individuals more than a trillion dollars annually.

And threats against your network will only get more sophisticated and more harmful.

At Cisco, we spend a lot of time thinking about the threats facing your network and how to defeat them. Like you, we believe the network edge is the first line of defense in an end-to end security solution. This is where policy is applied to determine who or what has access to your network. It is also where suspicious activity can be detected and isolated most efficiently.

And so we developed Cisco Catalyst 9000 switches to be a critical part of an end-to-end integrated security solution, one that detects and stops threats.

An unique feature in Cisco Catalyst 9000 switches is Encrypted Traffic Analytics (ETA). Today, nearly half of cyberattacks are hidden in encrypted traffic, and their number keeps growing. ETA looks wide and deep using NetFlow data from the switches, learning to spot anomalies that could signal an incoming threat. Identifying the fingerprints of known threats, even in encrypted traffic, and taking action – without decrypting the traffic – means a more secure network with no impact on data privacy or network performance.

With Cisco Catalyst 9000 switches, you can simplify, secure, and transform your network to include a cloud or hybrid cloud environment.

Simpler licensing options

The new subscription licensing model helps make ordering easy. Rather than the multiple, perhaps confusing, licensing options, Cisco Catalyst 9000 switches are offered with three options – Cisco DNA Premier, Advantage and Essentials. Each of these are offered in 3, 5 and 7 year options.

Cisco DNA Advantage package provide greater security, automation, and insight than was previously possible. This includes DNA Center, SD-Access, and advanced security and analytics capabilities such as Encrypted Traffic Analytics.

DNA Premier includes DNA Advantage, ISE Base, ISE Plus, and Stealthwatch, along with embedded Cisco Software Support.

The Essentials licensing provides all the same great features you get from your current high-performing Cisco Catalyst switches and more. Full NetFlow, basic programmability, automation, and monitoring plus an onboard x86 CPU complex are included.

Today, you need a network that constantly learns, constantly adapts, and constantly protects. Our Cisco Catalyst 9000 switches constantly adapt to help you solve new challenges and address ever-changing threats.

 

Close ×

We use cookies for keeping our website reliable and secure, personalising content and ads, providing social media features and to analyse how our website is used.

Accept & continue