Security

This image has an empty alt attribute; its file name is services_slide_1-1024x231.jpg

Security

“Over [the past] five years Crossconnect went from being a trusted advisor to being an extension of our networking infrastructure team. They are experts in network security and work closely with both the infrastrucutre and security departments in facilitating security solutions that meet our regulatory needs and match our threats.”

XIFIN

AVP of Information Technology,

Firewall Audits by Crossconnect

Firewalls are only as effective as their configurations, which can either lock down the network or open the door for a threat. Configurations that are too rigid may impede normal business operations. Our experts determine the right firewall configuration for your organization by aligning with latest industry standards and best practices.

We also do something other audits don’t: We perform vendor-specific audits, ensuring that both best practices and adoption is performed for your exact platform (Palo Alto, Cisco, Meraki, Fortinet, etc). The firewall audits flag permissive rules and identify other potential risks that should be addressed to strengthen network security. With years of experience, we can help any organization refine their firewall security policy.

The Process
  • Evaluation of the firewall against best practices from NIST, SANS institute, and real security incidents.
  • Tightening current & adopting new security controls to match your organization’s threats.
  • Evaluation of vulnerabilities in the firewall software.
The Deliverables
  • Breakdown of “Top 10” issues & ease-of- remediation score
  • An overall score, for measuring improvement over time.

Next Generation Firewalling

Crossconnect sells and supports the industry’s three leading next-generation firewall manufacturers, Palo Alto, Cisco (Firepower, ASA, and Meraki) and Fortinet. Of note, these are the only manufacturers that overlap in our product line—we’re fluent in both in order to fit the diverse needs of our clients. We’ll help you determine which option is the right fit for your organization.

Palo Alto
Palo Alto offers one of the most powerful, yet easiest to manage, firewalls on the market. Crossconnect has multiple PCNSEs, Palo Alto’s top certification, and provides 24×7 support in its Palo Alto practice. Crossconnect’s mature practice includes multiple successful installs implementing Palo Alto Firewalls with Cisco Application Centric Infrastructure (ACI).

Cisco

Cisco sets the bar when it comes to complete end-to-end threat solutions. All Cisco security solutions have integrations to share data—and when integrating with Stealthwatch, ISE, Secure Endpoint, and other major Cisco security products, the results are unparalleled. Learn more about Cisco firewalls here.

Secure Access Service Edge (SASE)

With organizations relying increasingly on cloud-delivered services, not every business is best served by the traditional firewalling model. For example, having remote access users VPN back to a corporate firewall simply to then access cloud services through that VPN is not efficient – perhaps this is better served by hosting firewalls in the cloud? Taking that model a step further, do remote branch sites need a firewall at all – an IPSEC tunnel from a less-expensive router to a cloud firewall, which in turn provides security, can eliminate that requirement. Also, in this manner, branches can be opened and scaled without needing to buy expensive on-premises firewalls.

Another use case for SASE is a key piece of the “Zero Trust” philosophy, instead having all end users VPN to a cloud firewall, even while in the office – meanwhile blocking east/west traffic. In effect, every user is segmented from every other user, except where permitted, greatly minimizing lateral movement of an attacker.

Palo Alto Prisma Access is the most robust and complete solution on the market, offering SASE and Zero Trust functionality in an affordable OPEX model: https://www.paloaltonetworks.com/sase/access

“Crossconnect has been deploying our Zero Trust/SASE solution, Palo Alto’s Prisma Access. They are migrating seven sites with disparate firewalls to Palo Alto for us and integrating those into Prisma Access. One of the best things about Crossconnect is that they’re not just doing the work for us, they’re teaching us too.”

–           AVP of Information Technology, XIFIN

Secure Endpoint

As part of Cisco’s next-generation firewall feature set, Crossconnect also recommends running Cisco Secure Endpoint (Formerly Advanced Malware Protection (AMP)). In short, the best way to think of Secure Endpoint functionality is like an advanced virus scanner. When deployed with a Cisco Next Generation Firewall a full network and endpoint trajectory can be calculated, allowing the Secure Endpoint console to orchestrate post-attack remediation via Secure Endpoint —all keeping your business humming along smoothly.

Identity

Identity Services Engine
Identity Services Engine (ISE) is a foundational Cisco security technology. At it’s core, ISE changes the dynamic of networking from trusting based on IP or VLAN to trusting based on who a user is and what type of device they have, offering next-generation secure network access. Consider the following everyday issues:

  1. Instead of trusting by which wired port a user plugged into, can we instead trust by someone’s identity?
  2. Can that trust travel with them throughout their network interactions, similar to a security badging system in a building?
  3. We need to validate that a device is a company asset and not a user’s personal device, which may carry malware or be more susceptible to attack.
  4. If a device is a company asset, how do we ensure it’s running up-to-date security software?
  5. On a wireless network, how can we decrease our SSID count (which increases wireless performance) and eliminate PSKs?
  6. On a wireless network, how can we manage guest access by time-of-day, or allowing a receptionist to grant access?
  7. On a VPN, how can we ensure the same level of control we might see on a wired or wireless network?

ISE is the answer to these questions and more, and is foundational to Cisco Digital Network Architecture (DNA), Cisco’s new network management infrastructure. We generally find ISE to be a core component for virtually all Cisco users.


Click the image above to learn more about what ISE can do for your business.

A more recent development in Stealthwatch is Encrypted Threat Analytics (ETA). Prior to ETA, the intelligence provided from Stealthwatch was limited if traffic was encrypted. ETA is available only on the Catalyst 9000 series switches, and using the higher processor speeds in the Catalyst 9000, it assembles pattern data on encrypted traffic, and exports that to Stealthwatch. This creates a digital fingerprint that can be used to identify malicious traffic without decrypting it.

Aruba ClearPass

Aruba Clearpass provides robust and highly configurable Identity and Access Management for the modern network. Clearpass is a key aspect of a zero-trust network where all users and devices on the network are authenticated, identified, and assigned policy based on their context in the network. Clearpass supports Wired and Wireless 801.X, Endpoint profiling and device type-based access, Posture Checks, guest and BYOD portals, and much more. Most importantly, Aruba Clearpass is a truly multi-vendor solution and can be integrated with any vendor’s network equipment.