Cisco ONE Software Simplifying SecurityCisco promoted its ONE software a year ago. The Cisco ONE Software was designed to simplify the way you purchase software licenses within these technology platforms. Cisco ONE Software is a new portfolio of software products that span the technology categories of data center and cloud, WAN, access, and security.Instead of selling point software products and features, Cisco released the software solutions that address the most relevant IT and business outcomes. Cisco ONE Software simplifies the buying process for customers who need to deliver a specific business outcome. It also provides access to updates, upgrades, new capabilities and software license portability, similar to the benefits offered by modern application software.Cisco ONE Software also simplified Security. That is Cisco ONE Advanced Security. Cisco ONE Advanced Security is a software subscription for domain-specific advanced security for data center, WAN, and access. It is the advanced security layer in Cisco ONE Software framework and has benefits such as simplicity, better together pricing, portability of unused subscription term, and access to ongoing innovation.With Cisco ONE Advanced Security, it is easier than ever to fortify your organization’s data center, WAN and access. Minimize the time you spend figuring out what security solutions to purchase, deploy and integrate. Cisco ONE advanced security suites provide predefined set of key security products and services for your data center, WAN and access in a single offer each.Cisco ONE Advanced Security suites Data Center, Access, WAN and Edge:

All 3 suites are offered as 1,3, or 5 year software subscriptions Cisco ONE Advanced Security for Data Center: The

subscription is supported on the Cisco ASA 5585-X Adaptive Security Appliance, the Cisco Firepower 9300 Security Appliance, and the Cisco Firepower 4100 Series.

Cisco ONE Advanced Security for WAN and Edge: The subscription is supported on the Cisco ASA 5506, 5508, 5516, 5525, 5545, and 5555 appliances.

Cisco ONE Advanced Security for Access: Cisco ISE is supported on physical and virtual ISE appliance

More FAQ of Cisco ONE Advanced Security

For Data Center and Cloud, WAN and Edge and Access, what benefits can we get from the Cisco ONE Threat Defense? Benefits of Cisco ONE Threat Defense for Data Center and Cloud

Threat Defense for Data Center and Cloud supports the following ASA firewalls and Cisco Firepower platforms:● ASA platforms

◦ All ASA 5585-X platforms● Cisco Firepower platforms

◦ All Cisco Firepower 4100 Series platforms with Cisco Firepower Threat Defense◦ All Cisco Firepower 9300 Security Appliance platforms with Cisco Firepower Threat DefenseCisco ASA Licensing for Cisco ONE Threat Defense for Data Center and Cloud

 

Cisco ASA 5585-10

Cisco ASA 5585-20

Cisco ASA 5585-40

Cisco ASA 5585-60

Cisco ASA with Firepower Services (IPS, URL, and AMP): Threat, applications,

Yes Yes Yes Yes

and malware (TAMC)

Security contexts

Yes(20 contexts)

Yes(50 contexts)

Yes(100 contexts)

Yes(250 contexts)

Cisco Firepower 4100 Series Licensing for Cisco ONE Threat Defense for Data Center and Cloud

Cisco Firepower 4110

Cisco Firepower 4120

Cisco Firepower 4140

Cisco Firepower 4150

Cisco Firepower Threat Defense services (IPS, URL, and AMP): Smart license Yes Yes Yes Yes

Cisco Firepower 9300 Licensing for Cisco ONE Threat Defense for Data Center and Cloud

Cisco Firepower 9300 Security Module 24

Cisco Firepower 9300 Security Module 36

Cisco Firepower 9300 Security Module 44

Cisco Firepower Threat Defense services (IPS, URL, and AMP): Smart license Yes Yes Yes

Reference from http://www.cisco.com/c/en/us/products/collateral/software/one-advanced-security/datasheet-c78-737167.html

Benefits of Cisco ONE Threat Defense for WAN and EdgeCisco ONE Threat Defense for WAN and Edge is a complete software solution that helps ensure the highest level of security for your WAN environment. It helps enhance and strengthen security offered by the best-in-class Cisco ASA 5500 Series Adaptive Security Appliances by using the power of Cisco Firepower Services. In addition, you’ll have a client-side VPN to provide remote access for roaming users. Threat Defense for WAN and Edge is available as Threat Defense for WAN and Edge on ASA

Threat Defense for WAN and Edge has the following software components:

● Threat Defense for WAN and Edge provides licenses for ASA with Firepower Services.● Cisco ASA with Firepower Services combines the world’s most deployed firewall with the industry’s most effective NGIPS and AMP solutions.● Cisco AnyConnect Secure Mobility Plus Client increases visibility and control across the extended network, preventing compromised endpoints from gaining access to critical resources.Cisco ASA Firewall Platforms Supported

Threat Defense for WAN and Edge supports the following ASA firewall platforms:● ASA 5506-X, 5506-H, 5508-X, 5512-X, 5515-X, 5516-X, 5525-X, 5545-X, and 5555-X

Cisco ASA Licensing for Cisco ONE Threat Defense for WAN and Edge.

 

Cisco ASA 5506-X

Cisco ASA 5506-H

Cisco ASA 5508-X

Cisco ASA 5516-X

Cisco ASA 5525-X

Cisco ASA 5545-X

Cisco ASA 5555-X

Cisco ASA with Firepower Services (IPS, URL, and AMP): Threat, applications, and malware (TAMC) Yes Yes Yes Yes Yes Yes Yes

Cisco AnyConnect Plus

Yes(50 users)

Yes(100 users)

Yes(250 users)

Yes(500 users)

Yes(1000 users)

Yes(2500 users)

Yes(5000 users)

The primary features and capabilities of Threat Defense for WAN and Edge for ASA with Firepower ServicesMain Features

Feature Benefits

Market-leading NGIPS

Superior threat prevention and mitigation for both known and unknown threats

AMP

Detection, blocking, tracking, analysis, and remediation to protect the enterprise against targeted and persistent malware attacks

Full contextual awareness

Policy enforcement based on complete visibility of users, mobile devices, client-side applications, communication between virtual machines, vulnerabilities, threats, and URLs

Application control and URL filtering

Application-layer control (over applications, geographical locations, users, and websites) and the capability to enforce use and tailor detection policies based on custom applications and URLs

For a full list of features and capacities for ASA 5500-X with Firepower Services platforms, view the data sheet here.Reference from http://www.cisco.com/c/en/us/products/collateral/software/one-advanced-security/datasheet-c78-737170.html

Benefits of Cisco ONE Policy and Threat Defense for Access

Licensing for Cisco ONE Policy and Threat Defense for Access

  Cisco Catalyst 2000 and 3000 Series Switches

Cisco Catalyst 4000 and 6000 Series Switches

Wireless (All Controllers and Access Points Are Supported)

ISE Plus Yes(50 endpoints)

Yes(150

Yes(25 endpoints)

endpoints)

ISE Apex Yes(50 endpoints)

Yes(150 endpoints)

Yes(25 endpoints)

Cisco AnyConnect Apex

Yes(50 users)

Yes(150 users)

Yes(25 users)

Reference from http://www.cisco.com/c/en/us/products/collateral/software/one-advanced-security/datasheet-c78-737168.html

More Related:

Cisco ONE Software OverviewCisco ONE Software Licensing ProgramCisco ONE for WAN-Benefits