Cisco ONE Software Simplifying Security Cisco promoted its ONE software a year ago. The Cisco ONE Software was designed to simplify the way you purchase software licenses within these technology platforms. Cisco ONE Software is a new portfolio of software products that span the technology categories of data center and cloud, WAN, access, and security. Instead of selling point software products and features, Cisco released the software solutions that address the most relevant IT and business outcomes. Cisco ONE Software simplifies the buying process for customers who need to deliver a specific business outcome. It also provides access to updates, upgrades, new capabilities and software license portability, similar to the benefits offered by modern application software. Cisco ONE Software also simplified Security. That is Cisco ONE Advanced Security. Cisco ONE Advanced Security is a software subscription for domain-specific advanced security for data center, WAN, and access. It is the advanced security layer in Cisco ONE Software framework and has benefits such as simplicity, better together pricing, portability of unused subscription term, and access to ongoing innovation. With Cisco ONE Advanced Security, it is easier than ever to fortify your organization’s data center, WAN and access. Minimize the time you spend figuring out what security solutions to purchase, deploy and integrate. Cisco ONE advanced security suites provide predefined set of key security products and services for your data center, WAN and access in a single offer each. Cisco ONE Advanced Security suites Data Center, Access, WAN and Edge:
All 3 suites are offered as 1,3, or 5 year software subscriptions
Cisco ONE Advanced Security for Data Center: The subscription is supported on the Cisco ASA 5585-X Adaptive Security Appliance, the Cisco Firepower 9300 Security Appliance, and the Cisco Firepower 4100 Series.
Cisco ONE Advanced Security for WAN and Edge: The subscription is supported on the Cisco ASA 5506, 5508, 5516, 5525, 5545, and 5555 appliances.
Cisco ONE Advanced Security for Access: Cisco ISE is supported on physical and virtual ISE appliance
More FAQ of Cisco ONE Advanced Security
For Data Center and Cloud, WAN and Edge and Access, what benefits can we get from the Cisco ONE Threat Defense? Benefits of Cisco ONE Threat Defense for Data Center and Cloud
Threat Defense for Data Center and Cloud supports the following ASA firewalls and Cisco Firepower platforms: ● ASA platforms ◦ All ASA 5585-X platforms ● Cisco Firepower platforms ◦ All Cisco Firepower 4100 Series platforms with Cisco Firepower Threat Defense ◦ All Cisco Firepower 9300 Security Appliance platforms with Cisco Firepower Threat Defense Cisco ASA Licensing for Cisco ONE Threat Defense for Data Center and Cloud Cisco ASA 5585-10 Cisco ASA with Yes Firepower Services (IPS, URL, and AMP): Threat, applications, and malware (TAMC)
Cisco ASA 5585-20
Cisco ASA 5585-40
Cisco ASA 5585-60
Yes
Yes
Yes
Security contexts
Yes
Yes
Yes
Yes
(20 contexts)
(50 contexts)
(100 contexts)
(250 contexts)
Cisco Firepower 4100 Series Licensing for Cisco ONE Threat Defense for Data Center and Cloud
Cisco Firepower Threat Defense services (IPS, URL, and AMP): Smart license
Cisco Firepower 4110
Cisco Firepower 4120
Cisco Firepower 4140
Cisco Firepower 4150
Yes
Yes
Yes
Yes
Cisco Firepower 9300 Licensing for Cisco ONE Threat Defense for Data Center and Cloud
Cisco Firepower Threat Defense services (IPS, URL, and AMP): Smart license
Cisco Firepower 9300 Security Module 24
Cisco Firepower 9300 Security Module 36
Cisco Firepower 9300 Security Module 44
Yes
Yes
Yes
Reference from http://www.cisco.com/c/en/us/products/collateral/software/one-advancedsecurity/datasheet-c78-737167.html
Benefits of Cisco ONE Threat Defense for WAN and Edge Cisco ONE Threat Defense for WAN and Edge is a complete software solution that helps ensure the highest level of security for your WAN environment. It helps enhance and strengthen security offered by the best-
in-class Cisco ASA 5500 Series Adaptive Security Appliances by using the power of Cisco Firepower Services. In addition, you’ll have a client-side VPN to provide remote access for roaming users. Threat Defense for WAN and Edge is available as Threat Defense for WAN and Edge on ASA
Threat Defense for WAN and Edge has the following software components: ● Threat Defense for WAN and Edge provides licenses for ASA with Firepower Services. ● Cisco ASA with Firepower Services combines the world’s most deployed firewall with the industry’s most effective NGIPS and AMP solutions. ● Cisco AnyConnect Secure Mobility Plus Client increases visibility and control across the extended network, preventing compromised endpoints from gaining access to critical resources.
Cisco ASA Firewall Platforms Supported Threat Defense for WAN and Edge supports the following ASA firewall platforms:
â—? ASA 5506-X, 5506-H, 5508-X, 5512-X, 5515-X, 5516-X, 5525-X, 5545-X, and 5555-X Cisco ASA Licensing for Cisco ONE Threat Defense for WAN and Edge. Cisco ASA 5506X
Cisco ASA 5506H
Cisco ASA 5508X
Cisco ASA 5516X
Cisco ASA 5525X
Cisco ASA 5545X
Cisco ASA 5555X
Cisco ASA with Yes Firepower Services (IPS, URL, and AMP): Threat, applications, and malware (TAMC)
Yes
Yes
Yes
Yes
Yes
Yes
Cisco AnyConnect Plus
Yes
Yes
Yes
Yes
Yes
Yes
Yes
(50 (100 (250 (500 (1000 (2500 (5000 users) users) users) users) users) users) users)
The primary features and capabilities of Threat Defense for WAN and Edge for ASA with Firepower Services Main Features Feature
Benefits
Market-leading NGIPS
Superior threat prevention and mitigation for both known and unknown threats
AMP
Detection, blocking, tracking, analysis, and remediation to protect the enterprise against targeted and persistent malware attacks
Full contextual awareness
Policy enforcement based on complete visibility of users, mobile devices, client-side applications, communication between virtual machines, vulnerabilities, threats, and URLs
Application control and URL filtering
Application-layer control (over applications, geographical locations, users, and websites) and the capability to enforce use and tailor detection policies based on custom applications and URLs
For a full list of features and capacities for ASA 5500-X with Firepower Services platforms, view the data sheet here. Reference from http://www.cisco.com/c/en/us/products/collateral/software/one-advancedsecurity/datasheet-c78-737170.html
Benefits of Cisco ONE Policy and Threat Defense for Access
Licensing for Cisco ONE Policy and Threat Defense for Access
ISE Plus
ISE Apex
Cisco Catalyst 2000 and 3000 Series Switches
Cisco Catalyst 4000 and 6000 Series Switches
Wireless (All Controllers and Access Points Are Supported)
Yes
Yes
Yes
(50 endpoints)
(150 endpoints)
(25 endpoints)
Yes
Yes
Yes
Cisco AnyConnect Apex
(50 endpoints)
(150 endpoints)
(25 endpoints)
Yes
Yes
Yes
(50 users)
(150 users)
(25 users)
Reference from http://www.cisco.com/c/en/us/products/collateral/software/one-advancedsecurity/datasheet-c78-737168.html
More Related: Cisco ONE Software Overview Cisco ONE Software Licensing Program Cisco ONE for WAN-Benefits