You’ve been asked to accomplish more with less and to help keep the network working safely, 24×7, while helping your corporation to adapt and persevere during amazing times. Adding to the task, security and system teams are uncovering that TLS 1.3 is busting long-standing application manage and URL safety policies, forcing complete decryption of flows where that has not been desired. 

We’ve been hearing your worries and enhancing our firewalls with special capabilities so you may adapt quicker, work more effectively, and optimize your network security posture. 

 Today, we’re announcing the option of Firepower Threat Protection (FTD) 6.7 for Cisco Secure Firewall (Firepower NGFW). This release includes functions and improvements that make your task easier:

• Maintain performance and protection where other firewalls are usually hobbled by TLS 1.3.
• Lowers operational and deployment costs
• Enablelectronic firewalling everywhere you will need it, which includes virtual and open public cloud environments

Maintain your security plans and network efficiency in a TLS 1.3 world 

Nowadays, over 90% of Internet traffic is encrypted with Transportation Layer Security (TLS). The new regular, TLS 1.3, presents several improvements, but presents compliance and functionality problems for firewall and IPS administrators. That’s because it breaks Layer 7 application handle and URL filtering guidelines inside unless the movement is decrypted. In most environments, nevertheless, administrators are not presently decrypting flows because of policy and overall performance and administrative burdens. 

Inside FTD 6.7, handle and visibility are maintained with TLS 1.3 connections with our unique TLS Server Identification Discovery feature that quickly probes the server for unencrypted packet header details, ensuring existing safety presence and guidelines are maintained. And, if the administrator wish to accomplish full decryption, they are able to benefit from our class top hardware-based cryptographic acceleration that maintains performance even though application control and risk inspection are enabled. 

In circumstances where enabling complete decryption isn’t feasible or even permitted, TLS Server Identification Discovery is a tremendous choice. It enables security plan enforcement without the efficiency penalty or compliance dangers associated with complete decryption. Find out more about how this innovative function works here.  

Simplify provisioning with remote branch deployment 

Cisco Secure Firewall is frequently deployed to remote control branches as advantage protection devices. Today, with FTD 6.7 we’re introducing low contact provisioning – to the main point where it is possible to send a device to the branch, have the generalist plug it inside, and provision the device basically and remotely using Cisco Defense Orchestrator (CDO).  

Likewise, clients with Firepower Management Center (FMC) may now configure administration of Cisco Secure Firewall from the data interface rather than the dedicated management user interface. This is useful for remote control deployments with administration from headquarters.  

Maximizing security capabilities across digital environments 

As companies expand cloud adoption, maintaining consistent safety operations and policies throughout environments is critical. Alongside FTD 6.7, we’re announcing expanded hybrid cloud capabilities including: 

• Search engines Cloud System (GCP) and Oracle Cloud Infrastructure (OCI) assistance for ASAv and FTDv 
• Automated horizontal level for ASAv inside Azure and AWS 
• Accelerated networking for FTDv and ASAv inside Azure 
• FMCv HA on VMware 

We may also be adding route-structured S2S VPN abilities with static Virtual Tunnel Interface (VTI) support, which is the key requirement of secure public cloud online connectivity. 

Improved alter management, device health monitoring and even more 

Logging improvements to FMC present customers more presence and handle for their modification management processes. And a fresh device wellness dashboard helps customers pinpoint potential gadget issues and network difficulties. 

With FTD 6.7, we’re developing on our leadership in firewalling to assist you secure your expanded network. Learn even more about these new features in the release notes and upgrade today.