Find frequently asked questions about Hybrid Mesh Firewall.
Distributed, optimized enforcement with unified management
Hybrid Mesh Firewall overview
Implement consistent polices across your hybrid enterprise, making it easy for organizations to reduce attack surface, prevent compromise, and stop lateral movement.
Protect against modern threats
Firewalls optimized for threat inspection at key boundaries. See hidden threats in encrypted traffic, at scale. Use extensive network telemetry and ML-guided behavior algorithms to discover and enforce policies.
Segmentation that works
Deploy topology-aware security that understands app dependencies and applies segmentation policies optimally across Cisco security fabric for both traditional and Kubernetes workloads.
Close the exploit gap
The AI-native rule engine prioritizes vulnerabilities and automatically recommends a surgical mitigating control that has been tested against live production traffic to ensure apps keep running. Get protection from exploits in minutes, not months.
Secure the AI transformation
Secure enterprise use of AI models and applications. Protect against novel threats that are introduced through the development and deployment of AI applications.
A proven industry leader
Cisco is a Leader in IDC MarketScape for Enterprise Hybrid Firewall
Read the excerpt to discover how Cisco Hybrid Mesh Firewall helps to secure organizations.
Cisco Secure Firewall
The NetSecOPEN report confirms the advanced security capabilities of Cisco Secure Firewall, with 100% detection for evasive threats and 100% block rate under heavy load conditions.
Change enforcement points, not policy
The first hybrid mesh firewall vendor to introduce intent-based policy management.
Hybrid Mesh Firewall, powered by groundbreaking technology
Cisco Hypershield
Close exploit gaps, segment everywhere, and self-qualify updates and changes with security architecture designed to defend modern, AI-scale data centers.
Cisco Secure Firewall
Find malicious flows in encrypted traffic and intelligently decrypt without sacrificing performance with Cisco Encrypted Visibility Engine (EVE). Stop zero-days leveraging Snort ML and Talos Threat Intelligence.
Cisco Secure Workload
Gain visibility and security for applications across hybrid environments with or without agents. Auto-discover, validate, and enforce the right policies at the right enforcement points.
Cisco AI Defense
Build safeguards for the development and usage of AI applications so you can advance your AI initiatives with confidence.
Cisco Multicloud Defense
Extend Layer-7 firewalling capabilities to the cloud, natively. Leverage cloud-agnostic automation and orchestration for deployment, scaling, and auto-healing of enforcement points.
Isovalent Enterprise Platform
Get cloud-native forensics, compliance monitoring, and threat detection by harnessing eBPF, because the Isovalent Enterprise Platform integrates network and run-time behavior with Kubernetes identity.
Integrations
Splunk
Reveal more critical security insights and accelerate threat response. Cisco Secure Firewall Threat Defense customers who subscribe to Splunk can ingest extra log data at no additional licensing cost (terms apply).
Cisco Identity Services Engine (ISE)
Share the identity context of users and devices, including IoT/OT, natively, with Cisco's Hybrid Mesh Firewall solution for granular segmentation in the hybrid data center.
Zero Trust Access from Cisco
Enforce user policies on the Hybrid Mesh Firewall to provide direct access to sensitive applications and improve the user experience for on-premises users.
FAQ
The distributed nature of today’s IT environments has made it difficult for organizations to manage and share firewall policies across different form factors and locales. Additionally, hybrid environments leave organizations vulnerable to lateral movement of attacks, leading to costly breaches. Compounding these issues, the rise of AI has introduced a new attack surface that traditional security tools were not designed to address.
Cisco Hybrid Mesh Firewall provides advanced threat protection and consistent security while increasing operation efficiency. It enables advanced macro and granular microsegmentation capabilities to prevent unauthorized lateral movement and protect critical applications. Additionally, it includes the ability to protect development and deployment of AI-enabled applications through specialized guardrails.
Traditional firewalls protect specific network boundaries with a standalone appliance that can be either physical or virtual. In contrast, a hybrid mesh firewall architecture is managed by a unified, cloud-based management interface that coordinates security enforcement across various firewall form factors. This enables security enforcement across different points in the network such as the perimeter and between zones. Cisco takes this concept a step further to include advanced security controls such as robust microsegmentation, the ability to protect the development and deployment of AI models, mitigate application vulnerabilities, and orchestrate 3rd party firewall policies.
Cisco Hybrid Mesh Firewall includes all capabilities from our next-generation firewall solutions such as encrypted traffic inspection, zero-day threat protection powered by Snort ML and Talos Threat Intelligence, and threat discovery. Additionally, Cisco Hybrid Mesh Firewall includes advanced macro to microsegmentation segmentation capabilities for protecting applications in any environment—including modern Kubernetes. It can also discover and prioritize vulnerabilities and apply compensating controls to shield vulnerable applications and infrastructure during patch development. It is also capable of protecting the development and deployment of AI models as well as orchestrate 3rd-party firewall policies. All capabilities are accessed centrally through Cisco Security Cloud Control—Cisco’s cloud-based, unified management interface.
Cisco Hybrid Mesh Firewall is cloud agnostic, leveraging cloud-native automation and orchestration to easily extend Layer-7 firewalling capabilities across leading cloud environments. With Cisco Hybrid Mesh Firewall, customers can automate the deployment, scaling, and healing of firewalls, including the required infrastructure and routing. To protect applications, Cisco Hybrid Mesh Firewall provides robust segmentation capabilities (macro and micro) across hybrid environments with or without agents. All enforcement points are managed through Cisco Security Cloud Control.
Cisco Hybrid Mesh Firewall allows you to add enforcement points overtime without the need to rip and replace the current tools in your environment. For example, a customer may start with our firewalls for zone-based segmentation and add microsegmentation capabilities over time. Additionally, Cisco Security Cloud Control is included with our hybrid mesh firewall solution, simplifying management and increasing productivity even as you scale enforcement points.
You can start with any of the tools in the Cisco Hybrid Mesh Firewall solution and add at your own pace. The core software technologies for Cisco Hybrid Mesh Firewall can be easily consumed through the Cisco Cloud Protection Suite, which marries simplicity, flexibility, and investment protection. Contact your Cisco sales representative to learn more.