The recent CrowdStrike outage highlights the importance of organisational resilience, extending beyond system and software redundancy to encompass community-wide robustness. In fact, a significant 61% of respondents reported experiencing breaches that compromised their enterprise’s resilience. Cisco’s Secure Network Analytics (SNA) plays a vital role in enhancing network resilience by providing early detection and swift response capabilities, mitigating the impact of connectivity disruptions.
On August 19, Safe Community Analytics successfully launched the general availability of its model version 7.5.1.thAs we unveil our 2024 launch, you’ll discover each improvement and enhancement has been carefully crafted to address the challenges our customers have been eagerly anticipating. While this release may not boast a single, show-stopping feature, the transformative overhaul of our UI framework – Magnetic – is undeniable, providing a consistent look and feel across Cisco products and giving analysts a streamlined experience.
Cisco’s on-premises Network Detection and Response solution, Secure Network Analytics (SNA), provides comprehensive community visibility across the entire enterprise network to detect and respond to threats in real-time. The analysis consistently examines community activities to establish a benchmark of consistent community routines. Using the established baseline as a foundation, the system leverages advanced analytics, incorporating behavioral modeling, machine learning algorithms, and global threat intelligence to identify and respond to anomalies in real-time. Safe Community Analytics can shortly and with excessive confidence detect threats reminiscent of Command-and-Management (C&C) assaults, ransomware, Distributed-Denial-of-Service (DDoS) assaults, unknown malware, and insider threats (information exfiltration). With an agentless resolution, you get complete menace monitoring throughout the complete community site visitors, even when it’s encrypted.
Building on the foundation established in 7.5.1, this section transforms SNA into a comprehensive solution empowering SOC analysts with actionable insights, enabling them to detect, investigate, and respond effectively to threats.
By providing analysts with precise, tailored information, the Security Operations Center (SOC) can be effectively fueled. This is achieved through the Community Insights Dashboard within Report Builder, one of seven and a half key features available for utilization.
The Community Insights dashboard is a customizable template that provides a comprehensive overview of multiple stories, including Firewall Log Collection Patterns, Stream Collection Patterns by Stream Collector, Stream Collection Patterns by Exporter, Host Group Utility Traffic, Host Group Stream Traffic, Community and Server Performance, and NVM Collection Patterns.
Customized dashboards can be designed to seamlessly integrate various data components onto a single webpage, allowing users to personalize widgets according to their specific needs? This innovative approach enables analysts to visualize multiple types of data on a single page, facilitating easy correlation and comprehensive workflow visualization – from a broad overview to in-depth analysis based on the current context, all while filtering and sorting data by any relevant criteria, such as for instance Why filter data by host group, stream collector, and software?
With SNA 7.5.1, analysts gain the ability to schedule customized reports at their discretion, allowing for greater flexibility in their workflow. This version enables users to schedule personalized stories and deliver them on demand, streamlining their reporting process. If your report facilitates scheduling, you’ll have the ability to define a tailored agenda and email delivery list, thereby ensuring that the.csv file is transmitted to the intended recipients at the desired time. Among the key components of a scheduling system are alarms, DSCP standing, safety occasions, and many more features.
As part of its ongoing development, SNA expands the range of Cisco Firewall log fields it can ingest, including those from Encrypted Visibility Engine (EVE) on this launch. Crucially, customers are not negatively impacted by this integration – Firewall logs do not rely on flows per second.
The Community Visibility Module (NVM) aggregates rich streaming data from endpoints, both on-premise and off-premise, providing granular insights into community-related devices and user behavior when integrated with a Cisco solution like SNA, or a third-party platform such as Splunk. The enterprise administrator can subsequently undertake capability and repair planning, conduct thorough audits, ensure regulatory compliance, and generate actionable insights from comprehensive safety analytics. The Network Visibility Module (NVM) gathers endpoint telemetry to provide enhanced insights into the device, user, appliance, location, and destination.
You’re not required to purchase an Endpoint license for NVM. The NVM Site Visitors metric is now combined with NetFlow data to determine the accurate licensing requirements for Stream Pricing (FPS) calculations.
SNA’s historical ties to Cisco ISE culminate with this latest release, further enhancing integration by incorporating Adaptive Network Management response policies directly into SNA. This significant advancement builds upon ANC, a service running on the Cisco ISE Policy Administration Node (PAN), enabling real-time monitoring and control of network access for endpoints. ANC assists in both wired and wireless network implementations.
With each product launch, we strive to consistently enhance customer experience by addressing the evolving needs of our clients. Notable administrative enhancements in this release include: the ability to deliver Software Downloads for updates, streamlined Direct Add functionality for Diag Packs or Data to TAC within the Equipment Console (SystemConfig), and Multi-Factor Authentication to meet US Federal requirements.
Please review the comprehensive guide to a successful product rollout, featuring detailed checklists and actionable advice for ensuring a smooth and effective launch.
Share:
