Cisco Security Agent 4.0.1. Cisco Systems, (408) 526-4000, (800) 553-6387. www.cisco.com
Take CSA, give it a less intuitive management interface, and you have AppFire Suite. AppFire has two management interfaces. From the Enterprise Manager you assign policies to servers and make canned policy changes. Then you use the Authoring Environment to make more detailed policy-file adjustments.
Canned policies make life easier, and AppFire is the only product we tested to have a canned policy for Exchange servers as well as for SQL and IIS. It was easy to change canned settings, for example, to allow or deny traffic to certain IP addresses; block modification of files by any program; and turn protection on or off for certain services. On the downside, creating policies was quite confusing, and we could look at only one policy at a time. It was difficult to see and understand what the policy was actually doing. Crafting a policy requires some hefty training or manual reading. In contrast, Cisco's product let us create a policy without reading the directions.
Once our nodes were connected to the AppFire management server, we could place them into groups, which also could contain subgroups. We then attached a policy to one of our groups, and every node and subgroup contained therein took on that policy--a fact we could verify by viewing a collapsible tree format. A policy also can be assigned to a single node.
AppFire does not support inherited changes. If a subgroup is assigned its own policy, for example, the parent's policy doesn't affect it. This means you can't create a limited master set of dictated policies that can be modified at any time. None of the products we tested offer inherited policies, but Cisco's CSA came closest by letting us create multiple small policies, which were then merged and sent to the client.
We were disappointed in AppFire's reporting engine. We were presented with a long list of violations, but very little information on what, exactly, had gone wrong. We could e-mail alerts to one or more e-mail addresses per group or node, but there is no support for SNMP.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
