Name: Cisco Multicloud Defense
Rating: 8.5 (12 reviews)
Author: Cisco

March 31, 2024

Cisco Multicloud Defense Review

Kevin Brew

Network Architect.

Royal College of Surgeons in Ireland (RCSI) (Higher Education, 1001-5000 employees)

Score 10 out of 10

Vetted Review

Verified User

Incentivized

Use Cases and Deployment Scope

We have a considerable cloud environment that we run most of our networking and services from and we utilize Cisco Multicloud Defense to secure and monitor all of the above. It is helping us manage our cloud inventory more effectively, and closing knowledge gaps in our security footprint, to give us an overall better posture.

Pros and Cons

The thing that I'd like the most about Cisco Multicloud Defense so far is that it's allowed me to look at security within our cloud environment in a new way and to rebuild it in a far more scalable fashion while giving more control to people that are actually involved in the delivery end of things some ability to manage the networking security within that.

I think there are some GUI changes that could be made, and probably will be made as the product matures moreso to align it with the wider Cisco security platform look and feel

Likelihood to Recommend

For WAF functionality and delivery of websites, It's very well suited for traditional firewalling, if you're doing that already, it can be quite difficult to rearchitect everything around this product. So an example of that would be if, like us, you came from a datacenter style architecture within your cloud environment and you are trying to move to a more cloud-fronted architecture. Probably the best way to put it is that can be quite difficult, but once you've deployed, it gets easier operationally. So to kind of reverse engineer everything and then do everything again can be quite tedious in some ways. But that will be specific to people depending on where they're coming from with it.

Cisco Multicloud Defense Feature Ratings

Cloud Computing Security Features (8)

98.75%

9.9

Continuous Data Encryption: 90%
9.0
Automated Data Backup and Recovery: 100%
10.0
Continuous Monitoring: 100%
10.0
Intrusion Detection and Prevention:: 100%
10.0
Regular Vulnerability Management: 100%
10.0
Secure Data Transfer: 100%
10.0
Security Incident Response: 100%
10.0
Compliance and Auditing: 100%
10.0

Return on Investment

Our availability has increased because of how availability works within this product. Whereas before as running two virtual machines for firewalls, the automated end of this entire deployment where if it sees a health issue, it will build another version itself and drain the old one and re-add the traffic into the new one very cleanly with very little loss. So that's really greatly improved our availability. Then the deployment of new services will also be quicker because, as I mentioned, it is tag-based, if you already have a preexisting tag architecture, you can just add new services into that and they will automatically be pulled into the new system. So it's more efficient in that way. In terms of commercials, I guess it's kind of similar. I don't think it will make a massive commercial difference to us, but in terms of the operational element it will.

Alternatives Considered

I come from a deployment background, so I've used most of the vendor's firewall technologies. In the cloud, I've primarily used Cisco's legacy Firepower product. It doesn't really parallel with them in that it's not a traditional firewall appliance sitting in the cloud. Its utilization of tags and how it groups objects are separated a little bit as it's very intrinsically linked with the cloud environment itself. It doesn't just sit in it, it spans out into it in a much more organic way. And because of that then you can, as I mentioned before, if there are security requirements that exist on one server, it is very easy to replicate these over to another server utilizing tags without having to configure this new server you're spinning up within the firewall itself. It will pull it all into its inventory with no intervention from you.

Other Software Used

Juniper Mist AI, IBM Security QRadar SIEM, Cisco Firepower 4100 Series

Users and Roles

Engineers within the infrastructure team

Support Headcount Required

- Network Engineering
- Security Engineering
- Cloud
- Scripting

Business Processes Supported

Perimeter Security
Access Control
Cloud Inventory

Innovative Uses

Future Planned Uses

Likelihood to Renew

If it maintains its current direction it will be very disruptive in the cloud security space

Products Replaced

Yes

Cisco Virtual Firepower - Legacy design

Key Differentiators

Cloud Solutions
Scalability
Integration with Other Systems
Ease of Use

Long term ease of use - logical layout

Evaluation Lessons Learned

Support Rating

As of yet I havent logged a TAC case - It will be interesting to see how it is supported as a new product in the medium term

Premium Support

Yes- It is a critical piece of our infrastructure - all issues will need to be dealt with quickly.

Bug Resolution

Exceptional Examples of Cisco Multicloud Defense Support

The support during the deployment phases was second to nonw

Usability

It is a straightforward platform to use - no overcomplication or hidden menus - everything is cleanly presented

Easy Tasks

Implementation of security on critical resources
Creation of polices

Mobile Interface Availability and Impressions

Goals and Objectives

I guess from our perspective, cybersecurity is everything. Every decision we make, security comes into it. So organizationally within it, nothing gets done without a conversation being had around its security, which can be a new service being deployed or a change of vendor, or patching of software. We are very heavily invested in security within our department, so when it came to selecting a new firewall vendor for the cloud, it being our most critical area to protect, it was a big debate and lots of people had opinions on it and I can say unanimously everyone agreed to go the way we went.

Expected Outcomes

I think it was the change in outlook, whereas with other vendors it looked like I was just going to replace what I had already with something similar. This was replacing what I had already with something entirely different. And I guess one of the issues with that in the initial stages of the conversation was me wrapping my head around how this actually was going to work and what it was going to look like when it was fully implemented.

They were very hands-on during the deployment. We did use their professional service element to deploy this, but we never felt isolated or unsure of what the next stage was or where we were going or what if it was going to look like when it was complete, once we began the actual implementation of it.

Reason for Selection

So when we went to tender for these firewalls, we asked each of the major players in the market to do a design based on what we had implemented and the information that we provided. Three came back with pretty much an identical solution as it was just a direct replacement of, or with some refinements of what I had already with some marginal improvements. The Cisco Multicloud Defense prospect, there were some sweeping changes involved in it, let's say. But when you looked at those sweeping changes, it demonstrated that after the implementation had been done, we would be in a far superior and more manageable position than we were before. So they were the only vendor that truly gave us a new design based on our requirements as opposed to the same design based on our requirements.

Predictive Threat Hunting

No, we don't use AI-based security at present

Cybersecurity and AI

We utilize AI in other aspects of networking here, but in terms of cybersecurity, I think as much as the vendors are going to start utilizing it to help them, the bad actors will also utilize it just as much if not more, to try and thwart the impact that the vendors are trying to make in security. So I think it's going to be a battleground for quite a long time and the hope is that everyone keeps developing at the same pace to mitigate the threats that are going to be coming from all over the world.

Operating Systems	Unspecified
Mobile Application	No

Cisco Multicloud Defense

AlienVault USM

Cisco Duo

Orca Cloud Security Platform

Netskope CASB

Microsoft Purview Information Protection

Tenable Cloud Security

Lacework

Armor

Check Point CloudGuard Cloud Native Security Platform

Cisco Umbrella Easy Protect for MSPs

AWS CloudTrail

Trend Micro Deep Security

Kaspersky Hybrid Cloud Security

Cisco TrustSec

IBM Cloud Activity Tracker

AWS Control Tower

Check Point CloudGuard Posture Management

Sophos Cloud Optix