Logo
Get A Demo
  1. Home
  2. Blog
  3. Tech Partners
  4. Cisco ASA, FirePOWER, ACI, and Public Cloud: End-to-End Policy Management

Last updated February 15th, 2023 by Pamela Cyr

cisco policy management

Cisco® is one of the longtime leaders in enterprise networking and one of the most trusted names in IT. Many of today’s largest, most sophisticated datacenters are built with its market-leading solutions, which include firewalls, switches, routers, Application Centric Infrastructure (ACI™) SDN platform, and other innovative Nextgen technologies such as Viptela® and Tetration Analytics™.

For each of its product lines, Cisco offers management consoles to administer configurations and policy changes. Cisco ASA firewalls have their own management console. Cisco FirePOWER™ firewalls have their own console (FMC) as do Cisco switches and routers, and ACI has APIC. Each management console controls its respective devices and technologies. Device and platform-centric consoles, however, create a siloed management experience.

Without a consolidated management platform, organizations are hard-pressed to understand how their different devices connect to each other and what their network topology is. They struggle to track and analyze policy and design changes across multi-device and multi-platform Cisco environments. Small organizations can manage devices individually, but enterprises with thousands of devices simply lack the visibility and control to ensure security policies are accurate and enforced.

The need for cohesive Cisco network management becomes more pressing as enterprises turn increasingly to virtual and application-centric networking that spans datacenters and clouds. Especially with off-premise resources, organizations must know how devices connect, and if they do so according to their security policy.

The Tufin/Cisco Collaboration

The best way to manage Cisco solutions-centric networks, ensuring they operate securely and effectively, is with solutions from Tufin, a longstanding Cisco partner. Tufin and Cisco have long collaborated to provide streamlined, holistic management of Cisco solutions via a single pane of glass. Tufin solutions consolidate management of all Cisco technologies and devices and are the most effective, scalable, and comprehensive strategy for Cisco network management.

Tufin solutions are the first to support FirePOWER, Cisco’s NextGen firewalls, and the first to automate optimizing and migrating rule sets from Cisco’s legacy ASA firewalls to FirePOWER systems. Indeed, Tufin offers the most efficient migration path from ASA to FirePOWER. Because enterprises rarely replace all of their ASA firewalls with FirePOWER platforms at once, they require one console to manage ASA firewalls and another for FirePOWER firewalls. Tufin obviates this complexity by consolidating management of both platforms, as well as switches, routers, and other Cisco devices, and enhances visibility and control over policies with Tufin’s policy browser and object lookup

Superior Security Policy Management

Network security policy management is vital for managing Cisco networks, which is why Tufin is the first company to support Cisco ACI management. The ACI platform leads the way in delivering on SDN’s promises to reduce costs, improve agility, and bolster security through automated, policy-driven, and application-centric datacenters.

Tufin’s integration with ACI delivers unified security policy management across on-premise networks and firewalls to public, private, and hybrid clouds. Customers can centrally control application security policies, manage micro-segmentation across hybrid networks, simplify regulatory compliance and audit readiness, and expand visibility and control across the entire infrastructure.

The combination of Cisco ACI and Tufin solutions fulfills SDN’s potential, even in heterogeneous environments. It eliminates the need to understand the nuances and complexities of individual devices and how they’re configured for access. Administration is greatly expedited and applications can be deployed with security, compliance, and agility.

Tufin is one of the first vendors to support Cisco Tetration Analytics 2.0 and is a founding member of the solution’s partner ecosystem. Tufin’s integration with Tetration ensures secure application connectivity. With comprehensive visibility into the infrastructure, organizations can analyze network flows and the connections of applications. They then can automate compliance assessment and the provisioning of all relevant security policies across the environment. All quickly and efficiently.

The Future of Cisco Networking Management

Tufin’s management capability goes beyond established solutions into emerging technologies. One example is containers, the probable future of application development. Tufin is the first to consolidate network security policy management inclusive of containers. The solution is the most comprehensive for end-to-end policy management of Cisco networks that now include the newest platform of digital transformation.

Containers in the cloud are highly dynamic. They constantly change with demand for services and are built and torn down within seconds. Change management must somehow keep pace. Additionally, connections between the cloud and the datacenter can include FirePOWER and ASA firewalls, switches, routers, and ACI. In such complex connectivity paths, individual device management is painfully inadequate.

Tufin allows comprehensive management of applications and containers that traverse cloud, ACI, and the Cisco on-prem infrastructure. Policy modifications are automatically designed and tracked, and connectivity is completely visible through network topology. Security is never compromised. With Tufin, organizations can manage today’s Cisco networks, knowing that going forward, they can manage containers and other future technologies.

The Tufin/Cisco collaboration enables even the most dynamic, diverse, and sprawling Cisco environments to be managed with one pane of glass. Moving forward, Cisco will refine its world-leading solutions and pioneer new technologies, and Tufin will help customers realize the security, agility, and value of their Cisco networks. Driven by this mission, Tufin will always be at the forefront of Cisco networking management as networks evolve.

If you, or one of your colleagues, are at Cisco Live!™ come visit Tufin at the booth, or learn more about our long standing automation support for Cisco products here.

 

Don't miss out on more Tufin blogs

Subscribe to our weekly blog digest

In this post:

Background Image

Related Posts

Synchronized Security Approaches: Tufin and Azure Firewall Manager
Synchronized Security Approaches: Tufin and Azure Firewall Manager
Tufin’s Integration with Microsoft Azure: Maximizing Security and Efficiency
Tufin’s Integration with Microsoft Azure: Maximizing Security and Efficiency
Understanding the Shared Responsibility Model for Cloud Security
Understanding the Shared Responsibility Model for Cloud Security
What are AWS Security Groups?
What are AWS Security Groups?

Top Posts

How to Perform a Firewall Audit – Policy Rules Review Checklist
How to Perform a Firewall Audit – Policy Rules Review Checklist
Understanding AWS Route Table: A Practical Guide
Understanding AWS Route Table: A Practical Guide
What is a Firewall Ruleset? How can it help me?
What is a Firewall Ruleset? How can it help me?
Tech How-To: Configure Your Firewalls to Block the “WannaCry” Ransomware Attack
Tech How-To: Configure Your Firewalls to Block the “WannaCry” Ransomware Attack
Close