A strong cloud security journey with Microsoft and Cisco secure solutions

In this article, we take a look at how Microsoft and Cisco Security Solutions work together on Cloud Security

Multicloud has become the norm

Increasingly, Multicloud is becoming the de facto standard for customers to build applications for their businesses, customers are looking for options that could improve the security, agility, and performance of the applications which is their center of business today.

Microsoft Cloud Security Event

The Microsoft Security event was held at the Microsoft Singapore office yesterday, and I had an amazing learning experience as a result of attending. The meeting started off with Xuan H. clearly expressing the purpose and agenda of the meeting which is to discuss cloud security.?

Following that is Alex Ershov 's technical session,It is a nice demonstration that Alex gives about Microsoft Sentinel. He talks about the Mitre Attack Framework and how Microsoft Sentinel works with customers to help detect and respond to threats in the most efficient way possible. In his talk, he showed how Microsoft Sentinel provides SIEM (Security information and event management) and SOAR (Security orchestration, automation, and response).?We saw the dashboards of how we can do attack detection, threat visibility, proactive hunting, and threat response with Microsoft Sentinel. This is a cool view of attacks from Microsoft Sentinel with reference to the Mitre attack framework.?

K.Mohamed Faizal then talked about cloud customers' complaints and risks. He also emphasized the importance of network security configurations, highlighting the fact that we can view all of the security complaints regarding Microsoft in one window. It was really engaging watching Faizal openly challenge attendees to ask about his findings and share his response. At the end, he explained how Microsoft Defender Cloud can find weak spots in your cloud configuration. This will strengthen your overall security posture, and protect workloads across multiple clouds with Microsoft Defender Cloud. His delivery of sessions in a fun way, encouraging the audience to challenge him in order to gain a deeper understanding of the Microsoft Security Cloud solutions, shows his confidence in his abilities and the depth of his expertise in working with the Microsoft Security Cloud.

My favorite part of the event was winning the quiz?from?both sessions and receiving the awesome quiz prize from Microsoft. Thank you very much for the wonderful gifts, Microsoft :)

I received many questions from participants at yesterday's Microsoft event regarding the key areas in which Microsoft and Cisco work together. The community was interested in knowing how it would benefit them. It inspired me to write a blog about this topic and share key use cases demonstrating how Cisco and Microsoft collaborate to help customers transition to the?cloud in order to?help them achieve their business goals.?

The Cisco and Microsoft Partnership

思科 and 微软 have a long-term strategic partnership that helps cloud customers with connectivity, security, and?observability.?

A lot of the joint solutions we've worked on together have been aimed at solving customer challenges in the fields of cloud networking, securing cloud environments, full stack observability, and hybrid work. The following are some major usecases based on Cisco's strategic pillars: Connect, Protect, and Consume.

Connect: Cisco Cloud OnRamp for Azure Virtual WAN is a modern transit architecture. An example of how Cisco SDWAN can be used with Cisco Cloud OnRamp for Azure Virtual WAN:?Building a modern WAN and transit architecture is easy with Cisco Cloud OnRamp for Azure Virtual WAN.

Consume : Consume use case Cisco AppDynamics with Full-stack application performance monitoring for Azure complex, fast-growing applications at scale in the cloud with AppDynamics for Microsoft Azure. It lets you see what's happening with your .NET or .NET Core applications, Azure services, and serverless functions.

Protect:?Microsoft with Cisco Secure?Solutions .?Here are some Microsoft Security and Cisco Secure Software solutions that integrate well with Microsoft Security.?

Microsoft Sentinel and Cisco Secure Solutions

The use cases are based on Cisco Secure Network Analytics and Cisco Secure Firewall as the security platform, respectively.?

• Cisco Secure Network Analytics with Microsoft Sentinel : As a leader in the Network Detection and Response (NDR) Gartner quadrant, Cisco Secure Network Analytics (formerly Stealthwatch) transforms the network into a sensor that detects insider threats and identifies anomalous behaviors such as malware, distributed botnets, data exfiltration, etc. With a native integration on Azure Marketplace, Secure Network Analytics can send alerts to Sentinel.
• Secure Firewall with Microsoft Sentinel : Cisco virtual Secure Firewall?extend?Cisco's industry-leading security to Microsoft Azure environments. You get consistent policies across physical and cloud environments, central management, and deep visibility for advanced threat detection and protection. The Cisco eStreamer API lets Microsoft Sentinel collect CEF-formatted event data from Secure Firewall.?

In reference to: https://www.cisco.com/c/en/us/products/security/technical-alliance-partners/microsoft-sentinel.html

Microsoft Defender and Cisco Secure Solutions?

The use cases are based on Cisco SecureX Threat Response and Cisco Kenna.

• Kenna: Kenna?is a software-as-a-service vulnerability and risk intelligence platform that measures risk and prioritizes remediation efforts before cybercriminals can exploit them. A security strategy shouldn't be without vulnerability management. With Kenna's integration with Microsoft's threat and vulnerability management capabilities, customers can take advantage of a risk-based solution that provides high-risk threat predictions and personalized vulnerability prioritization, as well as actionable insights that incorporate data from Microsoft's threat and vulnerability management solutions.?
• SecureX Threat?Response: Cisco's?SecureX threat response is built on APIs that you can use to integrate Cisco and third-party security products, automate incident response, and store threat intelligence and security context in one place. An investigation is initiated by SecureX Threat?Response, and?SecureX Threat Response queries Defender ATP for sightings of supported observables during an?investigation, and?CTR gets a response from Defender ATP. Here's the code for Concrete Relay using Microsoft Defender for Endpoint as a third-party Cyber Threat Intelligence provider: https://github.com/CiscoSecurity/tr-05-serverless-microsoft-defender-for-endpoint.

In reference to: https://www.cisco.com/c/en/us/products/security/technical-alliance-partners/microsoft-defender.html

Cisco Panoptica

Cloud-native security platform Panoptica protects containers, Kubernetes, APIs, and serverless functions. With Panoptica, you don't have to be a Kubernetes expert.

It makes it easy to secure cloud-native applications, from build pipelines to workload runtimes on Azure Cloud and others.

Panoptica helps you protect your apps from security attacks by taking policy-driven action rather than just seeing what's happening and prioritizing it. Panoptica simplifies cloud-native application security by automating security throughout the entire application development process for DevSecOps, Platform, and DevOps teams. Azure customers can get the product exclusively on the Azure Marketplace.?

In addition, the Cisco solutions described above are based on software, and most of them are available on the Azure Marketplace.?