Skip to main Content
Article

AWS partners with Cisco to secure the cloud

Matt Barclay
  • Date: 23 June, 2020

AWS is working closely with Cisco to help mutual customers securely run applications, workloads and data in the AWS Cloud

The latest figures from Synergy Research indicate that AWS continues to dominate the cloud with around 33% of the global market. It’s no surprise, therefore, that other leading technology companies are keen to partner with it.

One such company is Cisco and it has recently been outlining how it has developed a close relationship with AWS that benefits their mutual customers, particularly in the area of security.

Cisco is an Advanced Technology Partner (ATP) of AWS and the collaboration has helped joint customers securely deploy, connect and monitor applications across private data centres and AWS.

AWS deploys a shared responsibility security model, where it takes responsibility for the security of the underlying cloud infrastructure - compute, storage, database and networking. However, in parallel, AWS customers are responsible for the security of their applications, workloads and data (including network security, identity and access controls, data encryption and the operating system) while running in the AWS cloud. This is where Cisco looks to provide added value.

In order to help AWS customers, Cisco has built a security architecture around what it describes as four key pillars: visibility, segmentation, threat protection, identity and access management:

Visibility: this is all about having a clear overall view of users, devices, networks, applications, workloads and processes running in the AWS cloud. Cisco products providing these capabilities include:

 

  • Cisco Tetration agents running on AWS instances forward ‘network flow and process information’ that is essential to visibility and policy enforcement, which in turn enables enhanced automated threat defence
  • Cisco Stealthwatch Cloud (SWC) consumes Amazon Virtual Private Cloud (VPC) flow logs, cloud trail, AWS Inspector, AWS IAM and other data sources

 

Segmentation: here the focus is on reducing the attack surface. To accomplish this, the Cisco products running on AWS include:

 

  • Cisco Next-Generation Firewall (NGFWv) provides capabilities like stateful firewall, ‘application visibility and control’, URL-filtering, and network AMP in AWS
  • Cisco Adaptive Security Appliance Virtual (ASAv) offers a stateful firewall, network segmentation and VPN capabilities in AWS VPC

Working with Cisco products, AWS security architecture in this area includes AWS security group, AWS gateway, AWS VPC and AWS subnets.

Threat protection: this aims to stop breaches by quickly detecting, blocking and responding to attacks before hackers can steal data or disrupt operations, with the key Cisco products being:

 

  • Cisco NGFWv delivers rapid threat inspection to help protect virtual data centres and AWS cloud environments from sophisticated threats
  • Cisco Umbrella virtual appliance is available for AWS, with Cisco Umbrella cloud providing a way to configure and enforce DNS layer security for workloads in the cloud
  • Cisco Threat Response helps to detect, investigate and take corrective action against cyber threats

 

AWS security architecture for threat protection also includes AWS Web Application Firewall (WAF) which protects against web exploits and AWS Shield which protects against DDoS.

Identity and Access Management (IAM): this assigns robust access control to help ensure appropriate access to technology resources. The key product here is Cisco Duo which provides multi-factor authentication (MFA) service for AWS consoles and applications running on workloads.

Coupled with Cisco DUO is AWS IAM, which enables users to manage access to AWS services and resources securely.

Emphasising the importance of the Cisco collaboration, Dave Brown, Vice President of EC2 Networking, AWS said:As businesses of all sizes continue to build infrastructure in the cloud, they look to us to make it easier for them to operate their hybrid IT environments. This deeper integration between AWS and Cisco’s flagship products does just that. It enables our customers to build infrastructure that can securely and easily extend from their campus and data centre networks to AWS”. 
Browse Related Brands:
Browse Related Topics:

Matt Barclay

Product Director for Cloud

Matt Barclay is Product Director for Cloud at Global Knowledge UK&I. He has many years of industry experience, with a focus on Cloud and Software Development. He works closely with our key vendors such as AWS and Microsoft to help drive success, address our customers' challenges and ensures our offerings are in line with current trends.

Related Articles
12 Oct 2021 Article

A VMware report has revealed concerns that many security professionals are struggling with increased stress as a result of the impact of the lockdown,...Read More

09 Dec 2020 Article

We review the highlights from the Microsoft Ignite 2020 event, the company’s largest of the year, and take a look at Get On 2021

03 Dec 2020 Article

With 2021 quickly approaching, you need to be ready for existing and new threats. Do these 7 things to safeguard your computer and network.

We Care About Your Privacy

We are using cookies to give you the best experience on our site. Cookies are files stored in your browser and are used by most websites to help personalise your web experience. By continuing to use our website without changing the settings, you are agreeing to our use of cookies.

About your Privacy

We process your data for purposes such as delivering content or advertisements and measuring the delivery of such content or advertisements to extract insights about our website. We may share this information with our partners. Cookies set by Global Knowledge are labelled “first party”; you may exercise your preferences in relation to first party cookies by toggling the switch for each first party cookie category below. The remaining cookies are third party cookies; you may exercise your preferences in relation to each purpose by toggling the relevant switch below or by vendor by clicking “List of IAB Vendors.” These choices will be signaled globally to other websites participating in the Transparency and Consent Framework.
Privacy Statement

Necessary Cookies

These are cookies that are required for the Global Knowledge website to function and cannot be switched off in our systems. They include, for example, cookies that enable you to use a shopping cart or log into the booking area of our website.

Analytics Cookies

Analytics cookies are an optional but important part of our website's functionality. They help us to understand how you interact with our site by collecting and reporting information anonymously. The data collected by analytics cookies is used to improve the website's performance and enhance the user experience. It is important to note that these cookies do not collect any personal information that can be used to identify you.

Preferences Cookies

The preference cookies are used to track visitors across websites with the intention to display ads that are relevant and engaging to your interests.

Performance Cookies

These cookies allow us to recognise and count the number of visitors to our website, traffic sources and to see how website visitors move around the website when they are using it. This helps us to improve the way the website works and improve your website experience. All information these cookies collect is aggregated and therefore anonymous.

Cookie Control toggle icon