Cisco this week took the wraps off a security service edge (SSE) offering that aims to help enterprises securely connect growing edge resources, including cloud, private and SAAS applications.\nAlong with the SSE package, the vendor made two additional application security-related announcements at its\u00a0Cisco Live! customer event.\u00a0It unveiled Cisco Multicloud Defense, which is a new service designed to protect cloud service workloads, and\u00a0it upgraded Panoptica, its cloud-native security application development software.\nThe SSE package, called Cisco Secure Access, features zero-trust network access (ZTNA), secure web gateway (SWG), cloud access security broker (CASB), firewall as a service (FWaaS), DNS security, remote browser isolation (RBI) and other security capabilities. It\u2019s designed to secure any application via any port or protocol, with optimized performance and continuous verification and granting of trust\u2014all from a single, cloud-managed dashboard, wrote Jeff Scheaffer, vice president of product management for Cisco\u2019s SSE team, in a blog about the SSE offering.\u00a0\nGartner describes SSE services as including access control, threat protection, data security, security monitoring, and acceptable-use control enforced by network-based and API-based integration. SSE is primarily delivered as a cloud-based service, and it may include on-premises or agent-based components, the analyst firm says.\nCisco\u2019s SSE platform includes client-based and clientless browser\u2013based access, granular user, and application-based access policy, SAML authentication, intrusion prevention, built-in identity provider, and contextual access control. It authenticates users through a secure, encrypted tunnel, allowing users to see only applications and services they have permission to access, according to Cisco.\n\u201cCisco Secure Access features a new ZTNA Relay architecture that solves the challenges of last generation ZTNA vendors. Last generation ZTNA vendors do not support all application architectures, like multi-channel applications, peer-to-peer applications, or server-initiated communication,\u201d Scheaffer wrote. \u201cLast generation ZTNA vendors often struggle with the sheer volume of 1000\u2019s of enterprise and long-tail legacy applications.\u201d\nThe Cisco Secure Access ZTNA Relay architecture is based on MASQUE and QUIC protocols and supports all applications, ports, and protocols. \u201c\u2026by combining ZTNA with a fallback VPN-as-a-Service (VPNaaS) in a single secure client with identity and posture checks, Cisco Secure Access transparently delivers the most secure connection possible for all applications,\u201d Scheaffer stated.\u00a0\nThe service also integrates intelligence from Cisco\u2019s Talos security research group to automatically keep the system up to date on the latest threats. Talos processes 600 billion DNS requests per day, 5 billion reputation requests, and 2 million malware samples per day. SSE continuously runs AI, statistical, and machine-learning models against the massive Talos database to provide insight into cyber threats and improve incident response rates, Scheaffer stated.\nSSE will also be integrated with Cisco\u2019s ThousandEyes network intelligence software to help organizations pinpoint and resolve network performance issues quickly.\nThe SSE package is important particularly as users move applications to the cloud and adopt more edge networking architectures, said Neil Anderson, area vice president of cloud & infrastructure solutions at World Wide Technology (WWT), a Cisco partner and technology services provider.\n\u201cCisco has been a little bit slow to be competitive in the SSE market, but we're excited about this new service because it starts with a cloud-first approach and advances API security and workload security in a way customers will find useful,\u201d Anderson said.\nThe SSE market includes players such as Palo Alto, Zscaler, Netskope and others.\nGartner says by 2025, 70% of organizations that implement agent-based ZTNA will choose either a secure access service edge (SASE) or security service edge (SSE) provider for ZTNA, rather than a stand-alone offering, and by 2026, 45% of organizations will prioritize advanced data security features for inspection of data at rest and in motion as a selection criterion for SSE.\nCisco Secure Access will be in limited availability starting in July and will be generally available in October 2023.\nCisco debuts Multicloud Defense service and upgrades Panoptica software\nOn the cloud security front, Cisco added a new service called Multicloud Defense that will help customer security operations teams manage workload security across AWS, Google Cloud, Azure, and Oracle Cloud Infrastructure services.\n\u201cCisco Multicloud Defense brings together distributed Layer-7 protection, web application firewall (WAF), and data loss prevention (DLP) capabilities managed through a single, dynamic policy,\u201d wrote Rick Miles, vice president of product management with Cisco\u2019s cloud and network security group, in a blog.\n\u201cIt acts as the interpreter across clouds and uses gateways, which are distributed across customer VPCs, as enforcement points for security policies. This enables Multicloud Defense to stop threats that target applications, block command & control, prevent data exfiltration, and mitigate lateral movement,\u201d Miles stated.\u00a0\nThe technology in Multicloud Defense comes primarily from Cisco\u2019s recent acquisition of cloud network security vendor Valtix.\nCisco also enhanced its Panoptica cloud-native application security software. Panoptica lets developers and engineers provide cloud-native security from application development to runtime. It offers a single interface for container, serverless, API, service mesh, and Kubernetes security, it scales across multiple clusters with an agentless architecture, and it integrates with CI\/CD tools and language frameworks across multiple clouds.\nThe idea is to allow developers to embed security-centric or security-conscious decisions earlier in the software development lifecycle, Cisco stated.\nThe importance of application security protection is growing with IDC predicting that the application protection and availability market will grow from $2.5 billion in 2021 to $5.7 billion by 2026.\n\u201cApplications provide a unique vantage point in the security architecture. Applications enable functionality, and the manner in which users interact with this functionality is a good indicator of abuse and misuse, and ultimately malicious intent. This insight is unique and difficult to glean from other sources of security telemetry such as network firewalls,\u201d IDC wrote in a recent report entitiled \u201cWorldwide Application Protection and Availability Forecast, 2022\u20132026: Security Powers the Digital Experience.\u201d\n\u201cThreat actors have also recognized the importance of web applications to businesses and have devised numerous methods of attacking the applications or underlying infrastructure as part of extortion, harassment, fraud and abuse, or data theft campaigns,\u201d IDC stated.\nTo Panoptica, Cisco added Cloud Security Posture Management (CSPM) support, which promises to bring continuous cloud security compliance and monitoring at scale, giving customers visibility into their entire inventory of cloud assets, including Kubernetes clusters. In addition, a new attack path engine that uses graph-based technology to deliver advanced attack path analysis will help security teams quickly identify and remediate potential risks across cloud infrastructures, Cisco stated.\u00a0\nPanoptica will also be integrated into Cisco\u2019s Full Stack Observability portfolio to provide real-time visibility to prioritize business risks.\nCisco\u2019s Full-Stack Observability initiative features a broad range of Cisco technologies as well as an ecosystem of partners and open-source tools.\u00a0Cisco\u2019s security portfolio will provide telemetry that can be included in new applications to control security across multiple domains.\nThe new Panoptica features will be available in the fall of this year.\nNew 4200 Series firewall doubles speed\nCisco also rolled out a new high-end firewall, the Secure Firewall 4200 Series, that it says is twice as fast as previous high-end Cisco firewalls. The 4200 Series firewall runs a new operating system, release 7.4, that uses AI and ML to identify threats in encrypted traffic without decryption.\n\u201cThis resolves the complexities of decryption for inspection, as well as performance and privacy concerns,\u201d wrote Rick Miles, Cisco vice president of product management for cloud and network security, in a blog about the new firewall. \u201cFurther, 7.4 leverages the foundation of the security stack to add secure access capabilities with zero trust application access. This evolution of the ZTNA model goes beyond the \u2018authorize then ignore\u2019 mentality by adding inspection of user traffic and application behavior for more secure access.\u00a0 Additional access from branch offices to applications without expensive leased lines comes with simplified branch routing, allowing the firewall to centrally recognize, monitor, and route application traffic for improved performance and secure access.\u201d\nCisco Secure Firewall 4200 Series appliance will be generally available in September supporting the 7.4 version of operating system. The 7.4 OS will be generally available for the rest of the Secure Firewall appliance family in December 2023.