Advantages of implementing CISCO SAFE Framework

 Implementing the Cisco SAFE framework in an organization provides advanced threat

defense protection that spans the full attack continuum before, during, and after an
attack for all the PINs:
1. Before: In this phase, full knowledge of all the assets that need to be protected is
required, and the types of threats that could target these assets need to be
identified. This phase involves
o establishing policies and
o implementing prevention to reduce risk.
 Cisco solutions for this phase include
o Next-Generation FireWalls,
o Network Access Control(ACL),
o Network security analysis, and
o Identity Services(ISE).
2. During: This phase defines the abilities and actions that are required when an
attack gets through.
o Threat analysis and
o Incident response are some of the typical activities associated with
this phase.
 For this phase, organizations can leverage
o Next-Generation Intrusion Prevention Systems(NGIPS),
o Next-Generation FireWalls(NGFW),
o Malware Protection(AMP), and
o Email(ESA) and Web security solutions(WSA) that make it possible
to detect, block, and defend against attacks that have penetrated
the network and are in progress.
3. After:
 This phase defines the ability to detect, contain, and remediate an attack.
 After a successful attack, any lessons learned need to be incorporated into the existing
security solution.
 Organizations can leverage Cisco
o Advanced Malware Protection(AMP),
o Next-Generation FireWalls, and
o Malicious network behavior analysis using Stealthwatch to quickly
and effectively scope, contain, and remediate an attack to minimize
damage.