Welcome to Cisco Security Cloud Control

About Security Cloud Control

Security Cloud Control (formerly Cisco Defense Orchestrator) is a cloud-based multi-device manager that facilitates management of security policies in highly distributed environments to achieve consistent policy implementation.

Security Cloud Control helps you optimize your security policies by identifying inconsistencies with them and by giving you tools to fix them. Security Cloud Control gives you ways to share objects and policies, as well as make configuration templates, to promote policy consistency across devices.

Because Security Cloud Control coexists with local device managers such as the Adaptive Security Device Manager (ASDM), it keeps track of configuration changes made by Security Cloud Control and by other managers, and then reconcile the differences between managers.

Security Cloud Control has an intuitive user interface that allows you to manage a wide range of devices in one place. Advanced users will also find their traditional CLI interface with some new enhancements to make management even more efficient for them.

Security Cloud Control also provides a guided "Day 0" experience helping you quickly onboard threat defense devices to your on-premises or cloud-delivered Firewall Management Center. It also presents you with other key features you may benefit from and helps you enable and configure them.

The Security Cloud Control Dashboard

The Security Cloud Control dashboard is your central hub for monitoring and managing tenant-level details across various categories. Upon logging in, you can access a customizable dashboard that offers critical insights and actions to optimize security and operational efficiency.

Customize Your Dashboard

Make your dashboard fit your specific needs by customizing the visible widgets.

  1. On the Home page, click Customize.

  2. Select or deselect the widgets you want to view on the dashboard.

  3. You can drag and drop the widgets to arrange them as you prefer.

The dashboard is divided into three main sections: Top Insights & Alerts, Top Actions, and Top Information. Each section provides different categories of insights to help you maintain optimal security and operational control.

Top Insights & Alerts

This section is visible only if AIOps Insights is enabled for your tenant. You can view insights related to high traffic caused by elephant flows, RA VPN forecast, access control policy anomalies, high CPU and memory usage, snort CPU and memory usage.

Top Actions

This section is visible only if AIOps Insights is enabled for your tenant. If enabled, you can view the following widgets:

  • Policy Analyzer and Optimizer: Analyzes security policies, detects anomalies, and provides optimization recommendations to improve firewall performance.

    For more information, see Policy Analyzer and Optimizer.

  • AIOps Insights: Offers detailed information on all active insights and trends, categorizing anomalies by Configuration, Health & Operations, or Traffic & Capacity.

    For more information, see AIOps Insights.

  • Feature Adoption: Provides insights into feature adoption rates to optimize usage patterns and enhance security measures.

    For more information, see Assess and Improve Feature Adoption.

Top Information

This section provides detailed insights into various tenant-level metrics. If enabled, you can view the following widgets:

  • Configuration States: Indicates the discrepancies between the configurations on your devices and those maintained by Security Cloud Control. This comparison helps identify any inconsistencies or conflicts that may exist.

    For more information, see Device Management.

  • Change Log Management: Helps you to manage the change logs for precise operational control. The widget displays Completed and Pending change logs.

    For more information, see Change Logs.

  • RA VPN Sessions: Helps you to monitor your Remote Access VPN sessions.

    For more information, see RA VPN Sessions.

  • Overall Inventory: Helps you to monitor the health and status of all devices. The widget displays the total number of devices, categorized into Issues, Pending Actions, Other, and Online.

    For more information, see Inventory.

  • Site-to-Site VPN: Helps you to manage and assess your site-to-site VPN connections. The widget displays the total number of VPN tunnels and the percentage that are Active and Idle.

    For more information, see Site-to-site VPN.

  • Accounts and Assets:

    • Helps you to track and manage your multicloud accounts and resources effectively. You can launch the Multicloud Defense Controller from here.

    • Click +Add Account to add a new account.

    For more information, see Multicloud Defense Controller.

  • Top Risky Destinations: Helps you identify and monitor the top risky destinations that are granted access. The widget lists Applications and URL Categories and allows you to filter data for the last 90, 60, or 30 days. You can filter between Allowed (default) and Blocked traffic.

  • Top Intrusion and Malware Events: Helps you to monitor and respond to top intrusion and malware events. The widget displays Intrusion Events and Malware Events and allows you to filter data for the last 90, 60, and 30 days. You can filter between Allowed (default) and Blocked events.

Dashboard with AIOps Insights Enabled

Announcements

Click the Announcements icon to look at the most recent Security Cloud Control features and updates. Links to related doucmentation is provided if you need more information on any of the items listed.

Connecting Security Cloud Control to your Devices

Security Cloud Control can connect directly to your devices if they have direct access to the internet. If they do not, or you want to onboard the devices using device credentials, it is considered a best practice to install a Secure Device Connector (SDC) within your network for Security Cloud Control to communicate with your devices. See Connect Security Cloud Control to your Managed Devices for more connectivity information.

Request a Security Cloud Control Tenant

You can request for a 30-day free trial of a Security Cloud Control tenant to onboard, and manage your devices. You can then contact Cisco to upgrade your tenant to a licensed one.

See Create a Security Cloud Control Tenant for more information.

Cloud-delivered Firewall Management Center in Security Cloud Control

You can request that a cloud-delivered Firewall Management Center be deployed to your Security Cloud Control tenant. The cloud-delivered Firewall Management Center is a software-as-a-service (SaaS) product that manages Secure Firewall Threat Defense devices. It offers many of the same functions as an on-premises Secure Firewall Management Center, and it uses the same API. The cloud-delivered Firewall Management Center also has the same appearance and behaves the same way as the on-premises Secure Firewall Management Center. To request a cloud-delivered Firewall Management Center, see Request a Cloud-Delivered Firewall Management Center for your Security Cloud Control Tenant.

For more information about managing devices with cloud-delivered Firewall Management Center, see Managing Firewall Threat Defense with Cloud-Delivered Firewall Management Center in Cisco Security Cloud Control.

Multicloud Defense

You can request that a Multicloud Defense portal be deployed to your Security Cloud Control tenant.

Multicloud Defense is a comprehensive security solution consisting of two primary components: the Multicloud Defense Controller and Multicloud Defense Gateway. Multicloud Defense offers a sophisticated and streamlined security framework, harmonizing controller orchestration, gateway communication, and optimized datapath processing for a robust and efficient multicloud protection mechanism.

Multicloud Defense currently supports Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), and Oracle OCI cloud accounts. The range of support for these platforms vary.

Onboard Devices

Before you onboard a device, make sure that you have successfully completed the installation wizard and licensed the device. Then use Security Cloud Control's onboarding wizard to onboard your device. Security Cloud Control can easily manage large deployments.

Note

Once you have onboarded devices to a Security Cloud Control tenant, you cannot migrate the devices from one Security Cloud Control tenant to another. If you want to move your devices to a new tenant, you need to re-onboard the devices to the new tenant.

Manage your Devices with Security Cloud Control

See how Security Cloud Control can manage various device types:

For a complete list of devices that Security Cloud Control supports and manages, see Devices, Software, and Hardware Supported by Security Cloud Control.

Cisco Online Privacy Statement

Cisco Systems, Inc. and its subsidiaries (collectively "Cisco") are committed to protecting your privacy and providing you with a positive experience on our websites and while using our products and services ("Solutions"). Please read Cisco Online Privacy Statement carefully to get a clear understanding of how we collect, use, share, and protect your personal information.