By Joe Chow, VP & GM, Connected Devices Business Unit, Cisco
With the proliferation of IP devices and ubiquitous access to broadband, consumers are increasingly enjoying the benefits of “being connected”. But being able to adjust your thermostat while on vacation or remotely limit your child’s internet access is just the tip of the iceberg. There is a wealth of revenue opportunities that service providers can extract from the business market place.
One example is energy.
What does a service provider have to do with energy you ask? Well Read More »
Citrix Synergy kicks off next week and Cisco is once again proud to be a platinum sponsor. We’ll have an extensive suite of content at the event, and a number of our desktop virtualization and enterprise mobility experts on the ground.
Need a Warm-up for Citrix Synergy?
Before we dive into all the Cisco/Synergy goodness, I want to point out that Cisco TechWise TV posted a brand new VDI-focused episode featuring our product manager (Ashok Rajagopalan), lead TME (Mike Brennan) and myself, with TechWise’s Jimmy Ray Purser and Robb Boyd. The episode does a nice job revisiting what’s new with desktop virtualization, how has the landscape transformed from an infrastructure perspective, and a look behind the scenes at how we put our Cisco Validated Designs (CVDs) together. You can view the session here.
You can also check out this short animated whiteboard video that outlines why Cisco UCS is your best choice for deploying Citrix XenDesktop
If you’ve made plans to be in LA next week, here’s a quick run-down of stuff you should check out.
IoE and the Insurance Impact The Internet of Everything (IoE) and its impact on financial services and more specifically, insurance, is at its infancy. Many other industries are already taking advantage of data coming from historically non-communicative devices to make changes to processes, automate inventories and adjust the amount of water required for farming. As IoE proliferates within the insurance industry, there becomes an increasing need to connect data sources and virtualize that data. With more connected “things” than ever, data points can be utilized in different ways to provide better customer service, prevent fraud and develop new products. Because these new data points can change everything from a business model to product design, insurers need sophisticated software to manage them. All of these additional data points are on top of the explosion of data already in the industry – referred to as “big data”.
Insurers are now looking into software solutions that virtualize data and connect disparate sources around the firm to business intelligence applications that decision makers are using to look for specific insights. The opportunity won or lost will be determined by how well a business leader leverages their data to affect business value and obtain a significant advantage over competition. Data virtualization, a way of optimizing data from disparate sources, allows insurers and financial professionals the ability to manage big data and get updates in real-time without moving it from its original location. By leaving the data in its original location, it reduces the duplication of data when data marts and data warehouses are created for specific analytics applications (e.g. Customer Information File) and allows for other applications to easily access the data as well. Read More »
Enrollment over Secure Transport (EST) is a new standard (RFC7030) designed to improve the lifecycle management of digital certificates, a key element for secure communications. Cisco Engineer Max Pritikin coauthored the EST standard.
We’re very excited about the potential use cases of EST, which are, as we’ll discuss in a moment, pretty versatile.
To understand EST and how it works, let’s look at a basic use case: A controller, such as a Wi-Fi access point, manages an endpoint. To secure the management communication, both the controller and the endpoint authenticate each other using certificates. EST is a new way to obtain those certificates that is more secure and comprehensive than previous approaches, such as Secure Certificate Enrollment Protocol (SCEP). One area EST is superior to previous approaches is that it enables the use of Cisco’s Next Generation Encryption (NGE), which uses Elliptic Curve Cryptography (ECC) to get the job done as opposed to RSA encryption. That’s a lot of acronyms, so let’s take a step back to explore what this all means.
The next level of encryption
Today’s modern threats demand a new standard of encryption. Cisco’s move to NGE is paving the way for the next decade of cryptographic security. NGE provides a complete algorithm suite that is comprised of authenticated encryption, elliptic-curve based digital signatures and key establishment, and cryptographic hashing. These components provide high levels of security and scalability, aimed at protecting critical data and setting the standard for encrypting sensitive data in networks all over the world.
These cryptographic technologies meet the evolving needs of governments and enterprises by using innovative, battle-tested cryptographic algorithms and protocols, and are beginning to be used in place of legacy cryptographic approaches. EST drives the adoption of ECC, strengthening Cisco’s products and in turn strengthening the security posture of our customers.
EST can be used for a variety of purposes. Enterprises with a number of network endpoints require the “re-enrollment” (re-issuance) of certificates every period, potentially every year. This helps prevent servers going offline due to expired certificates, and the ensuing scramble to obtain and install updates. EST enables automatic re-enrollment to obtain a new certificate, making this a faster and less labor-intensive process. Additionally, EST supports automatic redistribution of CA certificates when they are updated. These improvements are immediately valuable and will be very important for future Internet of Everything (IoE) environments where the large numbers of endpoints will make certificate management highly complex.
Protecting against modern threats
For another example of how EST can help protect the modern network, look no further than your home page and the daily news. The recently discovered Heartbleed bug has thrown the industry into a panic, with enterprises, consumers, and organizations scrambling to assess the fallout and determine an appropriate remediation strategy. Many sites are recommending the replacement of certificates. If EST were in wide deployment, its re-enrollment capabilities would significantly reduce the impact of refreshing the server certificate, supporting much more rapid resolution of the security vulnerability.
As an open standard, EST will increase interoperability with other company’s offerings, including our CA partners. Cisco has taken steps to accelerate adoption and interoperability by providing EST software in the open source community, through Github. Even at this early stage, we’re seeing some positive feedback. Phil Gibson, chairman of the PSNGB, the Industry Trade Association for Public Services Networks (PSN) suppliers, said: “The Public Services Network is now the primary infrastructure for the majority of government communications in the UK and the encryption solutions it uses must continue to evolve. Due to the large and varied number of encryption devices in use, a scalable certificate provisioning protocol is critical to the migration to next generation encryption (CESG PRIME). Cisco’s release of its EST code into the open source community will facilitate rapid adoption by the PSN community. With the release of this code, other vendors will be able to accelerate their adoption of EST and this in turn expands the choice of encryption solutions available to public sector organizations.”
This is an overview of what we can do with EST, and we’re just getting started. We have started to build libraries to incorporate EST into Cisco products, which will likely begin later this year or early next. Stay tuned for additional updates over the coming months.
Earlier this month, we received some great news. Cisco ranked 25th on the InformationWeek Elite top 100 leading-edge IT organizations. Our ranking is a clear result of how we are embracing mobility, analytics, and cloud technologies to cut costs, boost productivity, and essentially, provide the best possible user experience. A prime example of how we are taking great strides in adopting the consumerization of IT is eStore. Read More »