Cisco recently completed a project in the UK with an external research firm that had some interesting data points with regards to cloud and government organizations. I previously commented on portions of this research on my personal blog, however there were some interesting findings that I thought I would share here.
Perhaps the most intriguing juxtaposition found in the study is that 34% of government respondents think security concerns are misrepresented and over-emphasized, while security and privacy concerns are also seen as the biggest barrier to wider adoption of cloud in government (86%). The next biggest concern was about the location of data (70%), showing that data sovereignty will continue to be a major issue for government agencies wanting to move into the cloud. At a recent Public Sector CIO dialogue I attended in London, there was clear tension between the desire for agencies to use smaller, more local vendors, while desiring the confidence of going with a large, established IT player that may be more secure, but usually has multiple data centers in multiple countries. Read More »
This meter represents your reputation at a 100% scale based on your level of participation on the site. Find out more
Comments Off
There is a lot of buzz out there right now about Telework Solutions for Government as many agencies are making the transition that so many Corporations have already completed. Personally, I haven’t worked full time in an office since pre-1996 and can’t imagine wasting that much time every day on preparations and commuting for no real purpose other than donuts, coffee and the latest office gossip.
Work is an activity, not a location in today’s professional world with pervasive networking capabilities and the Government is getting on board under the leadership of the current administration.
If you want to get a feel for the progress and momentum around this, check out the public/private partnership at the Telework Exchange site focused on eliminating the Telework Gridlock. Cisco is one of the sponsors of this activity because we see the value, have lived it for better than 15 years, and can offer solutions to help make this a reality for our Government customers. Read More »
There is a large installed base of Catalyst 6500 series switches in the US Public Sector Community. Cisco continues to protect this investment by developing new capabilities to enable the Borderless Networks of the future. The innovation in the new “Sup2T” triples the performance of the existing 6K platforms. You can hear Host Jennifer Geisler speak with Kumar Srikantan, Vice President of Product Management for the Scalable Networks Business Unit , discuss the Catalyst 6500.
I’ve had some recent discussions with colleagues in the armed forces regarding cyber security and how they consider “cyber” to be the fourth warfighting domain along with land, air, and sea. They describe how cyber has its own terrain made up of computing resources. As I further thought through this concept I saw a striking resemblance between the network and air warfare. To elaborate on this thought I must first set the context around the concept of air supremacy.
There are probably many different variations of the definition of air supremacy but let’s just use “the degree of air superiority wherein the opposing air force is incapable of effective interference” for the purpose of this blog. I borrowed this definition from NATO. There are two key words in the definition, “degree” and “effective.” Prior to achieving supremacy one must first move from parity, through superiority to eventually supremacy. Air parity is the lowest degree in which a force can control the skies above friendly units. In other words, prevention of opposing air assets from overwhelming land, air, and sea units. Read More »
I enjoyed Jennifer Geisler’s interview with Praveen Akkiraju from the Services Routing Technology Group.
One of the main messages from Cisco’s Live! was centered around the value of the network and Praveen made a great connection between the Cloud and the network. Cisco owns the infrastructure, from the endpoint to the Cloud, and is able to provide a unique perspective to deliver applications. With the right network, we get to see, optimize and enforce security policies at all connection points.
The network certainly gives us a great opportunity to enhance the Cloud user experience!
This meter represents your reputation at a 100% scale based on your level of participation on the site. Find out more
Comments Off
We are very pleased to announce that the ASR 1000 family of routers has been evaluated using the Common Methodology for IT Security Evaluation (Version 3.1) for conformance to the Common Criteria for IT Security Evaluation (Version 3.1) and was awarded a Common Criteria Certificate by NIAP (National Information Assurance Partnership). The evaluation assurance level (EAL) for the product is EAL4 augmented with ALC_FLR.2.
The ASR 1000 is functionally compliant with three Protection Profiles:
Router: U.S. Government Router Protection Profile For Medium Robustness Environments, version 1.1
VPN: U.S. Government Virtual Private Network (VPN) Boundary Gateway Protection Profile For Medium Robustness Environments, version 1.2
Firewall: U.S. Government Protection Profile for Traffic Filter Firewall For Medium Robustness Environments, version 1.1
In fact, the ASR 1000 is the only product in the market that is certified as a router,firewall and VPN device!
The following ASR 1000 platforms have been certified:
ASR 1002-F
ASR 1002 with ESP5 or ESP10
ASR 1004 with RP1 or RP2 and ESP10 or ESP20
ASR 1006 with dual RP1 or RP2 and dual ESP10 or ESP20
For more information about the certification, and for the security target document, validation report and actual certificate, please refer to the NIAP/CCEVS web site at http://www.niap-ccevs.org/st/vid10361.
This meter represents your reputation at a 100% scale based on your level of participation on the site. Find out more
Comments Off
Jennifer Geisler speaks with Shannon McFarland, Corporate Consulting Engineer in the Office of the CTO, Cisco about the common questions regarding IPv6 deployment including such topics as campus, WAN/branch and data centers.
All I can say is WOW! What a way to welcome the Public Sector customers to Cisco LIVE. Dave West hosted a Public Sector Open Session for those customers attending Cisco LIVE. Of over 1000 registered PS customers, we had almost 200 of them show up to hear Dave’s welcome and information from some of Dave’s senior Directors.
This meter represents your reputation at a 100% scale based on your level of participation on the site. Find out more
Comments Off
According to a recent article in ARN, economic resurgence following the recent global financial crisis has opened wide the Australian telepresence market. Already a telepresence pioneer in terms of education, the Australian telepresence market is now also taking off in government, banking and financial services, utilities and mining, health care, and professional services, the article said.
The story focused on a study by Frost & Sullivan analysts who looked at trends in the videoconferencing market, which includes telepresence. They found revenues increased by 33 percent in 2010 and predicted the Aussie videoconferencing market would more than triple by 2017.
While we are excited about the increasing economic confidence and concurrent eagerness to adopt telepresence, it’s worth noting that telepresence technology can also act as an austerity measure. Take the U.S. General Services Administration (GSA), which recently began installing telepresence in 15 sites around the country. GSA wants to increase telepresence use as a cost-cutting measure, in response to budget cuts, according to Fierce Government IT. The telepresence centers will enable more teleworking and lessen the need for expensive business travel.
The fact that governments, businesses, manufacturers, schools, and health care networks all seek to adopt telepresence technology—some as an upgrade, others as a money-saver—demonstrates the versatility of the technology. Telepresence crosses economic lines, meets multiple needs, and makes communication more efficient and convenient. It’s exciting to be part of the revolution! Do you agree?
Hello all. I’m here at Cisco LIVE preparing for the Public Sector Open Session. At the PS Open Session, you will hear about Cisco’s offerings around Cloud, Cybersecurity and Collaboration. I also hear that they have a special treat for those attending. Someone said something about the Alaska Wildlife Preserve. We had our rehearsal session this morning, so I got a bit of a sneak peak, but you’ll just have to join us Sunday afternoon to see more.
I will be providing updates on a daily basis, including some videos, of the happenings going on here. Please check back to see what’s happening, some of the highlights, and what Cisco is doing for Public Sector customers.
I would also like to mention that we have some new ways to communicate with us. We have a brand new Twitter account where you can follow what’s happening at @CiscoGovt. And, we’ve recently brought up our Public Sector Community, a place where you can talk with your peers at the Public Sector Customer Connection. This is a place for you to discuss your concerns, issues and wins with other Cisco customers without having Cisco people interfere. Rest assured, we will be listening, and we will make sure you know who is listening, so that you can be sure your conversations are being heard by the right people. But this is intended to be a place where you can talk openly about whatever is on your mind. I look forward to seeing your conversations.
That’s if for now. Watch for further updates, videos and happenings from Cisco LIVE 2011.
Today, the network is a strategic platform in a world that demands better integration among people, information, and ideas. The network works better when services, together with products, create solutions aligned with business needs and opportunities.
The Cisco Unified Communication Manager on Cisco Unified Computing System Express Limited Availability—U.S. Department of Defense is an ideal solution for customers who require a certified, reduced footprint, single-box, integrated solution for unified communications.
Watch below as Ric Chavez, Senior Manager, Global Government Solutions Group shares the many benefits of the Cisco Unified Communication Manager on Cisco Unified Computing System Express Limited Availability—U.S. Department of Defense.
Be sure to stay tuned for more information on how Cisco continues to deliver exceptional solutions designed specifically to meet the needs of our government customers!
Meeting the rigorous standards set forth by the Common Criteria community, the National Institute of Standards and Technologies, and the Defense Information Systems Agency allows government customers to trust the integrity, security, and interoperability of their IT network systems. Check out the video below for an update on Cisco government product certifications:
Just when we feel we are drowning in information, along comes Big Data to save the day. Big Data refers to a dataset so large it is beyond the capability of a typical database to manage and make use of the information. But a set of advances in hardware and software now allows us to rapidly capture, organize, and make sense of vast oceans of data, enabling us to apply the results to make better business decisions.
Big Data can give us a strategic advantage. For example, investors could see global trends in trading across sectors in near-real time; they could respond much earlier to a downturn in prices in a given sector, avoiding the steep losses incurred by taking later action.
Big Data can also create a richer experience for customers. Bloomberg.com gathers more than 100 data points from every page an individual reader views, processing the data with 15 algorithms to personalize recommendations. Algorithms that understand natural language and rich media and can reason make Big Data technology even more useful in decision making. Novel visualization paradigms, 3D, and gesture interfaces make Big Data understandable and accessible to everyone.
For those of you that have been around the networking world for a while, NetFlow is far from a new technology. Cisco developed NetFlow years ago and it has become the industry standard for generating and collecting IP traffic information. NetFlow quickly found a home within network management providing valuable telemetry for overall network performance and management. Nine versions later NetFlow is growing in popularity not solely due to its value to network management but as a critical component of security operations. Over the past 12 months I have encountered more and more large enterprises that view NetFlow as one of their top tools for combating advanced threats within their perimeters.
The dynamic nature of the cyber threat landscape and growing level of sophistication and customization of attacks are requiring organizations to monitor their internal networks at a new level. IP flow monitoring (NetFlow) coupled with security focused NetFlow collectors like Lancope’s StealthWatch is helping organizations quickly identify questionable activity and anomalous behavior. The value that NetFlow provides is unsampled accounting of all network activity on an IP flow enabled interface. I bring up unsampled because of its importance from a security perspective. While flow sampling is a valid method for network management use cases sampling for the sake of security leaves too much in question. An analogy would be having two different people listen to the same song. One person gets the song played in its entirety, unsampled, and the other only hears the song in 30-second intervals. While neither may be musically inclined the person who had the advantage of listening to the song in its entirety would be able more accurately hum or sing back that song than the person that only heard 30 second snippets of the song. Furthermore the ability to identify that song during radio airplay would be in favor of the individual that was able to listen to the song in its entirety. This holds true for IP flow information when leveraging the information for detecting malicious or anomalous traffic. Some malicious code will only send a single packet back to a master node, which would most likely be missed, in a sampling scenario.
Further increasing the value of IP flow monitoring is Cisco’s recent release of Flexible NetFlow (FnF). FnF introduces two new concepts to flow monitoring. The first is the use of templates and the second expands the range of packet information that can be collected as well as monitor more deeply inside of a packet. This allows greater granularity in the information that is to be monitored as well a providing different collector sources for different sets of information. You can search for Flexible NetFlow on Cisco’s main website to get more technical details.
Are you using NetFlow for security operations? I welcome any feedback, good or bad regarding your experience and opinions on the value that IP flow information provides for detecting this ever-changing threat landscape.
According to a recent article in 
