Cisco Blogs


Cisco Blog > Enterprise Networks

The Network as a Security Sensor and Enforcer

The Digital Economy and the Internet of Everything means everything is now connected. Digitization is fundamentally transforming how we conduct business. It creates new opportunities to develop services and engage with employees, partners, and customers. It’s important to understand that digitization is also an opportunity for the hacking community, presenting new services, information, data, devices, and network traffic as attack targets. To take full advantage of the digitization opportunity, security must be everywhere, embedded into and across the extended network – from the data center to the mobile endpoints and onto the factory floor.

Today, Cisco is announcing enhanced and embedded security solutions across the extended network and into the intelligent network infrastructure. These solutions extend security capabilities to more control points than ever before with Cisco FirePOWER, Cisco Cloud Web Security or Cisco Advanced Malware Protection. This is highlighted in Scott Harrell’s blog. We are also transforming the Cisco network into two roles: as a sensor and as an enforcer of security.

The role of the Network as a Sensor The network provides broad and deep visibility into network traffic flow patterns and rich threat intelligence information that allows more rapid identification of security threats. Cisco IOS NetFlow is at the heart of the network as a sensor, capturing comprehensive network flow data. You can think of NetFlow as analogous to the detail you get in your monthly cellular phone bill. It tells you who talked to whom, for every device and user, for how long, and what amount of data was transferred – it’s metadata for your network traffic.

Visibility to network traffic through NetFlow is critical for security, as it serves as a valuable tool to identify anomalous traffic on your network. Watching NetFlow, we gain an understanding of the baseline traffic on the network, and can alert on traffic that is out of the ordinary.  The network is generating NetFlow data from across the enterprise network all the way down to the virtual machines in the data center.  This gives us visibility across the entire network, from the furthest branch office down to the east-west traffic in the data center.  Read More »

Tags: , , , , , , , , , ,

10 Smart New Ways to Keep Your Network Up and Running: A Preview of What to See at Cisco Live

CiscoLive! is next week. With more than 23,000 people ciscolivelogo_245x100expected to attend, there’s no event more popular with IT professionals who pride themselves on their networking expertise. As I prepare to travel to San Diego for the occasion, I wanted to share my perspective on how IT organizations can better operate and protect the networks that are the digital backbones of their companies.

Chances are you’re already realizing numerous benefits using either Cisco SMARTnet or Smart Net Total Care (SNTC) Services. We know, because we regularly poll Cisco enterprise customers on how they’re succeeding with each service. We also know that most of us like to have our cake and eat it, too. That’s one reason why we have decided to combine these two services into one powerful and flexible service under the Smart Net Total Care name. 

The move to Smart Net Total Care creates more flexibility and more value for you when it comes to supporting your company’s network.  “Flexibility” means you can choose to only to use the basic features of the combined solution or take full advantage of SNTC’s extended feature set.  Put simply, you can choose only the basic support capabilities traditionally found in SMARTnet or reach higher to access the added value of proactive smart service features in Smart Net Total Care to optimize the full lifecycle of all your Cisco equipment. You can also choose a Do-It-Yourself (DIY) deployment or, if you want a fast boost up the learning curve, we will make available assisted deployment options from Cisco. Flexibility means you choose the approach that is best for you.  Read More »

Tags: , , ,

Scan. Analyze. Improve! Introducing Switching and Wireless Best Practices on Cisco Active Advisor

In a recent post, we discussed Dimension Data’s 6th Network Barometer Report and its recommendations. Detailed in this exhaustive report, Dimension Data has found that 32% – about 1/3 – of all Service incidents are related to Human Error*. (* 6% Configuration Errors and 26% Other human errors)

We’re all human and we all make mistakes – that’s the way we learn.  However, in this era of constant connectivity, with mobility and the Internet of Everything growing rapidly, there is an ever-increasing demand on your network to perform, be available and stay secure.  Incidents of IT failure are becoming more and more costly, not only from an operational aspect, but even more so from the loss of uptime, data and customer satisfaction.  What if you could have 33% less service incidents, while using 32% less resources, keeping your network as stable as ever?  That’s where Cisco Active Advisor can help you!

It’s no secret that Cisco Active Advisor is a huge time saver – Cisco Active Advisor is a free cloud-based service that automatically discovers Cisco Enterprise Networking products with no hardware or software installation, and can not only keep you up-to-date on important lifecycle milestones, but also analyze your network health and offer recommendations for improvement.

Cisco has compiled a set of Best Practices Designs, based on experience gained from multiple TAC and escalation cases, engineering testing and customer interviews, into a set of recommendations that can improve reliability, availability and performance of your network. Read More »

Tags: , , , , ,

Network like a Ninja at Cisco Live with #GeekSlices and #SelfieBINGO – #CLUS

SelfieBingo Join Jun2One of the great things about Cisco Live is the people you meet. While the classes, hands-on labs, and speaking sessions are all great, if you’re willing to take the extra step beyond the convention center, you can meet people you will continue to learn from all year.

To facilitate this – this meeting of people that can sometimes feel a bit awkward – I’ve set up two activities that should be fun and help overcome some of the awkwardness: #GeekSlices & #SelfieBINGO!

#GeekSlices is a big, informal pizza & beverages gathering.  Think of this as a great opportunity to meet others in the community over a drink and tasting some of the best pizza ever.  EVER.

To join us, just sign up http://tweetvite.com/event/GeekSlices  (If you really really don’t want to use twitter, come find me in the social media lounge or the Data Center booth to get details.)

 

#SelfieBINGO – Is a big game of BINGO where you find people on each square, take a selfie with them, and tweet it.  It’s fun because it basically gives you a list of 25 new people to seek out at Cisco Live. If you’re playing, these are people who have self-selected as willing and interested in meeting new people. We’ll be playing throughout the week.  Read More »

Tags: , ,

Software Defined Wide Area Network Orchestration: Take Control of your Network

The WAN: Then and Now

The Wide Area Network (WAN) has been at the foundation of enterprise networks for decades: responsible Untitledfor connecting people, applications and data across a large number of locations.  Traditionally, the WAN was relatively static and a “set it and forget it” configuration methodology was acceptable and effective. Management tools were simple and straightforward, yet limited. As an example, while studying for my Routing and Switching CCIE lab exam 15 years ago, I had to become proficient in command line interface, node-by-node configuration and WAN troubleshooting.  In order to ensure timely completion of the exam, the use of notepad (scripts) and CLI shortcuts was imperative.

15 years later, many of us still manage our WAN’s in the same way: using text files, simple automation tools and scripting engines on a node-by-node basis.  While this is reasonably effective on a small-scale network, similar to Metcalfe’s Law, the complexity of the network is equal to the number of nodes on the network, squared.

Today, application, cloud, security and other imperatives require the WAN to be dynamic and flexible to meet business needs.  The agility and frequency of change the WAN requires is increasing exponentially.  In addition, the price/performance of broadband relative to private lines (MPLS/Frame Relay) and the availability of cellular (3G/4G/LTE) has encouraged the adoption of hybrid architectures reducing cost, but increasing complexity.  The business is asking IT to do more with less, leverage existing hardware to contain costs, support past and future applications, and be more agile. In order to keep up with these transitions and business requirements, the enterprise needs better tools.  Read More »

Tags: , , , ,