Cisco IT is deploying Identity Services Engine (ISE) globally. ISE is a security policy management and control platform that automates and simplifies access control and security compliance for wired, wireless, and VPN connectivity. We’re running ISE 1.2 Patch 3 globally and evaluating Patch 5 for its guest networking enhancements. Over the next few months, I’d like to share some of our best practices and lessons learned as we continue our ISE deployment. Much of the background and deployment work before my blog can be found in this published article. Read More »
This past weekend was Mother’s Day here in the United States, and being a mother of two high-tech savvy teenage children, I pondered what my kids has in store for me. I was surprised with the latest iPad! Eventually, I started asking myself: would Cisco allow me to use it for work?
Luckily, Cisco has a BYOD policy in place and a long-term vision for an Any Device, empowering our employees to use the device they want to be productive. For other working mothers who may have also gotten a new iPad or mobile device for Mother’s Day, what does your company say about using this new personal device? Will you “Lock It Up or Free It Up”? (a notion introduce at RSA conference this year). How will IT department respond to this request?
One of the biggest concerns folks have for BYOD is security. Just this past week, Cisco was showcasing our Secure BYOD solution at Interop, with the TechWiseTV folks sitting down with my colleague Bill McGee to help you answer the call of mobile devices on your corporate network. Take a look at the video for yourself, but blurring the lines between personal and corporate device doesn’t pose such a security challenge anymore. Related to this topic, we are holding a webcast May 16th focused on the Network Built for the Mobile Experience. You can join our CTO and SVP, Padmasree Warrior, along with stories from British Telecom and Eagle Investment on how they are transforming their workplace, and allowing their employees to work “Your Way” without compromising the business. For more details click here, and for those who want to continue this conversation--
Working Mothers: I would like to hear from you -- did you get that new mobile device this Mother’s Day or do you already have a neat personal device -- Do you bring it into work? Do you share it with your family?
IT departments: What is your BYOD policy is, and are you busy provisioning all those new mobile devices from this past weekend?
I have a confession: I’m a technology late-adopter. On Rogers’ Innovation Adoption bell curve, I probably fall somewhere in the ‘late majority’ — I like the tried and true.
But with a few years and many advances, I’m back on Facebook (my short experience with it left me with privacy paranoia), and if you can believe it, I’m now an iPhone user. I appreciate not lugging around my iPod, and having a camera ready whenever I need it, but it’s not only the extra bells on the integrated device that has impressed me -- it’s the realization that I don’t have to compromise functionality to have it all.
Other than semantics, what’s the difference between the two access control list configurations presented below? They both look much the same, in fact, but the key differentiation is one of context! Take a few minutes and read ahead…
ip access-list extended Access-Control
permit tcp host 192.168.100.1 10.0.0.0 0.0.0.255 eq 80
permit udp host 192.168.150.1 10.0.0.0 0.0.0.255 eq 69
deny tcp any 10.0.0.0 0.0.0.255 eq 23
deny ip any any
access-list 150 permit tcp host 192.168.100.1 10.0.0.0 0.0.0.255 eq 80
access-list 150 permit udp host 192.168.150.1 10.0.0.0 0.0.0.255 eq 69
access-list 150 deny tcp any 10.0.0.0 0.0.0.255 eq 23
access-list 150 deny ip any any
Understanding ACLs (access-control lists), or moreover, the difference between standard ACLs, extended ACLs, VLAN ACLs (VACLs), and access-control entries (ACEs) — the individual lines that comprise an ACL — is a challenge in and of itself, but now you read a Cisco Applied Mitigation Bulletin (AMB) and see the terms iACL and tACL: great, another acronym and concept to grasp? You bet!