Cisco Blogs


Cisco Blog > Enterprise Networks

Don’t be Bewitched by the Switch – What You Need to Know when You Evaluate Solutions

It’s undeniable that the biggest convergence happening in the access layer is Wired/Wireless. Today, we’re no longer forced to treat wired and wireless any differently when it comes to network visibility and management. However, the unification of Wired/Wireless doesn’t come without its own challenges and complexity.

As we’ve seen with the latest switching announcement at Interop 2015, there is a lot of noise in the marketplace and customers and partners increasingly need to cut through this to achieve their IT goals and meet today’s increasing demands on the network and the demands of tomorrow.

Earlier this week, HP made false claims about our Catalyst 4500E switch. To help you out, here is what you need to know about Cisco switching and, specifically, our Catalyst 4500E switch:

  • As the world becomes increasingly more digital, there is an elevated need for a flexible and scalable network to address rapid shifts in technology use and its associated traffic. We’ve seen tremendous demand for our modular switches that supply the best flexibility for this change. In fact, Cisco has the industry’s most widely deployed modular access switches with a modular PoE port share that just reached an all time high of 81.5 percent.
  • To tackle the biggest convergence in the access layer, Catalyst 4500E supports built-in wireless controller capabilities and delivers common intelligent services across wired and wireless for security and policy, application visibility and control, network resiliency, smart operations, and more.
  • Cisco’s Catalyst Multigigabit (mGig) technology available across the access portfolio including the Catalyst 4500E can prepare customers’ access switches for the next wave in wireless, 802.11ac wave 2 by delivering speeds beyond 1 Gigabit on existing Category 5e cables. This technology also supports PoE, PoE+, and Cisco Universal PoE (UPOE) so you don’t need to install new electrical circuits to power your access points.
  • Cisco’s modular access switch portfolio offers backward compatibility with up to three generation of line-cards providing unmatched investment protection – 2x in terms of number of years over other vendors.
  • A key operational consideration for IT is to maximize uptime and provide seamless code upgrades. In Service software upgrades (ISSU) have been available on Cisco’s 4500E portfolio for almost a decade
  • The Catalyst 4500E has unmatched scale to meet the needs of a customer’s network and future proof for an influx of new devices – 25X route entries, 16X multicast entries & 42X Security/QoS entries when compared to other vendors.
  • As IoT trends upward, more “things” connect to the access network and it is key that the network is able to scale to meet these needs – Cisco offers 33 percent more scale in terms of POE+ ports and 50 percent more POE+ scale for redundant power deployments to connect more users, devices and things. Additionally, Cisco supports UPOE, which future-proofs our customers for upcoming applications requiring more than 30W/port.
  • Security is a top of mind for our customers and Cisco offers a complete end-to-end solution with support for MacSec, Cisco TrustSec, Identity Services Engine and Flexible Netflow, providing the best in class network encryption, segmentation and networking sensing solutions.
  • The Catalyst 4500E is designed for supporting rich media services with its superior multicast scale and design. Cisco Catalyst 4500 is designed to support hardware accelerated multicast with deep buffers. The Cisco Catalyst 4500E accommodates up to nine times larger data bursts, delivered to otherwise loaded output ports, without loss.
  • Cisco Catalyst 4500E supports a multitude of capabilities that support IT simplicity and smart operations. Examples: Simplified provisioning with Plug and Play, Simplified configuration of switches & interfaces with AutoConfiguration and Interface templates and faster troubleshooting with embedded wireshark, a world-class protocol analyzer.

Read More »

Tags: , , , , , , ,

ESG Survey of IT Security Professionals Provides Insight to Data Center Security Issues

Yesterday, I reported on Cisco’s new ACI security announcements and an overview of our secure data center strategy. Today, I wanted to share some interesting market insights that we pulled from a survey conducted by Enterprise Strategy Group (ESG) that Cisco commissioned, and that validates some key data center security trends and requirements that support our product strategy. Some of the key conclusions and data collected were shared in press coverage of the product announcement. The full survey results are here, and below are some summary graphics we prepared for our launch event.

Project Overview

Cisco commissioned the survey (conducted by ESG) to learn more about the challenges and issues IT professionals face when planning and implementing data center security.

Demographics

  • The survey sampled 154 IT security professionals in North America responsible for network security requirements and operations. All respondent organizations had to be using physical firewalls (or virtual firewalls) and access control lists (ACLs).
  • Most respondents represented large midmarket organizations (defined as organizations with 500 to 999 employees) and enterprise organizations (organizations with 1,000 up to 10,000 employees). 71 percent operated from three up to 20 data centers worldwide.
  • The study included broad representation from industry verticals: financial, manufacturing, health care, government, retail and business services.
  • The survey was conducted in April 2015.

Top Survey Findings

The people problem:  Implementing network security controls is tedious and time-consuming.

  • 69 percent of organizations reported it takes from one man-hour up to four man-hours on average to convert a single new application network requirement into a network device or firewall configuration (before they even implement the new configuration, test it, etc.)
  • 74 percent say that it takes days or weeks to implement security device updates from request all the way through to production implementation. (See InstaGraphic below)

Solution: Just like SDN revolutionized the data center by automating network configuration changes, ACI is accelerating security changes by automating device updates and configuring how security services are inserted into application networks, helping to ensure greater accuracy and allowing IT to keep up with business requirements.

ACL changes days or weeks

Read More »

Tags: , ,

ACI. Counting down to Ignite…

Springtime is a heavy tech show season.  This week in Las Vegas, we won Best of Interop in the SDN category with the APIC.  Next week we are headed to Chicago to talk about the APIC and ACI at Microsoft’s largest and most comprehensive technology event, Microsoft Ignite.  As data center customers look to Microsoft’s Cloud Platform with Windows Server 2012 with HyperV, System Center Virtual Machine Manager, and Windows Azure Pack; they will be modernizing their infrastructure, looking for scaled performance, fast deployment, efficient networking, and extended manageability.  UCS and ACI deliver a powerful solution to achieve these objectives.  To share our networking perspectives on this, Shashi Kiran and I will be there to deliver a new business and technical session entitled:

Microsoft Cloud Meets Cisco’s ACI on Tuesday May 5 from 1:30PM to 2:45PM in S105A, McCormick Place Convention Center, Chicago, IL

Technology must enable a new process model for speeding up workflows across siloed organizations within the IT function. This session will introduce Cisco’s Application Centric Infrastructure and its tight integration into Microsoft Azure clouds. We’ll show how you can deliver new tenant services while transforming your IT organization and workflows with a common policy model, centralized control, and simplified operational visibility across your data center. We’ll demonstrate how your applications, network and security teams can leverage a new operational model to generate compelling business outcomes for your enterprise.

This infographic provides a little preview on what we’ll share.

Read More »

Tags: , , , , , ,

Enhance Data Center Security and Automation with New Cisco ACI Features and Partners

We’ve been talking for a while about Cisco ACI’s leadership in SDN security features (like here), and in the design of our fine-grained security policy enforcement between individual workloads, sometimes called microsegmentation. Today, here at Interop, Las Vegas, Cisco is reaffirming its thought leadership in data center security and SDN automation with a couple of announcements, including the integration of Cisco FirePOWER next generation intrusion prevention system (NGIPS) into the ACI security framework. In other news, another ACI ecosystem security partner was announced last week at the RSA Security Conference: Fortinet, who will be integrating their Fortigate firewall platform with ACI.

The Cisco ACI + FirePOWER solution enables real-time detection, mitigation and remediation for advanced security threats inside the data center by combining granular application visibility and control, threat detection, advanced malware protection (AMP) capabilities of FirePOWER NGIPS with ACI microsegmentation, advanced security service insertion, and L4-7 policy automation. To quickly summarize how this all comes together and a sample use case for ACI security, we created the following video:

Available in June, 2015, new ACI advanced security works to protect data centers before, during, and after attacks, dynamically detecting threats and automating incident responses. The Cisco FirePOWER family of security appliances consists of industry-leading NGFW, NGIPS appliances offering best-in-class threat effectiveness, superior visibility and global threat intelligence.

Attack Continuum

FirePOWER + ACI = Automated Security with Advanced Protection Across Attack Continuum for Physical and Virtual

Read More »

Tags: , , , , , ,

Cisco at OpenStack Summit, Vancouver

It’s that time again. The champions of OpenStack are gearing up for the next Summit: May 18-22 in Vancouver, where Cisco is a Premier Sponsor and our objective is to demonstrate the depth of our commitment to OpenStack as developers, operators, and users.

Page1

This is only my third Summit, but I’m noticing some changes here in our preparations at Cisco. For one thing, our engineers are presenting nearly 30 sessions—more than triple the last Summit. That makes sense if you think about the growth of OpenStack and the increasing interest in issues related to enterprise deployment and production environments. Internally, Cisco uses OpenStack for a variety of cloud applications and services and has a lot to share about high availability, scalability and operations for OpenStack.

Of course, Cisco architects will be presenting their perspectives on OpenStack networking topics, including sessions on implementing IPv6, adding enterprise functions to Open vSwitch, availability of Neutron extensions and ML2 drivers, and the innovative use of Network Function Virtualization to create cloud VPNs. You can see the full list on the Cisco at OpenStack Summit website, to mark your schedule in advance.

Cisco will also have a special sponsored track on Tuesday to share details on our OpenStack strategy and breadth of solutions. Presenters will be joined by Cisco customers: Shutterfly, Sprint and Key Information Systems. Attendees at sponsored track sessions will be eligible to win a new MacBook or one of seven iPad minis.

We’re bringing Engineers Unplugged’ back to our booth in the Expo Hall and recording short whiteboard videos to let OpenStack contributors share what they’re working on. Stop by the booth to view a Cisco demo and receive a free Vancouver Summit t-shirt. The roster of demos includes how Cisco Application Centric Infrastructure enables faster, easier, and more accurate provisioning of infrastructure to scale applications in the cloud.

Finally, keep an eye out for Cisco’s social media scavenger hunt with fun prizes, details to be posted on Twitter: #OpenCisco, #OpenStackSummit.

See you in Vancouver.

 

 

Tags: , , , , , , ,