Cisco Blogs

Cisco Blog > Security

Enabling the Next-Generation Data Center with FirePOWER + ACI Security

As IT organizations look to the cloud to become more efficient and achieve the agility their business demands, one of the biggest security challenges they typically face is right at the heart of any enterprise – the data center. In cloud environments, where applications have to be location-independent and mobile, it can be overwhelming to manage traffic that needs to go to specific security services when you have applications that are mobile, but physical security that’s not. To secure these virtual and mobile applications, a new security framework must be deployed – one that works equally well within the physical and virtualization layer of the data center, and addresses additional requirements of scalable, multitenant environments. Read More »

Tags: , , ,

How We Migrate Hundreds of Applications to the New ACI Platform

I am in the trenches of our migration to an Application Centric Infrastructure (ACI) platform, helping my team transition hundreds of applications. Cisco IT has broken down the migration process into nine steps: Read More »

Tags: , , , , , ,

Criteria for SDN/NFV Vendor Selection – Heads Up on Cisco Live

Cisco Live US 2015 is just around the corner, and will start in San Diego on June 7th, running through Thursday 11th June.  I’m surprised and honoured to be one of the folks wearing a “Cisco Live Speaker” shirt, and I’m looking forward to sharing some of what I’ve been working on over the past year or two.

I’ll be basing a lot of my presentation off of as yet unpublished, independent market research, into the challenges of SDN and NFV adoption, some of which are illustrated in the diagram below.  The final copy of this brand new market research report landed on my desk just last weekend – May 23rd 2015.  Hot off the press, it was funded by Cisco but conducted completely independently by a leading market research company.  The intent of this report is to guide our SDN and NFV professional services strategy. Some of the insights, however, are too useful not to share with you!  Covering a global audience, with separate questionnaires for service provider and enterprise businesses, we had set out to increase our understanding of the latest challenges of adoption of SDN and NFV as appopriate in (enterprise) businesses, including public sector, and service provider markets.

Some of the Topics in my Cisco Live Presentation

Questions I Will Discuss In My Cisco Live Presentation


Read More »

Tags: , , , , , , , ,

Open Networking with Cisco ACI and Open NX-OS

Over the last couple of years, Data Centers have become a key focus on networking innovations, particularly around the broad area of Software Defined Networking (SDN).  At Cisco, for nearly one year, we have been shipping our new way to build a Data Center with our Application Centric Infrastructure (ACI) solution. ACI relies on the vision of using a policy based methodology to enable network switches, services, and hypervisors to establish network connectivity among each other.

At the Open Networking User Group (ONUG), a survey reports that 3% of the networks run by ONUG members are built on open networking whereas 71% are not open at all.  The assessment of any system being declared “open” is a subjective term.  At Cisco we have built a foundational infrastructure in ACI, that relies on open protocols and programming constructs such as APIs, in order to provide a solution where the network becomes ‘invisible’ to the end user, and the network devices and services modules, such as firewalls, load balancers, physical and, virtual switches are automatically configured based on the end user intent. Read More »

Tags: , , , ,

Don’t be Bewitched by the Switch – What You Need to Know when You Evaluate Solutions

It’s undeniable that the biggest convergence happening in the access layer is Wired/Wireless. Today, we’re no longer forced to treat wired and wireless any differently when it comes to network visibility and management. However, the unification of Wired/Wireless doesn’t come without its own challenges and complexity.

As we’ve seen with the latest switching announcement at Interop 2015, there is a lot of noise in the marketplace and customers and partners increasingly need to cut through this to achieve their IT goals and meet today’s increasing demands on the network and the demands of tomorrow.

Earlier this week, HP made false claims about our Catalyst 4500E switch. To help you out, here is what you need to know about Cisco switching and, specifically, our Catalyst 4500E switch:

  • As the world becomes increasingly more digital, there is an elevated need for a flexible and scalable network to address rapid shifts in technology use and its associated traffic. We’ve seen tremendous demand for our modular switches that supply the best flexibility for this change. In fact, Cisco has the industry’s most widely deployed modular access switches with a modular PoE port share that just reached an all time high of 81.5 percent.
  • To tackle the biggest convergence in the access layer, Catalyst 4500E supports built-in wireless controller capabilities and delivers common intelligent services across wired and wireless for security and policy, application visibility and control, network resiliency, smart operations, and more.
  • Cisco’s Catalyst Multigigabit (mGig) technology available across the access portfolio including the Catalyst 4500E can prepare customers’ access switches for the next wave in wireless, 802.11ac wave 2 by delivering speeds beyond 1 Gigabit on existing Category 5e cables. This technology also supports PoE, PoE+, and Cisco Universal PoE (UPOE) so you don’t need to install new electrical circuits to power your access points.
  • Cisco’s modular access switch portfolio offers backward compatibility with up to three generation of line-cards providing unmatched investment protection – 2x in terms of number of years over other vendors.
  • A key operational consideration for IT is to maximize uptime and provide seamless code upgrades. In Service software upgrades (ISSU) have been available on Cisco’s 4500E portfolio for almost a decade
  • The Catalyst 4500E has unmatched scale to meet the needs of a customer’s network and future proof for an influx of new devices – 25X route entries, 16X multicast entries & 42X Security/QoS entries when compared to other vendors.
  • As IoT trends upward, more “things” connect to the access network and it is key that the network is able to scale to meet these needs – Cisco offers 33 percent more scale in terms of POE+ ports and 50 percent more POE+ scale for redundant power deployments to connect more users, devices and things. Additionally, Cisco supports UPOE, which future-proofs our customers for upcoming applications requiring more than 30W/port.
  • Security is a top of mind for our customers and Cisco offers a complete end-to-end solution with support for MacSec, Cisco TrustSec, Identity Services Engine and Flexible Netflow, providing the best in class network encryption, segmentation and networking sensing solutions.
  • The Catalyst 4500E is designed for supporting rich media services with its superior multicast scale and design. Cisco Catalyst 4500 is designed to support hardware accelerated multicast with deep buffers. The Cisco Catalyst 4500E accommodates up to nine times larger data bursts, delivered to otherwise loaded output ports, without loss.
  • Cisco Catalyst 4500E supports a multitude of capabilities that support IT simplicity and smart operations. Examples: Simplified provisioning with Plug and Play, Simplified configuration of switches & interfaces with AutoConfiguration and Interface templates and faster troubleshooting with embedded wireshark, a world-class protocol analyzer.

Read More »

Tags: , , , , , , ,