Cisco Blogs


Cisco Blog > Inside Cisco IT

Inside Cisco IT Takes You on Our Security Journey

Would you jump on a horse without consulting someone else who is at least somewhat familiar with horses?  You know, like a cowgirl or boy?

Probably not.

At least not if you’re interested in staying in the saddle versus tumbling to the never-soft earth.

While Cisco IT doesn’t have any expertise in horseback riding (I mean, you are welcome to ask me for a couple of pointers, but I’m not promising results), we DO have expertise in a variety of challenges IT departments face on a regular basis.

Like Security.

Last week, we hosted a live Inside Cisco IT Webinar on our Security Journey with two of our own Cisco IT Security Experts.  If you missed it, you should definitely give the recording a gander.

After checking out the recording, this is what you should come away with:

Security Webinar Key Takeaways

Tags: , , , , , , , ,

Access Control with Cisco TrustSec: Moving from “IP Addresses” to “Roles and Attributes”

Today’s enterprise is a highly dynamic, and hyper connected environment where IT plays a critical role in connecting the users, devices, resources and corporate IT systems. Today’s employees are also highly mobile in nature and do not necessarily have a single workspace assignment. The IT departments are constantly being challenged by the organization’s Line of Business owners to keep up with the pace of rolling out new services to address market needs, while keeping up with user expectations.

At the same time, IT departments also are responsible for ensuring business continuity and an uninterrupted service. However, the toughest challenge that any IT organization faces is implementing a security architecture which not only satisfies the compliance and industry regulatory requirements, but also provides a sufficient amount of protection against unauthorized access, data breaches, etc.

The traditional way to implement a security architecture in this kind of an environment is by implementing security rules in Firewall for traffic traversing the network’s extranet/intranet or data-center perimeters. For implementing security policies within an organizations network, Identity-Based Networking using IEEE 802.1X is generally used. Read More »

Tags: , , , , , , , , , , , ,

Cisco ISE in the lab.

November 6, 2013 at 7:38 pm PST

My company is in the very early stages of an MDM BYOD project.  As part of that we are looking at the Cisco Identity Service Engine (ISE) as a central piece.  I am about half way through my testing and I thought that I would pass on some of what I have learned so far.  I am far from being an ISE expert and I don’t mention profiling or the advanced features in this post. I have tried them but don’t feel knowledgeable enough to go into these details.

ISE

ISE is an excellent NAC system but it does much more than that.  One of the advantages of trying to configure a new piece of technology yourself is that you learn much more and also other ways to increase the ROI.  The main reason we are interested in ISE is as the enforcement point on our wireless network.  When a device tries to connect to our BYOD network we want ISE to query the MDM server to verify if the device is registered and if not to redirect the device to the MDM provisioning portal.  If the device is registered with MDM ISE will then query AD and verify the user credentials.  This is a core function of ISE and went fairly well. Read More »

Tags: , , ,

Consider Mobile Work Patterns and Security Impact

February 28, 2013 at 9:37 am PST

Mobility and application access capabilities have encouraged many of today’s work patterns. Some work behaviors were recently noted in a Cisco-commissioned research report on mobility and BYOD comparing IT and end user viewpoints. Striking about the findings is that day-to-day business activities were relatively balanced on wired and wireless connections—so while mobility is here and growing, usage is no more than wired. Core to the findings were end users’ view that mobile devices are 37% less effective than their corporate laptop for conducting business activities. From an IT perspective, managing devices and multiple policies in a wired and wireless environment was a key challenge. Mobile device usage behaviors surveyed suggested a personal and social flair. The predominant applications used on mobile devices are not specific business applications (22%) but collaborative applications (56%). The report also indicates that mobile devices are used for personal use more frequently than IT estimates.  Read More »

Tags: , , , ,

Securing Any Device—For the Exceptional Connected Experience

February 11, 2013 at 4:23 pm PST

Secure access continues to be paramount for a connected world. People connect to the Internet for business and for personal use, from wired, wireless or mobile devices—locally and remotely. The Internet is a global system of interconnected networks. User devices, the Internet, and all computer networks are the target of a growing number of increasingly complex security threats. Let’s take a look at some recent trends from the Cisco Connected World Technology Report that speaks to the need for secure access:

  • Three devices is the average per end user with the desire or mandate to work anywhere and anytime—how do we ensure control of all these devices?
  • 71 percent of the next generation workforce will not obey the policies—how do we enforce policy?
  • 60 percent will not be responsible for protecting corporate information and devices—how do we protect sensitive data?
  • Mobile malware is growing; Android malware grew over 2000% from 2012 but is only 1% of the web malware encounter—how do we ensure secure connection from your mobile device and with web intensive users   Read More »

Tags: , , , , , , , ,