Cisco Blogs


Cisco Blog > Data Center and Cloud

Securing Cloud Transformation through Cisco Domain Ten Framework v2.0

Businesses of all sizes are looking for Cloud solutions to solve some of their biggest business and technology challenges—reducing costs, creating new levels of efficiency, transform to create agile environment and facilitate innovative business models. Along with the promise of Cloud comes top concern for Security. With rise of applications, transactions and data in the Cloud, business are losing control and have less visibility on who and what is moving in and out of the business boundaries. 

Any  transformation initiative with Cloud, whether a private, hybrid or public, with early focus on security from architecture, governance, risks, threats and compliance perspective can enable the business with a compelling return on investment with a faster time to business value – regardless of geographic, industry vertical, operational diversity or regulatory needs.

Here, I would like to bring to your attention on Cisco Domain Ten framework v2.0 and my blog on What’s New in Cisco Domain Ten Framework 2.0 that is born from Cisco’s hard won experience of deploying both private, hybrid and public Cloud environments, Cisco has developed the Cisco Domain Ten framework and capabilities to help customers accelerate IT transformation.

The Cisco Domain Ten does not prescribe that customers must build each domain into their strategy – rather it provides guidance on what aspects should be considered, what impacts should be identified, and what relationships exist between domains.  Cisco Domain Ten framework 2.0, we can establish the foundation of a true IT transformation and the factors you need to consider for success. Key is to identify, establish and track strategic, operational and technological outcomes for IT transformation initiates. A major thrust of the Cisco Domain Ten is to help customers strategize for transformation vision, standardize their technology components and operational procedures, and automate their management challenges, to deliver on the potential of IT Transformation– covering Internet, Branch, Campus and Data Center environments.

Security consistently tops CIO’s list of cloud concerns. The security domain highlights identification of security and compliance requirements, along with an assessment of current vulnerabilities and deviations from security best practices for multisite, multitenant physical and virtual environments for one’s IT transformation vision.

Security should be a major consideration in any IT transformation strategy. The architecture should be designed and developed with security for applications, network, mobile devices, data, and transactions across on-premise and off-premise solutions. Moreover, security considerations for people, process, tools, and compliance needs should be assessed by experts who understand how to incorporate security and compliance safeguards into complex IT transformation initiatives.

Security is an integral part of the Cisco Domain Ten framework, applies to all ten domains, and provides guidance to customers on all security aspects that they needs. Our Senior Architect from Security Practice – Ahmed Abro articulates well in Figure – 1 Cisco Domain Ten Framework with Security Overlay that there are security considerations for all ten domains for Cloud solutions.

 d10secoverlay

Figure – 1 Cisco Domain Ten with Security Overlay

Now that we understand how Cisco’s Domain Ten Overlay approach that helps one to discuss security for each domain of Cisco Domain Ten Framework, let’s now talk about the how Cisco Domain Ten aligns with Cloud Security Alliance’s (CSA) Cloud Control Matrix to discuss the completeness and depth of the approach.

CSA Cloud Control Matrix Alignment with Cisco Domain Ten

Application & Interface Security

  • D-8 – Application

Audit Assurance & Compliance

  • D-10 – Organization, Governance, processes

Business Continuity Mgmt & Op Resilience

  • D10 – Organization, Governance, processes

Change Control & Configuration Management

  • D10 – Organization, Governance, processes and
  • D-3 – Automation

Data Security & Information Lifecycle Mgmt

  • D-9 – Security and Compliance

Datacenter Security Encryption & Key Management

  • D-9 – Security and Compliance and
  • D-1 – Infrastructure

Governance & Risk Management

  • D10 – Organization, Governance, processes

Human Resources Security

  • D10 – Organization, Governance, processes

Identity & Access Management

  • D-4 -- Customer Interface

Infrastructure & Virtualization

  • D-1 – Infrastructure and Environment and
  • D-2 – Abstraction and Virtualization

Interoperability & Portability

  • D-7 – Platform and
  • D-8 – Application

Mobile Security

  • D-8 – Application and
  • D-1 – Infrastructure and Environment

Sec. Incident Mgmt , E-Disc & Cloud Forensics

  • D-9 – Security and Compliance and
  • D10 – Organization, Governance, processes

Supply Chain Mgmt, Transparency & Accountability

  • D10 – Organization, Governance, processes
Threat & Vulnerability Management
  • D-9 – Security and Compliance

 Table – 1 CSA Cloud Control Matrix Alignment

with Cisco Domain Ten Framework

From above table, one can see that Cloud Security Alliance Cloud Control Matrix and Cisco Domain Ten aligns well and it also highlights key facts that many areas such as Mobile security requires one to focus on Application and Infrastructure (network, virtual servers), etc to address security needs. One should also note that Cisco Domain Ten’s focus on Catalog (Domain 5) & Financials (Domain 6) that highlights security specific SLA and assurance discussions for security controls.

Now that that we discussed, Cisco Domain Ten approach for Security, In the next blog, I would try to discuss how Cisco Service’s focus on the strategy, structure, people, process, and system requirements for Security can help business address an increasingly hostile threat environment and help successful migration to Secure Cloud based transformation. We will also discuss current questions in business asks or should ask to understand security and privacy in the vendor’s agreements.

 

Tags: , , , , , , , , , , , , , , , , , , , , , ,

Evolving to Cloud and Hybrid IT

For a while now, I’ve been promoting that partners need to adopt a Hybrid IT business model to be successful and stay competitive in a world with more market transitions, more technologies, and more customer choices than ever before.

Customers are consuming IT differently, and line-of-business decision makers have more and more influence on IT decisions. The Internet of Everything offers tremendous opportunity, but requires a new set of services and solutions than many of our partners have offered in the past.

A Hybrid IT business model requires partners to address these market transitions; to provide traditional IT (on premise) solutions, managed services, private/public/hybrid cloud services, packaged with professional services, and offered with different SLAs and consumption models.

Embracing this model opens new opportunities for partners. It may mean expanded reach. It may mean selling into a new vertical, a new geography, or addressing new business needs within an existing customer base.

At Cisco Live Milan this week, Cisco announced the expansion of the Cisco Cloud Portfolio  with the introduction of new products and services, including a new hybrid cloud solution, Cisco InterCloud. Cisco InterCloud aims at lowering the total cost of cloud ownership and creating new pathways to secure public, private and hybrid clouds. Read More »

Tags: , , , ,

Wired or Wireless: Connect with Aironet 700W Series Access Points

Quality wireless is already considered a base expectation by consumers across industries. At Cisco we aim to provide our spectrum of customers with a whole range of high performing products, so they can select the product best suited for their organization. If you were to stop by the Enterprise Networking booth at Cisco Live Milan, you’d be able to examine our full portfolio of access points and notice that there are two that stand out from the others: the newly designed, 802.11ac integrated 3700 AP we introduced at Interop New York and one more, except this one can fit in your hand.

700

We are pleased to announce Cisco Aironet 700W Series Access Point, a wall mounted wireless and wired integrated platform. 700W Series is the industry’s FIRST and ONLY dual radio, dual band 2.4/5 GHz Access Point with 4 GigE Ethernet ports for wired connectivity, like IP Phones, game consoles, entertainment devices or other connected devices. 700W Series can be powered either by Power over Ethernet (PoE) or by a local power adapter, while it also provides PoE out on one local port to power an additional connected device. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Cisco Live Milan 2014 & CMX

cmxclmilan1

Cisco Live Milan 2014 kicked off this morning with an opening keynote by Rob Lloyd. During the session Rob shared Cisco’s  vision of the Internet of Everything, and explored the industry trends and technologies that are making that vision a reality. One of these areas is enabled by Cisco’s CMX solutions and our growing ecosystem of partners.

To illustrate how this vision is becoming a reality, a CMX demo was shown on stage. The demo related to a wine producer ( we are in Italy by the way..) who was able to engage with their customers via their mobile app. Enabling the customer find the particular wines they are interested in, interact with the wine maker, get location specific promotions and really deliver a highly personalized and location specific service.

cmxclmilan2

CMX at Cisco Live Day 1:

The whole venue has been designed and setup for WiFi location based services and CMX is running across the complete conference. Read More »

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Updates from Cisco Live Milan 2014

January 28, 2014 at 11:34 am PST

Plenty of interesting news coming out of Cisco Live this week and I don’t want partners to miss anything! I’ll have a complete recap of the week for you, as always, in the Cisco Partner Weekly Rewind on Friday. In the meantime, here’s a quick recap of some of the blogs and announcements we’ve seen at Cisco Live so far this week.

Rob at Cisco Milan 2014Carolina Fernandez kicked things off prior to the show with a look at what Cisco is showcasing this week In Milan. Take a step back to the beginning of Cisco Live for an overview of the week. Read More »

Tags: , , , ,