Cisco Blogs


Cisco Blog > Data Center and Cloud

Three Data Center Security Innovations to Accelerate Your Business

How can you get your data center off to a smooth start? At the Gartner Security & Risk Management Summit this week, I presented three data center innovations that hold the key to accelerating business securely.

Ease of provisioning

According to a recent Cisco IT case study, data center provisioning times have decreased from eight weeks to 15 minutes. Security must do the same to realize the full benefits of data center automation.

Often, businesses have trouble implementing this vision because of their existing IT. The people and their skill base, the processes they use and even the technology they have implemented, are very silo-based. It is not designed to integrate into an automated, on-demand model.

There are many challenges imposed by siloed technologies when you attempt to converge or virtualize these environments. A common issue is when storage and server platforms were not designed to work together.  This necessitates expensive service engagements to build.  Additionally, in order to hide the associated complexity, expensive management software has to be deployed to “simplify” infrastructure deployments. This approach just doesn’t work. The result is increasing complexity that makes the architecture brittle and costly.

At Cisco, we believe it is important to look for a solution that doesn’t look at technologies, processes, and people in isolation. You can enable a powerful IT by taking a unified approach and working with technologies that are designed to work together. Your IT can be a service foundation that redefines data center economics and delivers performance, reliability, and business innovation. Unification is the element that will deliver that.

 Maximized Network Performance and Resilience

On a unified network, IT can ensure the highest levels of network performance and business continuity through:

• 8x performance density over competitive firewalls and up to 1.9 million new connections per second and 80 million maximum connections per second enables Cisco firewalls to meet the most stringent performance requirements

• Eliminating compromise, retrofits and disruption to network design via Virtual Portal Channel and FabricPath integration for increased efficiency

Pervasive Protection

The third innovation that can streamline your data center and accelerate your business is actionable security intelligence. A secure network can differentiate by users and their multiple devices, differentiate applications, know behaviors and ultimately confirm IT policy is aligned with business. Building trusted chains that extend from the user to the application and are uniquely aligned to business context, can ensure efficiency and security.

Learn how Cisco can help you to leverage these innovations to accelerate your business securely.

 

Follow me on Twitter  @e_desouza and discover my other presentation at Gartner in  my previous blog  Everything’s in the cloud : Now What?

 

Tags: , , , , , , , , , , , , , , ,

Identity and Device Aware IT Platforms Make Life Easier

Life is generally a lot easier when you have all the facts.  Especially if those facts are actually accurate.  Nowhere does this ring more true than in the life of an IT professional.

Often times a day in an IT shop is a lot like that grade school game of telephone where information gets passed down the line but gets distorted (or is just plain wrong) because no single player has the complete context.  This scenario gets played out everyday in the IT infrastructure where siloed operations, monitoring and policy platforms only work from the information they possess.  But that information is generally just a snapshot viewed through the bias of that system’s siloed purview.  As a result, mistakes get made, security is substandard or perhaps even dysfunctional, and everything from configuration to event management and investigation takes far longer than it should.  Net-net – time is wasted, costs increase, and many things still don’t work that well.  Read More »

Tags: , , , , , ,

Everything’s in the Cloud: Now What?

Today’s applications are either virtualized in our own data center or being hosted by any number of providers. But is our security built around our current security reality or is it living in the past? During one of my Gartner Security & Risk Management Summit presentations, I shared best practices in a rapidly changing environment, where cloud vendor hype isn’t matching our security reality. Now that everything is in the cloud, we need a strategic approach to cloud security.

 

Here’s how to make it happen:

Ensure safe data handling when working with cloud provider. Considering cloud providers are an extension of your business, it is vital to ensure how your provider handles security for storing and transmitting your data. What provisions are in place to make sure data is secure once it has been transmitted? Determine if your provider has firewalls, data encryption, and user authentication to keep your data safe.

Combat growing threats. As cloud-based technologies grow more sophisticated over time, so do the possibilities of threats. A proactive approach to security means that we enable technology like cloud-based threat intelligence to detect a threat as they happen – or in some cases before they happen. Other anti-threat measures such as deep packet inspection and proactive monitoring can also help combat viruses, spam and other intrusions. Learn more. You don’t have to be a security expert to take security seriously. Leverage industry bodies, like the Cloud Security Alliance, for guidance on benchmarking service provider security capabilities. Learn what certifications and security practices your cloud provider has, including daily risk audits. And look for ways to increase security processes when you work with cloud providers. See how Cisco can help you protect your business assets and meet compliance requirements.

Learn more. You don’t have to be a security expert to take security seriously. Leverage industry bodies, like the Cloud Security Alliance, for guidance on benchmarking service provider security capabilities. Learn what certifications and security practices your cloud provider has, including daily risk audits. And look for ways to increase security processes when you work with cloud providers. See how Cisco can help you protect your business assets and meet compliance requirements.

To know more follow me on Twitter  @e_desouza  and check my blog and Gartner presentation  on Three Data Center Security Innovations to Accelerate Your Business

Tags: , , , , , , , , , , ,

Cisco’s onePK Part 1: Introduction

Exordium

Cisco’s One Platform Kit (onePK) is a fantastic toolkit for building custom applications that interact with your Cisco routers and switches. Using onePK, you can build automation directly into the network and extend all sorts of functionality using Cisco devices. The first in a three-part blog series, this article will introduce onePK to the reader, explain what it is, how it can be useful, and will show how to configure onePK on a router. The second and third installments will walk the reader through a simple security-relevant application using the C API. Important to note is that we’ll be covering the 0.6.0 version of onePK features and service sets. At the time of this writing, the toolkit is still in Controlled Availability and as such, is still in active development, and the API could change before it is released into General Availability. However, even in the face of API evolutionism, this article will provide you with a solid jumping-off point for your plunge into the wondrous world of onePK.

OK, Just What is onePK?

OnePK is a Cisco IOS Software feature and a set of programming libraries enabling an application programmer to build powerful applications that tightly integrate and interact with Cisco devices. onePK is available to you via a well-documented and unified API, currently offered in C and Java with Python in active development. It is currently in pre-release and is available only on request. Details on how to obtain onePK are provided below. Read More »

Tags: , , , , , , , ,

Design & Implementation Guide: What’s In a Name?

This may seem to some a rhetorical question, right? It’s in the name! A guide that describes the design and implementation of a system or solution. That seems simple enough. Cisco Design and Implementation Guides (DIGs) can be found in the Cisco Design Zone. Many of these designs are Cisco Validated Designs (CVDs) that include internal or external testing, some are reference designs, and some are visionary architectures or best practices documented by experienced engineers.

As a Network Architect, I came to Cisco to develop CVDs and accelerate business solutions beyond just the “marketecture” vision. I wanted to prove how products and systems can be used to create end-to-end solutions that work better together, more than just the sum of their parts, solving real-world business problems.

Read More »

Tags: , , , , , ,